1.

Unsolicited commercial email is known as ________

Spam

2.Internet can impose a number of Risks and hence Cybersecurity is required.

True

3.Which of these are Personally Identifiable Information?

All the options

4.Which of these are cyber threats?

All the options

5.________ monitors user activity on internet and transmit that information in the
background to someone else.
Spyware

6.Which of these is an anti-virus program

All the options

7.What is PUP?
Potentially unwanted program

8.A ________ is like a Virus, having the ability to spread without any medium.
Worm

9.The Cryptography can provide

All of them

10.In Symmetric-key cryptography, the key used by the sender and the receiver is
Shared

11.Risk represents ________

threads times vulnerabilities

12.If there is a vulnerability but no threat, then there won't be a risk.

True

13.Cryptography, a word with Greek origins, means

secret writing

14.UML component diagram is used to identify how a module validate &processes the
data before storing it.
False

15.Which is not a set of activity performed to prevent future incidents in Incident

management ?
Mitigate

16.Deep packet inspection can be used to give more context to indicator only.
False

18.Incident Category can be defined according to business functional priorities.

True

19.Incidents should be handled on a first come- first serve basis and must be
prioritized based on the Business impact.
False

20.Which is not part of a Incident Response Preparation phase ?

Defining objectives to investigate situation

21.Which is a open source data loss prevention solution.

MyDLP

22.Detection and Analysis is a continuous process of a cyber-attack for detecting

Malware intrusion and their remote connections.
True

23.Which is not part of a response follow-up activities ?

Take appropriate pre-approved or required actions

24.Which is a part of a response phase activities ?

Take appropriate pre-apporved or required actions

Report Incident to relevant stakeholders. ---wrong

25.A ________ is a credit card sized card with an embedded chip, containing
information about the user
Smart card

26.Which of these is TRUE with respect to passwords?

Password need to be atleast 8 chars of length

27.Phishing emails include fake notifications from banks and e-payment systems.
True

28.As an email client, we should not use caution when opening emails and can
download any attachments.
False

29.How do we define RADIUS?

Remote Authentication Dial-In User Service

30.Which of these are Threats related to Email Security?

All the options

31.At Strategic level threat intelligence information can be exchanged within it's
operating community
False

32.Which observes the behavior of the malware in a sandbox-virtual environment to

prevent the malware from actually infecting production systems.
Dynamic Analysis

33.They Keys used in Cryptography are

Single Round

34.Which helps to determine the effective security controls and measurement

techniques ?
Threat Modelling

35.In cryptography, what is cipher?

All the options ---wrong

36.Which one will not be considered in Cybersecurity threat Intrusion Phases ?

Alliance

37.In symmetric-key cryptography, the same key is used by

Both Party

38.Cyber security architecture is all about understanding one's Business Scope and
requirements only.
False

39.At Operational level threat intelligence real time feed protocols are being
used.
True

40.Defining the security control parameter SLA at 98.5% for taking appropriate
actions to avoid penalty risk if it goes below 98% must be a part of
Architecture Risks

41.It is a program or hardware device that filters the information coming through
an internet connection to a network or computer system.
Cookies

42.In Asymmetric-Key Cryptography, although RSA can be used to encrypt and decrypt
actual messages, it is very slow if the message is.
Long --- correct
Short --- wrong

43.WPA2 is used for security in ________

Wi-Fi

44.At Tactical level threat intelligence research analysis and reports can be
published after malware analysis.
False

45.Cybersecurity threat is a scenario which will try to exploit possible

vulnerabilities to enhance security
False

46.UEBA stands for

User Entity and Behavior Analytics

47.________ are attempts by individuals to obtain confidential information from you

to falsifying their identity.
Phising Scams

48.________ are often delivered to a PC through an email attachment and are often
designed to do harm.
Virus

49.The altering of data so that it is not usable unless the changes are undone is
________
Encryption

50.Which is not part of a threat Modelling process ?

Compose applications

51.The relationship between a character in the plaintext to a character is

one to many

52.Which of these groups exploits cyber vulnerabilities?

All the options

53.A type of malware that demands a ransom if the victim wants his or her files
back is called ________
Ransomware

54.Which of the following is not an antivirus software?

Code Red

55.Traffic in a VPN is NOT _______

Invisible from public network(*)

56.A TCS business operations team required to meet 98% SLA in FY 2017'18 to avoid
non-compliance penalty which must be a part of
Architecture requirements

57.Which is not a characteristics of Advanced Persistent threats ?

Full automated

58.A ________ is an extension of an enterprise�s private intranet across a public

Network such as the Internet across a public Network such as the Internet, creating
a secure private connection.
VPN

59.Which of the following would most likely not be a symptom of a virus?

the web browser opens to an unusual home

60. Attack which happens due to neglected factors like compromising with security
is a type of
malicious threat ---wrong
source threat

61. Incidents should be handled on a first come-first serve basis and must be
prioritized based on the Business impact
False

cyber law

62. is the guarantee of data privacy and protection against unauthorized disclosure
Encryption ---wrong

63. The sole purpose of ________ attack, is to fool the victim and to get all the
confidential information
phising

64. In asymmetric key cryptography, the private key is kept by

Receiver

65. A Botmaster can attack and take control of vulnerable one like
All of the above

66. Which of the following is an independent malicious program that does not need
any host program
Worm