Cybersecurity Online Test

This online test can help you evaluate yourself in different areas of Cybersecurity as well as basic engineering skills. The test contains only simple questions, each can be answered in less than 15 seconds. There is no negative points for this test. So try to answer all the questions even if you are not 100% sure about the answer.

The Test targets those who are in the beginning of their journey toward the road of cybersecurity. So it's useless for professionals or experienced folks.

After finishing the test, click on the "show result" button to see the final result. We do NOT store any information about the test or the results. The whole page has been written in JavaScript (client-side) and you are the only one who see your final results. However, if you want to share your results with others, you can put it as a comment at the end of the page.

In this online test, we try to cover different aspects of Cybersecurity.

Note: There is a link in front of each question. These are the tutorials related to the questions. Try not to see these tutorials before answering all the questions.

1. Below, you can see the answer of the dig command-line tool on my machine. What you can say from this answer? (easy) (dig tutorial)

; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28534
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com.            IN    A

;; Query time: 26 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon May 16 09:47:50 CEST 2022
;; MSG SIZE  rcvd: 41

I can say that the domain name "google.com" does not exist.

 I can say that the domain name "google.com" has an additional section which I am not allowed to see.

 I can say that the remote server did not answer to my question for DNS resolution.

The dig command is deprecated, that's why I get this answer.

2. I have a text file (test.txt) on my machine with 3 lines as below:

This is line #1
This is line number 2
This is the last line of the file

I run this command on my machine: cat test.txt | sed '3q;d'. As I don't know bash very well, please tell me what would be the output? (difficult) (sed man)

This command will delete the third line of the file.

This command will print all 3 lines of the file and quit

Prints the first 2 lines of the file, delete the third one and then quit.

Prints only the third line of the file and then quit.

3. Image below (figure 1) shows the DNS resolution procedure. What are the names of the servers labelled with * and ** respectively? (easy) (tutorial)

Stub resolver - Recursive resolver

Recursive resolver - Forwarder

Authoritative Nameserver - Recursive resolver

Recursive Resolver - Authoritative Nameserver

4. Which one is true about HTTP Strict-Transport-Security (HSTS)? (medium) (tutorial)

It tells the browser to throw errors if the SSL/TLS certificate is self-signed, expired or revoked

It tells the browser that the site should only be accessed using HTTPS

It's often more secure to use HTTP to HTTPS (301) redirection using webservers (e.g., NginX) instead of headers.

None of the above answers is correct

5. What is the length of IPv4, IPV6 and MAC Address? (very easy) (tutorial)

32 bits, 128 bits, 64 bits

32 bits, 96 bits, 48 bits

32 bits, 128 bits, 48 bits

It doesn't work for me. I am going to study Biology.

6. The previous administrator has only Vim installed on the server. I opened a configuration file in Vim and modified it a little bit but I just changed my mind. How can I quit Vim without saving the file? (very easy)(tutorial)

Just type :!q and press enter

Just type :wq and press enter

Just type :q! and press enter

At this point, the best solution is to reinstall the OS

7. I have a log file and I would like to extract IP addresses from it. I am using grep with extended regular expression. Which one is the best regex (compared to others) for the job? (easy)(man grep)

grep -E '[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}'

grep -E '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}'

grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'

8. I wrote this code to print a string from the second character to the end and it works perfectly fine.

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int main (int argc, char ** argv) 
{
    char *ptr = (char*) malloc(20 * sizeof(char));
    if ( NULL == ptr){
        printf("Can not allocate memory!");
        return 1;
    }
    strcpy(ptr, "This is just a test");
    //let's print from the second character to the end
    ptr++;
    printf("%s\n", ptr);
    //let's free the heap
    free(ptr);  
}

Everything is fine and I get the correct output. However, it also shows me an error. Can you tell me which part is wrong? (easy)(see why)

The problem is in the strcpy function. It's not safe to use it like this.

The problem is "ptr++" line. You can not perform arithmetic operation on pointers.

The allocation function (malloc) may not correctly allocate the memory.

The "free" function need to original pointer not the modified one.

9. What is the difference between these 2 commands in bash? (medium) (tutorial)

1. time nice sleep 2
2. nice time sleep 2

Any kind of change in the order doesn't influence bash commands.

The first one is using bash built-in time keyword and the second one is using /usr/bin/time

The first one is using /usr/bin/time and the second one is using bash built-in time keyword

Both of them are the same regarding "time" command but different regarding "nice" command

10. I tried to visit a website and my browser (Google Chrome) showed me NET::ERR_CERT_AUTHORITY_INVALID error. What does it mean? (easy) (tutorial)

The certificate has been expired

The certificate has been revoked

The certificate is self-signed

The certificated is valid but issued for another domain name