🔐 Cyber Security

100 Internet Security Quiz Questions & Answers 2026

Passwords, phishing, VPN, HTTPS, social engineering and online safety best practices

📖 10 min read ❓ 100 quiz questions 🗓️ Updated Jul 2026
Ready to test your knowledge? Take the Quiz →

Password Security — 20 Questions

  1. What makes a strong password? (12+ characters, mix of uppercase/lowercase, numbers, symbols)
  2. What is a password manager? (Tool that generates and stores strong unique passwords)
  3. What is two-factor authentication (2FA)? (Requires second verification — code, biometric, or hardware key)
  4. What is the most common password? ("123456" — still used by millions)
  5. How often should you change passwords? (Only when compromised — unique strong passwords per site is more important)
  6. What is a passphrase? (Multiple random words — longer but memorable — "correct horse battery staple")
  7. What is biometric authentication? (Using fingerprint, face ID, or iris scan for verification)
  8. What is a hardware security key? (Physical device (YubiKey) for 2FA — most secure option)
  9. What is single sign-on (SSO)? (Login once to access multiple applications)
  10. What is credential stuffing? (Using stolen passwords from one breach to access other accounts)
  11. What is password reuse, and why is it risky? (Using the same password across multiple sites, risking all accounts if one is breached)
  12. What is "salting" a password before hashing? (Adding random data to prevent identical passwords from producing identical hashes)
  13. What is the minimum recommended password length by most security experts today? (At least 12 characters)
  14. What is an authenticator app used for? (Generating time-based one-time codes for two-factor authentication)
  15. What is a PIN code typically used for? (A short numeric password, often for devices or ATMs)
  16. What is the risk of using personal information (like a birthday) in a password? (It's easier for attackers to guess using available personal data)
  17. What is a "security question" used for, and what is its weakness? (Verifying identity, but answers can often be guessed or found online)
  18. What is account lockout used for after failed login attempts? (Preventing brute force attacks by temporarily blocking further attempts)
  19. What is the benefit of biometric login over traditional passwords? (Convenience and resistance to typical password-guessing attacks)
  20. What is a YubiKey? (A popular brand of hardware security key for physical 2FA)
  21. What should you do if you suspect a password has been compromised? (Change it immediately and check for unauthorized account activity)
  22. What website lets users check if their email has appeared in known data breaches? (Have I Been Pwned)
  23. What is the risk of writing passwords down on paper? (Physical theft or loss, though it can be safer than weak digital storage in some contexts)
  24. What is "passwordless authentication"? (Logging in using methods like biometrics or security keys instead of a traditional password)

Online Privacy & Safe Browsing — 25 Questions

  1. What is a browser cookie? (Small file storing user preferences and session data)
  2. What is private/incognito browsing? (Session not saved locally — but ISP and websites still see you)
  3. What is a VPN? (Encrypts traffic and hides IP address)
  4. What is the Tor browser? (Routes traffic through multiple nodes for anonymity)
  5. What does HTTPS padlock mean? (Connection is encrypted — data is secure in transit)
  6. What is a tracking pixel? (Invisible 1×1 image tracking email opens and web activity)
  7. What does GDPR stand for? (General Data Protection Regulation — EU privacy law)
  8. What is data minimization? (Collecting only the minimum data necessary)
  9. What is a privacy policy? (Legal document explaining how a company collects and uses data)
  10. What is a data breach? (Unauthorized access/exposure of sensitive data)
  11. What is doxxing? (Publishing private personal information online without consent)
  12. What is identity theft? (Using someone's personal information without permission for fraud)
  13. How do you spot a phishing email? (Check sender address, look for urgency/threats, hover over links, watch for typos)
  14. What is HTTPS vs HTTP? (HTTPS encrypts data; HTTP sends in plaintext — never enter passwords on HTTP)
  15. What is a man-in-the-middle attack on public WiFi? (Attacker intercepts traffic between you and the hotspot)
  16. What is browser fingerprinting? (Identifying and tracking a user based on unique device/browser characteristics)
  17. What is an ad blocker used for, related to privacy? (Blocking ads and often the trackers embedded within them)
  18. What is the "right to be forgotten" under GDPR? (A person's right to request deletion of their personal data)
  19. What is a public WiFi risk that a VPN helps mitigate? (Attackers intercepting unencrypted data on shared networks)
  20. What is geolocation tracking, and how can users limit it? (Apps tracking physical location; users can disable location permissions)
  21. What is a "cookie consent banner" required for under privacy laws? (Informing users and obtaining consent before tracking via cookies)
  22. What is end-to-end encrypted messaging, e.g. on WhatsApp or Signal? (Messages only readable by sender and recipient, not even the platform)
  23. What is metadata, and why does it matter for privacy? (Data about data, like when/where a photo was taken, which can reveal personal info)
  24. What is a "burner email" used for? (A temporary email address used to protect your main address from spam or tracking)
  25. What is the safest way to dispose of an old device with personal data? (Securely wiping or factory-resetting it before disposal or resale)

Social Media & Online Safety — 25 Questions

  1. What is oversharing on social media, and why is it risky? (Posting too much personal information, which can be exploited by bad actors)
  2. What is catfishing? (Creating a fake online identity to deceive someone, often for romantic or financial scams)
  3. What is the risk of posting your location in real time? (It can reveal your home is empty or allow stalking)
  4. What is cyberbullying? (Using digital platforms to harass, threaten, or humiliate someone)
  5. What is a "privacy setting" used for on social media? (Controlling who can see your posts, profile, and personal information)
  6. What is the risk of accepting friend requests from strangers? (Exposure to scams, phishing, or social engineering attempts)
  7. What is grooming, in the context of online child safety? (An adult building trust with a minor for the purpose of exploitation)
  8. What is sextortion? (Blackmail using sexual images or content, often obtained through deception)
  9. What should parents do to help keep children safe online? (Use parental controls, discuss online risks, and monitor activity appropriately)
  10. What is a "scam link" commonly disguised as on social media? (Fake giveaways, urgent alerts, or too-good-to-be-true offers)
  11. What is "romance scamming"? (Building a fake romantic relationship online to manipulate someone into sending money)
  12. What is the risk of using the same profile picture and username across all platforms? (It makes you easier to track and link across services)
  13. What is "geotagging" in photos, and why can it be risky? (Embedding location data in images, which can reveal your whereabouts)
  14. What should you do if you receive a suspicious message from a friend's hacked account? (Avoid clicking links and verify with the friend through another channel)
  15. What is a fake news or misinformation risk on social media? (Spreading false information that can mislead or manipulate public opinion)
  16. What is "report and block" used for on social platforms? (Flagging abusive content and preventing further contact from a user)
  17. What is the risk of public Wi-Fi for social media login sessions? (Potential interception of login credentials by attackers on the same network)
  18. What is "digital footprint"? (The trail of data a person leaves behind from online activity)
  19. What is the benefit of reviewing app permissions on your phone? (Preventing apps from accessing more data than necessary)
  20. What is "pretexting" in social engineering? (Creating a false scenario to trick someone into giving up information)
  21. What is the danger of clicking links in unsolicited direct messages? (They may lead to phishing sites or malware downloads)
  22. What should you verify before donating to an online charity campaign? (That the charity is legitimate and verified, to avoid scams)
  23. What is "vishing"? (Voice phishing — using phone calls to trick victims into revealing information)
  24. What is "smishing"? (SMS-based phishing attacks sent via text message)
  25. What is the safest way to verify a suspicious request for money from a "friend" online? (Contact them directly through a known, separate channel to confirm)

Device & Network Safety — 25 Questions

  1. What is the purpose of antivirus software? (Detecting and removing malicious software from a device)
  2. Why is it important to keep software and apps updated? (Updates often patch known security vulnerabilities)
  3. What is the risk of jailbreaking or rooting a device? (It can bypass built-in security protections, increasing vulnerability)
  4. What is a firewall's role on a personal device? (Blocking unauthorized incoming and outgoing network connections)
  5. What is the risk of downloading apps from unofficial app stores? (Higher chance of installing malware or fake apps)
  6. What is "auto-update" useful for in terms of security? (Ensuring devices receive the latest security patches without delay)
  7. What is the purpose of locking your phone with a PIN or biometric? (Preventing unauthorized physical access to your data)
  8. What is the risk of using public USB charging stations? ("Juice jacking" — malicious data transfer through compromised charging ports)
  9. What is a "guest network" on a home router used for? (Giving visitors internet access without exposing your main network devices)
  10. What is the importance of changing default router passwords? (Default credentials are publicly known and easily exploited)
  11. What is a smart home device's main security risk? (Weak default security potentially allowing unauthorized access to your home network)
  12. What is "patch Tuesday," referenced by some companies? (A regular scheduled day for releasing software security updates)
  13. What is the purpose of regularly backing up your data? (Protecting against data loss from device failure, theft, or ransomware)
  14. What is the "3-2-1 backup rule"? (3 copies of data, on 2 different media, with 1 copy stored offsite)
  15. What is the risk of leaving Bluetooth enabled in public? (Potential exposure to unauthorized device pairing or "bluejacking")
  16. What should you do before selling or recycling an old smartphone? (Perform a factory reset to erase all personal data)
  17. What is the danger of clicking "remember this device" on shared or public computers? (It can let others access your accounts without re-entering credentials)
  18. What is the purpose of network encryption like WPA3 on home Wi-Fi? (Securing wireless communication from eavesdropping)
  19. What is the risk of using outdated Wi-Fi encryption like WEP? (It is easily crackable by modern tools, exposing your network)
  20. What is "shoulder surfing"? (Someone watching over your shoulder to steal your password or PIN)
  21. What is the benefit of using a screen privacy filter in public spaces? (Preventing others from viewing your screen at an angle)
  22. What is the risk of leaving location services on for all apps? (Unnecessary tracking of your movements by apps that don't need it)
  23. What is "SIM swapping," a security risk for mobile accounts? (An attacker convincing a carrier to transfer your number to their SIM, bypassing 2FA)
  24. What is the safest way to dispose of sensitive printed documents? (Shredding them before disposal)
  25. What is the overall best practice for staying safe online, combining all these concepts? (Layered defenses: strong unique passwords, 2FA, updated software, caution with links, and regular backups)
  26. What is the term for staying informed about new and evolving online threats? (Security awareness, or "cyber hygiene")

❓ Frequently Asked Questions

What are the most important internet security practices?

Use strong unique passwords + password manager, enable two-factor authentication, keep software updated, use HTTPS websites only, be suspicious of emails/links, use a VPN on public WiFi, and back up data regularly.

What is the biggest internet security threat in 2026?

Phishing remains the #1 threat — it accounts for over 80% of successful cyberattacks. AI-powered phishing (using deepfakes and personalized messages) is making attacks more convincing than ever.

🔐

Ready to Test Your Cyber Security Knowledge?

Take our Cyber Security quiz and see how you rank against players worldwide!

Play Cyber Security Quizzes →
📱
Share this study guide Help your friends prepare for quizzes
📲 Share on WhatsApp