Cyber Security
_________________ is the type of rewall that is connected between the device and the network
connecting to the internet.
I. Hardware rewall
II. Software rewall
III. Microsoft rewall
IV. None of the above
Which of the following ways chief information security o cers (CISOs) are often expected to
represent the company?
I. Compliance
II. Marketing
III. Finance
IV. Operations
Which of the following means that you are protecting your data from getting disclosed?
I. Con dentiality
II. Integrity
III. Authentication
IV. Availability
Which of the following types of hackers helps in nding bugs and vulnerabilities in a system and
do not intend to crack it?
I. Black hat hackers
II. White hat hackers
III. Grey hat hackers
IV. Red hat hackers
The default port number used by Domain Name Server (DNS) is_____:
I. 80
II. 21
III. 22
IV. 53
Which of the following is a cyber law in the Indian legislature?
I. National Institute of Standards and Technology (NIST)
II. The General Data Protection Regulation (GDPR)
III. India’s Information Technology (IT) Act, 2000 (rev. 2008)
IV. International Law on Cyber Security
Which of the following can be a source of cybercrime: Internal Attack?
I. Advanced persistent threat
II. Disgruntled employee
III. Denial of service
IV. Social engineering
1
fi
fi
fi
fi
fi
fi
ffi
� Which of the following is in the Open Source Foundation for Application Security (OWASP) Top 10
list?
I. Cascading Style Sheets (CSS)
II. Hypertext Markup Language (HTML)
III. Extensible Markup Language (XML)
IV. Cross Site Scripting (XSS)
_______ of information means that only authorised users are capable of accessing information.
I. Con dentiality
II. Integrity
III. Non-repudiation
IV. Availability
Data ___________ is used to ensure con dentiality.
I. Encryption
II. Sharing
III. Deleting
IV. Backup
Which of the following becomes evident in the Stuxnet attack?
I. Remote locations can be attacked.
II. Legacy systems such as SCADA can be attacked.
III. Web is not cyber-safe.
IV. Hackers are not safe from nuclear attacks.
For which of the following purposes can a computer virus be used?
I. Corrupt data in your computer
II. Log users' keystrokes
III. Access private data such as user IDs and passwords
IV. All of the above
Which command is used to measure the time taken by the packets to return from a speci c
destination sent to check connection?
I. nslookup
II. traceroute
III. ping
IV. Ifcon g
Which of the following is a data security consideration?
I. Backups
II. Archival storage
III. Disposal of data
IV. All of the above
2
fi
fi
fi
fi
� What is the use of tracert command?
I. To trace the URL IP address
II. To trace the MAC address
III. To trace the path that an Internet Protocol (IP) packet takes to its destination
IV. None of the above
What are the three goals of cybersecurity?
I. Conformity, identity, and authorization.
II. Con dentiality, integrity, and availability.
III. Con dentiality, identity, authorization.
Ans (2)
Which type of security breach exploits or manipulates users into making changes to settings or
installing add-ons that allow data to be stolen?
I. Social Engineering.
II. Browser
III. Password
Ans(2)
Which mitigation strategy uses the principle of something the user knows and has?
I. Threat intelligence.
II. Browser security.
III. Multifactor authentication
Ans (3)
When using asymmetric encryption, which key shouldn't be shared?
I. Private key.
II. Public key.
III. Key pair.
Ans(1)
How many keys are required when using symmetric encryption?
I. Three
II. One
III. Two
Ans (2)
What is a hashing function?
I. A hashing function is an algorithm that creates a new ciphertext message from the plaintext.
II. A hashing function is an algorithm that's used to decrypt ciphertext from the sender.
III. A hashing function is an algorithm that creates a xed-length hexadecimal value of the
plaintext.
Ans(3)
3
fi
fi
fi
� What are the three types of authentication?
I. Something you know, something you have, and something you are.
II. Something you own, something you know, something you learn.
III. Something you nd, something you are, something you know.
Ans (1)
What are the three principles of Zero Trust?
I. Verify explicitly, assume breach, and use least privileged access
II. Spear shing, pretexting, and baiting.
III. Credential stu ng, key logging, spear- shing.
Ans (1)
What is credential stu ng?
I. An attacker attempts to gain access using millions of username and password combinations
II. You use the same username and password at many sites. There's a security breach at one
site, and attackers use your compromised usernames and passwords at many other sites.
III. A dictionary of commonly used words is used for the brute force attack.
Ans (2)
What is a datagram used for?
I. A datagram is used to announce a message is ready to send across the network.
II. A datagram is a chunk of data of uniform length that can be sent across the network.
III. A datagram is used to send music data across a network.
Ans(2)
In a network, what is the fundamental building block that allows multiple devices to communicate
with each other?
I. The switch
II. The router
III. The access point
Ans(1)
What is the name of a common network attack where the cybercriminal compromises a router in
the network to eavesdrop on, or alter, data?
I. Man-in-the-middle.
II. Bluejacking.
III. Wardriving
Ans (1)
4
fi
ffi
fi
ffi
fi
� What is jailbreaking?
I. When a user runs only a single application on a device at a time.
II. When a user nds a way to run multiple applications on multiple devices at the same time.
III. When a user nds uno cial methods to get full access to the core systems of the device.
Ans (3)
In the context of cybersecurity, what can be considered a device?
I. Only devices you use personally like phones, and computers.
II. Anything you can touch, as long as it doesn't connect to something else.
III. Anything you can touch but also connect to something else.
Ans(3)
What is device hardening?
I. Connecting multiple devices in a network so they can communicate.
II. Minimizing device vulnerabilities.
III. When a device is at its end of support and no longer receives updates.
Ans(2)
What is a simple way for users to mitigate threats to their applications?
I. Disable automatic updates.
II. Avoid applications that employ open-source libraries.
III. Enable automatic updates of your applications.
Ans(3)
Which statement de nes a zero-day vulnerability?
I. Any aw that is known and for which the application owner has already created a patch.
II. Any aw that is previously unknown to the application owner and unpatched.
III. Any aw that is known to the application developer but for which the developer hasn't yet
developed a patch.
Ans(2)
Which of the following is an example of application software?
I. An operating system.
II. A device driver.
III. Word processing software.
Ans(3)
WE SHOULD NOT ENFORCE OUR CYBER SECURITY POLICY TO EVERYONE.
I. TRUE
II. FALSE
5
fl
fl
fl
fi
fi
fi
ffi
�_______________IS THE BEST IDEA TO SECURE OUR NETWORK FROM HACKERS.
I. SEGMENTATION
II. USING OF SINGLE LAN ONLY
III. MAKING ONLY ONE ZONE
IV. ACCESS OF INTERNAL NETWORK FROM INTERNET
FROM THE GIVEN PASSWORDS WHICH ONE IS THE BEST PASSWORD.
I. Password
II. Abc123
III. Abc%123
IV. S@nt&mLS#
WE SHOULD NEVER TURN ON AUTOMATIC UPDATES ON WINDOWS.
I. TRUE
II. FALSE
FULL FORM OF I.D.S. IS
I. INTRUSION DETECTION SYSTEM
II. INTRUSION DETECTIVE SYSTEM
III. INTRUSION DETECTION SOFTWARE
IV. INTRUSION DEFENCE SYSTEM
SOCIAL MEDIA SITES ARE _______________ FOR CRIMINALS.
I. DATA HARVESTING FIELDS
II. VERY LARGE OCEAN
III. GOLD MINES
IV. PHISHING OCEAN
BEING A NETWORK ADMINISTRATOR, THERE IS NO NEED TO MONITOR FOR THE POLICY
VIOLATIONS.
I. TRUE
II. FALSE
WE CAN PROTECT OUR DATA BY _____________
I. ENCRYPTION
II. VPN
III. FIREWALL
IV. ALL OF THE ABOVE
WHAT CAN BE USED TO SECURE OUR NETWORK ENTRANCE?
I. IDS
II. IPS
III. FIREWALL
IV. ALL OF THE ABOVE
6
� THE STRING "Password1" IS A VERY GOOD PASSWORD.
I. TRUE
II. FALSE
Which of the following is de ned as a crime which is committed using a computer to steal a
person’s identity, illegal imports or malicious programs?
I. Cybercrime
II. Computer security
III. Cryptography
IV. Digital hacking
Ans(1)
_____________ is a generic term that refers to all criminal activities done using the medium of
computers, internet and worldwide web.
I. Cyber space
II. Cyber harassment
III. Cyber crime
IV. Cyber attack
Ans(3)
Cyber harassment is a distinct type of
I. Crime against person
II. Crime against other kinds
III. Crime against property
IV. Crime against government.
Ans(1)
Which of the following is not an example of cyber-crime?
I. Denial of Service
II. Man in the Middle
III. Hacking
IV. Worm attack
Ans(2)
Cyber-crime can be categorized into ________ ways.
I. ve
II. four
III. three
IV. two
Ans(4)
7
fi
fi
�Which of the following is an example of a computer as a target to attack other computers?
I. Data theft
II. Denial of Services attack
III. Encryption
IV. Damage to data and systems
Ans (1)
What are the features of cybercrime?
I. Defence against internal threats
II. Criminal activities done using computer
III. Forgery of Electronic Record
IV. Unauthorized account access
Ans(2)
Cyber terrorism, credit card frauds, fraudulent electronic fund transfer are few examples of
______________
I. Data governance
II. Infrastructure Security
III. Cyber crime
IV. Data mining
Ans(3)
Software piracy, copyright infringement, trademark violations, theft of computer source code,
patent violations etc., which are essential to a business, are di erent types of _______________.
I. Intellectual property right violations
II. Information security
III. Hacking
IV. E-mail Spoo ng
Ans(1)
A computer virus that is programmed to change the data entered resulting in fraudulent bene t to
someone is called as _________________.
I. Data theft
II. Data diddling
III. Identity theft
IV. Phishing
Ans(2)
____________ is the electronic version of junk mail which involves sending unwanted messages,
often unsolicited advertising, to a large number of recipients.
I. E-mail bombing
II. IPR violations
III. Email Spamming
IV. E-mail spoo ng
Ans(3)
8
fi
fi
ff
fi
�Once infected, a zombie computer allows access to admin-level operations, such as:
I. Installing and running any applications
II. Extracting information
III. Shut down a service
IV. Interruption to service
Ans(1)
Deleting data, Blocking data, Modifying data and Copying data are actions that takes place as a
malicious digital pest by way of:-
I. Denial of service
II. Trojan attack
III. Ransomware
IV. Malware
Ans(2)
__________ is a malicious digital pest whose sole aim is to wreak havoc on its victims’ computers
unnoticed and take the entire computer hostage.
I. E-mail Spoo ng
II. E-mail Spamming
III. Trojan Attack
IV. IPR Violation
Ans(3)
_____________ is a manipulation technique that exploits human error to gain private information,
access, or valuables and spread the malware infections to the restricted systems.
I. Web jacking
II. Salami attack
III. Spamming
IV. Social Engineering
Ans(4)
This type of cybercrime weapon restricts the user to access his computer system and demands
that a ransom be paid for the restriction to be removed.
I. Social Engineering
II. Web jacking
III. Ransomware
IV. Spyware
Ans(3)
9
fi
�What is the category of crime where the hacker extracts money for ful lling political objectives by
taking control over another website and manipulates the information of the website?
I. Worm attack
II. Web jacking
III. Cyber terrorism
IV. Cyber space
Ans(2)
Normally, social engineering attackers tend to have a goal to lure unsuspecting users into
exposing data, spreading malware infections, or giving access to restricted systems. It is called
as:
I. Sabotage
II. Salami attack
III. Spamming
IV. Social Engineering
Ans (1)
A type of malware, which bombards computer users with unwanted endless ads and pop-up
windows that could potentially be dangerous for their device, is known as ________.
I. Ransomware
II. Adware
III. Malicious software
IV. Viruses
Ans(2)
__________ is a type malware, which hackers use to spy on people, to gain access to their
personal information, banking details or online activity.
I. Spyware
II. Malware
III. Adware
IV. Ransomware
Ans(1)
A _________ is a kind of crime, prevalent in nancial institutions for committing nancial crimes
where the invader takes small amounts of data from a le and place them in another le or alter
the data, which goes unnoticed.
I. Malicious software
II. Viruses
III. Adware
IV. Salami attack
Ans(4)
10
fi
fi
fi
fi
fi
�The crime of phishing which is done by way of online nancial fraud using social engineering
techniques to commit identity theft can be prevented if we
I. Use a computer resource
II. Inform concerned service provider
III. Secure the computer systems with a password
IV. Secure the infrastructure
Ans(3)
The Sections under the Information Technology Act, 2000 applicable for phishing is:
I. Sections 43 & 66
II. Sections 43, 65 & 66
III. Sections 43A & 66
IV. Sections 43, 65 & 66C
Ans(4)
One of the technical measures that can be taken to avoid cyber stalking is:
I. Disclose personal information on the internet
II. Chat to strangers
III. Electronic communication
IV. Inform law enforcement agencies
Ans(4)
What are the Sections that are applicable for a person to be punished under the Information
Technology Act,2000 for the crime cyber stalking?
I. Sections 43 & 66
II. Sections 43A & 66A
III. Sections 43 & 44A
IV. Sections 44A & 66A
Ans(1)
The technical measures to resolve the _____________ crime is by taking strong authentication and
technical measures to prevent data leakage:
I. Intellectual property
II. Cyber stalking
III. Hacking
IV. Computer sabotage
Ans(1)
Sections applicable for a person to be punished under the Information Technology Act, 2000, for
tampering, stealing or having access to source code:
I. Sections 43 & 66
II. Sections 43, 65 & 66
III. Sections 43A & 44A
IV. Sections 43, 65A & 66
Ans(2)
11
fi
�Phishing is an online nancial fraud using social engineering techniques to commit identity theft
and the compensation and punishment of imprisonment under the Information Technology
Act,2000 is:
I. up to 3 years and/or with a ne of up to 5 lakhs
II. up to 3 years and/or with a ne of up to 2 lakhs
III. up to 3 years and/or with a ne of up to 4 lakhs
IV. up to 3 years and/or with a ne of up to 3 lakhs
Ans(1)
If a person uses a computer resource to send any information that is o ensive, then the
compensation and punishment of imprisonment under the Information Technology Act,2000 is:
I. up to 2 years and/or with a ne of up to 3 lakhs,
II. up to 1 years and/or with a ne of up to 2 lakhs,
III. up to 3 years and/or with a ne of up to 5 lakhs
IV. up to 3 years and/or with a ne of up to 3 lakhs
Ans(3)
How can users ensure the security of a website when conducting transactions?
I. Use the same password for all online accounts
II. Click on links embedded in emails
III. Check for "https://" and a padlock icon
IV. Reply to spam emails
Ans(3)
What action should users take if they receive an unsolicited email requesting personal nancial
information?
I. Reply with the requested information
II. Click on provided links
III. Report it to the bank or credit card provider
IV. Ignore it
Ans(3)
What is the primary purpose of implementing automatic updates in Windows computers?
I. Backup
II. Patches
III. Encryption
IV. Spam
Ans(2)
How can users avoid overexposing their email addresses to spammers?
I. Use guessable addresses
II. Post mailing lists online
III. Keep work and personal email together
IV. Submit addresses to online services
Ans(3)
12
fi
fi
fi
fi
fi
fi
fi
fi
fi
ff
fi
�Which measure helps prevent unauthorized devices from connecting to computers and potentially
carrying malware?
I. Device encryption
II. Regular backups
III. Device control
IV. Outbound content controls
Ans(2)
What precaution should users take when sending emails to multiple recipients to avoid exposing
their email addresses?
I. Use the "To" eld
II. Use guessable addresses
III. Use the "Bcc" eld
IV. Post mailing lists online
Ans(3)
Always remember not to open links in unexpected emails because the hackers may lead the users
to open malicious webpages by ___________out links via email.
I. Phishing
II. Spamming
III. Malware
IV. Loopholes
Ans(2)
To consider blocking access to certain websites in a company environment, the administration
would prevent users from accessing sites that are inappropriate for use in the workplace by
installing _________ on computers.
I. Adware
II. Malware
III. Spyware
IV. Backups
Ans(3)
A ___________ helps users to keep their personal information secure from unauthorized
communications.
I. Firewall
II. Backups
III. Loopholes
IV. Device
Ans(1)
13
fi
fi
� Use passwords that are di cult to identify, make sure not to use repeated characters and keys
together on the keyboard, and always consider using a ____________.
I. programs
II. passphrase
III. backups
IV. storage
Ans(2)
The main and foremost step that a user should take is to install ________________ which prevents
receiving many phishing emails.
I. Hardware patches
II. Software patches
III. Programs
IV. Anti-spam software
Ans(4)
The most basic and important way of keeping computers secure is by choosing a secure
______________.
I. Password
II. Programs
III. Device
IV. Email
Ans(1)
_______ programs can detect unwanted emails and prevent it from reaching users’ inboxes, as
well as scan for any malware contained within the email.
I. Data base
II. Anti-spam
III. Hardware
IV. Viruses
Ans(2)
SPSS, MS SQL 2005 Analytics Services(SSAS), Oracle Data Miner(ODM) are example of:-
I. Open Source Data Mining Tools
II. Non Open Source Data Mining Tools
III. Source Data Mining Tools
IV. Non Source Data Mining Tools
Ans(2)
_____________ classi es the data item in any one of the pre-de ned classes before digging into
the hectic modelling phase of the analysis of data.
I. Classi cation
II. Clustering
III. Summarisation
IV. Anomaly Detective
Ans(1)
14
fi
fi
ffi
fi
� ____________ is the process of exploration and analysis, by automatic or semi-automatic means,
of large quantities of data.
I. Data analysis
II. Data Interpretation
III. Data Mining
IV. Data Science
Ans(3)
______________ technique helps to determine the most signi cant data change that has taken
place in the database.
I. Summarisation
II. Clustering
III. Anomaly Detection
IV. Classi cation
Ans(3)
Which of the following does not include Data Mining:-
I. Knowledge Discovery in Databases(KDD)
II. Knowledge extraction
III. Data Archaeology
IV. Knowledge insertion
Ans(4)
Regression, Classi cation, Clustering etc., are some of the data mining techniques which are
used for:-
I. Analysis of data
II. Variation in data
III. Assessment of data
IV. Interpretation of data
Ans(1)
____________ gives us a view of the past and present situations and an understanding of the
possible future outcomes which can give e ective results.
I. Data Mining
II. Data Analysis
III. Data Interpretation
IV. Data Science
Ans(1)
Unauthorised devices such as USB drives can carry malware which infects the computer when
plugged in, hence it is necessary to secure the data using _____________.
I. Password
II. Backups
III. Device control
IV. Programs
15
fi
fi
ff
fi
�16
