Cybersecurity Basics Trivia

These easy Cybersecurity Basics trivia questions are great for beginners and kids around age 12 and under.

1. Question 1

   What secure web protocol is commonly shown at the start of a website address instead of HTTP?

   Answer: HTTPS

   HTTPS is the secure version of HTTP used by websites.

   00

2. Question 2

   What security tool filters network traffic using allow-or-block rules?

   Answer: A firewall

   A firewall filters network traffic according to rules that allow or block traffic.

   00

3. Question 3

   A password that is long and hard to guess is usually called what?

   Answer: A strong password

   A strong password is typically long and hard to guess.

   00

4. Question 4

   What security step asks for more than one proof of identity when you sign in?

   Answer: Multifactor authentication

   Multifactor authentication requires more than one proof of identity.

   00

5. Question 5

   In networking, what do you call a device like a laptop or phone connected to a network?

   Answer: An endpoint

   An endpoint is a device such is a laptop or phone connected to a network.

   00

6. Question 6

   Which tool is used to inspect network traffic by analyzing packets?

   Answer: Wireshark

   Wireshark is a packet analyzer used to inspect network traffic.

   00

7. Question 7

   What is offline backup storage called when it is disconnected from the network?

   Answer: Cold storage

   Offline backup storage disconnected from the network is often called cold storage.

   00

8. Question 8

   What kind of Wi‑Fi is usually kept separate from a business's internal network for visitors?

   Answer: A guest Wi‑Fi network

   A guest Wi‑Fi network is usually separated from a business's internal network.

   00

9. Question 9

   In security design, the public internet is commonly treated as what kind of network?

   Answer: An untrusted network

   The public internet is commonly treated is an untrusted network in security design.

   00

10. Question 10

    Where are access controls and multifactor checks often enforced first when signing in?

    Answer: At the login portal

    A login portal is often where access controls and multifactor checks are enforced first.

    00

11. Question 11

    What is the name for a scam that tricks people into revealing information or clicking harmful links?

    Answer: Phishing

    Phishing is a scam that tricks people into revealing information or clicking harmful links.

    00

12. Question 12

    What do you call software designed to harm, spy on, or disrupt systems?

    Answer: Malware

    Malware is software designed to harm, spy on, or disrupt systems.

    00

13. Question 13

    What kind of malware locks or encrypts files and then demands payment?

    Answer: Ransomware

    Ransomware is malware that locks or encrypts files and demands payment.

    00

These family Cybersecurity Basics trivia questions are built for mixed-age game nights, classrooms, and groups.

1. Question 1

   What browser symbol usually means a website is using HTTPS?

   Answer: The padlock icon.

   The padlock icon in a browser usually indicates a site is using HTTPS.

   00

2. Question 2

   Which is generally riskier to use for private online activity: public Wi‑Fi at a café or a trusted home network?

   Answer: Public Wi‑Fi is generally riskier.

   Public Wi‑Fi in places like airports and cafés is generally riskier than a trusted home network.

   00

3. Question 3

   What tool can generate and store unique passwords for many accounts?

   Answer: A password manager.

   Password managers can generate and store unique passwords for many accounts.

   00

4. Question 4

   Which app is commonly used for one-time login codes?

   Answer: Google Authenticator.

   Google Authenticator is an app commonly used for one-time login codes.

   00

5. Question 5

   A sneaky square picture code can be used in phishing if it sends you to a fake website. What is that code called?

   Answer: A QR code.

   A QR code can sometimes be used in phishing if it leads to a fake website.

   00

6. Question 6

   Kids are often told not to share passwords the same way they would not share what household item?

   Answer: House keys.

   Children are often taught not to share passwords the way they would avoid sharing house keys.

   00

7. Question 7

   What phone or tablet feature helps protect your device if it gets lost?

   Answer: A screen lock.

   Device screen locks help protect phones and tablets if they are lost.

   00

8. Question 8

   What reduces risk by installing fixes without waiting for you to tap 'update' yourself?

   Answer: Automatic updates.

   Automatic updates reduce risk by installing fixes without waiting for a user to act.

   00

9. Question 9

   Saving copies of family photos is helpful because it protects them from hardware failure and what kind of attack?

   Answer: Ransomware.

   Backing up family photos helps protect them from hardware failure and ransomware.

   00

10. Question 10

    For a secure home router, which should you use instead of older Wi‑Fi security like WEP?

    1. A.No password
    2. B.Bluetooth mode
    3. C.WPA2 or WPA3
    4. D.WEP only

    Answer: WPA2 or WPA3.

    A secure home router should use WPA2 or WPA3 instead of older Wi‑Fi security like WEP.

    00

11. Question 11

    True or false: WEP is widely considered insecure.?

    Answer: True

    WEP is an older Wi‑Fi security protocol widely considered insecure.

    00

12. Question 12

    Which Wi‑Fi security standard is newer than WPA2?

    Answer: WPA3.

    WPA3 is a newer Wi‑Fi security standard than WPA2.

    00

These fun Cybersecurity Basics trivia questions highlight surprising moments and playful facts for game-night groups.

1. Question 1

   Which antivirus company founder turned his own surname into a famous security brand in 1987?

   Answer: John McAfee

   John McAfee founded McAfee Associates in 1987, making his last name one of the most recognizable in antivirus history.

   00

2. Question 2

   Who created PGP in 1991, giving encrypted email a huge boost in visibility?

   Answer: Phil Zimmermann

   Phil Zimmermann created PGP in 1991. PGP became one of the best-known encryption tools for secure communication.

   00

3. Question 3

   In the name RSA, who is the 'R'?

   Answer: Ron Rivest

   The R in RSA stands for Ron Rivest.

   00

4. Question 4

   Which cryptography pioneer helped push public-key cryptography into the world?

   1. A.Kevin Mitnick
   2. B.Eugene Kaspersky
   3. C.Whitfield Diffie
   4. D.Phil Zimmermann

   Answer: Whitfield Diffie

   Whitfield Diffie is one of the key pioneers associated with public-key cryptography.

   00

5. Question 5

   What is the title of Bruce Schneier's security book that first appeared in 1994?

   Answer: Applied Cryptography

   Bruce Schneier wrote Applied Cryptography, first published in 1994.

   00

6. Question 6

   Which security company counts Eugene Kaspersky as a co-founder?

   Answer: Kaspersky Lab

   Eugene Kaspersky is a co-founder of Kaspersky Lab.

   00

7. Question 7

   What does ENISA stand for in the EU cyber world?

   Answer: European Union Agency for Cybersecurity

   ENISA is the European Union Agency for Cybersecurity.

   00

8. Question 8

   Which UK cybersecurity body officially launched in 2016?

   Answer: National Cyber Security Centre

   The UK's National Cyber Security Centre launched in 2016.

   00

9. Question 9

   The CERT Coordination Center is based at which university in Pittsburgh, Pennsylvania?

   Answer: Carnegie Mellon University

   The CERT Coordination Center is based at Carnegie Mellon University in Pittsburgh, Pennsylvania.

   00

10. Question 10

    Which hacker conference first landed in Las Vegas in 1993 and kept the party going for decades?

    1. A.Black Hat
    2. B.Pwn2Own
    3. C.ENISA
    4. D.DEF CON

    Answer: DEF CON

    DEF CON is a long-running hacker conference first held in Las Vegas in 1993.

    00

11. Question 11

    What security conference made its debut in 1997?

    Answer: Black Hat

    Black Hat debuted in 1997.

    00

12. Question 12

    Which ransomware outbreak went globe-trotting in 2017?

    1. A.NotPetya
    2. B.Stuxnet
    3. C.Morris Worm
    4. D.WannaCry

    Answer: WannaCry

    WannaCry spread globally in 2017, becoming one of the most widely recognized ransomware outbreaks.

    00

13. Question 13

    Name the 2017 cyberattack known for causing major disruption across organizations worldwide.?

    Answer: NotPetya

    NotPetya caused major disruption in 2017.

    00

These funny Cybersecurity Basics trivia questions highlight playful moments, odd facts, and inside jokes.

1. Question 1

   If your password strategy is basically 'numbers, but make them consecutive,' which famously weak password are you using?

   1. A.letmein
   2. B.abc123
   3. C.123456
   4. D.qwerty

   Answer: 123456

   The password string '123456' has repeatedly ranked among the most commonly used weak passwords.

   00

2. Question 2

   What exact word has spent years showing up on weak-password lists, as if irony were a security policy?

   Answer: password

   The word 'password' has also appeared for years on lists of weak passwords.

   00

3. Question 3

   What is the practice called when you explain a bug step by step to an inanimate object like a tiny yellow therapist?

   Answer: rubber duck debugging

   Rubber duck debugging means explaining a problem step by step to an inanimate object.

   00

4. Question 4

   A scam site grabs a domain that looks like a misspelled version of a real website. What is that called?

   Answer: typosquatting

   A typo-squatted domain is a web address registered to mimic a misspelling of a real site.

   00

5. Question 5

   When a fake Wi‑Fi hotspot dresses up like the real network and says 'trust me,' what term applies?

   Answer: evil twin

   The term 'evil twin' refers to a fake Wi‑Fi hotspot made to resemble a legitimate one.

   00

6. Question 6

   Which attack borrows its name from predators waiting where victims regularly gather, except with fewer zebras and more browsers?

   Answer: watering hole attack

   A 'watering hole' attack is named after predators waiting at a place victims often visit.

   00

7. Question 7

   What do you call it when someone steals information the old-fashioned way: by staring at your screen while you type?

   Answer: shoulder surfing

   Shoulder surfing means stealing information by watching someone type it.

   00

8. Question 8

   Phishing via text message gets a name that sounds like a fish with a phone plan. What is it?

   Answer: smishing

   Smishing is phishing carried out through SMS text messages.

   00

9. Question 9

   If the scam arrives by voice call instead of email or text, what is that phishing variant called?

   1. A.scareware
   2. B.pwned
   3. C.vishing
   4. D.smishing

   Answer: vishing

   Vishing is phishing carried out through voice calls.

   00

10. Question 10

    What attack tricks you into clicking something different from what the screen appears to show?

    Answer: clickjacking

    Clickjacking tricks a user into clicking something different from what appears on screen.

    00

11. Question 11

    What slang term is used for an unskilled attacker who leans on ready-made tools instead of deep expertise?

    Answer: script kiddie

    The term 'script kiddie' is used for an unskilled attacker who relies on ready-made tools.

    00

12. Question 12

    Which kind of malicious code waits patiently for a specific condition or time before going off like terrible software confetti?

    Answer: logic bomb

    A logic bomb is malicious code triggered by a specific condition or time.

    00

13. Question 13

    When scary pop-ups try to panic you into installing or paying for unwanted software, what is that called?

    Answer: scareware

    Scareware uses alarming messages to trick users into installing or paying for unwanted software.

    00

These hard Cybersecurity Basics trivia questions are for expert fans who want a real challenge.

1. Question 1

   Which encryption standard did NIST select in 2001 to serve as the Advanced Encryption Standard?

   Answer: AES

   NIST selected AES in 2001 is the Advanced Encryption Standard.

   00

2. Question 2

   What algorithm was publicly described in 1977 and remains one of the most recognized names in public-key cryptography?

   Answer: RSA

   The RSA algorithm was publicly described in 1977.

   00

3. Question 3

   In what year did Diffie and Hellman publish their landmark paper on public-key exchange?

   Answer: 1976

   Diffie and Hellman published their landmark public-key exchange paper in 1976.

   00

4. Question 4

   How many bits long is the digest produced by SHA-1?

   Answer: 160-bit hash value

   SHA-1 produces a 160-bit hash value.

   00

5. Question 5

   What output size is associated with SHA-256?

   Answer: 256-bit hash value

   SHA-256 produces a 256-bit hash value.

   00

6. Question 6

   MD5 emits a digest of what length?

   Answer: 128-bit hash value

   MD5 produces a 128-bit hash value.

   00

7. Question 7

   TLS 1.3 was published in 2018 under which RFC number?

   Answer: RFC 8446

   TLS 1.3 was published is RFC 8446 in 2018.

   00

8. Question 8

   If a browser is using HTTPS on its usual TCP destination, which port is it probably talking to?

   Answer: 443

   TCP port 443 is the default port commonly used for HTTPS.

   00

9. Question 9

   Which default TCP port is associated with SSH?

   Answer: 22

   TCP port 22 is the default port for SSH.

   00

10. Question 10

    Traditional DNS traffic is classically tied to which port number?

    Answer: 53

    DNS traditionally uses port 53.

    00

11. Question 11

    What security principle says a user should receive only the access required to do the job and no more?

    Answer: least privilege

    The principle of least privilege means giving users only the access they need.

    00

12. Question 12

    The initials in the CIA triad expand to which three concepts?

    Answer: confidentiality, integrity, and availability

    The CIA triad stands for confidentiality, integrity, and availability.

    00

13. Question 13

    What is the widely cited list of major web application security risks called?

    Answer: OWASP Top 10

    OWASP Top 10 is a widely cited list of major web application security risks.

    00

14. Question 14

    Which attack works by slipping malicious SQL into application input in order to target a database?

    Answer: SQL injection

    SQL injection targets databases by inserting malicious SQL into application input.

    00