Network Security Quick Quiz: TLS, Cloud, Containers, AI & Post-Quantum Crypto
A round-up of common cybersecurity concepts — from TLS 1.3 handshakes to Kubernetes network policies to post-quantum cryptography — explained in quick Q&A format.
Q1. In a TLS 1.3 handshake, why is it more difficult for firewalls to make a reliable decrypt/do-not-decrypt decision based solely on the ClientHello message?
- A. The firewall can only see the SNI extension at that point, which may be spoofed.
- B. All certificate data is visible at the time of the ClientHello.
- C. The ClientHello does not contain any information relevant to SSL policy decisions.
- D. The ClientHello is encrypted in TLS 1.3, preventing any inspection.
Q2. Which benefit does AVC provide when securing containerized application environments?
- A. AVC routes API requests based on geographic location.
- B. AVC performs static code analysis during development.
- C. AVC filters what applications can be installed inside a container.
- D. AVC prevents unauthorized container deployments by validating run-time behavior.
Q3. Which feature of integrated endpoint security platforms directly supports remote workforces?
- A. Policy enforcement based on geolocation
- B. Full disk encryption capabilities
- C. Continuous protection regardless of network connection
- D. Cloud-based data backup for personal use
Q4. Which Cisco solution provides unified policy enforcement for both real-time data inspection and data at rest in SaaS environments?
- A. Cisco Secure Network Analytics
- B. Cisco Umbrella with multimode cloud DLP
- C. Cisco Secure Endpoint
- D. Cisco Secure Firewall Threat Defense
Q5. Which decryption method allows Cisco Secure Threat Defense to inspect outbound encrypted traffic from internal hosts without access to the server's private key?
- A. Known Key Decryption
- B. Certificate Pinning
- C. Decrypt-Reencrypt
- D. Decrypt-Resign
Q6. Which feature of Cisco Secure Email DLP helps reduce false positives by requiring additional contextual information before flagging a message as a violation?
- A. Sender reputation scoring
- B. Context Matching
- C. Outbound mail logging
- D. Inline web traffic inspection Answer: B — Context Matching. Why: Instead of triggering on a single keyword or pattern, Context Matching looks for supporting contextual signals, cutting down accidental flags.
Q7. Which of the following best describes how Cisco Umbrella provides protection against zero-day DNS threats?
- A. By using behavioral analysis and threat intelligence to detect and block unknown domains
- B. By comparing domain names against a static list of blocked sites
- C. By encrypting DNS queries between endpoints and DNS servers
- D. By scanning website content before DNS resolution is completed
Q8. How does Application Visibility and Control (AVC) contribute to protecting modern infrastructure from application-layer threats?
- A. AVC ensures only verified applications and behavior are allowed to execute.
- B. AVC disables encryption for application monitoring.
- C. AVC blocks port scans and DoS attacks on web servers.
- D. AVC passively records application logs for forensic analysis only.
Q9. What role does a Software Bill of Materials (SBOM) play in securing the software supply chain?
- A. It enables containers to scale automatically based on load.
- B. It tracks software dependencies and versions for vulnerability management.
- C. It creates an encrypted communication path between services.
- D. It manages cloud-native IAM policies across containers.
Q10. What is one of the primary security risks of using container images sourced from public registries without verification?
- A. Introduction of malicious or outdated code
- B. Reduced compatibility across environments
- C. Decreased deployment speed
- D. Increased memory utilization in cloud platforms
Q11. Which component of a Kubernetes Network Policy defines which pods the policy applies to?
- A. Namespace
- B. IP Block
- C. Ingress Rule
- D. Pod Selector
Q12. What is the default behavior of Kubernetes regarding pod-to-pod communication?
- A. All pod traffic is blocked unless allowed by a service mesh.
- B. All pod-to-pod traffic is allowed until explicitly restricted by network policies.
- C. Traffic is allowed only within the same namespace.
- D. Traffic is only permitted through ingress controllers.
Q13. What is the recommended practice to detect vulnerabilities both at the source code level and during run time in a serverless application?
- A. Combine SAST and DAST tools
- B. Use centralized authentication services
- C. Perform manual reviews of code
- D. Rely on the cloud provider's built-in libraries
Q14. Which of the following best describes a key reason for enforcing mutual TLS (mTLS) in a microservices architecture?
- A. It encrypts data faster between services.
- B. It automates the container build process.
- C. It accelerates the deployment process across services.
- D. It ensures that both client and server authenticate each other.
Q15. Which risk is most commonly introduced by relying on third-party libraries in serverless applications?
- A. Difficulty scaling application workloads
- B. Vulnerabilities from unpatched dependencies
- C. Reduced system performance
- D. Increased infrastructure complexity
Q16. What is one of the primary cybersecurity concerns associated with quantum computing?
- A. Quantum computers can break widely used public-key cryptographic systems like RSA and ECC.
- B. Quantum computers require classical cryptographic algorithms to function efficiently.
- C. Quantum computers reduce the effectiveness of symmetric encryption by weakening key lengths.
- D. Quantum computers enable more secure key exchanges using traditional elliptic curve cryptography.
Q17. Which benefit of AI most directly contributes to reducing the workload of security teams in large-scale infrastructure environments?
- A. Its ability to run vulnerability scans more frequently
- B. Its automation of routine tasks like alert triage and log analysis
- C. Its integration with firewalls for advanced access control rules
- D. Its ability to deploy network devices with zero-touch provisioning Answer: B — Its automation of routine tasks like alert triage and log analysis. Why: AI excels at sorting through high-volume, repetitive data so analysts can focus on genuine threats.
Q18. How does predictive security, enabled by AI, support proactive threat mitigation?
- A. By blocking all external connections not previously authenticated
- B. By simulating multiple attack paths to predict potential threats
- C. By running continuous port scans across the infrastructure
- D. By using historical data and threat trends to anticipate security incidents
Q19. Which of the following accurately describes how AI contributes to the design phase of secure network infrastructure?
- A. AI sets strict access control rules without human oversight.
- B. AI models and simulates potential threat scenarios to inform architecture decisions.
- C. AI deploys firewalls in every network segment automatically.
- D. AI configures routers and switches using a centralized script.
Q20. Which property of quantum bits (qubits) most directly enables quantum computers to evaluate many computational paths simultaneously?
- A. Superposition
- B. Entanglement
- C. Determinism
- D. Parallel threading
Q21. What role does the National Institute of Standards and Technology (NIST) play in post-quantum cryptography (PQC)?
- A. Manufacturing quantum-resistant chips for cloud providers
- B. Standardizing cryptographic algorithms resistant to quantum attacks
- C. Funding development of quantum computing platforms
- D. Creating network protocols for classical encryption resilience
Q22. Which quantum algorithm presents the greatest threat to current public-key encryption schemes such as RSA?
- A. Grover's Algorithm
- B. Quantum Fourier Transform
- C. Shor's Algorithm
- D. QAOA (Quantum Approximate Optimization Algorithm)
