1. What is Cyber Security?
a) Cyber Security provides security against malware
b) Cyber Security provides security against cyber-terrorists
c) Cyber Security protects a system from cyber attacks
d) All of the mentioned
Answer: d
Explanation: Cyber Security provides security to a system against cyber-attacks by using various technologies, and processes.
2. What does cyber security protect?
a) Cyber security protects criminals
b) Cyber security protects internet-connected systems
c) Cyber security protects hackers
d) None of the mentioned
Answer: a
Explanation: It protects internet-connected systems such as hardware, software, and data from cyber-attacks. It aims to reduce cyber attacks against the system, network, and technologies by reducing unauthorized exploitation, vulnerability, and threats.
3. Who is the father of computer security?
a) August Kerckhoffs
b) Bob Thomas
c) Robert
d) Charles
Answer: a
Explanation: August Kerckhoffs, a linguist and German professor at HEC, wrote an essay in the Journal of Military Science in February 1883. Kerckhoff had unwittingly established the foundations for contemporary encryption, earning him the title of “Father of Computer Security.”
4. Which of the following is defined as an attempt to steal, spy, damage or destroy computer systems, networks, or their associated information?
a) Cyber attack
b) Computer security
c) Cryptography
d) Digital hacking
Answer: a
Explanation: An effort to steal, spy on, damage, or destroy diverse components of cyberspace, such as computer systems, related peripherals, network systems, and information, is known as a cyber attack.
5. Which of the following is a type of cyber security?
a) Cloud Security
b) Network Security
c) Application Security
d) All of the above
Answer:d
Explanation: Since technology is improving, the threat and attacks against the technology are also increasing. Hence, to provide security, it is divided into the following types:
Cloud Security: Provides security for the data stored on the cloud.
Network Security: Protects the internal network from threats.
Application Security: Protects data stored in the application software.
6. What are the features of cyber security?
a) Compliance
b) Defense against internal threats
c) Threat Prevention
d) All of the above
Answer: d
Explanation: The features are as follows:
Compliance: Creating a program that meets the requirements and rules of the users.
Defense against internal threats: Should provide security against internal exploitation.
Threat Prevention: Should be capable of detecting the threat and preventing them.
7. Which of the following is an objective of network security?
a) Confidentiality
b) Integrity
c) Availability
d) All of the above
Answer: d
Explanation: The objectives of network security are Confidentiality, Integrity, and Availability.
Confidentiality: The function of confidentiality is to keep sensitive company information safe from unwanted access. The confidentiality component of network security ensures that data is only accessible to those who are authorized to see it.
Integrity: This goal entails ensuring and preserving data accuracy and consistency. The purpose of integrity is to ensure that data is accurate and not tampered with by unauthorized individuals.
Availability: The purpose of availability in Network Security is to ensure that data, network resources, and services are always available to legitimate users, whenever they need them.
8. Which of the following is not a cybercrime?
a) Denial of Service
b) Man in the Middle
c) Malware
d) AES
Answer: d
Explanation: Denial of Service, Man in the Middle, and Malware exploit the system causing a threat to security, hence they are considered as cybercrime. AES (Advanced Encryption Standard) provides security by encrypting the data.
9. Which of the following is a component of cyber security?
a) Internet Of Things
b) AI
c) Database
d) Attacks
Answer: a
Explanation: The Internet of Things (IoT) is a network of physical objects embedded with sensors, software, and other technologies to connect and exchange data with other devices and systems through the internet.
10. Which of the following is a type of cyber attack?
a) Phishing
b) SQL Injections
c) Password Attack
d) All of the above
Answer: d
Explanation: Attacks are Phishing, SQL Injections, and Password Attack.
Phishing: The attacker sends a large number of fraudulent emails and gains access to the system.
SQL Injections: The attacker gains access to the protected information by adding malicious code to the SQL server.
Password Attack: Attackers gain access to the passwords unethically and gain access to the confidential data.
11. Which of the following is not an advantage of cyber security?
a) Makes the system slower
b) Minimizes computer freezing and crashes
c) Gives privacy to users
d) Protects system against viruses
Answer: a
Explanation: The advantages are minimization of computer freezing and crashes, user privacy, and protection against viruses, worms, etc. Disadvantages include the system becoming slow, configuring firewalls correctly can be difficult, need to update the new software in order to keep security up to date.
12. “Cyberspace” was coined by _________
a) Richard Stallman
b) William Gibson
c) Andrew Tannenbaum
d) Scott Fahlman
Answer: b
Explanation: William Gibson, an American-Canadian fiction pioneer, and coiner, examined the many streams of technology and invented the word “cyberspace” in 1821. The phrase refers to linked technologies that aid in information exchange, interaction with digital devices, storage and digital entertainment, computer and network security, and other information technology-related matters.
13. In which year has hacking become a practical crime and a matter of concern in the field of cyber technology?
a) 1991
b) 1983
c) 1970
d) 1964
Answer: c
Explanation: In the case of hackers in the 1970s, hackers and cyber thieves found out how wired technologies operate and how they might be abused to obtain a competitive edge or misuse the technology.
14. Governments hired some highly skilled hackers for providing cyber security for the country or state. These types of hackers are termed as _______
a) Nation / State sponsored hackers
b) CIA triad
c) Special Hackers
d) Government Hackers
Answer: a
Explanation: Nation / State-sponsored hackers are those who are engaged or paid by a nation’s or state’s government to safeguard the country from cyber terrorists and other groups or individuals, as well as to expose their plans, communications, and activities.
15. Which of the following act violates cyber security?
a) Exploit
b) Attack
c) Threat
d) Vulnerability
Answer: b
Explanation: A threat is a possible danger that might lead to a security breach and cause harm to the system or network. Vulnerability is a word that refers to a flaw in a network or system that might be exploited by an attacker. Exploiting a security flaw might result in unexpected and unwanted effects. A cyber-attack is an attempt by attackers to alter, delete, steal or expose any specific data by gaining unauthorized access.
16. Which of the following actions compromise cyber security?
a) Vulnerability
b) Attack
c) Threat
d) Exploit
Answer: c
Explanation: A threat is defined as a potential hazard that might result in a breach of security and cause harm to the system or network. Vulnerability is a term that refers to a weakness in a network or system that an attacker may exploit. Exploiting a weakness in security might have unintended and undesirable consequences.
17. Which of the following is the hacking approach where cyber-criminals design fake websites or pages for tricking or gaining additional traffic?
a) Pharming
b) Website-Duplication
c) Mimicking
d) Spamming
Answer: a
Explanation: Pharming is a strategy and approach used by cybercriminals to create phony web pages and sites in order to mislead users into giving over personal information such as login IDs and passwords.
18. Which of the following is not a type of peer-to-peer cyber-crime?
a) MiTM
b) Injecting Trojans to a target victim
c) Credit card details leak in the deep web
d) Phishing
Answer: c
Explanation: Peer-to-peer includes phishing, as well as the distribution of Trojans and worms to individuals. The leakage of a huge number of people’s credit card data on the deep web, on the other hand, is classified as a computer-as-weapon cyber-crime.
19. A cyber-criminal or penetration tester uses the additional data that stores certain special instructions in the memory for activities to break the system in which of the following attack?
a) Clickjacking
b) Buffer-overflow
c) Phishing
d) MiTM
Answer: b
Explanation: The excess data that contains certain specific instructions in the memory for actions are projected by a cyber-criminal or penetration tester to break the system in a buffer-overflow attack.
20. Which of the following do Cyber attackers commonly target for fetching IP address of a target or victim user?
a) ip tracker
b) emails
c) websites
d) web pages
Answer: c
Explanation: Enumeration by cyber-attackers is also feasible via websites since attackers target websites in order to obtain the victim’s or target user’s IP address.
21. Which of the following is defined as an attempt to harm, damage or cause threat to a system or network?
a) Digital crime
b) Threats
c) System hijacking
d) Cyber Attack
Answer: d
Explanation: Extortion, identity theft, email hacking, digital surveillance, stealing hardware, mobile hacking, and physical security breaches are all examples of cyber assaults or activities.
22. They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes. Who are “they” referred to here?
a) White Hat Hackers
b) Black Hat Hackers
c) Hactivists
d) Gray Hat Hackers
Answer: b
Explanation: Black Hat hackers, often known as “crackers,” are a sort of cyber crime that gain illegal access to a user’s account or system in order to steal confidential data or introduce malware into the system for personal gain or to harm the company.
23. IT security in any firm or organization is maintained and handled by ____________________
a) Software Security Specialist
b) CEO of the organization
c) Security Auditor
d) IT Security Engineer
Answer: d
Explanation: This is a position in a company or organisation where an individual develops and maintains different systems and security tools for the company or organisation to which he or she belongs.
24. Where did the term “hacker” originate?
a) MIT
b) New York University
c) Harvard University
d) Bell’s Lab
Answer: a
Explanation: The term “hacker” was coined at MIT (Massachusetts Institute of Technology) because individuals and highly competent professionals use computer languages to address various challenges. In this context, labels such as geeks and nerds have been coined.
25. What is the existence of weakness in a system or network is known as?
a) Attack
b) Exploit
c) Vulnerability
d) Threat
Answer: c
Explanation: Vulnerability is a term that refers to a weakness in a network or system that an attacker may exploit. Exploiting a weakness in security might have unintended and undesirable consequences.
26. Which of the following is an internet scam done by cyber-criminals where the user is convinced digitally to provide confidential information.
a) MiTM attack
b) Phishing attack
c) Website attack
d) DoS attack
Answer: b
Explanation: Phishing is a type of cybercrime in which a person is digitally persuaded to disclose private information. Phishing comes in a variety of forms. Some of them employ malware and emails to divert users to various websites.
27. Which of the following is not a step followed by cyber-criminals in data breaching?
a) Exfiltration
b) Research and info-gathering
c) Attack the system
d) Fixing the bugs
Answer: d
Explanation: During a hack, cyber-criminals first do research on the target, gathering data about the victim’s system and network. Then go ahead and attack. Once the attacker has gained access, he or she takes sensitive information.
28. Which of the following online service’s privacy cannot be protected using Tor?
a) Browsing data
b) Instant messaging
c) Login using ID
d) Relay chats
Answer: c
Explanation: Login using ID will obviously take your ID in order to access your account and is not the headache of Tor. Privacy regarding instant messaging, browsing data, relay chats are some of the following online services protected by Tor.
29. Which of the following term refers to a group of hackers who are both white and black hat?
a) Yellow Hat hackers
b) Grey Hat hackers
c) Red Hat Hackers
d) White-Black Hat Hackers
Answer: b
Explanation: Grey Hat Hackers are a hybrid of ethical and unethical hacker personalities. They hack other people’s computers for fun, but they don’t hurt them, and they exploit network faults and vulnerabilities without the admin or owner’s awareness.
30. Which of the following is not an email-related hacking tool?
a) Mail Password
b) Email Finder Pro
c) Mail PassView
d) Sendinc
Answer: d
Explanation: Sendinc is not a tool that compromises email data. It is used to protect business email accounts and provides a fast web-based solution for businesses to start delivering secure emails. The other three are email hacking tools.
30. Which of the following DDoS in mobile systems wait for the owner to trigger the cyber attack?
a) botnets
b) programs
c) virus
d) worms
Answer: a
Explanation: Botnets on infected mobile devices are waiting for orders from their owners. It starts a DDoS flood attack after receiving the owner’s instructions. As a result, calls are not connected or data is not sent.
31. Which of the following is the least strong security encryption standard?
a) WPA3
b) WPA2
c) WPA
d) WEP
Answer: d
Explanation: Wireless security is an important aspect of cyber-security. Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2, and WPA3 are the most common kinds of wireless security. WEP is a famously insecure encryption protocol.
32. Which of the following is a Stuxnet?
a) Trojan
b) Antivirus
c) Worm
d) Virus
Answer: c
Explanation: Stuxnet is a popular and powerful worm that came into existence in mid 2010, which was very powerful as it was accountable for the cause of huge damage to Iran’s Nuclear program. It mainly targets the PLCs (Programmable Logic Controllers) in a system.
33. Which of the following ethical hacking technique is used for determining which operating system (OS) is running on a remote computer?
a) Operating System fingerprinting
b) Operating System penetration testing
c) Digital-printing
d) Machine printing
Answer: a
Explanation: OS fingerprinting is an ethical hacking technique used for determining what operating system (OS) is running on a remote computer. OS Fingerprinting is the practice of examining data packets that come from a network in order to extract intelligence that may be utilized in future assaults.
34. Which of the following can diminish the chance of data leakage?
a) Steganography
b) Chorography
c) Cryptography
d) Authentication
Answer: a
Explanation: Ordinary files are targeted by hackers or other cyber criminals in order to disguise distinct data or information within another data file. You can reduce the risk of data leaking by employing steganography.
35. The full form of Malware is ________
a) Malfunctioned Software
b) Multipurpose Software
c) Malicious Software
d) Malfunctioning of Security
Answer: c
Explanation: Different types of harmful software and programs that can pose threats to a system, network or anything related to cyberspace are termed as Malware. Examples of some common malware are Virus, Trojans, Ransomware, spyware, worms, rootkits etc.
36. Who deploy Malwares to a system or network?
a) Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
b) Criminal organizations, White hat hackers, malware developers, cyber-terrorists
c) Criminal organizations, Black hat hackers, software developers, cyber-terrorists
d) Criminal organizations, gray hat hackers, Malware developers, Penetration testers
Answer: a
Explanation: Criminal-minded organizations, groups and individuals cyber-terrorist groups, Black hat hackers, malware developers etc are those who can deploy malwares to any target system or network in order to deface that system.
37. _____________ is a code injecting method used for attacking the database of a system / website.
a) HTML injection
b) SQL Injection
c) Malicious code injection
d) XML Injection
Answer: b
Explanation: SQLi (Structured Query Language Injection) is a popular attack where SQL code is targeted or injected; for breaking the web application having SQL vulnerabilities. This allows the attacker to run malicious code and take access to the database of that server.
38. XSS is abbreviated as __________
a) Extreme Secure Scripting
b) Cross Site Security
c) X Site Scripting
d) Cross Site Scripting
Answer: d
Explanation: Cross Site Scripting is another popular web application attack type that can hamper the reputation of any site.
39. This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?
a) SQL injection
b) HTML Injection
c) Cross Site Scripting (XSS)
d) Cross Site Request Forgery (XSRF)
Answer: c
Explanation: XSS attack can be infused by putting the malicious code (which gets automatically run) in any comment section or feedback section of any webpage (usually a blogging page). This can hamper the reputation of a site and the attacker may place any private data or personal credentials.
40. When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
a) Database crash attack
b) DoS (Denial of Service) attack
c) Data overflow Attack
d) Buffer Overflow attack
Answer: d
Explanation: The Buffer overflow attack takes place when an excessive amount of data occurs in the buffer, which it cannot handle and lead to data being over-flow into its adjoined storage. This attack can cause a system or application crash and can lead to malicious entry-point.
41. Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called ___________
a) Session Hijacking
b) Session Fixation
c) Cookie stuffing
d) Session Spying
Answer: a
Explanation: Using session hijacking, which is popularly known as cookie hijacking is an exploitation method for compromising the user’s session for gaining unauthorized access to user’s information.
42. Which of this is an example of physical hacking?
a) Remote Unauthorised access
b) Inserting malware loaded USB to a system
c) SQL Injection on SQL vulnerable site
d) DDoS (Distributed Denial of Service) attack
Answer: b
Explanation: If a suspicious gain access to server room or into any confidential area with a malicious pen-drive loaded with malware which will get triggered automatically once inserted to USB port of any employee’s PC; such attacks come under physical hacking, because that person in gaining unauthorized physical access to any room or organization first, then managed to get an employee’s PC also, all done physically – hence breaching physical security.
43. Which of them is not a wireless attack?
a) Eavesdropping
b) MAC Spoofing
c) Wireless Hijacking
d) Phishing
Answer: d
Explanation: Wireless attacks are malicious attacks done in wireless systems, networks or devices. Attacks on Wi-Fi network is one common example that general people know. Other such sub-types of wireless attacks are wireless authentication attack, Encryption cracking etc.
44. An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
a) Cyber-crime
b) Cyber Attack
c) System hijacking
d) Digital crime
Answer: b
Explanation: Cyber attack is an umbrella term used to classify different computer & network attacks or activities such as extortion, identity theft, email hacking, digital spying, stealing hardware, mobile hacking and physical security breaching.
45. Which method of hacking will record all your keystrokes?
a) Keyhijacking
b) Keyjacking
c) Keylogging
d) Keyboard monitoring
Answer: c
Explanation: Keylogging is the method or procedure of recording all the key strokes/keyboard button pressed by the user of that system.
46. _________ are the special type of programs used for recording and tracking user’s keystroke.
a) Keylogger
b) Trojans
c) Virus
d) Worms
Answer: a
Explanation: Keyloggers are surveillance programs developed for both security purpose as well as done for hacking passwords and other personal credentials and information. This type of programs actually saves the keystrokes done using a keyboard and then sends the recorded keystroke file to the creator of such programs.
47. These are a collective term for malicious spying programs used for secretly monitoring someone’s activity and actions over a digital medium.
a) Malware
b) Remote Access Trojans
c) Keyloggers
d) Spyware
Answer: d
Explanation: Spyware is professional malicious spying software that is hard to detect by anti-malware or anti-virus programs because they are programmed in such a skillful way. These types of software keep on collecting personal information, surfing habits, surfing history as well as credit card details.
48. Stuxnet is a _________
a) Worm
b) Virus
c) Trojan
d) Antivirus
Answer: a
Explanation: Stuxnet is a popular and powerful worm that came into existence in mid 2010, which was very powerful as it was accountable for the cause of huge damage to Iran’s Nuclear program. It mainly targets the PLCs (Programmable Logic Controllers) in a system.
49. ___________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise harms anyone in order to accomplish political gain.
a) Cyber-warfare
b) Cyber campaign
c) Cyber-terrorism
d) Cyber attack
Answer: c
Explanation: Cyber- terrorism is the term used to describe internet terrorism, where individuals and groups are anonymously misusing ethnicities, religions as well as threaten any technology user, which may lead to even loss of life.
0 Comments