Cybersecurity Basics Trivia
Cybersecurity Basics trivia explores the essential concepts behind protecting devices, accounts, and data in an increasingly connected world. From passwords and phishing to malware and privacy, it offers a family-friendly way to learn how everyday security practices help reduce online risk.
Easy Cybersecurity Basics Trivia
13 questions
These easy Cybersecurity Basics trivia questions are great for beginners and kids around age 12 and under.
Question 1
What secure web protocol is commonly shown at the start of a website address instead of HTTP?
Answer: HTTPS
HTTPS is the secure version of HTTP used by websites.
Question 2
What security tool filters network traffic using allow-or-block rules?
Answer: A firewall
A firewall filters network traffic according to rules that allow or block traffic.
Question 3
A password that is long and hard to guess is usually called what?
Answer: A strong password
A strong password is typically long and hard to guess.
Question 4
What security step asks for more than one proof of identity when you sign in?
Answer: Multifactor authentication
Multifactor authentication requires more than one proof of identity.
Question 5
In networking, what do you call a device like a laptop or phone connected to a network?
Answer: An endpoint
An endpoint is a device such is a laptop or phone connected to a network.
Question 6
Which tool is used to inspect network traffic by analyzing packets?
Answer: Wireshark
Wireshark is a packet analyzer used to inspect network traffic.
Question 7
What is offline backup storage called when it is disconnected from the network?
Answer: Cold storage
Offline backup storage disconnected from the network is often called cold storage.
Question 8
What kind of Wi‑Fi is usually kept separate from a business's internal network for visitors?
Answer: A guest Wi‑Fi network
A guest Wi‑Fi network is usually separated from a business's internal network.
Question 9
In security design, the public internet is commonly treated as what kind of network?
Answer: An untrusted network
The public internet is commonly treated is an untrusted network in security design.
Question 10
Where are access controls and multifactor checks often enforced first when signing in?
Answer: At the login portal
A login portal is often where access controls and multifactor checks are enforced first.
Question 11
What is the name for a scam that tricks people into revealing information or clicking harmful links?
Answer: Phishing
Phishing is a scam that tricks people into revealing information or clicking harmful links.
Question 12
What do you call software designed to harm, spy on, or disrupt systems?
Answer: Malware
Malware is software designed to harm, spy on, or disrupt systems.
Question 13
What kind of malware locks or encrypts files and then demands payment?
Answer: Ransomware
Ransomware is malware that locks or encrypts files and demands payment.
Cybersecurity Basics Family Trivia
12 questions
These family Cybersecurity Basics trivia questions are built for mixed-age game nights, classrooms, and groups.
Question 1
What browser symbol usually means a website is using HTTPS?
Answer: The padlock icon.
The padlock icon in a browser usually indicates a site is using HTTPS.
Question 2
Which is generally riskier to use for private online activity: public Wi‑Fi at a café or a trusted home network?
Answer: Public Wi‑Fi is generally riskier.
Public Wi‑Fi in places like airports and cafés is generally riskier than a trusted home network.
Question 3
What tool can generate and store unique passwords for many accounts?
Answer: A password manager.
Password managers can generate and store unique passwords for many accounts.
Question 4
Which app is commonly used for one-time login codes?
Answer: Google Authenticator.
Google Authenticator is an app commonly used for one-time login codes.
Question 5
A sneaky square picture code can be used in phishing if it sends you to a fake website. What is that code called?
Answer: A QR code.
A QR code can sometimes be used in phishing if it leads to a fake website.
Question 6
Kids are often told not to share passwords the same way they would not share what household item?
Answer: House keys.
Children are often taught not to share passwords the way they would avoid sharing house keys.
Question 7
What phone or tablet feature helps protect your device if it gets lost?
Answer: A screen lock.
Device screen locks help protect phones and tablets if they are lost.
Question 8
What reduces risk by installing fixes without waiting for you to tap 'update' yourself?
Answer: Automatic updates.
Automatic updates reduce risk by installing fixes without waiting for a user to act.
Question 9
Saving copies of family photos is helpful because it protects them from hardware failure and what kind of attack?
Answer: Ransomware.
Backing up family photos helps protect them from hardware failure and ransomware.
Question 10
For a secure home router, which should you use instead of older Wi‑Fi security like WEP?
- A.No password
- B.Bluetooth mode
- C.WPA2 or WPA3
- D.WEP only
Answer: WPA2 or WPA3.
A secure home router should use WPA2 or WPA3 instead of older Wi‑Fi security like WEP.
Question 11
True or false: WEP is widely considered insecure.?
Answer: True
WEP is an older Wi‑Fi security protocol widely considered insecure.
Question 12
Which Wi‑Fi security standard is newer than WPA2?
Answer: WPA3.
WPA3 is a newer Wi‑Fi security standard than WPA2.
Fun Cybersecurity Basics Trivia
13 questions
These fun Cybersecurity Basics trivia questions highlight surprising moments and playful facts for game-night groups.
Question 1
Which antivirus company founder turned his own surname into a famous security brand in 1987?
Answer: John McAfee
John McAfee founded McAfee Associates in 1987, making his last name one of the most recognizable in antivirus history.
Question 2
Who created PGP in 1991, giving encrypted email a huge boost in visibility?
Answer: Phil Zimmermann
Phil Zimmermann created PGP in 1991. PGP became one of the best-known encryption tools for secure communication.
Question 3
In the name RSA, who is the 'R'?
Answer: Ron Rivest
The R in RSA stands for Ron Rivest.
Question 4
Which cryptography pioneer helped push public-key cryptography into the world?
- A.Kevin Mitnick
- B.Eugene Kaspersky
- C.Whitfield Diffie
- D.Phil Zimmermann
Answer: Whitfield Diffie
Whitfield Diffie is one of the key pioneers associated with public-key cryptography.
Question 5
What is the title of Bruce Schneier's security book that first appeared in 1994?
Answer: Applied Cryptography
Bruce Schneier wrote Applied Cryptography, first published in 1994.
Question 6
Which security company counts Eugene Kaspersky as a co-founder?
Answer: Kaspersky Lab
Eugene Kaspersky is a co-founder of Kaspersky Lab.
Question 7
What does ENISA stand for in the EU cyber world?
Answer: European Union Agency for Cybersecurity
ENISA is the European Union Agency for Cybersecurity.
Question 8
Which UK cybersecurity body officially launched in 2016?
Answer: National Cyber Security Centre
The UK's National Cyber Security Centre launched in 2016.
Question 9
The CERT Coordination Center is based at which university in Pittsburgh, Pennsylvania?
Answer: Carnegie Mellon University
The CERT Coordination Center is based at Carnegie Mellon University in Pittsburgh, Pennsylvania.
Question 10
Which hacker conference first landed in Las Vegas in 1993 and kept the party going for decades?
- A.Black Hat
- B.Pwn2Own
- C.ENISA
- D.DEF CON
Answer: DEF CON
DEF CON is a long-running hacker conference first held in Las Vegas in 1993.
Question 11
What security conference made its debut in 1997?
Answer: Black Hat
Black Hat debuted in 1997.
Question 12
Which ransomware outbreak went globe-trotting in 2017?
- A.NotPetya
- B.Stuxnet
- C.Morris Worm
- D.WannaCry
Answer: WannaCry
WannaCry spread globally in 2017, becoming one of the most widely recognized ransomware outbreaks.
Question 13
Name the 2017 cyberattack known for causing major disruption across organizations worldwide.?
Answer: NotPetya
NotPetya caused major disruption in 2017.
Funny Cybersecurity Basics Trivia
13 questions
These funny Cybersecurity Basics trivia questions highlight playful moments, odd facts, and inside jokes.
Question 1
If your password strategy is basically 'numbers, but make them consecutive,' which famously weak password are you using?
- A.letmein
- B.abc123
- C.123456
- D.qwerty
Answer: 123456
The password string '123456' has repeatedly ranked among the most commonly used weak passwords.
Question 2
What exact word has spent years showing up on weak-password lists, as if irony were a security policy?
Answer: password
The word 'password' has also appeared for years on lists of weak passwords.
Question 3
What is the practice called when you explain a bug step by step to an inanimate object like a tiny yellow therapist?
Answer: rubber duck debugging
Rubber duck debugging means explaining a problem step by step to an inanimate object.
Question 4
A scam site grabs a domain that looks like a misspelled version of a real website. What is that called?
Answer: typosquatting
A typo-squatted domain is a web address registered to mimic a misspelling of a real site.
Question 5
When a fake Wi‑Fi hotspot dresses up like the real network and says 'trust me,' what term applies?
Answer: evil twin
The term 'evil twin' refers to a fake Wi‑Fi hotspot made to resemble a legitimate one.
Question 6
Which attack borrows its name from predators waiting where victims regularly gather, except with fewer zebras and more browsers?
Answer: watering hole attack
A 'watering hole' attack is named after predators waiting at a place victims often visit.
Question 7
What do you call it when someone steals information the old-fashioned way: by staring at your screen while you type?
Answer: shoulder surfing
Shoulder surfing means stealing information by watching someone type it.
Question 8
Phishing via text message gets a name that sounds like a fish with a phone plan. What is it?
Answer: smishing
Smishing is phishing carried out through SMS text messages.
Question 9
If the scam arrives by voice call instead of email or text, what is that phishing variant called?
- A.scareware
- B.pwned
- C.vishing
- D.smishing
Answer: vishing
Vishing is phishing carried out through voice calls.
Question 10
What attack tricks you into clicking something different from what the screen appears to show?
Answer: clickjacking
Clickjacking tricks a user into clicking something different from what appears on screen.
Question 11
What slang term is used for an unskilled attacker who leans on ready-made tools instead of deep expertise?
Answer: script kiddie
The term 'script kiddie' is used for an unskilled attacker who relies on ready-made tools.
Question 12
Which kind of malicious code waits patiently for a specific condition or time before going off like terrible software confetti?
Answer: logic bomb
A logic bomb is malicious code triggered by a specific condition or time.
Question 13
When scary pop-ups try to panic you into installing or paying for unwanted software, what is that called?
Answer: scareware
Scareware uses alarming messages to trick users into installing or paying for unwanted software.
Hard Cybersecurity Basics Trivia
14 questions
These hard Cybersecurity Basics trivia questions are for expert fans who want a real challenge.
Question 1
Which encryption standard did NIST select in 2001 to serve as the Advanced Encryption Standard?
Answer: AES
NIST selected AES in 2001 is the Advanced Encryption Standard.
Question 2
What algorithm was publicly described in 1977 and remains one of the most recognized names in public-key cryptography?
Answer: RSA
The RSA algorithm was publicly described in 1977.
Question 3
In what year did Diffie and Hellman publish their landmark paper on public-key exchange?
Answer: 1976
Diffie and Hellman published their landmark public-key exchange paper in 1976.
Question 4
How many bits long is the digest produced by SHA-1?
Answer: 160-bit hash value
SHA-1 produces a 160-bit hash value.
Question 5
What output size is associated with SHA-256?
Answer: 256-bit hash value
SHA-256 produces a 256-bit hash value.
Question 6
MD5 emits a digest of what length?
Answer: 128-bit hash value
MD5 produces a 128-bit hash value.
Question 7
TLS 1.3 was published in 2018 under which RFC number?
Answer: RFC 8446
TLS 1.3 was published is RFC 8446 in 2018.
Question 8
If a browser is using HTTPS on its usual TCP destination, which port is it probably talking to?
Answer: 443
TCP port 443 is the default port commonly used for HTTPS.
Question 9
Which default TCP port is associated with SSH?
Answer: 22
TCP port 22 is the default port for SSH.
Question 10
Traditional DNS traffic is classically tied to which port number?
Answer: 53
DNS traditionally uses port 53.
Question 11
What security principle says a user should receive only the access required to do the job and no more?
Answer: least privilege
The principle of least privilege means giving users only the access they need.
Question 12
The initials in the CIA triad expand to which three concepts?
Answer: confidentiality, integrity, and availability
The CIA triad stands for confidentiality, integrity, and availability.
Question 13
What is the widely cited list of major web application security risks called?
Answer: OWASP Top 10
OWASP Top 10 is a widely cited list of major web application security risks.
Question 14
Which attack works by slipping malicious SQL into application input in order to target a database?
Answer: SQL injection
SQL injection targets databases by inserting malicious SQL into application input.
Download PDF
Get the generated PDF file for printing, classroom rounds, or offline use.
Download printable trivia PDF