Cyber Security MCQ (1-3 UNIT) 

1. _________ framework made cracking of vulnerabilities easy like point and click. a) .Net 
b) Metasploit 
c) Zeus 
d) Ettercap 

Answer: b 

2. Which of this Nmap do not check? 

a) services different hosts are offering 
b) on what OS they are running 
c) what kind of firewall is in use 
d) what type of antivirus is in use 

Answer: d 

3. Which of the following deals with network intrusion detection and real-time traffic  analysis? 
a) John the Ripper 
b) L0phtCrack 
c) Snort 
d) Nessus 

Answer: c 

4. Which of the below-mentioned tool is used for Wi-Fi hacking? 

a) Wireshark 
b) Nessus 
c) Aircrack-ng 
d) Snort 

Answer: c 

5. _______________ is a popular tool used for network analysis in multiprotocol diverse  network. 
a) Snort 
b) SuperScan 
c) Burp Suit 
d) EtterPeak 

Answer: d
6. Wireshark is a ____________ tool. 
a) network protocol analysis 
b) network connection security 
c) connection analysis 
d) defending malicious packet-filtering 

Answer: a 

7. _____________ is a code injecting method used for attacking the database of a system /  website. 
a) HTML injection 
b) SQL Injection 
c) Malicious code injection 
d) XML Injection 

Answer: b 

8. This attack can be deployed by infusing a malicious code in a website’s comment  section. What is “this” attack referred to here? 
a) SQL injection 
b) HTML Injection 
c) Cross Site Scripting (XSS) 
d) Cross Site Request Forgery (XSRF) 

Answer: c 

9. When there is an excessive amount of data flow, which the system cannot handle, _____  attack takes place. 
a) Database crash attack 
b) DoS (Denial of Service) attack 
c) Data overflow Attack 
d) Buffer Overflow attack 

Answer: d 
10. Compromising a user’s session for exploiting the user’s data and do malicious activities  or misuse user’s credentials is called
___________ 
a) Session Hijacking 
b) Session Fixation 
c) Cookie stuffing 
d) Session Spying 

Answer: a
11. Which of them is not a wireless attack? 
a) Eavesdropping 
b) MAC Spoofing 
c) Wireless Hijacking 
d) Phishing 

Answer: d 

12. An attempt to harm, damage or cause threat to a system or network is broadly termed  as ______ 
a) Cyber-crime 
b) Cyber Attack 
c) System hijacking 
d) Digital crime 

Answer: b 

13. __________ is a violent act done using the Internet, which either threatens any  technology user or leads to loss of life or otherwise
harms anyone in order to accomplish  political gain. 
a) Cyber-warfare 
b) Cyber campaign 
c) Cyber-terrorism 
d) Cyber attack 

Answer: c 

14. There are ______ major types of ports in computers. 

a) 1 
b) 2 
c) 3 
d) 4 

Answer: b 

15. umber of logical ports ranges from _____ to _____ 

a) 0, 255 
b) 1, 65535 
c) 1, 65536 
d) 0, 65536 

Answer: d
16. Logical ports are also known as ________________ a) numbered ports 
b) virtual numbering 
c) virtual ports 
d) network protocol ports 

Answer: c 

17. Which of the following is the port number for FTP control? a) 20 
b) 21 
c) 22 
d) 23 

Answer: b 

18. Which of the following is the port number for SSH (Secure Shell)? a) 20 
b) 21 
c) 22 
d) 23 

Answer: c 

19. Which of the following is the port number for Telnet? a) 20 
b) 21 
c) 22 
d) 23 
Answer: d 

20. Which of the following is the port number for SMTP service? a) 29 
b) 27 
c) 25 
d) 23 

Answer: c
21. Which of the following are the port numbers for DHCP? 
a) 66, 67 
b) 67, 68 
c) 65, 66 
d) 68, 69 

Answer: c 

22. Which of the following is the port number for TFTP service? a) 69 
b) 70 
c) 71 
d) 72 

Answer: a 

23. Why it is important to know which service is using which port number? a) For database security 
b) For reporting data security to the auditor 
c) For understanding which data is going through secured traffic and which is not d) For checking unused data traffic 

Answer: c 

24. VPN is abbreviated as __________ 

a) Visual Private Network 
b) Virtual Protocol Network 
c) Virtual Private Network 
d) Virtual Protocol Networking 
Answer: c 

25. Which of the statements are not true to classify VPN systems? a) Protocols used for tunneling the traffic 
b) Whether VPNs are providing site-to-site or remote access connection c) Securing the network from bots and
malwares 
d) Levels of security provided for sending and receiving data privately Answer: c

26. 7. Site-to-site VPNs are also known as ________ 

a) Switch-to-switch VPNs 
b) Peer-to-Peer VPNs 
c) Point-to-point VPNs 
d) Router-to-router VPNs 

Answer: d 

27.__________ masks your IP address. 

a) Firewall 
b) Antivirus 
c) VPN 
d) Incognito mode 

Answer: c 

28. Using VPN, we can access _______________ 

a) Access sites that are blocked geographically 
b) Compromise other’s system remotely 
c) Hide our personal data in the cloud 
d) Encrypts our local drive files while transferring 

Answer: a 

_________ is one of the most secured Linux OS that provides anonymity and an incognito  option for securing its user data. 
a) Fedora 
b) Tails 
c) Ubuntu 
d) OpenSUSE 

Answer: b 

30. ______________ in a system is given so that users can use dedicated parts of the  system for which they’ve been given access to. 
a) Machine Access Control 
b) Mandatory Accounts Control 
c) Mandatory Access Control 
d) Mandatory Access Controlling 

Answer: c
31. _____________ is a widespread app’s coding mistake made by developers which could  be exploited by an attacker for gaining access or
malfunctioning your system. a) Memory leakage 
b) Buffer-overrun 
c) Less processing power 
d) Inefficient programming 

Answer: b 

32. Buffer-overflow may remain as a bug in apps if __________ are not done fully. a) boundary hacks 
b) memory checks 
c) boundary checks 
d) buffer checks 

Answer: c 

33. Applications developed by programming languages like ____ and ______ have this  common buffer-overflow error. 
a) C, Ruby 
b) Python, Ruby 
c) C, C++ 
d) Tcl, C# 

Answer: c 

34. Why apps developed in languages like C, C++ is prone to Buffer-overflow? a) No string boundary checks in predefined
functions 
b) No storage check in the external memory 
c) No processing power check 
d) No database check 

Answer: a 

35. With the lack of boundary check, the program ends abnormally and leads to  ___________ error. 
a) logical 
b) segmentation 
c) compile-time 
d) syntax 

Answer: b
36. Variables that gets created dynamically when a function (such as malloc()) is called is  created in the form of _______ data-structure. 
a) array 
b) queue 
c) stack 
d) heap 

Answer: d 

37. _____________ buffer overflows, which are more common among attackers. a) Memory-based 
b) Queue-based 
c) Stack-based 
d) Heap-based 

Answer: c 

38. When you use the word _____ it means you are protecting your data from getting  disclosed. 
a) Confidentiality 
b) Integrity 
c) Authentication 
d) Availability 

Answer: a 
39. When integrity is lacking in a security system, _________ occurs. a) Database hacking 
b) Data deletion 
c) Data tampering 
d) Data leakage 

Answer: c 

40. In which year the first popular hacker conference took place? 
a) 1994 
b) 1995 
c) 1993 
d) 1992 

Answer: c