Practice Cybersecurity in CS Thinking
Use these practice problems to test your method after reviewing the concept explanation and worked examples.
Quick Recap
The practice of protecting computing systems, networks, and data from unauthorized access, attacks, and damage. Cybersecurity encompasses three core goals: confidentiality (only authorized users can access data), integrity (data is not tampered with), and availability (systems remain operational).
Cybersecurity is like locking your doors and windows โ but for your digital life. It's about keeping the bad guys out of your systems and data.
Showing a random 20 of 50 problems.
Example 1
hardAn attacker tricks an employee into wiring money to a fake supplier. No software was hacked. Why is this still a cybersecurity incident, and which defense category applies?
Example 2
mediumWhich is more secure for a server: a single 8-character password, or a 16-character passphrase plus 2FA? Explain in one line.
Example 3
mediumEncryption versus hashing: which is reversible by design?
Example 4
easyA fake email pretends to be from your bank and asks you to click a link to 'verify your account'. Name the attack.
Example 5
mediumExplain three methods of protecting against cyber attacks: encryption, authentication, and firewalls.
Example 6
easyEncryption that anyone can decrypt is useless. What property must keys have?
Example 7
mediumA 6-character password using only digits has how many possible combinations?
Example 8
easyWhat does 2FA stand for, and what kind of factors does it combine?
Example 9
mediumA site stores passwords as plain text in its database. Why is this dangerous, and what is the standard fix?
Example 10
mediumSalting hashed passwords defends against which specific attack?
Example 11
easyTrue or false: keeping software updated helps protect against attacks.
Example 12
challengeA hospital wants to keep patient data confidential AND reachable by ER staff during outages. Which two CIA goals are in tension, and name one mechanism serving both.
Example 13
hardA backup strategy is described as '3-2-1'. Explain what it means and which CIA goal it serves.
Example 14
hardA team installs 2FA but uses SMS for the second factor. Why is SMS-based 2FA weaker than an authenticator app?
Example 15
mediumA firewall blocks incoming connections except web traffic on port 443. In one phrase, what security role does a firewall play?
Example 16
mediumA network device that filters incoming and outgoing traffic by rules is called a ____.
Example 17
mediumA website asks for a 4-digit PIN with no rate-limiting. Why is brute force a serious risk and what is the standard defense?
Example 18
mediumA login page sends your password over plain HTTP on public WiFi. Name the main risk and the single best fix.
Example 19
mediumA friend reuses the same password on 12 sites. One site is breached. Why does this endanger the other 11?
Example 20
challengeAn attacker has a stolen password database of unsalted hashes and a precomputed table mapping common-password hashes to passwords. Name this attack and the one defense that breaks it.