CYBER SECURITY

1) What is Cyber Security?

a) Cyber Security provides security against malware
b) Cyber Security provides security against cyber-terrorists
c) Cyber Security protects a system from cyber-attacks
d) All of the mentioned

Explanation: - Cyber Security provides security to a system against cyber-attacks by using various
technologies, and processes.

2) What does cyber security protect?

a) Cyber security protects criminals
b) Cyber security protects internet-connected systems
c) Cyber security protects hackers
d) None of the mentioned

Explanation: - It protects internet-connected systems such as hardware, software, and data from
cyber-attacks. It aims to reduce cyber attacks against the system, network, and technologies by
reducing unauthorized exploitation, vulnerability, and threats.

3) Who is the father of computer security?

a) August Kerckhoffs
b) Bob Thomas
c) Robert
d) Charles

Explanation: - August Kerckhoffs, a linguist and German professor at HEC, wrote an essay in the
Journal of Military Science in February 1883. Kerckhoff had unwittingly established the foundations for
contemporary encryption, earning him the title of “Father of Computer Security.”

4) Which of the following is defined as an attempt to steal, spy, damage or destroy computer systems,
networks, or their associated information?
a) Cyber attack
b) Computer security
c) Cryptography
d) Digital hacking

Explanation: - An effort to steal, spy on, damage, or destroy diverse components of cyberspace, such
as computer systems, related peripherals, network systems, and information, is known as a cyber
attack.

5) Which of the following is a type of cyber security?

a) Cloud Security
b) Network Security
c) Application Security
d) All of the above
 Explanation: - Since technology is improving, the threat and attacks against the technology are also
increasing. Hence, to provide security, it is divided into the following types:
Cloud Security: Provides security for the data stored on the cloud.
Network Security: Protects the internal network from threats.
Application Security: Protects data stored in the application software.

6) What are the features of cyber security?

a) Compliance
b) Defense against internal threats
c) Threat Prevention
d) All of the above

Explanation: -The features are as follows:

Compliance: Creating a program that meets the requirements and rules of the users.
Defence against internal threats: Should provide security against internal exploitation.
Threat Prevention: Should be capable of detecting the threat and preventing them.

7) Which of the following is an objective of network security?

a) Confidentiality
b) Integrity
c) Availability
d) All of the above

Explanation: - The objectives of network security are Confidentiality, Integrity, and Availability.
Confidentiality: The function of confidentiality is to keep sensitive company information safe from
unwanted access. The confidentiality component of network security ensures that data is only
accessible to those who are authorized to see it.
Integrity: This goal entails ensuring and preserving data accuracy and consistency. The purpose of
integrity is to ensure that data is accurate and not tampered with by unauthorized individuals.
Availability: The purpose of availability in Network Security is to ensure that data, network resources,
and services are always available to legitimate users, whenever they need them.

8) Which of the following is not a cybercrime?

a) Denial of Service
b) Man in the Middle
c) Malware
d) AES (Advanced Encryption Standard)

Explanation: - Denial of Service, Man in the Middle, and Malware exploit the system causing a threat
to security, hence they are considered as cybercrime. AES (Advanced Encryption Standard) provides
security by encrypting the data.

9) Which of the following is a component of cyber security?

a) Internet Of Things
b) AI
c) Database
d) Attacks
 Explanation: - The Internet of Things (IoT) is a network of physical objects embedded with sensors,
software, and other technologies to connect and exchange data with other devices and systems
through the internet.

10) Which of the following is a type of cyber attack?

a) Phishing
b) SQL Injections
c) Password Attack
d) All of the above

Explanation: - Attacks are Phishing, SQL Injections, and Password Attack.

Phishing: The attacker sends a large number of fraudulent emails and gains access to the system.
SQL Injections: The attacker gains access to the protected information by adding malicious code to the
SQL server.
Password Attack: Attackers gain access to the passwords unethically and gain access to the
confidential data.

11) Which of the following is not an advantage of cyber security?

a) Makes the system slower
b) Minimizes computer freezing and crashes
c) Gives privacy to users
d) Protects system against viruses

Explanation: - The advantages are minimization of computer freezing and crashes, user privacy, and
protection against viruses, worms, etc. Disadvantages include the system becoming slow, configuring
firewalls correctly can be difficult, need to update the new software in order to keep security up to
date.

12) “Cyberspace” was coined by _________

a) Richard Stallman
b) William Gibson
c) Andrew Tannenbaum
d) Scott Fahlman

Explanation: - William Gibson, an American-Canadian fiction pioneer, and coiner, examined the many
streams of technology and invented the word “cyberspace” in 1821. The phrase refers to linked
technologies that aid in information exchange, interaction with digital devices, storage and digital
entertainment, computer and network security, and other information technology-related matters.

13) In which year has hacking become a practical crime and a matter of concern in the field of cyber
technology?
a) 1991
b) 1983
c) 1970
d) 1964

Explanation: - In the case of hackers in the 1970s, hackers and cyber thieves found out how wired
technologies operate and how they might be abused to obtain a competitive edge or misuse the
technology.
14) Governments hired some highly skilled hackers for providing cyber security for the country or state.
These types of hackers are termed as _______
a) Nation / State sponsored hackers
b) CIA triad
c) Special Hackers
d) Government Hackers

Explanation: - Nation / State-sponsored hackers are those who are engaged or paid by a nation’s or
state’s government to safeguard the country from cyber terrorists and other groups or individuals, as
well as to expose their plans, communications, and activities.

15) Which of the following act violates cyber security?

a) Exploit
b) Attack
c) Threat
d) Vulnerability

Explanation: - A threat is a possible danger that might lead to a security breach and cause harm to the
system or network.
Vulnerability is a word that refers to a flaw in a network or system that might be exploited by an
attacker. Exploiting a security flaw might result in unexpected and unwanted effects.
A cyber-attack is an attempt by attackers to alter, delete, steal or expose any specific data by gaining
unauthorized access.

16) Which of the following actions compromise cyber security?

a) Vulnerability
b) Attack
c) Threat
d) Exploit

Explanation: - A threat is defined as a potential hazard that might result in a breach of security and
cause harm to the system or network. Vulnerability is a term that refers to a weakness in a network or
system that an attacker may exploit. Exploiting a weakness in security might have unintended and
undesirable consequences.

17) Which of the following is the hacking approach where cyber-criminals design fake websites or pages
for tricking or gaining additional traffic?
a) Pharming
b) Website-Duplication
c) Mimicking
d) Spamming

Explanation: - Pharming is a strategy and approach used by cybercriminals to create phony web pages
and sites in order to mislead users into giving over personal information such as login IDs and
passwords.
18) Which of the following is not a type of peer-to-peer cyber-crime?
a) MiTM
b) Injecting Trojans to a target victim
c) Credit card details leak in the deep web
d) Phishing

Explanation: - Peer-to-peer includes phishing, as well as the distribution of Trojans and worms to
individuals. The leakage of a huge number of people’s credit card data on the deep web, on the other
hand, is classified as a computer-as-weapon cyber-crime.

19) A cyber-criminal or penetration tester uses the additional data that stores certain special instructions
in the memory for activities to break the system in which of the following attack?
a) Clickjacking
b) Buffer-overflow
c) Phishing
d) MiTM

Explanation: - The excess data that contains certain specific instructions in the memory for actions are
projected by a cyber-criminal or penetration tester to break the system in a buffer-overflow attack.

20) Which of the following do Cyber attackers commonly target for fetching IP address of a target or victim
user?
a) ip tracker
b) emails
c) websites
d) web pages

Explanation: - Enumeration by cyber-attackers is also feasible via websites since attackers target
websites in order to obtain the victim’s or target user’s IP address.

21) Which of the following is defined as an attempt to harm, damage or cause threat to a system or
network?
a) Digital crime
b) Threats
c) System hijacking
d) Cyber Attack

Explanation: - Extortion, identity theft, email hacking, digital surveillance, stealing hardware, mobile
hacking, and physical security breaches are all examples of cyber assaults or activities.

22) They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes.
Who are “they” referred to here?
a) White Hat Hackers
b) Black Hat Hackers
c) Hactivists
d) Gray Hat Hackers

Explanation: -
 Black Hat hackers, often known as “crackers,” are a sort of cyber crime that gain illegal access to a
user’s account or system in order to steal confidential data or introduce malware into the system for
personal gain or to harm the company.

White Hack Hackers: - A white hat hacker -- or ethical hacker -- is an individual who uses hacking skills
to identify security vulnerabilities in hardware, software or networks. However, unlike black hat
hackers -- or malicious hackers -- white hat hackers respect the rule of law as it applies to hacking.

23) IT security in any firm or organization is maintained and handled by ____________________

a) Software Security Specialist
b) CEO of the organization
c) Security Auditor
d) IT Security Engineer

Explanation: - This is a position in a company or organisation where an individual develops and

maintains different systems and security tools for the company or organisation to which he or she
belongs.

24) Where did the term “hacker” originate?

a) MIT
b) New York University
c) Harvard University
d) Bell’s Lab

Explanation: - The term “hacker” was coined at MIT (Massachusetts Institute of Technology) because
individuals and highly competent professionals use computer languages to address various challenges.
In this context, labels such as geeks and nerds have been coined.

25) What is the existence of weakness in a system or network is known as?

a) Attack
b) Exploit
c) Vulnerability
d) Threat

Explanation: - Vulnerability is a term that refers to a weakness in a network or system that an attacker
may exploit. Exploiting a weakness in security might have unintended and undesirable consequences.

26) Which of the following is an internet scam done by cyber-criminals where the user is convinced
digitally to provide confidential information.
a) MiTM attack
b) Phishing attack
c) Website attack
d) DoS attack

Explanation: - Phishing is a type of cybercrime in which a person is digitally persuaded to disclose

private information. Phishing comes in a variety of forms. Some of them employ malware and emails
to divert users to various websites.
27) Which of the following is not a step followed by cyber-criminals in data breaching?
a) Exfiltration
b) Research and info-gathering
c) Attack the system
d) Fixing the bugs

Explanation: - During a hack, cyber-criminals first do research on the target, gathering data about the
victim’s system and network. Then go ahead and attack. Once the attacker has gained access, he or
she takes sensitive information.

28) Which of the following online service’s privacy cannot be protected using Tor?
a) Browsing data
b) Instant messaging
c) Login using ID
d) Relay chats

Explanation: - Login using ID will obviously take your ID in order to access your account and is not the
headache of Tor. Privacy regarding instant messaging, browsing data, relay chats are some of the
following online services protected by Tor.

29) Which of the following term refers to a group of hackers who are both white and black hat?
a) Yellow Hat hackers
b) Grey Hat hackers
c) Red Hat Hackers
d) White-Black Hat Hackers

Explanation: - Grey Hat Hackers are a hybrid of ethical and unethical hacker personalities. They hack
other people’s computers for fun, but they don’t hurt them, and they exploit network faults and
vulnerabilities without the admin or owner’s awareness.

30) Which of the following is not an email-related hacking tool?

a) Mail Password
b) Email Finder Pro
c) Mail PassView
d) Sendinc

Explanation: - Sendinc is not a tool that compromises email data. It is used to protect business email
accounts and provides a fast web-based solution for businesses to start delivering secure emails. The
other three are email hacking tools.

31) Which of the following DDoS in mobile systems wait for the owner to trigger the cyber attack?
a) botnets
b) programs
c) virus
d) worms

Explanation: - Botnets on infected mobile devices are waiting for orders from their owners. It starts a
DDoS flood attack after receiving the owner’s instructions. As a result, calls are not connected or data
is not sent.
32) Which of the following is the least strong security encryption standard?
a) WPA3
b) WPA2
c) WPA
d) WEP

Explanation: - Wireless security is an important aspect of cyber-security. Wired Equivalent Privacy

(WEP), Wi-Fi Protected Access (WPA), WPA2, and WPA3 are the most common kinds of wireless
security. WEP is a famously insecure encryption protocol.

33) Which of the following is a Stuxnet?

a) Trojan
b) Antivirus
c) Worm
d) Virus

Explanation: - Stuxnet is a popular and powerful worm that came into existence in mid 2010, which
was very powerful as it was accountable for the cause of huge damage to Iran’s Nuclear program. It
mainly targets the PLCs (Programmable Logic Controllers) in a system.

34) Which of the following ethical hacking technique is used for determining which operating system (OS)
is running on a remote computer?
a) Operating System fingerprinting
b) Operating System penetration testing
c) Digital-printing
d) Machine printing

Explanation: - OS fingerprinting is an ethical hacking technique used for determining what operating
system (OS) is running on a remote computer. OS Fingerprinting is the practice of examining data
packets that come from a network in order to extract intelligence that may be utilized in future
assaults.

35) Which of the following can diminish the chance of data leakage?
a) Steganography
b) Chorography
c) Cryptography
d) Authentication

Explanation: - Ordinary files are targeted by hackers or other cyber criminals in order to disguise
distinct data or information within another data file. You can reduce the risk of data leaking by
employing steganography.

36) In which category does compromising confidential information fall?

a) Threat
b) Bug
c) Attack
d) Vulnerability
 EMAIL SECURITY

1) There are _______ major ways of stealing email information.

a) 2
b) 3
c) 4
d) 5

Explanation: - There are three major ways of stealing email information.

These are by stealing cookies, social engineering and password phishing technique.

2) Which of them is not a major way of stealing email information?

a) Stealing cookies
b) Reverse Engineering
c) Password Phishing
d) Social Engineering

Explanation: - There are three major ways of stealing email information. These are by stealing cookies,
social engineering and password phishing technique. Reverse engineering is not a way of stealing
email information.

3) ____________ is the method for keeping sensitive information in email communication & accounts
secure against unofficial access, loss, or compromise.
a) Email security
b) Email hacking
c) Email protection
d) Email safeguarding

Explanation: - Email security is the method for keeping sensitive information in email communication
& accounts secure against unofficial access, loss, or compromise.

4) _____________ is a famous technological medium for the spread of malware, facing problems of
spam, & phishing attacks.
a) Cloud
b) Pen drive
c) Website
d) Email

Explanation: - Email is a famous technological medium for the spread of malware, facing problems of
spam, & phishing attacks and to entice recipients in divulging sensitive information, by open
attachments and/or by clicking on hyperlinks which in background install malware on the victim’s
device.

5) Which of them is not a proper method for email security?

a) Use Strong password
b) Use email Encryption
c) Spam filters and malware scanners
d) Click on unknown links to explore
 Explanation: - Use of strong passwords and email encryption other than planting spam filters and
installing malware scanners are some of the proper methods for email security.

6) If a website uses a cookie, or a browser contains the cookie, then every time you visit that website,
the browser transfers the cookie to that website.
a) True
b) False

Explanation: - If a website uses a cookie, or a browser contains the cookie, then every time you visit
that website, the browser transfers the cookie to that website. This helps in initiating cookie stealing
attack.

7) The stored cookie which contains all your personal data about that website can be stolen away by
_____________ using _____________ or trojans.
a) attackers, malware
b) hackers, antivirus
c) penetration testers, malware
d) penetration testers, virus

Explanation: - If a website uses a cookie, or a browser contains the cookie, then every time you visit
that website, the browser transfers the cookie to that website. This stored cookie which contains all
your personal data about that website can be stolen away by attackers using malware or trojans.

8) If the data stored in the _____________ is not encrypted, then after cookie stealing, attackers can see
information such as username and password stored by the cookie.
a) memory
b) quarantine
c) cookies
d) hard drive

Explanation: - If the data stored in the cookies is not encrypted, then after cookie stealing, attackers
can see information such as username and password stored by the cookie.

9) Which of the following is a non-technical type of intrusion or attack technique?

a) Reverse Engineering
b) Malware Analysis
c) Social Engineering
d) Malware Writing

Explanation: - Social Engineering is a non-technical type of intrusion or attack technique which relies
heavily on human interaction. It involves tricking target users to break normal security postures.

10) Which of them is an example of grabbing email information?

a) Cookie stealing
b) Reverse engineering
c) Port scanning
d) Banner grabbing
 Explanation: - There are three major ways of stealing email information. These are by stealing cookies,
social engineering and password phishing technique. The remaining three (in the option) are not ways
of stealing email information.

11) _____________ is the technique used for tricking users to disclose their username and passwords
through fake pages.
a) Social Engineering
b) Phishing
c) Cookie Stealing
d) Banner Grabbing

Explanation: - Phishing is the technique used for tricking users to disclose their username and
passwords through fake pages.

12) Using email hacking illicit hackers can send & spread ___________ virus _____________ and spam
emails.
a) trojans, redirected malicious URLs
b) antivirus, patches
c) cracked software, redirected malicious URLs
d) malware, security patches

Explanation: - Using email hacking illicit hackers can send & spread malware, trojans, virus, worms,
redirected malicious URLs which can take the target recipients to some infected webpage also.

13) Unsolicited Bulk E-mails (UBI) are called __________

a) SMS
b) MMS
c) Spam emails
d) Malicious emails

Explanation: - Unsolicited Bulk E-mails (UBI) are an act of sending unwanted emails which one has no
specific or important thing in it. Email spams are actually junk emails that are sent by commercial
firms as an advertisement of their products and services.

14) Fraudulent email messages are some fake email messages that seem legitimate which ask for your
bank details and reply those emails with updated confidential information.
a) True
b) False

Explanation: - Yes, fraudulent email messages are some fake email messages that seem legitimate
which ask for your bank details and reply those emails with updated confidential information. Email
users must stay aware of such e-frauds.

15) Fraudulent email messages are some fake email messages that seem legitimate which asks for your
confidential bank details such as _____________ details _________ and passwords.
a) credit card, antivirus name
b) credit card, login ID
c) cell phone, antivirus name
d) car model, account ID

Explanation: - Fraudulent email messages are some fake email messages that seem legitimate which
ask for your confidential bank details such as credit card details, cell phone number, Login ID and
passwords.