1. A ___________ consists of at least one bot server or controller and one or more client-bots.
a) Virus
b) Trojan
c) Botnet
d) Adware
Answer: c
Explanation: The botnet comprises one bot server or controller and one or more client-bots. Botnets are managed by bot-herders. They have become major threats to security as they are getting popular in the cyber-crime world.
2. Botnets are managed by ______________
a) Bot-holders
b) Bot-herders
c) Bot-trainers
d) Bot-creators
View Answer
Answer: b
Explanation: A botnet consists of at least one bot server or controller and one or more client-bots. Botnets are managed by bot-herders. The exact term is bot herders.
3. A _____________ is a number of Internet-connected systems, where each of them is running one or more bots.
a) Trojan
b) Virus
c) Worms
d) Botnet
Answer: d
Explanation: A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets are managed by bot-herders. These botnets have become foremost threats to cyber-security.
4. _____________ are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
a) Trojan
b) Virus
c) Botnet
d) Worms
Answer: c
Explanation: Botnets are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
5. Botnets are not used for ______________
a) Perform DDoS
b) Steal bulk amount of sensitive data
c) Spamming
d) Encrypting for ransom
Answer: d
Explanation: Botnets usually are not used for encrypting files for ransom. Botnets are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
6. The owner of botnets can control the botnet using ___________________ software.
a) trojans
b) command and control
c) servers
d) infected servers
Answer: b
Explanation: A botnet owner can govern and manage the botnet through command & programs. Botnets are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
7. The full form of C&C is ____________
a) command and control
b) copy and cut
c) command and capture
d) copy and control
Answer: a
Explanation: The owner of botnets can control the botnet using command & control (C&C) software. Botnets are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
8. The word “botnet” is a blend of the words _____________ & ___________
a) robot, network
b) rocket, network
c) bot, network
d) bot, internet
Answer: a
Explanation: The word “botnet” is a blend of the words robot & network. Botnets usually are not used for encrypting files for ransom. They are implemented to carry out distributed DDoS attacks, steal data, send spam messages and compromise various services & its connection.
9. Botnets are not the logical connection of which of the following?
a) Smart-phones
b) IoT devices
c) Computer systems
d) Modems
Answer: d
Explanation: Botnets are logical connections of smart-phones, IoT devices, computer systems etc. They are strong enough to carry out distributed denial of service attacks & permit hackers to access various devices & its connection.
10. Infected computers and other systems within the botnet are called __________
a) killers
b) vampires
c) zombies
d) gargoyles
Answer: c
Explanation: Attackers use the botnet for connecting of smart-phones, IoT devices, computer systems etc. These infected computers and other systems within the botnet connection are called zombies or zombie computers.
11. The bot program allows the bot-herders to perform all operations from a ___________ location.
a) local
b) open
c) corporate
d) remote
Answer: d
Explanation: Infected computers and other systems within the botnet are called zombies systems which are controlled by bot programs that allow the bot-herders to perform all operations from a remote location.
12. Nowadays, most botnets rely on existing _______________ networks for communication.
a) server-to-server
b) peer-to-peer
c) client-to-server
d) host-to-server
Answer: b
Explanation: Botnets are compromised connectivity of systems like smart-phones, IoT devices, computer systems etc. Now-a-days, most botnets rely on existing peer-to-peer networks for communication.
13. Which of the following is not an example of a botnet program?
a) Zeus
b) GameOver
c) ZeroAccess
d) MyDoom
Answer: d
Explanation: Examples of some popular botnets are gameover, ZeroAccess, and Zeus. The infect computers & other systems and turned them into zombies which are also called zombies systems.
14. Which of the following is an example of Botnet?
a) Zeus
b) ILOVEYOU
c) Storm Worm
d) MyDoom
Answer: a
Explanation: Botnets are can compromise any system and turn them into zombie computers. GameOver, Zeus etc. are examples of some popular botnets programs.
15. Which of the following is an example of a Botnet program?
a) Slammer
b) GameOver
c) Stuxnet
d) Anna Kournikova
Answer: b
Explanation: Botnets create logical connections with internet connected devices like smart-phones, IoT devices, computer systems etc. Examples of some popular botnets are GameOver, ZeroAccess, & Zeus.
16. Which of the following is not an appropriate way of targeting a
mobile phone for hacking?
a) Target mobile hardware vulnerabilities
b) Target apps’ vulnerabilities
c) Setup Keyloggers and spyware in smart-phones
d) Snatch the phone
Answer: d
Clarification: Snatching is not a type of hacking any smart-phone.
Targeting the hardware and application level vulnerabilities and
setting some keylogger or spyware in the target mobile can help get
valuable info about the victim.
17. Which of the following is not an OS for mobile?
a) Palm
b) Windows
c) Mango
d) Android
Answer: c
Clarification: A mobile/smart-phone operating system is software
which allows smart-phones, tablets, phablets & other devices to run
apps & programs within it. Palm OS, Windows OS, and Android OS
are some of the examples of Mobile OS.
18. Mobile Phone OS contains open APIs that may be
_____________ attack.
a) useful for
b) vulnerable to
c) easy to
d) meant for
Answer: b
Clarification: Mobile phone operating systems contain open APIs that
or may be vulnerable to different attacks. OS has a number of
connectivity mechanisms through which attackers can spread
malware.
19. ____________ gets propagated through networks and
technologies like SMS, Bluetooth, wireless medium, USBs and
infrared to affect mobile phones.
a) Worms
b) Antivirus
c) Malware
d) Multimedia files
Answer: c
Clarification: Malware gets propagated through networks and
technologies like SMS, Bluetooth, wireless medium, USBs and
infrared to affect mobile phones.
20. ____________ is the protection of smart-phones, phablets,
tablets, and other portable tech-devices, & the networks to which they
connect to, from threats & bugs.
a) OS Security
b) Database security
c) Cloud security
d) Mobile security
Answer: d
Clarification: Mobile security is the protection of smart-phones,
phablets, tablets, and other portable tech-devices, & the networks to
which they connect to, from threats & bugs.
21. Mobile security is also known as ____________
a) OS Security
b) Wireless security
c) Cloud security
d) Database security
Answer: b
Clarification: Mobile security also known as wireless security is the
protection of smart-phones, phablets, tablets, and other portable techdevices, & the networks to which they connect to, from threats & bugs.
22. DDoS in mobile systems wait for the owner of the
_____________ to trigger the attack.
a) worms
b) virus
c) botnets
d) programs
Answer: c
Clarification: Botnets on compromised mobile devices wait for
instructions from their owner. After getting the owner’s instruction it
launches DDoS flood attack. This result in a failure in connecting calls
or transmitting data.
23. Hackers cannot do which of the following after compromising your
phone?
a) Steal your information
b) Rob your e-money
c) Shoulder surfing
d) Spying
Answer: c
Clarification: Shoulder surfing is done before compromising the
mobile. So, hackers can steal your information; rob your e-money or
do spying after compromising your smart-phone.
24. Hackers cannot do which of the following after compromising your
phone?
a) Shoulder surfing
b) Accessing your voice mail
c) Steal your information
d) Use your app credentials
Answer: a
Clarification: Shoulder surfing is done before compromising the
mobile. So, hackers can steal your information; accessing your voice
mail or use your app credentials after compromising your smartphone.
25. App permissions can cause trouble as some apps may secretly
access your memory card or contact data.
a) True
b) False
Answer: a
Clarification: App permissions can cause trouble as some apps may
secretly access your memory card or contact data. Almost all
applications nowadays ask for such permission, so make sure you do a
proper survey on these apps before allowing such access.
26. Activate _____________ when you’re required it to use,
otherwise turn it off for security purpose.
a) Flash Light
b) App updates
c) Bluetooth
d) Rotation
Answer: c
Clarification: Activate Bluetooth when you’re required it to use,
otherwise turn it off for security purpose. This is because; there are
various tools and vulnerabilities that may gain access to your smartphone using Bluetooth.
27. Try not to keep ________________ passwords, especially
fingerprint for your smart-phone, because it can lead to physical
hacking if you’re not aware or asleep.
a) Biometric
b) PIN-based
c) Alphanumeric
d) Short
Answer: a
Clarification: Try not to keep biometric passwords, especially
fingerprint for your smart-phone containing very confidential data,
because anyone can do physical hacking if you’re not aware or asleep.
28. Which of the following tool is used for Blackjacking?
a) BBAttacker
b) BBProxy
c) Blackburried
d) BBJacking
Answer: b
Clarification: BBProxy (installed on blackberry phones) is the name of
the tool used to conduct blackjacking. What attackers do is they install
BBProxy on user’s blackberry and once the tool is activated it opens a
covert channel between the hacker and the compromised host.
29. BBProxy tool is used in which mobile OS?
a) Android
b) Symbian
c) Raspberry
d) Blackberry
Answer: d
Clarification: BBProxy (installed on blackberry phones) is the name of
the tool used to conduct blackjacking. What attackers do is they install
BBProxy on user’s blackberry and once the tool is activated it opens a
covert channel between the hacker and the compromised host.
30. Which of the following is not a security issue for PDAs?
a) Password theft
b) Data theft
c) Reverse engineering
d) Wireless vulnerability
Answer: c
Clarification: Reverse engineering is not an issue of PDA (Personal
Digital Assistant). Password theft, data theft, wireless vulnerability
exploitation, data corruption using virus are some of them.
31. System hacking involves password hacking as one of the major
hacking methodologies.
a) True
b) False
Answer: a
Clarification: System hacking, which is of four types involves
password hacking as one of the major hacking methodologies. It is
used to crack the security of a system and gain access for stealing data.
32. Password cracking in system hacking is of ________ types.
a) 2
b) 3
c) 4
d) 5
Answer: c
Clarification: System hacking involves password hacking as one of the
major hacking methodologies. It is of 4 types. These are passive online
attack, active online attack, offline attack, and non-electronic attack.
33. There are ________ major types of passwords.
a) 4
b) 5
c) 6
d) 7
Answer: d
Clarification: There are seven major types of passwords. These are a
password containing only letters, a password containing only number,
a password containing only special characters, a password containing
only alpha-numeric characters, a password containing letters,
numbers as well as special symbols or password containing any two
combinations of the three.
34. In _______________ attacks an attacker do not contact with
authorizing party for stealing password.
a) passive online
b) active online
c) offline
d) non-electronic
Answer: a
Clarification: In passive online attacks, the attacker do not contact
with an authorized party to steal the password, rather the attacker
attempts to grab password hacking without communicating with the
victim or his/her victim account.
35. Which of the following is an example of passive online attack?
a) Phishing
b) Social Engineering
c) Spamming
d) Wire sniffing
Answer: d
Clarification: Attacker do not contact with an authorized party to steal
the password in the passive online attack, rather the attacker attempts
to grab password hacking without communicating with the victim or
his/her victim account. Examples of passive online attacks include
wire sniffing, Man in the middle attack and reply attack.
36. Which of the following is not an example of a passive online attack?
a) MiTM
b) Reply Attack
c) Phishing
d) Wire sniffing
Answer: c
Clarification: Phishing is not an example of a passive online attack. In
passive online attacks, the attacker does not contact with an
authorized party to steal the password. Types of passive online attacks
include wire sniffing, Man in the middle attack and reply attack.
37. Which of the following do not comes under hurdles of passive
online attack for hackers?
a) Hard to perpetrate
b) Computationally complex
c) Time taking, so patience has to be there
d) Tools not available
Answer: d
Clarification: Tools for doing a passive offline attack on passwords is
widely available so it doesn’t come under disadvantage or hurdles of
passive offline attack. But passive offline attacks are computationally
complex, hard to perpetrate and may take time.
38. Which of the following case comes under victims’ list of an active
online attack?
a) Strong password based accounts
b) Unsecured HTTP users
c) Open authentication points
d) Logged in systems and services
Answer: c
Clarification: Systems with bad or weak passwords & with open
authentication points often becomes the victim of an active online
attack where the attacker directly tries different passwords 1-by-1
against victim’s system/account.
39. In _______________ password grabbing attack the attacker
directly tries different passwords 1-by-1 against victim’s
system/account.
a) passive online
b) active online
c) offline attack
d) non-electronic
Answer: b
Clarification: Users with open authentication points and bad or weak
passwords often becomes the victim of an active online attack where
the attacker directly tries different passwords 1-by-1 against victim’s
system/account.
40. Which of them is not a disadvantage of active online attack?
a) Takes a long time
b) Easily and automatically detected
c) Need high network bandwidth
d) Need the patience to crack
Answer: b
Clarification: In an active online attack, the attacker directly tries
different passwords 1-by-1 against victim’s system/account. It has
some disadvantages as it takes a long time, hence a lot of patience &
high network bandwidth also.
41. _________________ can be alternatively termed as password
guessing attack.
a) passive online
b) active online
c) offline attack
d) non-electronic
Answer: b
Clarification: Users with open authentication points and bad or weak
passwords often becomes the victim of the active online attack. It is
alternatively termed as password guessing attack where the attacker
directly tries different passwords 1-by-1 against victim’s
system/account.
42. ________________ attacks are carried out from a location
other than the real computer where the password reside or was used.
a) passive online
b) active online
c) offline password
d) non-electronic
Answer: c
Clarification: For this cyber-criminal needs to have physical access to
the system and so offline password attacks are carried out from a
location other than the real computer where the password reside or
was used. They are common examples of physical data breaching &
hacking.
43. _______________ attacks always need physical access to the
system that is having password file or the hacker needs to crack the
system by other means.
a) online
b) offline
c) password
d) non-electronic
Answer: b
Clarification: Offline password attacks are carried out from a location
other than the real computer where the password resides or was used.
They need physical access to the system that is having a password file
or the hacker needs to crack the system by other means.
44. Which of the following is not an example of offline password
attack?
a) Dictionary attack
b) Rainbow attacks
c) Brute force attack
d) Spamming attack
Answer: d
Clarification: The offline attack needs physical access to the system
that is having a password file or the hacker needs to crack the system
by other means. A dictionary attack, rainbow, and brute force come
under offline attack.
45. Passwords need to be kept encrypted to protect from such offline
attacks.
a) True
b) False
Answer: a
Clarification: Physical access is needed in offline attack to the system
that is having a password file or the hacker needs to crack the system
by other means. Hence, even if hackers gain physical access to the
system, if the passwords are in the encrypted mode, it will be almost
impossible to steal passwords.
46. Which among the following is the least strong security encryption
standard?
a) WEP
b) WPA
c) WPA2
d) WPA3
Answer: a
Clarification: A prime branch of cyber-security is wireless security.
The most widespread types of wireless securities are Wired Equivalent
Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3.
WEP is notoriously weak encryption standard.
47. _________ is an old IEEE 802.11 standard from the year 1999.
a) WPA2
b) WPA3
c) WEP
d) WPA
Answer: c
Clarification: The most widespread types of wireless securities are
Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA),
WPA2 and WPA3. WEP is an old IEEE 802.11 standard from the year
1999.
48. _______________ is the central node of 802.11 wireless
operations.
a) WPA
b) Access Point
c) WAP
d) Access Port
Answer: b
Clarification: The central node of 802.11 wireless operations is the
Access Point (AP). It is that interface which acts as an intermediary of
a wired & wireless network; and all the associated wireless clients’ use
this to exchange data with it.
49. AP is abbreviated as _____________
a) Access Point
b) Access Port
c) Access Position
d) Accessing Port
Answer: a
Clarification: The central node of 802.11 is that interface which acts as
an intermediary of a wired & wireless network; and all the associated
wireless clients’ use this and exchange data.
50. ___________________ is alike as that of Access Point (AP)
from 802.11, & the mobile operators uses it for offering signal
coverage.
a) Base Signal Station
b) Base Transmitter Station
c) Base Transceiver Station
d) Transceiver Station
Answer: c
Clarification: Base Transceiver Station (BTS) which is also known as a
base station (BS) or radio base station (RBS) is alike as that of Access
Point (AP) from 802.11, & the mobile operators use it for offering
signal coverage.
51. BTS stands for ___________________
a) Basement Transceiver Server
b) Base Transmitter Station
c) Base Transceiver Server
d) Base Transceiver Station
Answer: d
Clarification: Base Transceiver Station is a section of equipment which
facilitates wireless communication from 802.11 & the mobile
operators use it for offering signal coverage. Examples are GSM, 3G,
4G etc.
0 Comments