Cyber Security MCQ
Cyber Security MCQ
1. _________ framework made cracking of vulnerabilities easy like point and click. a) .Net
b) Metasploit
c) Zeus
d) Ettercap
Answer: b
Answer: d
3. Which of the following deals with network intrusion detection and real-time traffic analysis?
a) John the Ripper
b) L0phtCrack
c) Snort
d) Nessus
Answer: c
Answer: c
5. _______________ is a popular tool used for network analysis in multiprotocol diverse network.
a) Snort
b) SuperScan
c) Burp Suit
d) EtterPeak
Answer: d
6. Wireshark is a ____________ tool.
a) network protocol analysis
b) network connection security
c) connection analysis
d) defending malicious packet-filtering
Answer: a
7. _____________ is a code injecting method used for attacking the database of a system / website.
a) HTML injection
b) SQL Injection
c) Malicious code injection
d) XML Injection
Answer: b
8. This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?
a) SQL injection
b) HTML Injection
c) Cross Site Scripting (XSS)
d) Cross Site Request Forgery (XSRF)
Answer: c
9. When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
a) Database crash attack
b) DoS (Denial of Service) attack
c) Data overflow Attack
d) Buffer Overflow attack
Answer: d
10. Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called
___________
a) Session Hijacking
b) Session Fixation
c) Cookie stuffing
d) Session Spying
Answer: a
11. Which of them is not a wireless attack?
a) Eavesdropping
b) MAC Spoofing
c) Wireless Hijacking
d) Phishing
Answer: d
12. An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
a) Cyber-crime
b) Cyber Attack
c) System hijacking
d) Digital crime
Answer: b
13. __________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise
harms anyone in order to accomplish political gain.
a) Cyber-warfare
b) Cyber campaign
c) Cyber-terrorism
d) Cyber attack
Answer: c
Answer: b
Answer: d
16. Logical ports are also known as ________________ a) numbered ports
b) virtual numbering
c) virtual ports
d) network protocol ports
Answer: c
17. Which of the following is the port number for FTP control? a) 20
b) 21
c) 22
d) 23
Answer: b
18. Which of the following is the port number for SSH (Secure Shell)? a) 20
b) 21
c) 22
d) 23
Answer: c
19. Which of the following is the port number for Telnet? a) 20
b) 21
c) 22
d) 23
Answer: d
20. Which of the following is the port number for SMTP service? a) 29
b) 27
c) 25
d) 23
Answer: c
21. Which of the following are the port numbers for DHCP?
a) 66, 67
b) 67, 68
c) 65, 66
d) 68, 69
Answer: c
22. Which of the following is the port number for TFTP service? a) 69
b) 70
c) 71
d) 72
Answer: a
23. Why it is important to know which service is using which port number? a) For database security
b) For reporting data security to the auditor
c) For understanding which data is going through secured traffic and which is not d) For checking unused data traffic
Answer: c
25. Which of the statements are not true to classify VPN systems? a) Protocols used for tunneling the traffic
b) Whether VPNs are providing site-to-site or remote access connection c) Securing the network from bots and
malwares
d) Levels of security provided for sending and receiving data privately Answer: c
Answer: d
Answer: c
Answer: a
_________ is one of the most secured Linux OS that provides anonymity and an incognito option for securing its user data.
a) Fedora
b) Tails
c) Ubuntu
d) OpenSUSE
Answer: b
30. ______________ in a system is given so that users can use dedicated parts of the system for which they’ve been given access to.
a) Machine Access Control
b) Mandatory Accounts Control
c) Mandatory Access Control
d) Mandatory Access Controlling
Answer: c
31. _____________ is a widespread app’s coding mistake made by developers which could be exploited by an attacker for gaining access or
malfunctioning your system. a) Memory leakage
b) Buffer-overrun
c) Less processing power
d) Inefficient programming
Answer: b
32. Buffer-overflow may remain as a bug in apps if __________ are not done fully. a) boundary hacks
b) memory checks
c) boundary checks
d) buffer checks
Answer: c
33. Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.
a) C, Ruby
b) Python, Ruby
c) C, C++
d) Tcl, C#
Answer: c
34. Why apps developed in languages like C, C++ is prone to Buffer-overflow? a) No string boundary checks in predefined
functions
b) No storage check in the external memory
c) No processing power check
d) No database check
Answer: a
35. With the lack of boundary check, the program ends abnormally and leads to ___________ error.
a) logical
b) segmentation
c) compile-time
d) syntax
Answer: b
36. Variables that gets created dynamically when a function (such as malloc()) is called is created in the form of _______ data-structure.
a) array
b) queue
c) stack
d) heap
Answer: d
37. _____________ buffer overflows, which are more common among attackers. a) Memory-based
b) Queue-based
c) Stack-based
d) Heap-based
Answer: c
38. When you use the word _____ it means you are protecting your data from getting disclosed.
a) Confidentiality
b) Integrity
c) Authentication
d) Availability
Answer: a
39. When integrity is lacking in a security system, _________ occurs. a) Database hacking
b) Data deletion
c) Data tampering
d) Data leakage
Answer: c
40. In which year the first popular hacker conference took place?
a) 1994
b) 1995
c) 1993
d) 1992
Answer: c