Technology hard

Cybersecurity Quiz

Hackers, phishing, encryption, and data breaches — test your knowledge of digital security!

❓ 20 Questions
⏱ 20s Per Question
🆓 Free No Sign Up

About the Cybersecurity Quiz

The Cybersecurity Quiz is a free hard-level Technology quiz featuring 20 multiple-choice questions. Hackers, phishing, encryption, and data breaches — test your knowledge of digital security! Each question comes with a 20-second countdown timer and instant explanations after every answer so you can learn as you play. This quiz is completely free on GoKwiz — no account or sign up required.

Cybersecurity Quiz — Practice Questions

1. What is 'phishing' in cybersecurity?

  1. A fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity — typically via email
  2. Installing keylogging software on a target's computer
  3. Intercepting WiFi signals at a public location
  4. Searching through network traffic for passwords

2. What is a 'zero-day vulnerability'?

  1. A security flaw that takes zero days to exploit
  2. A software vulnerability that is unknown to the vendor and has no available patch — attackers can exploit it from day zero
  3. A type of vulnerability that zeroes out (deletes) all data
  4. A vulnerability only discovered on the first day a product is released

3. The 2017 WannaCry ransomware attack affected 200,000+ computers in 150 countries. What exploited vulnerability did it use?

  1. A Google Chrome browser zero-day
  2. A Linux kernel vulnerability
  3. An Apple iOS flaw
  4. EternalBlue — an NSA-developed Windows exploit leaked by Shadow Brokers

4. What is 'two-factor authentication' (2FA) and why is it important?

  1. A security method requiring two forms of verification — something you know (password) plus something you have (phone code) or are (biometric)
  2. Having two separate email accounts for security purposes
  3. Logging in from two different devices simultaneously
  4. Using two different passwords for the same account

5. What does 'HTTPS' protect compared to 'HTTP'?

  1. HTTPS blocks malware; HTTP allows it
  2. HTTPS encrypts data in transit using TLS, preventing eavesdropping and tampering; HTTP sends data in plain text
  3. HTTPS is faster than HTTP
  4. HTTPS only works on mobile devices

6. What is 'social engineering' in cybersecurity?

  1. A branch of computer science studying social networks
  2. Building social networks for technical teams
  3. Engineering social media platforms for maximum engagement
  4. Manipulating people psychologically to reveal confidential information or take actions that compromise security — exploiting human behaviour rather than technical vulnerabilities

7. What is a 'DDoS attack'?

  1. A targeted intrusion into a specific user's account
  2. A virus that deletes data from a server
  3. Decrypting and stealing encrypted data from a server
  4. Distributed Denial of Service — flooding a target server with so much traffic from many sources that it becomes overwhelmed and unavailable

8. What is end-to-end encryption (E2EE), used by apps like Signal and WhatsApp?

  1. A system where messages are encrypted by the sender's device only
  2. Encryption that prevents emails from being forwarded
  3. Encryption that protects data only at the server
  4. Encryption where only the communicating parties can read messages — not the service provider, not anyone intercepting the data

9. What is a 'VPN' and what does it protect?

  1. A system for blocking advertisements online
  2. A Verified Personal Network — an internet connection certified as secure by the government
  3. A Very Private Network — a firewall for home computers
  4. A Virtual Private Network — encrypts internet traffic and routes it through a server, masking your IP address and protecting data on public networks

10. The 2013 NSA PRISM surveillance programme was revealed by which whistleblower?

  1. Chelsea Manning
  2. Edward Snowden
  3. Julian Assange
  4. Reality Winner

11. What is 'ransomware' and how do most attacks demand payment?

  1. A type of virus that randomly deletes files
  2. Malware that encrypts a victim's files, then demands payment (usually cryptocurrency) to provide the decryption key
  3. Software that locks the screen until a subscription is paid
  4. Software that makes a computer run slowly until it's repaired

12. What is 'SQL injection' — one of the most common web application vulnerabilities?

  1. A method of compressing SQL databases for storage
  2. A technique for speeding up database queries
  3. Injecting physical substances into SQL server hardware
  4. Inserting malicious SQL code into an input field to manipulate a database — potentially exposing, modifying, or deleting data

13. What is a 'botnet' in cybersecurity?

  1. A company's internal network of chatbots
  2. A network of compromised computers ('bots') controlled by attackers, used for DDoS attacks, spam, cryptocurrency mining, and more
  3. A network of robots used in manufacturing
  4. Software robots that automatically test websites for security flaws

14. What does 'GDPR' stand for and what did it establish?

  1. General Data Protection Regulation — an EU law giving citizens rights over their personal data
  2. General Digital Platform Rules — an EU competition law
  3. Global Digital Privacy Rights — an international treaty
  4. Government Data Privacy Regulation — a US federal law

15. What is the 'dark web' and how is it typically accessed?

  1. A network of websites accessible only through the Tor browser, not indexed by search engines, offering anonymity
  2. Illegal content hosted on regular websites
  3. The internet at night when fewer users are active
  4. Websites with a dark colour scheme

16. What is 'multi-factor authentication' and why is SMS-based 2FA considered relatively weak?

  1. SMS 2FA is actually the most secure form
  2. SMS 2FA is weak because it requires a data connection
  3. SMS codes can be intercepted via SIM-swapping attacks (convincing carriers to transfer a phone number) or SS7 network vulnerabilities
  4. SMS codes expire too quickly to be practically useful

17. The Solar Winds hack (2020) is considered one of the most sophisticated cyber attacks ever. What did it target?

  1. A widely-used IT management software that, once compromised, gave attackers backdoor access to thousands of government and corporate networks
  2. NASA's solar observation satellites
  3. Solar panel companies' systems
  4. Stock market trading systems for renewable energy companies

18. What is 'ethical hacking' (penetration testing)?

  1. A career path where hackers are reformed and employed by cybersecurity firms
  2. Authorised security testing of systems to identify vulnerabilities before malicious hackers do — also called 'pen testing'
  3. Hacking only for educational purposes, never for financial gain
  4. Hacking only government systems under FOIA requests

19. What is 'cryptography' at its most basic level?

  1. A cryptocurrency mining technique
  2. The mathematics of computer processing speeds
  3. The science of secure communication — transforming readable data (plaintext) into an unreadable format (ciphertext) that only authorised parties can decode
  4. The study of ancient encrypted texts

20. What is the 'principle of least privilege' in cybersecurity?

  1. Only privileged users should use computers
  2. Passwords should be as short and simple as possible for usability
  3. The least experienced team members should handle security tasks to build their skills
  4. Users and systems should be granted only the minimum access rights needed to perform their specific tasks — nothing more

Frequently Asked Questions

How many questions are in the Cybersecurity Quiz?

This quiz contains 20 questions.

Is this quiz free?

Yes, completely free with no sign up or account required. All quizzes on GoKwiz are free forever.

What category is this quiz?

This quiz is in the Technology category. Browse all Technology quizzes →

How difficult is this quiz?

This quiz is rated hard difficulty, with a 20-second timer per question.

Can I retake the Cybersecurity Quiz?

Yes, as many times as you like. Questions and answer options are shuffled every time for a fresh experience. After finishing, you can also retry only the questions you got wrong.