1.

Cyber Security (MCQ’s)

Here are 20 multiple-choice questions (MCQs) covering key concepts in cyber security, along with
answer options:

1. What is the primary goal of cyber security?

A) To prevent hardware failures

B) To protect systems and networks from cyber threats

C) To improve internet speed

D) To block advertisements

Answer: B) To protect systems and networks from cyber threats

2. Which of the following is NOT a type of malware?

A) Trojan

B) Ransomware

C) Firewall

D) Spyware

Answer: C) Firewall

3. What does the "CIA" triad in cyber security stand for?

A) Cybersecurity, Internet, Access

B) Confidentiality, Integrity, Availability

C) Computer, Information, Authentication

D) Control, Identification, Authorization

Answer: B) Confidentiality, Integrity, Availability

4. What is phishing?

A) A type of encryption method

B) A cyber attack that tricks users into revealing sensitive information

C) A network security protocol

D) A method to speed up the internet

Answer: B) A cyber attack that tricks users into revealing sensitive information
 1. Cyber Security (MCQ’s)

5. What is the main purpose of a firewall?

A) To increase internet speed

B) To protect against unauthorized access to networks

C) To detect viruses on a system

D) To store passwords securely

Answer: B) To protect against unauthorized access to networks

6. Which encryption technique uses the same key for encryption and decryption?

A) Asymmetric encryption

B) Symmetric encryption

C) Hashing

D) Digital signature

Answer: B) Symmetric encryption

7. What is the purpose of two-factor authentication (2FA)?

A) To reduce network traffic

B) To provide an extra layer of security

C) To store passwords securely

D) To increase website speed

Answer: B) To provide an extra layer of security

8. What is SQL injection?

A) A type of programming language

B) A cyber attack that targets databases

C) A firewall rule

D) A method to encrypt data

Answer: B) A cyber attack that targets databases

 1. Cyber Security (MCQ’s)

9. What is the difference between HTTP and HTTPS?

A) HTTPS is more secure as it encrypts data

B) HTTP is faster than HTTPS

C) There is no difference

D) HTTP is used for secure banking transactions

Answer: A) HTTPS is more secure as it encrypts data

10. Which type of hacker works ethically to improve cyber security?

A) Black hat hacker

B) White hat hacker

C) Grey hat hacker

D) Script kiddie

Ans:- B) White Hat hacker’s.

11. What is a denial-of-service (DoS) attack?

A) A type of software update

B) A method to securely log into a system

C) An attack that disrupts network services by overwhelming traffic

D) A way to detect intrusions in a system

Answer: C) An attack that disrupts network services by overwhelming traffic

12. What is social engineering?

A) A technique to enhance network speed

B) A method of manipulating people to reveal sensitive information

C) A type of encryption algorithm

D) A tool used to scan viruses

Answer: B) A method of manipulating people to reveal sensitive information

13. What is brute force attack?

A) An attack that uses a trial-and-error method to crack passwords

B) A type of firewall
 1. Cyber Security (MCQ’s)

C) A malware that steals data

D) A network encryption method

Answer: A) An attack that uses a trial-and-error method to crack passwords

14. What is ransomware?

A) A security software

B) A type of malware that locks files and demands payment

C) A network monitoring tool

D) A type of antivirus software

Answer: B) A type of malware that locks files and demands payment

15. What is the role of an Intrusion Detection System (IDS)?

A) To detect and alert about cyber attacks

B) To increase internet speed

C) To block all incoming traffic

D) To store security patches

Answer: A) To detect and alert about cyber attacks

16. Which of the following is an example of asymmetric encryption?

A) AES

B) DES

C) RSA

D) SHA-256

Answer: C) RSA

17. What does VPN stand for?

A) Virtual Password Network

B) Verified Personal Network

C) Virtual Private Network …..

D) Virus Protection Node

 1. Cyber Security (MCQ’s)

18. Why are security patches important?

A) They help fix security vulnerabilities in software

B) They make computers faster

C) They increase storage space

D) They remove all malware from a system

Answer: A) They help fix security vulnerabilities in software

19. What is hashing used for?

A) Encrypting passwords for storage

B) Securing network traffic

C) Blocking phishing emails

D) Detecting malware

Answer: A) Encrypting passwords for storage

20. What does the principle of least privilege (PoLP) mean?

A) Users should have only the minimum access required for their work

B) All users should have administrator privileges

C) Users should never change their passwords

D) Every user should have access to all system files

Answer: A) Users should have only the minimum access required for their work..

21. What is *steganography?

A) A type of firewall

B) A method of hiding data within other files

C) A cyber attack on databases

D) A way to encrypt files

Answer: B) A method of hiding data within other files

 1. Cyber Security (MCQ’s)

2. What is the main difference between IDS (Intrusion Detection System) and IPS (Intrusion
Prevention System)?

A) IDS detects threats, while IPS blocks them

B) IDS blocks threats, while IPS only monitors them

C) IDS is a firewall, while IPS is an antivirus

D) IDS protects physical devices, while IPS secures networks

Answer: A) IDS detects threats, while IPS blocks them

3. What is a zero-day vulnerability?

A) A security flaw unknown to developers and the public

B) A malware that activates after a day

C) A vulnerability that occurs only in mobile devices

D) A backup method used in cyber security

Answer: A) A security flaw unknown to developers and the public

4. Which protocol is used for secure email communication?

A) SMTP

B) IMAP

C) POP3

D) S/MIME…

Answer: D) S/MIME

5. What is the main goal of penetration testing?

A) To hack systems legally and find vulnerabilities

B) To increase internet speed

C) To create stronger passwords

D) To monitor CPU usage

Answer: A) To hack systems legally and find vulnerabilities

6. What is a rootkit?

A) A tool used by ethical hackers

 1. Cyber Security (MCQ’s)

B) A type of malware that hides itself from detection

C) A backup system for security patches

D) A network security protocol

Answer: B) A type of malware that hides itself from detection

7. What is the main purpose of honeypots in cyber security?

A) To trap attackers and analyze their methods

B) To store encrypted passwords

C) To increase network speed

D) To block social engineering attacks

Answer: A) To trap attackers and analyze their methods

8. What is a botnet?

A) A collection of compromised computers controlled by an attacker

B) A tool used to remove malware

C) A type of encryption method

D) A way to protect against phishing attacks

Answer: A) A collection of compromised computers controlled by an attacker

9. What does OWASP stand for?

A) Open Web Application Security Project

B) Official Web Application Security Policy

C) Online Website Application System Protection

D) Open Web Automated Security Program

Answer: A) Open Web Application Security Project

10. What is the purpose of a sandbox. in cyber security?

A) To run suspicious programs in an isolated environment…..

B) To filter incoming emails

C) To manage network traffic

D) To store security logs

 1. Cyber Security (MCQ’s)

Answer: A) To run suspicious programs in an isolated environment

11. What is meant by "buffer overflow"?

A) When a program writes more data than allocated memory

B) When a system firewall crashes

C) When multiple users log into a system at once

D) When a system runs out of network bandwidth

Answer: A) When a program writes more data than allocated memory

12. Which tool is commonly used for packet sniffing?

A) Wireshark

B) Norton Antivirus

C) McAfee Firewall

D) Microsoft Defender

Answer: A) Wireshark

13. What is the purpose of "salting" in password hashing?

A) To make passwords harder to crack by adding random values

B) To store passwords securely

C) To encrypt data using symmetric keys

D) To improve firewall security

Answer: A) To make passwords harder to crack by adding random values

14. What is cross-site scripting (XSS)?

A) A cyber attack where attackers inject malicious scripts into web pages

B) A method of encrypting websites

C) A way to prevent phishing attacks

D) A firewall configuration

Answer: A) A cyber attack where attackers inject malicious scripts into web pages
 1. Cyber Security (MCQ’s)

15. What is DNS spoofing?

A) An attack that redirects users to fake websites

B) A method of encrypting domain names

C) A way to speed up internet browsing

D) A firewall rule

Answer: A) An attack that redirects users to fake websites

16. What is the purpose of the Cyber Kill Chain model?

A) To describe the stages of a cyber attack

B) To prevent malware infections

C) To create stronger firewalls

D) To manage antivirus software

Answer: A) To describe the stages of a cyber attack

17. What does a Man-in-the-Middle (MITM) attack involve?

A) An attacker intercepting and altering communication between two parties

B) A denial-of-service attack

C) A brute-force attack

D) A ransomware attack

Answer: A) An attacker intercepting and altering communication between two parties

18. Which security measure can help protect against session hijacking?

A) Using HTTPS and secure cookies

B) Running an antivirus scan

C) Deleting browser history

D) Installing more RAM

Answer: A) Using HTTPS and secure cookies

 1. Cyber Security (MCQ’s)

20. What is the role of a Security Information and Event Management (SIEM) system?

A) To collect and analyze security-related data

B) To block incoming network connections

C) To prevent malware infections

D) To scan for viruses

Answer: A) To collect and analyze security-related data

21. What is the main purpose of an access control list (ACL)?

A) To define permissions for users and devices

B) To block all incoming traffic

C) To increase internet speed

D) To scan emails for viruses

Answer: A) To define permissions for users and devices

22. What is the primary risk of using weak passwords?

A) They can be easily guessed or cracked by attackers

B) They make the system slow

C) They increase storage requirements

D) They prevent software updates

Answer: A) They can be easily guessed or cracked by attackers

23. What is a polymorphic virus?

A) A virus that changes its code to avoid detection

B) A virus that only attacks mobile devices

C) A type of ransomware

D) A virus that spreads through USB drives

Answer: A) A virus that changes its code to avoid detection

 1. Cyber Security (MCQ’s)

24.1. What is an Advanced Persistent Threat (APT)?

A) A cyber attack where hackers stay undetected in a system for a long time

B) A type of brute-force attack

C) A way to prevent phishing attacks

D) A method of securing networks

Answer: A) A cyber attack where hackers stay undetected in a system for a long time

2. What is the function of a digital signature in cyber security?

A) To authenticate and verify data integrity

B) To encrypt files

C) To create strong passwords

D) To improve network speed

Answer: A) To authenticate and verify data integrity

3. What is an air-gapped system?

A) A computer or network isolated from external connections

B) A system with backup power supply

C) A firewall-based security model

D) A cloud-based security tool

Answer: A) A computer or network isolated from external connections

4. What is session fixation?

A) A cyber attack where an attacker sets a victim’s session ID before login

B) A method of securing browser sessions

C) A way to prevent phishing attacks

D) A tool used to create strong passwords

Answer: A) A cyber attack where an attacker sets a victim’s session ID before login
 1. Cyber Security (MCQ’s)

5. What is the main purpose of the Kerberos protocol?

A) Secure authentication in a network

B) Encrypting email messages

C) Storing security logs

D) Detecting malware

Answer: A) Secure authentication in a network

6. What is spear phishing?

A) A targeted phishing attack against specific individuals or organizations…..

B) A mass email scam

C) A type of DoS attack

D) A method of encrypting messages

7. What is a supply chain attack?

A) An attack targeting a supplier to compromise its customers

B) A method to protect software supply chains

C) A way to increase network speed

D) A type of firewall attack

Answer: A) An attack targeting a supplier to compromise its customers

8. What is the function of a Web Application Firewall (WAF)?

A) To protect web applications from cyber attacks

B) To store security logs

C) To block all incoming internet traffic

D) To scan emails for malware

Answer: A) To protect web applications from cyber attacks

 1. Cyber Security (MCQ’s)

9. What is a Rainbow Table attack?

A) A password-cracking method using precomputed hash values

B) A method to detect network intrusions

C) A way to prevent ransomware

D) A firewall rule

Answer: A) A password-cracking method using precomputed hash values

10. What is Data Exfiltration?

A) Unauthorized transfer of sensitive data from a system

B) A technique to securely delete files

C) A method of encrypting databases

D) A firewall-based security model

Answer: A) Unauthorized transfer of sensitive data from a system

11. What is Clickjacking?

A) A cyber attack where users are tricked into clicking on malicious content

B) A method of speeding up websites

C) A way to detect phishing attacks

D) A firewall rule

Answer: A) A cyber attack where users are tricked into clicking on malicious content

12. What is the main role of a Security Operations Center (SOC)?

A) To monitor, detect, and respond to cyber threats

B) To store encrypted files

C) To improve network performance

D) To scan emails for spam

Answer: A) To monitor, detect, and respond to cyber threats

 1. Cyber Security (MCQ’s)

13. What is a watering hole attack?

A) A cyber attack that compromises websites frequently visited by a target

B) A method to detect malware

C) A type of phishing attack

D) A firewall configuration

Answer: A) A cyber attack that compromises websites frequently visited by a target

14. What does "whitelisting" mean in cyber security?

A) Allowing only trusted applications or users to access a system

B) Blocking all external internet traffic

C) Encrypting network connections

D) Deleting temporary files for security

Answer: A) Allowing only trusted applications or users to access a system

15. What is the purpose of Endpoint Detection and Response (EDR)?

A) To monitor and detect threats on endpoint devices

B) To improve internet speed

C) To store security logs

D) To create stronger passwords

Answer: A) To monitor and detect threats on endpoint devices

16. What is a pass-the-hash attack?

A) An attack where an attacker uses a stolen hashed password to authenticate

B) A brute-force attack

C) A type of ransomware attack

D) A method to prevent phishing

Answer: A) An attack where an attacker uses a stolen hashed password to authenticate

 1. Cyber Security (MCQ’s)

17. What is meant by lateral movement in cyber attacks?

A) Attackers moving within a network after gaining initial access

B) Hackers attacking only websites

C) A method to encrypt network traffic

D) A way to detect spam emails

Answer: A) Attackers moving within a network after gaining initial access

18. What is a keylogger?

A) A malicious program that records keystrokes

B) A type of firewall

C) A password management tool

D) A method of encrypting files

Answer: A) A malicious program that records keystrokes

19. What is a rogue access point?

A) An unauthorized Wi-Fi access point set up to intercept network traffic

B) A secure network gateway

C) A method to block cyber attacks

D) A way to prevent malware

Answer: A) An unauthorized Wi-Fi access point set up to intercept network traffic

20. What is the main function of a blockchain in cyber security?

A) To provide decentralized and tamper-proof data storage

B) To scan systems for vulnerabilities

C) To encrypt all network traffic

D) To create strong passwords

Answer: A) To provide decentralized and tamper-proof data storage

 1. Cyber Security (MCQ’s)

21. What is the function of a Captcha in cyber security?

A) To prevent bots from accessing websites

B) To encrypt user passwords

C) To store security logs

D) To block malware

Answer: A) To prevent bots from accessing websites

22. What does TTP stand for in cyber security?

A) Tactics, Techniques, and Procedures

B) Threat Tracking Program

C) Trusted Technology Protocol

D) Technical Threat Prevention

Answer: A) Tactics, Techniques, and Procedures

23. What is the function of a command-and-control (C2) server in cyber attacks?

A) To remotely control malware-infected systems

B) To prevent phishing attacks

C) To encrypt system files

D) To block cyber threats

Answer: A) To remotely control malware-infected systems

24. What is cyber forensics?

A) The process of investigating cyber crimes

B) A type of malware detection system

C) A method of network encryption

D) A firewall-based security system

Answer: A) The process of investigating cyber crimes

25. What is the purpose of ISO 27001?

A) A global standard for information security management……

B) A method to detect phishing.