Understanding the Need for Security Measures - Bahri’s Guide to Information

Technology (Theory)

Multiple Choice Questions

1. In the context of computer security, a threat may be a:

a. Burglar/user error
b. Virus
c. Earthquake
d. All of the above
2. By itself, a threat is not harmful unless it exploits an existing vulnerability. A vulnerability is a
weakness – anything:
a. That has not been given due consideration by the user
b. That has not been protected against threats, making it open to harm
c. Both of the above
d. None of the above
3. It is more important to realize that threats and the harm they can cause is a matter of:
a. Degree
b. Trust
c. Time
d. Feast
4. A counter measure is a step you take to ward off a threat to protect …………. from harm:
a. Yourself
b. Your data
c. Your computer
d. All the above
5. Computer use poses several kinds of threats to users that include the:
a. Risk of identity theft
b. Loss of privacy/ physical injury
c. Exposure to spam
d. All of the above
6. Threats are not harmful unless they exploit existing
a. Danger
b. Vulnerability
c. Counter measure
d. None of the above
7. Against data loss a backup is a:
a. Threat
b. Security
c. Counter measure
d. None of the above
8. There are two classes of countermeasure. The former one shields the user from personal loss
whereas the latter one protects the computer system from:
a. Loss of data
b. Physical hazards
c. Both a and b above
d. None of the above
9. The injuries stemming from computer use are often the fault of:
a. Poor design
b. Poor work habits
c. Both a and b
d. None of the above
10. According to the Federal Trade Commission, identity theft has been increasing day-by-day and
rose from:
a. 41 percent in 2001-02 to 81 percent between 2002 and 2003
b. 31 percent in 2004-05 to 75 percent between 2006 and 2007
c. 51 percent in 2005-06 to 91 percent between 2007 and 2008
d. None of the above
11. Collection of information by a thief by listening in on a telephone extension while the victim
gives credit card or other personal information to a legitimate agent is called:
a. Sniffing
b. Spoofing
c. Snagging
d. Slipping
12. Social engineering and low tech swindles are the predominant sources of identity theft because
of so much attention being paid to the protection of:
a. Garbage
b. Transmitted data
c. Personal information
d. Hackers
13. A trick to identity theft by watching someone enter personal identification information for a
private transaction is known as
a. General surfing
b. Shoulder surfing
c. Head surfing
d. None of the above
14. A popular low-tech approach for identity theft under which thief’s can go through garbage cans
or trash bins to obtain cancelled checks, credit card statements or bank account information
that someone has carelessly thrown out is known as:
a. Sniffing
b. Dumpster diving
c. Snagging
d. spoofing
15. When an ID thief tricks victims into providing critical information under the pretext of something
legitimate, the trick is called:
a. Artificial engineering
b. Social engineering
c. Spamming
d. Smelling
16. Whenever you use a ‘store loyalty’ card to rent movies or buy groceries, the purchases are
logged in ………….. resulting in loss of privacy
a. A spam
b. The transaction
c. A directory
d. A database
17. If a legal record is available to anyone who wants to see it, the record is said to be a/an:
a. Open record
b. Personal record
c. Public record
d. Confiscated record
18. The use of data about your web-surfing is called:
a. Online profiling
b. IP profiling
c. User profiling
d. Surfer profiling
19. Various reports on internet surfing contain information about one’s browsing habits and may
contain accompanying marketing conclusions. Such conclusions are called:
a. Psychological data
b. Psychographic data
c. Open data
d. None of the above
20. A small ‘text file’ that a web server asks your browser to place on your computer is called:
a. Cupcake
b. Cookie
c. Brownie
d. twinkle
21. The cookie contains information that identifies your computer and might list:
a. The site which you visited last time
b. The pages which you downloaded
c. The period for which you stayed at the site before leaving
d. All of the above
22. The purpose of cookies despite being helpful, these are now considered a significant:
a. Threat to privacy
b. Basis of hacker attacks
c. Both a and b
 d. None of the above
23. A small GIF format image file that can be embedded in a web page or an HTML format e-mail
message is called a:
a. Cookie
b. Web bug
c. Spam
d. Virus
24. Web bugs are considered by many to be eavesdropping devices as they can record:
a. What web pages you view
b. Keywords you type into a search engine
c. Personal information you enter in a form on a web page and other data
d. All of the above
25. The software that can track a computer user’s activities and report them to someone else or its
developers is known as:
a. Spam
b. Spyware
c. Cookie
d. None of the above
26. Spam is unwanted ‘junk’ e-mail messages that are usually included in the personal information
and are:
a. Private in nature
b. Commercial in nature
c. Very short in size
d. None of the above
27. The ways in which the spammers get email addresses are:
a. By purchasing lists of e-mail addresses through brokers
b. By harvesting email address from the internet
c. By generating random strings of characters in an attempt of match
legitimate addresses
d. All of the above
28. CAN-SPAM Act of 2003 is effective from 1 January 2004 under which it is illegal to:
a. Send a commercial e-mail message with header information that is false or
misleading
b. Spoof the originating address or relay a message from another computer in
order to disguise its point of iorigin
c. Not clearly identify that the message is an advertisement or solicitation
29. A social engineering term that describes an attempt by the sender of a message to convince the
recipient that the message is from someone else is known as:
a. Computer engineering
b. Social engineering
c. Internet engineering
d. None of the above
30. Computer related physical injuries are caused primarily due to:
a. Prolonged mouse and keyboard use
b. Staring at a monitor for too long
c. Poor seating conditions
d. All of the above
31. Threats to computer hardware involves incidents
a. That have effect on the operation or maintenance of the computer
b. System breakdown and misuse to malicious actions of individuals including
theft and vandalism
c. Disasters like fire, flood etc.
d. All the above
32. The way in which power problems affect computers are:
a. Power fluctuations
b. Power failure
c. Both of the above
d. None of the above
33. Counter measure against power related problems is to equip your computer with:
a. Surge suppressors to protect against voltage spikes
b. Line conditioners to protect against voltage spikes and ‘line noise’ from high
demand electrical equipment operated near your computer
c. UPS for uninterrupted power supply as a battery back up
d. All or either of the above
34. The best way to keep thieves and vandals at bay is:
a. To keep system in a secure area
b. Special locks may be used to attach a system unit, monitor or other
equipment to a desk making it very difficult to move
c. Home alarm systems
d. All the above
35. To overcome the situation of disorders of whatever nature, your countermeasures should
include:
a. Awareness
b. Anticipation
c. Preparation
d. All of the above
36. Threats to data may come from:
a. Malicious code and malware
b. Criminal acts
c. Cyber terrorism
d. None of the above
37. A parasitic program that infects another legitimate host program is known as:
a. Worm
b. Virus
 c. Trojan horse
d. None of the above
38. A program that replicates itself but does not necessarily infects other programs is known as:
a. Virus
b. Worm
c. Trojan horse
d. None of the above
39. The viruses which have characteristics of both boot sector viruses and file viruses are called:
a. Bimodal virus
b. Bipartite virus
c. Multipartite virus
d. All of the above
40. The programs which are not viruses and do not inflict any damage but frighten their victims into
thinking that a virus has infected and damaged their system are known as:
a. Stealth viruses
b. Trojan horses
c. Joke programs
d. Laughter programs
41. The use of a computer to carry out any conventional criminal act, such as fraud is called:
a. Computer crime
b. Cyber crime
c. Criminal action
d. None of the above
42. When a hacker hides malicious code on the PCs of may unsuspecting victims resulting in
prevention of the server from providing series to the users is the incidence known as
a. Denial of service attack
b. Distributed denial of service attack
c. Both a and b
d. None of the above
43. In business, financial or intelligence attacks, hackers often engage in forging or changing records
for personal gain or attempting to copy the data from penetrated systems. Such an act is called:
a. Data manipulation
b. Data diddling
c. Spoofing
d. None of the above
44. Someone who uses computer and network or internet connection to intrude into another
computer or system to perform an illegal act is known as:
a. Hacker
b. Jacker
c. Packer
d. None of the above
45. Sniffing refers to finding a user’s password which can be done by:
 a. Password sharing
b. Password guessing
c. Password capture
d. All of the above
46. Hackers may alter an e-mail header to make it appear that a request for information originated
from another address. This is called:
a. Sniffing
b. Spoofing
c. Social engineering
d. None of the above
47. When a hacker contacts potential victims by phone or e-mail, and ask the victims to provide
password information for an apparently legitimate reason. Such method is referred to as:
a. Spoofing
b. Phishing
c. Sniffing
d. None of the above
48. Social engineering is used to be called ‘running a confidence game’. In the interest of the victim,
the hackers offer the situation like:
a. Phone survey
b. Application
c. Emergency situation
d. All of the above
49. A form of warfare which is used by cyber terrorists to harm or gain control of important
computer systems is known as:
a. Cyber hacking
b. Cyber tapping
c. Cyber crime
d. Cyber terrorism
50. UCE stands for ‘Unwanted Commercial E-mail’ and popular amongst the computer users as :
a. Spam
b. Cookie
c. Bubble
d. None of the above

1 D 2 B 3 A 4 D 5 D
6 B 7 C 8 C 9 C 10 A
11 C 12 B 13 B 14 B 15 B
16 D 17 C 18 A 19 B 20 B
21 D 22 C 23 B 24 D 25 B
26 B 27 D 28 D 29 B 30 D
31 D 32 C 33 D 34 D 35 D
36 D 37 B 28 B 39 D 40 C
41 B 42 B 43 B 44 A 45 D
46 B 47 B 48 D 49 D 50 A