Question 1) What is protection provided to the valuable data/ information from the recording, destruction, unauthorized access, or disclosure?
a) Information Security
b) Database Security
c) Physical security
d) Network security
Solution: A) Information Security
Explanation: Information security refers to the protection provided to the valuable data/ information form recording, destruction, unauthorized access, or disclosure. It is the method used to prevent physical and electronic information.
Database security is the security provided to protect a large amount of data in the company (small and huge databases). It includes several controls, tools, and measures to preserve data integrity, confidentiality, and availability in the computer system.
Question 2) For the safety and protection of information which platforms are used in the cloud.
b) One drive
c) Cloud workload protection platform
d) Cloud security protocol
Solution: C) Cloud workload protection platform.
Explanation: Cloud workload protection platform (CWPP) is used in the cloud for the safety and protection of information. It keeps applications secure and protects workload for all types in any location (cloud work protection across multiple users).
AWS monitors the network activity and account behavior to identify the threats within the cloud environment.
One drive is the safest place to keep the data/ files safe as it has a built-in SSL encryption tunnel that protects data. It can save photos, documents, and other files in the cloud.
Question 3) When confidential information compromised by some means, it’s come under ______________.
Solution: C) Threat
Explanation: A threat is a negative action taken to damage data, steal data or disrupt digital life. The threat is a condition in which some illegal actions compromise confidential information. This information is harmed by unauthorized access, disclosure, modification, and data destruction.
Vulnerability is the leak/weak point that threatens the organization's cyber security. The attack is a planned assault to steal and harm the information.
A bug is an unwanted and undescribed problem in the computer system (hardware or software). It is the fault and flows in any computer program or hardware system.
Question 4) When there is harm, threat, or damage to a network or system, the term is broadly known as _____________.
a) System Hijacking
b) Digital crime
Solution: D) Cyberattack
Explanation: A cyberattack attacks a computer system via the internet, where unauthorized attempts are made to access a computer system to modify and steal data. There are numerous cyber-attacks:-
- Denial of attack
- SQL injection
- Brute-force attack
- Cross-site scripting
Cybercrime is the crime done by using the computer as an instrument and a network to do something illegal. Cybercrime is an illegal fraud over the internet like trafficking in child pornography, intellectual property, stealing identities, and violating privacy. Various cyber-crime in India are:- Hacking, denial-of –services, spamming, cross-site scripting and phishing scam, etc.
System hacking is one digital crime where a system is hacked by sending malicious code to the system. Various viruses are added to hack the system.
Question 5) When authorized users are capable of access the information, that is mean as _________________.
a) Non- repudiation of information
b) Confidentiality of information
c) Integrity of Information
d) Availability of Information
Solution: D) Availability of information.
Explanation: With the availability of information, users can access the information. Availability is the presence of data needed by the user at any time (information is accessible to the authorized user).
Question 6) ___________________ is referred to as identification of authentic user and origin of information.
Solution: C) Authenticity
Explanation: Authenticity identifies the authentic user and origin of the information. Authenticity is the feature of security that ensures the validation and authorization of an individual/ user to receive specific information (it ensures the exchange of information, message, the transaction is from the claimed source it should be).
Confidentiality is the secrecy of the message, transaction, and information.
Availability ensures the presence of data at the required time (decision time). Availability is the presence of data needed by the user (authorized user).
Integrity refers to protecting and guarding the data, application, hardware, and operating system against being altered by unauthorized individuals.
Question 7) In the following, what is used to maintain and ensure the confidentiality of data or information.
a) Decryption of data
b) Locking of data
c) Encryption of data
d) Backup of data
Solution: C) Encryption of data.
Explanation: Data encryption is used to maintain and ensure the confidentiality of data or information. Various algorithms are used to encrypt data, and further, it is decrypted in a readable format. The readable plain text is converted into unreadable encoded format (ciphertext) in encryption.
Question 7) Full form of OSI is _____________ in OSI security Architecture.
a) Open Source Initiative
b) Open Standard Interconnections
c) Open System interface
d) Open System Interconnection
Solution: D) Open system Interconnection
Explanation: Open system interconnection is a model that provides a framework to transmit a message between any two entities in a network. It consists of seven layers that perform services for the layer above it. Seven layers of the OSI model are:-
- Application layer
- Presentation layer
- Session layer
- Transport layer
- Network layer
- Datalink layer
- Physical layer
Question 8) What the company wants to do when it requires its user to change the password every month?
d) None of the above
Solution: C) Security
Explanation: To strengthen the security and confidentiality of the company, it becomes mandatory for the user to change the password every month.
Question 9) Among these ___________ is the encrypted text.
a) Secret Text
b) Cipher Text
c) Cipher Script
d) Secret Script
Solution: B) Cipher Text
Explanation: Ciphertext is an encrypted text (transformed from plain text using an encryption algorithm). Cipher is an algorithm used for converting plain text to ciphertext. Secret text is a hidden message that anyone can write.
Question 10)What defines cyber security?
a) It act as a protector against cyber-attacks
b) It provides security from cyber-terrorist
c) It act as a protective shield against malware
d) All the above
Solution: D) All the above
Explanation: Cyber security functions like acting as a protection shield against malware provide security from cyber-attack and cyber- terrorists.
Question 11) ____________ is the father of cyber security.
c) August Kerckhoffs
d) Bob Thomas
Solution: C) August Kerckhoffs
Explanation: August Kerckhoffs is the founder of contemporary encryption (an essay in the general of Military science in February 1883). He was a linguist and German professor at HEC, who earned the title of “Father of computer security).
Question 12) Among these, what role does cyber security performs?
a) It protects criminals
b) Protects internet-connected systems
c) Protection from hackers
d) All the above
Solution: D) All the above
Explanation: Cyber security performs all the above functions like it protects interconnected systems (hardware/software and data). It reduces the cyberattacks against networks, technologies, and systems by depleting unauthorized vulnerability, exploitation, and threats.
Question 13) Choose the type of cyber security.
a) Application security
b) Cloud security
c) Network security
d) Critical Infrastructure security
1) a, b 2) a, b, d 3) b, c, d 4) a, c, d, b
Solution: 4) a, c, d, b
Explanation: In today's world, cyber security is distinguished into five types: Internet of things (IoT) security, application security, cloud security, critical infrastructure security, and network security.
Question 14) Choose the objectives of cyber security.
d) All of them
Solution: D) All of them
Explanation: Cyber security is used to achieve three objective elements known as CIA Triad.
|Confidentiality||Keep all the information protected/private, and authorized users and employees access this information.|
|Availability||It ensures the availability of the information, services, tools, business processes, etc., on time. Investing in availability is necessary to run the business smoothly and has minimal impact in case of any disaster.|
|Integrity||It ensures that data is not modified during transit or access.|
Question 15) Among the following is not cybercrime.
b) Man in the middle
d) Denial of services
Solution: C) AES – Advanced Encryption standard.
Explanation: Malware, Man in the middle, and denial of services cause a threat to the system, but advanced encryption standard (AES) is a type of data security that prevents cybercrime at certain levels.
Question 16) Find the type of cyber-attack?
a) SQL injections
b) Password attack
d) All of the above
Solution: D) All of the above
Explanation: SQL injections, phishing, and password attacks are cyber-attack types.
|SQL interjection||The attacker adds the malicious code to the SQL server and gains access to the protected information.|
|Password attack||User password is hacked unethically to gain access to confidential information.|
|Phishing||In this, the attackers send many fraudulent emails to gain access to the system.|
Question 17) Find out the odd one among these.
a) Cyber security provides privacy to the user
b) Cyber security makes the system slower
c) Cyber security protects the operating system from viruses and malware
d) Cyber security minimizes computer crashes and freezing
Solution: B) Cyber security makes the system slower
Explanation: Minimization of computer freezing and crashes, protection against viruses, worms, etc., and protecting user privacy are the advantages of cyber security, but making the system slower is the disadvantage because configuring the firewall can be difficult. Therefore, to keep the security upto date, it is necessary to update the new software.
Question 18) Who coined the term “cyberspace”?
a) William Gibson
b) Scott Fahlman
c) Richard Stallman
d) None of these
Solution: A) William Gibson
Explanation: William Gibson (American –Canadian fiction pioneer and coiner) invented the term cyberspace in 1921after examination of many technology fields. Cyberspace refers to linked technologies in information exchange, storage, interaction with digital devices, digital entertainment, network security, and computer and other IT-related matters.
Question 19) What hacking approach does a hacker follow when creating a fake website or pages to gain additional traffic and tricking?
a) Web duplication
Solution: C) Pharming
Explanation: Pharming is the hacking approach used by cybercriminals. They create pony/ duplicate websites or webpages of the original one to mislead the user to gain their confidential information (login details and passwords).
Question 20) Among the following actions, which one compromises cyber security.
Solution: B) Threat
Explanation: A threat to the system security is defined as a potential hazard that causes harm to the system or network and results in a breach of security. The threat can damage to hardware and software of the system by different means. Vulnerability is the system's weakness exploited by an attacker, but exploitation is reverse as it is the security weakness that has undesirable and unintended consequences.
Question 21) Who are the highly skilled hackers hired by the government to maintain or provide cyber security for the state or country?
a) CIA triad
b) Special hackers
c) Nation/ State-sponsored hacker
d) Government hacker
Solution: C) Nation/State-sponsored hacker
Explanation: In this digital era government has also switched to digital working; therefore, the state of central government hire highly skilled hackers to protect the country from cyber terrorists and other groups/ individual. These hackers safeguard the confidential information of the country/state and keep an eye on the plans, activities, and communications of the cyber attackers. These hackers act as soldiers for digital war.
Question 22) Which tool is used for security editing and discovering networks?
b) Burb suit
Solution: c) Nmap
Explanation: Nmap tool is used for security editing and discovering networks. The full form of Nmap is network mapper, a free and open-source tool useful for various systems and network administrators. It is also useful in managing service upgrade schedules, network inventory, and monitoring host and service uptime. Nmap runs on all the major components of the operating system but works well against single hosts. Nmap is designed to scan large networks very rapidly.
Question 23)Which tool is used for auditing and password security for security?
Solution: C) LC4
Explanation: LC4 is a password auditing, security, and recovery tool previously known as L0phtCrack. This tool helps in regaining and testing password strength in Microsoft Windows passwords.
Question 24) _________________is not an example of physical data leakage in security
a) Shoulder surfing
c) Dumpster diving
d) Printers and photocopiers
Solution: B) Phishing
Explanation: Phishing is one kind of cyber-attack in which a fake link is sent to the user and asked to open it. This is a very common method of stealing sensitive data digitally via emails, but it is not an example of physical data leakage in security.
Shoulder surfing is the method where criminals spy over your shoulder to steal your personal information from ATMs, personal laptops, public kiosks, and other electronic device in public.
Dumpster diving is the attack on the trashed information or dumped information. It can be in both digital and physical forms both.
Question 25) ______________ named as the first computer virus.
d) Trojan virus
Solution: A) Creeper
Explanation: Bob Thomas of BBN created the creeper program in 1971. Creeper was designed to test whether the self-replicating program was possible or not.
Question 26) Which one is not the example of privacy threats and real security?
Solution: B) Spam
Explanation: Spam is not an example of privacy threat and real security because spam is of various types like email spam, illegal email messages, unsolicited, undesired electronic message, message spam, SMS or private message within websites and spam targeting users of instant messaging (IM) services.
Question 27) Which one monitors all the user's activity on the internet and transmits all the information to someone else in the background?
d) None of above
Solution: C) Spyware
Explanation: Spyware is malware/ software automatically install itself on the computer and start gathering and monitoring the online behavior of user without their knowledge or permission. Spyware violates user privacy or endangers device security.
Question 28) Firewall is a kind of __________________.
b) Security threat
d) None of above
Solution: D) None of above
Explanation: Firewall is a network security system used to monitor and control incoming and outgoing network traffic (based on predetermined security rules).
Question 29) ______________ is not an external threat to a computer network or system.
d) Trojan horses
Solution: C) Ignorance
Explanation: Ignorance is not an external threat to a computer system.
Question 30) ______________ is a class of computer threat.
d) DoS attacks
Solution: D) DoS attacks
Explanation: Full form of DoS is a denial of services, a kind of cyber-attack where the perpetrator makes machine or network resources unavailable to the users. When the host is connected to the internet, all the services are temporarily or indefinitely disturbed.
Question 31) This method detects something unusual going through all the files or network elements.
Solution: C) Scanning
Explanation: Scanning is the process of reading the text quickly to find something particular. Scanning is contrasted with skimming (finding the general meaning of the text in a quick reading).
Question 32) What is code red?
a) Photo editing
d) Word processing
Solution: C) Code red.
Explanation: Code red is a virus (worm) that came in isolation on July 15, 2001. The technical name of code red is CRv and CRvII. It is a server jamming worm discovered and researched by eEye Digital Security (Riley Hassell discovered exploited vulnerability). This server attacks the running Microsoft's IIS web server.
Question 33) When a password is cracked by replacing characters of dictionary word symbols and numbers, this attack is called as?
a) Password attack
b) Hybrid attack
d) None of these
Solution: B) Hybrid attack
Explanation: Hybrid attack combines the two attacks (dictionary attack and brute force attack). In this attack, the perpetrator immerges two or more tools to carry out the assault. Various numbers, letters, and special characters are used in this attack.
Question 34) Among the following which Tor does not protect service privacy?
a) Instant messaging
b) Login Using ID
c) Browsing data
d) Relay chats
Solution: B) Login Using ID
Explanation: Login by using the ID is not the headache of Tor as in this login user ID, and password is utilized to access the account. Instead of this, Tor protects the browsing data, instant messaging, and relay chats.
Question 35) Sendinc is not an ___________related hacking tool.
Explanation: Sending is not an email-related hacking tool as it doesn't compromise email data. Sending protects the business email accounts and helps in providing a secure solution for delivering mails in the business. Mail password, Mail Pass View, and Email Finder Pro are email hacking tools.
Question 36) _______________ is the least strong security encryption standard.
Solution: D) WEP
Explanation: Wireless equivalent privacy is the least strong security encryption standard. Rather wireless security is necessary for cyber security, and some common kinds of cyber security are WPA2, WPA3, WPA (Wi-Fi protected access).
Question 37) Stuxnet is a type of _______________.
Solution: B) Worm
Explanation: Stuxnet is a multi-part computer worm discovered in June 2010. This worm was made to take over industrial control systems and run the equipment with malicious programs. It aimed at the data acquisition system and supervisory control. It causes substantial damage to the nuclear program of Iran.
Question 38)Which term relates to exploring ethical and appropriate working behavior related to digital media and online environments?
d) Cyber security
Solution: B) Cyberethics
Explanation: Cyberethics is the collection of rules and regulations to protect the digital and online working environment. Cyberethics are regulated to examine the legal, morals, and social issues while working on computer/information and communication technologies.
Cyber laws are the legal IT laws made by the government related to legal informatics and digital circulation of information, information security, software, and e-commerce.
Cyber security refers to the security provided to the data by encrypting it using algorithms.
Cybersafety refers to the user's awareness to protect itself and prevent risk measures associated with information technology. These are the user's preventive cyber measures for the safe and responsible use of information and communication technologies (ICT). It is also termed online safety, and internet safety helps in reducing cyber-crime.
Question 39)By using which key certificate authorities sign the digital certificates.
a) User’s private key
b) User’s public key
c) Authority own private key
d) Authority own public key
Solution: C) Authority's private key.
Explanation: Certificate authorities signed the digital certificates using their private key as signatures are confidential. No one has the authority to copy them; therefore, they are kept safe with their private key (no one can access them).
Question 40) Integrity of messages are verified by using ____________technique.
a) Decryption algorithm
b) Message Digest
d) Digital signature
Solution: B) Message Digest
Explanation: The integrity of messages is verified by using the message digest technique as it ensures the delivery of the message over an unsecured channel. At this unsecured channel, messages can be changed; therefore, it uses the cryptographic hash function that creates a compressed image of the message called a digest. Nowadays, the hash algorithm MD5 is commonly used to check the integrity of the message.