Initial Core 2 study project

quizzes/SEC-5-quiz.md

@@ -0,0 +1,68 @@
+# SEC-5 Quiz: Social Engineering and Attacks
+
+Take this after studying `notes/SEC-5-social-engineering-attacks.md`.
+
+Reply with answers like:
+`1B 2A 3D 4C 5B 6A 7D`
+
+## Questions
+
+1. A phishing attack sent by SMS text message is called:
+
+A. Vishing  
+B. Whaling  
+C. Smishing  
+D. Shoulder surfing  
+
+2. A phishing attack targeted at a CEO is called:
+
+A. Dumpster diving  
+B. Whaling  
+C. Tailgating  
+D. ARP poisoning  
+
+3. A fake Wi-Fi access point imitates a legitimate hotel network. What attack is this?
+
+A. Dictionary attack  
+B. SQL injection  
+C. DLP  
+D. Evil twin  
+
+4. Which attack modifies database queries through unsafe user input?
+
+A. XSS  
+B. DDoS  
+C. SQL injection  
+D. Shoulder surfing  
+
+5. Which attack injects malicious scripts that run in a user's browser?
+
+A. APIPA  
+B. XSS  
+C. Kerberos  
+D. BitLocker  
+
+6. An attacker compromises a vendor software update trusted by customers. What attack type is this?
+
+A. Piggybacking  
+B. Brute force  
+C. Vishing  
+D. Supply chain attack  
+
+7. Which attack uses many systems to overwhelm a service?
+
+A. DDoS  
+B. Plaintext storage  
+C. Tailgating  
+D. SAML  
+
+## Answer Key For Instructor
+
+1. C
+2. B
+3. D
+4. C
+5. B
+6. D
+7. A
+