1) In which of the following, a person is constantly followed/chased by another person or group of several

peoples?

1. Phishing
2. Bulling
3. Stalking
4. Identity theft

Answer: c

Explanation: In general, Stalking refers to continuous surveillance on the target (or person) done by a
group of people or by the individual person.

Cyber Stalking is a type of cybercrime in which a person (or victim) is being followed continuously by
another person or group of several people through electronic means to harass the victim. We can also say
that the primary goal of Stalking is to observe or monitor each victim's actions to get the essential
information that can be further used for threatening, harassing, etc.

2) Which one of the following can be considered as the class of computer threats?

1. Dos Attack
2. Phishing
3. Soliciting
4. Both A and C

Answer: a

Explanation: A dos attack refers to the denial of service attack. It is a kind of cyber attack in which one
tries to make a machine (or targeted application, website etc.) unavailable for its intended users. It is
usually accomplished by disturbing the service temporarily or indefinitely of the target connected to the
internet.

3) Which of the following is considered as the unsolicited commercial email?

1. Virus
2. Malware
3. Spam
4. All of the above

Answer: c

Explanation: It is a type of unsolicited email which is generally sent in bulk to an indiscriminate recipient
list for commercial purpose. Generally, these types of mail are considered unwanted because most users
don't want these emails at all.

4) Which of the following usually observe each activity on the internet of the victim, gather all information in
the background, and send it to someone else?

1. Malware
2. Spyware
3. Adware
4. All of the above
Answer: b

Explanation: It is generally defined as the software designed to enter the target's device or computer
system, gather all information, observe all user activities, and send this information to a third party. Another
important thing about the spyware is that it works in the background sends all information without your
permission.

5) _______ is a type of software designed to help the user's computer detect viruses and avoid them.

1. Malware
2. Adware
3. Antivirus
4. Both B and C

Answer: c

Explanation: An antivirus is a kind of software that is specially designed to help the user's computer to
detect the virus as well as to avoid the harmful effect of them. In some cases where the virus already
resides in the user's computer, it can be easily removed by scanning the entire system with antivirus help.

6) Which one of the following is a type of antivirus program?

1. Quick heal
2. Mcafee
3. Kaspersky
4. All of the above

Answer: d

Explanation: Antivirus is a kind of software program that helps to detect and remove viruses form the
user's computer and provides a safe environment for users to work on. There are several kinds of antivirus
software are available in the market, such as Kaspersky, Mcafee, Quick Heal, Norton etc., so the correct
answer is D.

7) It can be a software program or a hardware device that filters all data packets coming through the
internet, a network, etc. it is known as the_______:

1. Antivirus
2. Firewall
3. Cookies
4. Malware

Answer: b

Explanation: There are two types of firewalls - software programs and hardware-based firewalls. These
types of firewalls filter each and every data packet coming from the outside environment such as network;
internet so that any kind of virus would not be able to enter in the user's system. In some cases where the
firewall detects any suspicious data packet, it immediately burns or terminates that data packet. In short,
we can also say that it is the first line of defense of the system to avoid several kinds of viruses.
8) Which of the following refers to stealing one's idea or invention of others and use it for their own
benefits?

1. Piracy
2. Plagiarism
3. Intellectual property rights
4. All of the above

Answer: d

Explanation: The stealing ideas or the invention of others and using them for their own profits can also be
defined in several different ways, such as piracy, intellectual property rights, and plagiarism.

9) Read the following statement carefully and find out whether it is correct about the hacking or not?

It can be possible that in some cases, hacking a computer or network can be legal.

1. No, in any situation, hacking cannot be legal

2. It may be possible that in some cases, it can be referred to as a legal task

Answer: b

Explanation: Nowadays, hacking is not just referred to as an illegal task because there are some good
types of hackers are also available, known as an ethical hacker. These types of hackers do not hack the
system for their own purposes, but the organization hires them to hack their system to find security falls,
loop wholes. Once they find the loop whole or venerability in the system, they get paid, and the
organization removes that weak points.

10) Which of the following refers to exploring the appropriate, ethical behaviors related to the online
environment and digital media platform?

1. Cyber low
2. Cyberethics
3. Cybersecurity
4. Cybersafety

Answer: b

Explanation: Cyber Ethics refers to exploring the appropriate, ethical behaviors related to online
environments and digital media.

11) Which of the following refers to the violation of the principle if a computer is no more accessible?

1. Access control
2. Confidentiality
3. Availability
4. All of the above

Answer: c
Explanation: Availability refers to the violation of principle, if the system is no more accessible.

12) Which one of the following refers to the technique used for verifying the integrity of the message?

1. Digital signature
2. Decryption algorithm
3. Protocol
4. Message Digest

Answer: d

Explanation: Message Digest is a type of cryptographic hash function that contains a string of digits that
are created by the one-way hashing formula. It is also known as a type of technique used for verifying the
integrity of the message, data or media, and to detect if any manipulations are made. Therefore the correct
answer is D.

13) Which one of the following usually used in the process of Wi-Fi-hacking?

1. Aircrack-ng
2. Wireshark
3. Norton
4. All of the above

Answer: a

Explanation: The Aircrack-ng is a kind of software program available in the Linux-based operating systems
such as Parrot, kali etc. it is usually used by users while hacking the Wi-Fi-networks or finding
vulnerabilities in the network to capture or monitor the data packets traveling in the network.

14) Which of the following port and IP address scanner famous among the users?

1. Cain and Abel

2. Angry IP Scanner
3. Snort
4. Ettercap

Answer: b

Explanation: Angry IP Scanner is a type of hacking tool that is usually used by both white hat and black
hat types of hackers. It is very famous among the users because it helps to find the weaknesses in the
network devices.

15) In ethical hacking and cyber security, there are _______ types of scanning:

1. 1
2. 2
3. 3
4. 4
Answer: c

Explanation: There are usually three types of scanning in ethical hacking and cyber security. Therefore the
correct answer is C.

16) Which of the following is not a type of scanning?

1. Xmas Tree Scan

2. Cloud scan
3. Null Scan
4. SYN Stealth

Answer: b

Explanation: Among the following-given options, the Cloud Scan is one, and only that is not a type of
scanning.

17) In system hacking, which of the following is the most crucial activity?

1. Information gathering
2. Covering tracks
3. Cracking passwords
4. None of the above

Answer: c

Explanation: While trying to hack a system, the most important thing is cracking the passwords.

18) Which of the following are the types of scanning?

1. Network, vulnerability, and port scanning

2. Port, network, and services
3. Client, Server, and network
4. None of the above

Answer: a

Explanation: The vulnerability, port, and network scanning are three types of scanning.

19) Which one of the following is actually considered as the first computer virus?

1. Sasser
2. Blaster
3. Creeper
4. Both A and C

Answer: c
Explanation: The Creeper is called the first computer virus as it replicates itself (or clones itself) and
spread from one system to another. It is created by Bob Thomas at BBN in early 1971 as an experimental
computer program.

20) To protect the computer system against the hacker and different kind of viruses, one must always keep
_________ on in the computer system.

1. Antivirus
2. Firewall
3. Vlc player
4. Script

Answer: b

Explanation: It is essential to always keep the firewall on in our computer system. It saves the computer
system against hackers, viruses, and installing software form unknown sources. We can also consider it the
first line of defense of the computer system.

21) Code Red is a type of ________

1. An Antivirus Program
2. A photo editing software
3. A computer virus
4. A video editing software

Answer: c

Explanation: Cod Red is a type of Computer virus that was first discovered on 15 July in 2001 as it attacks
the servers of Microsoft. In a couple of next days, it infects almost 300,000 servers.

22) Which of the following can be considered as the elements of cyber security?

1. Application Security
2. Operational Security
3. Network Security
4. All of the above

Answer: d

Explanation: Application security, operational security, network security all are the main and unforgettable
elements of Cyber Security. Therefore the correct answer is D.

23) Which of the following are famous and common cyber-attacks used by hackers to infiltrate the user's
system?

1. DDos and Derive-by Downloads

2. Malware & Malvertising
3. Phishing and Password attacks
 4. All of the above

Answer: d

Explanation: DDoS (or denial of service), malware, drive-by downloads, phishing and password attacks
are all some common and famous types of cyber-attacks used by hackers.

24) Which one of the following is also referred to as malicious software?

1. Maliciousware
2. Badware
3. Ilegalware
4. Malware

Answer: d

Explanation: Malware is a kind of short program used by the hacker to gain access to sensitive data/
information. It is used to denote many kinds of viruses, worms, Trojans, and several other harmful
programs. Sometimes malware is also known as malicious software.

25) Hackers usually used the computer virus for ______ purpose.

1. To log, monitor each and every user's stroke

2. To gain access the sensitive information like user's Id and Passwords
3. To corrupt the user's data stored in the computer system
4. All of the above

Answer: d

Explanation: In general, hackers use computer viruses to perform several different tasks such as to
corrupt the user's data stored in his system, to gain access the important information, to monitor or log each
user's strokes. Therefore the correct answer is D.

26) In Wi-Fi Security, which of the following protocol is more used?

1. WPA
2. WPA2
3. WPS
4. Both A and C

Answer: b

Explanation: Nowadays, in Wi-Fi Security, the WPA2 is one of the most widely used protocols because it
offers a more secure connection rather than the WPA. It is also known as the upgraded version of the WPA
protocol.

27) The term "TCP/IP" stands for_____

1. Transmission Contribution protocol/ internet protocol

2. Transmission Control Protocol/ internet protocol
 3. Transaction Control protocol/ internet protocol
4. Transmission Control Protocol/ internet protocol

Answer: b

Explanation: The term "TCP/IP" stood for Transmission Control Protocol/ internet protocol and was
developed by the US government in the early days of the internet.

28) The response time and transit time is used to measure the ____________ of a network.

1. Security
2. Longevity
3. Reliability
4. Performance

Answer: d

Explanation: On the basis of response time and transit time, the performance of a network is measured.

29) Which of the following factor of the network gets hugely impacted when the number of users exceeds
the network's limit?

1. Reliability
2. Performance
3. Security
4. Longevity

Answer: d

Explanation: When the numbers of users on a network get increased and exceed the network's limit,
therefore the performance is one of the factors of the network that is hugely impacted by it.

30) In the computer networks, the encryption techniques are primarily used for improving the ________

1. Security
2. Performance
3. Reliability
4. Longevity

Answer: a

Explanation: Encryption techniques are usually used to improve the security of the network. So the correct
answer will be A.

31) Which of the following statements is correct about the firewall?

1. It is a device installed at the boundary of a company to prevent unauthorized physical access.

2. It is a device installed at the boundary of an incorporate to protect it against the unauthorized
access.
3. It is a kind of wall built to prevent files form damaging the corporate.
 4. None of the above.

Answer: b

Explanation: A firewall can be the type of either a software or the hardware device that filters each and
every data packet coming from the network, internet. It can also be considered as a device installed at the
boundary of an incorporate to protect form unauthorized access. Sometimes firewall also refers to the first
line of defense against viruses, unauthorized access, malicious software etc.

32) When was the first computer virus created?

1. 1970
2. 1971
3. 1972
4. 1969

Answer: b

Explanation: In 1970, the world's first computer virus was created by Robert (Bob) Thomas. This virus was
designed as it creates copies of itself or clones itself and spreads one computer to another. So the correct
answer will be 1970.

33) Which of the following is considered as the world's first antivirus program?

1. Creeper
2. Reaper
3. Tinkered
4. Ray Tomlinson

Answer: b

Explanation: Reaper is considered as the world's first antivirus program or software as it can detect the
copies of a Creeper (the world's first man-made computer virus) and could delete it as well.

34) Which one of the following principles of cyber security refers that the security mechanism must be as
small and simple as possible?

1. Open-Design
2. Economy of the Mechanism
3. Least privilege
4. Fail-safe Defaults

Answer: b

Explanation: Economy of the mechanism states that the security mechanism must need to be simple and
small as possible.

35) Which of the following principle of cyber security restricts how privileges are initiated whenever any
object or subject is created?
 1. Least privilege
2. Open-Design
3. Fail-safe Defaults
4. None of the above

Answer: c

Explanation: The fail-safe Defaults principle of cyber security restricts how privileges are initiated
whenever a subject or object is created. In cases where the privileges, rights, access or some other
security-related attribute is not granted explicitly, it should also not granted access to the object.

36) Suppose an employee demands the root access to a UNIX system, where you are the administrator;
that right or access should not be given to the employee unless that employee has work that requires
certain rights, privileges. It can be considered as a perfect example of which principle of cyber security?

1. Least privileges
2. Open Design
3. Separation of Privileges
4. Both A & C

Answer: a

Explanation: The example given in the above question refers to the least privileges principle of cyber
security. The least privileges principle of cyber security states that no rights, access to the system should
be given to any of the employees of the organization unless he/she needs those particular rights, access in
order to complete the given task. In short, we can say that its primary work is to restrict or control the
assignment of rights to the employees.

37) Which of the following can also consider as the instances of Open Design?

1. CSS
2. DVD Player
3. Only A
4. Both A and B

Answer: d

Explanation: The Open Design is a kind of open design artifact whose documentation is publically
available, which means anyone can use it, study, modify, distribute, and make the prototypes. However, the
CSS (or Content Scrambling System) and DVD Player are both examples of open design.

38) Which one of the following principles states that sometimes it is become more desirable to rescored the
details of intrusion that to adopt more efficient measure to avoid it?

1. Least common mechanism

2. Compromise recording
3. Psychological acceptability
4. Work factor

Answer: b
Explanation: The principle called compromise factor states that in some cases, it is more beneficial to
records or document the details of the intrusion that to adopt more efficient measures to avoid it.

39) The web application like banking websites should ask its users to log-in again after some specific
period of time, let say 30 min. It can be considered as an example of which cybersecurity principle?

1. Compromise recording
2. Psychological acceptability
3. Complete mediation
4. None of the above

Answer: c

Explanation: The complete mediation principle of cybersecurity requires that all the access must be
checked to ensure that they are genuinely allowed. However, the example given in the above question can
be considered as an example of Complete Mediation.

40) Which one of the following statements is correct about Email security in the network security methods?

1. One has to deploy hardware, software, and security procedures to lock those apps down.
2. One should know about what the normal behavior of a network look likes so that he/she can spot
any changes, breaches in the behavior of the network.
3. Phishing is one of the most commonly used methods that are used by hackers to gain access to the
network
4. All of the above

Answer: c

Explanation: In terms of Email Security, phishing is one of the standard methods that are used by Hackers
to gain access to a network. The Email Security Tools can handle several types of attacks, such as the
incoming attacks, and protect the outbound messages containing sensitive data/information as well.

41) Which of the following statements is true about the VPN in Network security?

1. It is a type of device that helps to ensure that communication between a device and a network is
secure.
2. It is usually based on the IPsec( IP Security) or SSL (Secure Sockets Layer)
3. It typically creates a secure, encrypted virtual "tunnel" over the open internet
4. All of the above

Answer: d

Explanation: The term VPN stands for Virtual Private Network. It is a type of network security-enhancing
tool that can be either a software program or a hardware device. It usually authenticates the communication
between a device and a network by creating a secure encrypted virtual "tunnel". In general, the software
VPNs are considered as the most cost-effective, user friendly over the hardware VPNs.

42) Which of the following type of text is transformed with the help of a cipher algorithm?

1. Transformed text
2. Complex text
3. Scalar text
 4. Plain text

Answer: d

Explanation: The cipher algorithm is used to create an encrypted message by taking the input as
understandable text or "plain text" and obtains unreadable or "cipher text" as output. It is usually used to
protect the information while transferring one place to another place.

43) The term "CHAP" stands for __________

1. Circuit Hardware Authentication Protocols

2. Challenge Hardware Authentication Protocols
3. Challenge Handshake Authentication Protocols
4. Circuit Handshake Authentication Protocols

Answer: c

Explanation: The term "CHAP" stands for the Challenge Handshake Authentication Protocols. In computer
networks, it can be defined as an authentication scheme that avoids the transfer of unencrypted passwords
over the network. The "CHAP" is one of the many authentication schemes used by the Point To Point
Protocol (PPP), which is a serial transmission protocol for wide networks Connections (WAN).

44) Which type of the following malware does not replicate or clone them self's through infection?

1. Rootkits
2. Trojans
3. Worms
4. Viruses

Answer: b

Explanation: The Trojans type of malware does not generate copies of them self's or clone them. The
main reason why these types of viruses are referred to as the Trojans is the mythological story of the
Greeks. In which some top-level accessions were hidden in the big wooden horse-like structure and given
to the enemy as a gift. So that they can enter to the enemy's palace without come in any sight.

45) Which of the following malware's type allows the attacker to access the administrative controls and
enables his/or her to do almost anything he wants to do with the infected computers.

1. RATs
2. Worms
3. Rootkits
4. Botnets

Answer: a

Explanation: The RAT is an abbreviation of Remote Access Trojans or Remote Administration Tools,
which gives the total control of a Device, which means it, can control anything or do anything in the target
device remotely. It allows the attacker administrative control just as if they have physical access to your
device.
46) Which of the following statements is true about the Trojans?

1. Trojans perform tasks for which they are designed or programmed

2. Trojans replicates them self's or clone them self's through an infections
3. Trojans do nothing harmful to the user's computer systems
4. None of the above

Answer: a

Explanation: Trojans are a type of malware that will perform any types of actions for those they are design
or programmed. Another important thing about Trojans is that the user may not know that the malware
enters their system until the Trojan starts doing its job for which they are programmed.

47) Which of the following is just opposite to the Open Design principle?

1. Security through obscurity

2. Least common mechanism
3. Least privileges
4. Work factor

Answer: a

Explanation: The "Security through obscurity" is an approach which just opposite to the Open Design
principle. So the correct option is A.

48) Which of the following is a type of independent malicious program that never required any host
program?

1. Trojan Horse
2. Worm
3. Trap Door
4. Virus

Answer: b

Explanation: Warm is a type of independent malicious program that does not require any host programs(or
attached with some programs). They typically cause damages to the systems by consuming the
bandwidths and overloading the servers. Warms are quite different from the virus as they are stand-alone
programs, whereas viruses need some type of triggers to activate by their host or required human
interaction.

49) Which of the following usually considered as the default port number of apache and several other web
servers?

1. 20
2. 40
3. 80
4. 87

Answer: c
Explanation: The default port number used by the apache and several other web servers is 80. So the
correct answer will be C.

50) DNS translates a Domain name into _________

1. Hex
2. Binary
3. IP
4. URL

Answer: d

Explanation: DNS stands for the Domain name system; the main work of a DNS is to translate the Domain
name into an IP address that is understandable to the computers.

51) Which one of the following systems cannot be considered as an example of the operating systems?

1. Windows 8
2. Red Hat Linux
3. BSD Linux
4. Microsoft Office

Answer: d

Explanation: Microsoft office is a type of software used for creating and managing documents, which is
one of the most famous products of the Microsoft organization. So the correct answer will be the D.

52) In the CIA Triad, which one of the following is not involved?

1. Availability
2. Confidentiality
3. Authenticity
4. Integrity

Answer: c

Explanation: CIA refers to Confidentiality, Integrity, and Availability that are also considered as the CIA
triad. However, the CIA triad does not involve Authenticity.

53) In an any organization, company or firm the policies of information security come under__________

1. CIA Triad
2. Confidentiality
3. Authenticity
4. None of the above

Answer: a
Explanation: Confidentiality, Integrity, Availability are the three main principles. In Short, these three
principles are also known as the CIA triad and plays a vital role as the cornerstone of the security structure
of any organization.

54) Why are the factors like Confidentiality, Integrity, Availability, and Authenticity considered as the
fundamentals?

1. They help in understanding the hacking process

2. These are the main elements for any security breach
3. They help to understand the security and its components in a better manner
4. All of the above

Answer: c

Explanation: Confidentiality, Integrity, Availability and Authenticity all these four elements helps in
understanding security and its components.

55) In order to ensure the security of the data/ information, we need to ____________ the data:

1. Encrypt
2. Decrypt
3. Delete
4. None of the above

Answer: a

Explanation: Data encryption is a type of method in which the plain text is converted into ciphertext, and
only the authorized users can decrypt it back to plain text by using the right key. This preserves the
Confidentiality of the Data.

56) Which one of the following is considered as the most secure Linux operating system that also provides
anonymity and the incognito option for securing the user's information?

1. Ubuntu
2. Tails
3. Fedora
4. All of the above

Answer: b

Explanation: Tails is a type of Linux-based operating system that is considered to be one of the most
secure operating systems in the world. It also provides many features such as anonymity and incognito
options to insure that user information is always protected. The main reason why the tails operating system
is famous among the user is that it is almost untraceable, which keep your privacy secure.

57) Which type following UNIX account provides all types of privileges and rights which one can perform
administrative functions?

1. Client
2. Guest
3. Root
4. Administrative
Answer: d

Explanation: If a user uses the Root account of the UNIX operating system, he can carry out all types of
administrative functions because it provides all necessary privileges and rights to a user.

58) Which of the following is considered as the first hacker's conference?

1. OSCON
2. DEVON
3. DEFCON
4. SECTION

Answer: c

Explanation: DEFCON is one of the most popular and largest Hacker's as well as the security consultant's
conference. It is always held once a year in Las Vegas, Nevada, where hackers of all types (such as black
hats, gray hats, and white hat hackers), government agents as well as security professionals from around
the world attend the conference attends this meeting.

59) Which of the following known as the oldest phone hacking techniques used by hackers to make free
calls?

1. Phreaking
2. Phishing
3. Cracking
4. Spraining

60) Name of the Hacker who breaks the SIPRNET system?

1. John Draper
2. Kevin Mitnick
3. John von Neumann
4. Kevin Poulsen

Answer: d

Explanation: The SIPRNET (or Advanced Research Project Agency Network) system was first hacked by
Kevin Poulsen as he breaks into the Pentagon network.

1. Hackers who help in finding bugs and vulnerabilities in a system & don’t intend to crack a system are
termed as ________
a) Black Hat hackers
b) White Hat Hackers
c) Grey Hat Hackers
d) Red Hat Hackers

Answer: b
Explanation: White Hat Hackers are cyber security analysts and consultants who have the intent to help
firms and Governments in the identification of loopholes as well as help to perform penetration tests for
securing a system.
2. Which is the legal form of hacking based on which jobs are provided in IT industries and firms?
a) Cracking
b) Non ethical Hacking
c) Ethical hacking
d) Hactivism

Answer: c
Explanation: Ethical Hacking is an ethical form of hacking done by white-hat hackers for performing
penetration tests and identifying potential threats in any organizations and firms.
3. They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes. Who
are “they” referred to here?
a) Gray Hat Hackers
b) White Hat Hackers
c) Hactivists
d) Black Hat Hackers

Answer: d
Explanation: Black Hat hackers also termed as ‘crackers’ and are a major type of cyber criminals who take
unauthorized access in user’s account or system and steal sensitive data or inject malware into the system
for their profit or to harm the organization.
4. ________ are the combination of both white as well as black hat hackers.
a) Grey Hat hackers
b) Green Hat hackers
c) Blue Hat Hackers
d) Red Hat Hackers

Answer: a
Explanation: Grey Hat Hackers have a blending character of both ethical as well as un-ethical hacker. They
hack other’s systems for fun but do not harm the system, exploits bugs and vulnerabilities in network
without the knowledge of the admin or the owner.
5. The amateur or newbie in the field of hacking who don’t have many skills about coding and in-depth
working of security and hacking tools are called ________
a) Sponsored Hackers
b) Hactivists
c) Script Kiddies
d) Whistle Blowers

Answer: c
Explanation: Script Kiddies are new to hacking and at the same time do not have many interests in
developing coding skills or find bugs of their own in systems; rather they prefer downloading of available
tools (developed by elite hackers) and use them to break any system or network. They just try to gain
attention of their friend circles.
6. Suicide Hackers are those _________
a) who break a system for some specific purpose with or without keeping in mind that they may suffer long
term imprisonment due to their malicious activity
b) individuals with no knowledge of codes but an expert in using hacking tools
c) who know the consequences of their hacking activities and hence try to prevent them by erasing their
digital footprints
d) who are employed in an organization to do malicious activities on other firms

Answer: a
Explanation: Suicide hackers are those who break into any network or system with or without knowing the
consequences of the cyber crime and its penalty. There are some suicide hackers who intentionally do
crimes and get caught to bring their names in the headlines.
7. Criminal minded individuals who work for terrorist organizations and steal information of nations and
other secret intelligence are _________
a) State sponsored hackers
b) Blue Hat Hackers
c) Cyber Terrorists
d) Red Hat Hackers

Answer: c
Explanation: Cyber Terrorists are very expert programmers and cyber criminals who hide themselves while
doing malicious activities over the internet and they are smart enough to hide themselves or their tracks of
action. They are hired for gaining unauthorised access to nation’s data centres or break into the network of
intelligence agencies.
8. One who disclose information to public of a company, organization, firm, government and private agency
and he/she is the member or employee of that organization; such individuals are termed as ___________
a) Sponsored hackers
b) Crackers
c) Hactivist
d) Whistleblowers

Answer: d
Explanation: Whistleblowers are those individuals who is a member or an employee of any specific
organization and is responsible for disclosing private information of those organizations, firms, either
government or private.
9. These types of hackers are the most skilled hackers in the hackers’ community. Who are “they” referred
to?
a) White hat Hackers
b) Elite Hackers
c) Licensed Penetration Testers
d) Red Hat Hackers

Answer: b
Explanation: The tag “Elite hackers” are considered amongst the most reputed hackers who possess most
of the hacking and security skills. They are treated with utmost respect in the hackers’ community. Zero day
vulnerabilities, serious hacking tools and newly introduced bugs are found and developed by them.
10. _________ are those individuals who maintain and handles IT security in any firm or organization.
a) IT Security Engineer
b) Cyber Security Interns
c) Software Security Specialist
d) Security Auditor

Answer: a
Explanation: This is an intermediary level of position of an individual in an organization or firm who builds
and preserves different systems and its associated security tools of the firm of organization to which he/she
belongs.
11. Role of security auditor is to ____________
a) secure the network
b) probe for safety and security of organization’s security components and systems
c) detects and prevents cyber attacks and threats to organization
d) does penetration testing on different web applications

Answer: b
Explanation: Security auditors are those who conduct auditing of various computer and network systems on
an organization or company and reports the safety and security issues as well as helps in suggesting
improvements or enhancements in any particular system that is threat prone.
12. ________ are senior level corporate employees who have the role and responsibilities of creating and
designing secured network or security structures.
a) Ethical Hackers
b) Chief Technical Officer
c) IT Security Engineers
d) Security Architect

Answer: d
Explanation: Security architect are those senior grade employees of an organization who are in charge of
building, designing, implementing and testing of secured network topologies, protocols as well as secured
computers in an organization.
13. __________ security consultants uses database security monitoring & scanning tools to maintain
security to different data residing in the database / servers / cloud.
a) Database
b) Network
c) System
d) Hardware

Answer: a
Explanation: Database Security consultants are specific individuals hired in order to monitor and scan the
database systems and keep them secured from unwanted threats and attacks by giving access to restricted
users, blocking unwanted files, multi-factor access control etc.
14. Governments hired some highly skilled hackers. These types of hackers are termed as _______
a) Special Hackers
b) Government Hackers
c) Cyber Intelligence Agents
d) Nation / State sponsored hackers

Answer: d
Explanation: Nation / State sponsored hackers are specific individuals who are employed or hired by the
government of that nation or state and protect the nation from cyber terrorists and other groups or
individuals and to reveal their plans, communications and actions.
15. Someone (from outside) who tests security issues for bugs before launching a system or application,
and who is not a part of that organization or company are ______
a) Black Hat hacker
b) External penetration tester
c) Blue Hat hacker
d) White Hat Hacker

Answer: c
Explanation: Blue Hat Hackers are outsiders yet security testers who are temporarily hired for performing
outsourced security test for bugs and vulnerabilities in any system before launching it to the market or
making the application live.

1. _________ are a specific section of any virus or malware that performs illicit activities in a system.
a) Malicious programs
b) Worms
c) Spyware
d) Payload

Answer: d
Explanation: Payloads are parts of a virus that helps in performing malicious activities such as destroying
information, blocking network traffic, compromising data, steal and spy for sensitive information.
2. ____________ is a scenario when information is accessed without authorization.
a) Data infiltration
b) Data Hack
c) Information compromise
d) Data Breach
Answer: d
Explanation: Data breach is the term used when the cyber-security incident takes place where sensitive
information is accessed without authority.
3. ____________ is an attempt to steal, spy, damage or destroy computer systems, networks or their
associated information.
a) Cyber-security
b) Cyber attack
c) Digital hacking
d) Computer security

Answer: b
Explanation: Cyber attack can be defined as an attempt to steal, spy, damage or destroy different
components of cyberspace such as computer systems, associated peripherals, network systems, and
information.
4. ___________ is a device which secretly collects data from credit / debit cards.
a) Card Skimmer
b) Data Stealer
c) Card Copier
d) Card cloner

Answer: a
Explanation: Card skimmer is hardware that is installed and setup in ATMs secretly so that when any user
will swipe or insert their card in the ATM, the skimmer will fetch all information from the magnetic strip.
5. _____________ is a technique used when artificial clicks are made which increases revenue because of
pay-per-click.
a) Clickjacking
b) Clickfraud
c) Keylogging
d) Click-hacking

Answer: b
Explanation: Clickfraud is an attack technique used when artificial clicks get generated to increase the
revenue in ad-campaigns online.
Note: Join free Sanfoundry classes at Telegram or Youtube
6. __________ is the practice implemented to spy someone using technology for gathering sensitive
information.
a) Cyber espionage
b) Cyber-spy
c) Digital Spying
d) Spyware

Answer: a
Explanation: Cyber espionage is a practice done by both ethical and non-ethical hackers to spy on others
for gathering confidential information.
7. ____________ is the way or technique through which majority of the malware gets installed in our
system.
a) Drive-by click
b) Drive-by redirection
c) Drive-by download
d) Drive-by injecting USB devices

Answer: c
Explanation: An accidental yet dangerous action that takes place in the cyberspace which helps attackers
place their malware into the victim’s system. This technique is called Drive-by download.
8. ______ is the term used for toolkits that are purchased and used for targeting different exploits.
a) Exploit bag
b) Exploit set
c) Exploit Toolkit
d) Exploit pack

Answer: d
Explanation: Exploit pack or Exploit kit is the term used for toolkits that are purchased and used for
targeting different exploits.
9. Identity theft is the term used when a cyber-thief uses anybody’s personal information to impersonate the
victim for their benefit.
a) True
b) False

Answer: a
Explanation: Identity theft is the term used when a cyber-thief uses anybody’s personal information to
impersonate the victim for their benefit. In this type of cyber-crime, information like social security number,
personal details, and images, hobbies and passion details, driving license number and address details are
compromised.
10. _________ is the hacking approach where cyber-criminals design fake websites or pages for tricking or
gaining additional traffic.
a) Cyber-replication
b) Mimicking
c) Website-Duplication
d) Pharming

Answer: d
Explanation: The technique and approach through which cyber-crooks develop fake web pages and sites to
trick people for gaining personal details such as login ID and password as well as personal information, is
known as pharming.
11. RAM-Scraping is a special kind of malware that looks (scrape) for sensitive data in the hard drive.
a) True
b) False

Answer: a
Explanation: It is a special kind of malware that looks for sensitive data that you’ve stored in your hard
drive. RAM-scraping is one of those kinds.
12. When you book online tickets by swiping your card, the details of the card gets stored in ______
a) database system
b) point-of-sale system
c) servers
d) hard drives

Answer: b
Explanation: The point-of-sale system is a system where the retailer or company stores financial records
and card details of the e-commerce system or online business transactions.
13. Point-of-sale intrusion does not deal with financial details and credit card information.
a) True
b) False

Answer: b
Explanation: Point-of-sale intrusion is an attack that deals with financial details and credit card information,
where the payment system of the company or retailer is compromised and left with customer’s financial
information at risk.
14. _______ are deadly exploits where the vulnerability is known and found by cyber-criminals but not
known and fixed by the owner of that application or company.
a) Unknown attacks
b) Secret attacks
c) Elite exploits
d) Zero-day exploits

Answer: d
Explanation: Zero-day exploits are used to attack a system as soon as cyber-criminals came to know about
the weakness or the day the weaknesses are discovered in a system. Hackers exploit these types of
vulnerabilities before the creator releases the patch or fix the issue.
15. Zero-day exploits are also called __________
a) zero-day attacks
b) hidden attacks
c) un-patched attacks
d) un-fixed exploits

Answer: a
Explanation: Zero-day exploits are also called zero-day attacks where the vulnerability is known and found
by cyber-criminals or ethical hackers but not known and fixed by the creator/owner of that application or
company.
1. ________ is any action that might compromise cyber-security.
a) Threat
b) Vulnerability
c) Exploit
d) Attack

Answer: a
Explanation: Threat can be termed as a possible danger that may lead to breach the cyber security and
may cause possible harm to the system or the network.
2. Existence of weakness in a system or network is called _______
a) Threat
b) Vulnerability
c) Exploit
d) Attack

Answer: b
Explanation: Vulnerability is the term used to define weakness in any network or system that can get
exploited by an attacker. Exploiting the weakness can lead to the unexpected & undesirable event in cyber
security.
3. When any IT product, system or network is in need for testing for security reasons, then the term used is
called _________
a) Threat
b) Vulnerability
c) Target of Evaluation
d) Attack

Answer: c
Explanation: Target of Evaluation is the term used when any IT infrastructure, system, network require
evaluation for security reasons or for fixing any bugs after being tested by penetration testers.
4. An/A ________ is an act that violates cyber-security.
a) Threat
b) Vulnerability
c) Exploit
d) Attack

Answer: d
Explanation: An “attack” or “cyber-attack” is an attempt taken by attackers to alter, delete, steal or expose
any specific data by gaining unauthorized access.
5. ________ is a way to breach the security by using the vulnerability of that system.
a) Threat
b) Vulnerability
c) Exploit
d) Attack

Answer: c
Explanation: An exploit can be any data, piece of code, a program, sequence of commands or any software
that uses the vulnerability or flaw of a system and helps attackers or cyber-criminals cause unanticipated
behaviour.
6. _________ is an act of hacking by the means of which a political or social message is conveyed.
a) Hacktivism
b) Whistle-blowing
c) Surveillance
d) Pseudonymization

Answer: a
Explanation: Hacktivism is an act of defacing a website, or any network or system. Systems and networks
are compromised with a political or social agenda.
7. _______ is the method of developing or creating a structurally similar yet unauthentic and illegitimate
data of any firm or company.
a) Data copying
b) Data masking
c) Data breaching
d) Data duplicating

Answer: b
Explanation: Data masking is the method used for developing or creating a structurally similar version of
data of any organization that is not authentic. These types of unauthentic data are purposefully created for
protecting the actual data.
8. Data masking is also known as _________
a) Data obfuscation
b) Data copying
c) Data breaching
d) Data duplicating

Answer: a
Explanation: Data obfuscation is the alternate term used for data masking, that is used for developing or
creating a structurally similar version of data of any organization that is not authentic. These types of
unauthentic data are purposefully created for protecting the actual data.
9. ________ automates an action or attack so that repetitive tasks are done at a faster rate.
a) Auto-bots
b) Cookie-bots
c) Robots
d) Bots

Answer: d
Explanation: Bots are a set of codes written which helps to perform repetitive tasks at a much faster rate
than humans.
10. Backdoors are also known as ____________
a) Trap doors
b) Front doors
c) Cover doors
d) Back entry
 Answer: a
Explanation: Trap-doors are hidden entry points in any already hacked system that is set to bypass security
measures.
11. Adware are pre-chosen _______ developed to display ads.
a) banner
b) software
c) malware
d) shareware

Answer: b
Explanation: Adware is software that is displayed on system or web pages for showing pre-chosen ads.
12. ________ is an attack technique occurs when excess data gets written to a memory block.
a) Over buffering
b) Buffering
c) Buffer overflow
d) Memory full

Answer: c
Explanation: Buffer overflow is a flaw that occurs in memory when excessive data is written which makes
the buffer allocated to seize.
13. Finding & publishing any user’s identity with the help of different personal details is called ________
a) Doxing
b) Data breaching
c) Personal data copying
d) Secure File Transferring Protocol

Answer: a
Explanation: When an identity of internet user is discovered and published by following his/her details over
the internet is called doxing.
14. In IP address, IP is abbreviated as __________
a) Internet Program
b) Internet Protocol
c) Intuition Programs
d) Internet Pathway

Answer: b
Explanation: In IP Address, IP is abbreviated as Internet Protocol. It acts as a unique address or identifier
of any computer or device in the internet.
15. Whaling is the technique used to take deep and _________ information about any individual.
a) sensitive
b) powerful
c) useless
d) casual

Answer: a
Explanation: Whaling uses phishing technique which helps hackers in stealing deep and sensitive
information about any member of an organization. The information can be private addresses, phone
number, future plans and projects, salary and bonuses.

1. Cyber Security provide security against what?

1.

A. Against Malware
B. Against cyber-terrorists
 C. Defends a device from threat.
D. All mentioned options

Answer: D

2. Who is popularly known as the father of cyber security?

1.

A. Robert
B. August Kerckhoffs
C. Bob Thomas
D. Charles

Answer: B

3. Which of the below is a kind of cyber security?

1.

A. Cloud Security
B. Application Security
C. Cloud Security
D. All options mentioned above

Answer: D

4. Which of the below does not constitute a cybercrime?

1.

A. refusal of service
B. Man in the middle
C. Phishing
D. AES

Answer: D (AES stands for Advanced Encryption Standard) safeguards data by encoding it)

5. Which of the below benefits of cyber security is not true?

1.

A. System getting slower

B. Computer lagging and crashes
C. provide privacy to users
D. Secures system against viruses
 Answer: A

6. Who coined the term “ Cyberspace”?

1.

A. William Gibson
B. Andrew Tannenbaum
C. Scott Fahlman
D. Richard Stallman

Answer: A

7. Which of the below is a hacking technique in which cybercriminals create fictitious web pages or
domains to deceive or obtain more traffic?

1.

A. Pharming
B. Mimicking
C. Spamming
D. Website-Duplication

Answer: A ( Pharming is a method and technique used by cybercriminals to deceive people by creating
fake websites and domains)

8. Which of the below is a popular victim of cyber attackers looking to gain the IP address of a
target or victim user?

1.

A. emails
B. websites
C. IP tracer
D. web pages

Answer: B

9. Which of the below does not qualify as a form of peer-to-peer cybercrime?

1.

A. Trojans are implanted into a targeted device.

B. On the deep web, payment information is leaked.
C. mm
D. Phishing
 Answer: B

10. An act to injure, corrupt, or threaten a system or network is characterised as which of the
below?

1.

A. Digital crime
B. Threats
C. System hijacking
D. Cyber Attack

Answer: D

11. Any company or agency’s IT protection is managed and maintained by?

1.

A. Software Security Specialist

B. CEO of the organisation
C. Security Auditor
D. IT Security Engineer

Answer: D ( This is a profession in which a professional develops and maintains various systems and
security devices for the firm or organisation)

12. Which of the below is an internet fraud in which a consumer is digitally persuaded to reveal
personal data by cybercriminals?

1.

A. MiTM attack
B. Phishing attack
C. Website attack
D. DoS attack

Answer: B

13. Which of the below security encryption standards is the weakest?

1.

A. WPA3
B. WPA2
C. WPA
D. WEP
 Answer: D ( WEP stands for wired Equivalent Privacy. It is a most insecure encrypted protocol)

14. Which of the below measures can help reduce the risk of data leakage?

1.

A. Steganography
B. Chorography
C. Cryptography
D. Authentication

Answer: A ( Steganography functions as concealing information in a non-suspicious manner)

15. This is the concept for guiding information security policy within a corporation, firm, or
organisation. What exactly is “this” in this context?

1.

A. Confidentiality
B. Non-repudiation
C. CIA Triad
D. Authenticity

Answer: C (CIA Triad is the most popular and frequently used approach, focusing on the confidentiality of
information)

16. ___________ means the security of data from tampering by unidentified users.

1.

A. Confidentiality
B. Integrity
C. Authentication
D. Non-repudiation

Answer: B

17. Which of the below implemented is not a good means of safeguarding privacy?

1.

A. Biometric verification
B. ID and password-based verification
C. 2-factor authentication
D. switching off the phone
 Answer: D

18. When ____ and ____ are in charge of data, the integrity of the data is imperilled?

1.

A. Access control, file deletion

B. Network, file permission
C. Access control, file permission
D. Network, system

Answer: C

19. The authenticity and security of data travelling over a network are ensured by?

1.

A. Firewall
B. Antivirus
C. Pentesting Tools
D. Network-security protocols

Answer: D ( Network-security protocols govern the procedures and processes used to protect network
data against illegal content collection)

20. _________ creates an isolated passage across a public network that enables computing devices
to communicate and receive data discreetly as though they were directly linked to the private
network.

1.

A. Visual Private Network

B. Virtual Protocol Network
C. Virtual Protocol Networking
D. Virtual Private Network

Answer: D

21. ___________ is one of the safest Linux operating systems, offering invisibility and an incognito
mode to protect user data.

1.

A. Fedora
B. Tails
C. Ubuntu
 D. OpenSUSE

Answer: B

22. What is a single entrance for multiple connectivities called?

1.

A. Web services
B. phishing
C. Directory service
D. worms

Answer: C (A directory service is the following system of software and protocols that keep track of
knowledge about the company, clients, or sometimes both)

23. Circuit-level gateway firewalls have which of the below disadvantages?

1.

A. They’re expensive
B. They’re complex in architecture
C. They do not filter individual packets
D. They’re complex to setup

Answer: C

24. The initial phase of ethical hacking is?

1.

A. DNS poisoning
B. Footprinting
C. ARP-poisoning
D. Enumeration

Answer: B ( In this Phase, The attacker attempts to find as many attack vectors as he can, reconnaissance
is another term for footprinting)

25. Which of the below can be classified as a type of computer threat?

1.

A. Dos Attack
B. Phishing
C. Soliciting
 D. Both A and C

Answer: A ( A denial of service attack is referred to as a dos attack, it’s a type of cyber-attack in which
someone tries to prevent a machine from serving its intended consumers)

26. In system hacking, which of the below is the most crucial activity?

1.

A. Information gathering
B. Covering tracks
C. Cracking passwords
D. None of the above

Answer: C

27. When the number of users surpasses the network’s capacity, which of the below network
factors suffers the most?

1.

A. Reliability
B. Performance
C. Security
D. Longevity

Answer: D

28. Which of the below cyber security principles states that the security system should be as
compact and straightforward as possible?

1.

A. Open-design
B. The economy of the Mechanism
C. Least privilege
D. Fail-safe Defaults

Answer: B

29. Which of the below malware types permits the hackers to access administrative controls and do
nearly everything he wants with the infected systems?

1.

A. RATs
 B. Worms
C. Rootkits
D. Botnets

Answer: A ( RATs stands for Remote Access Trojans which gives the attacker administrative power over
your device, just as if they had physical access)

30. The first hacker’s conference was held in which of the below locations?

1.

A. OSCON
B. DEVON
C. DEFCON
D. SECTION

Answer: C ( DEFCON is one of the most well-known and biggest hackers and security consultant
conferences in the world. It’s often conducted in Las Vegas, Nevada, once a year)

31. When any IT device, service, or system requires security checks, the term “security testing” is
employed.?

1.

A. Threat
B. Vulnerability
C. Objective of evaluation
D. Attack

Answer: C ( When any IT system, device, or platform requires assessment for safety purposes or to
address any faults after being evaluated by security researchers, the term “objective of evaluation” is used)

32. Which of the below is used to analyse network flow and monitor traffic?

1.

A. Managed detection and response

B. Cloud access security broker
C. Network traffic analysis
D. Network traffic analysis

Answer: C

33. Which of the below is a method of gaining access to a computer program or an entire computer
system while circumventing all security measures?
1.

A. Backdoor
B. Masquerading
C. Phishing
D. Trojan Horse

Answer: Backdoor ( A backdoor is a sort of malware that bypasses standard authentication mechanisms
to gain access to a system)

34. The term “protection from ______of source code” refers to limiting access to the source code to
just authorised individuals.

1.

A. disclosure
B. alteration
C. destruction
D. log of changes

Answer: C

35. _______________ are programmes or procedures that enable hackers to maintain control of a
computer system.?

1.

A. Exploits
B. Antivirus
C. Firewall by-passers
D. Worms

Answer: A ( Exploits are programs or algorithms that allow hackers to gain total control of a computer
system)

1) Which of these describes an ongoing pursuit by an individual/group?

a) Stalking

b) Identity theft

c) Phishing

d) Bulling

Answer: (a) Stalking

2) Which one of the following is considered in the category of computer threats?

a) Soliciting

b) DoS attack

c) Phishing

d) Both A and B

Answer: (b) DoS attack

3) Which of the following typically keeps tabs on every online activity the victim engages in,
compiles all the data in the background, and sends it to a third party?

a) Adware

b) Malware

c) Spyware

d) All of the above

Answer: (c) Spyware

4) Which one is considered to be a type of antivirus program?

a) Kaspersky

b) Mcafee

c) Quick heal

d) All of the above

Answer: (d) All of the above

5) Which of these scanners for ports and IP addresses is most used by users?

a) Cain and Abel

b) Ettercap

c) Snort

d) Angry IP Scanner

Answer: (d) Angry IP Scanner

6) Which of the following phrases describes taking someone else's creation or idea and using
it for one's own advantage?
 a) Intellectual property rights

b) Piracy

c) Plagiarism

d) All of the above

Answer: (d) All of the above

7) Which of the following describes investigating moral conduct concerning the digital media
landscape?

a) Cyberethics

b) Cyber low

c) Cybersafety

d) Cybersecurity

Answer: (a) Cyberethics

8) State whether True or False: Data encryption is used to ensure confidentiality.

a) True

b) False

c) It cannot be understood

d) None

Answer: (a) True

9) Determine the earliest method of free phone calls used by hackers.

a) Cracking

b) Spamming

c) Phreaking

d) Phishing

Answer: (c) Phreaking

10) Which of the following statements best describes how the principle would be broken if a
computer was no longer accessible?

a) Confidentiality
 b) Access control

c) Availability

d) All of the above

Answer: (c) Availability

11) Which of these methods is used to check the validity of a message?

a) Digital signature

b) Protocol

c) Message Digest

d) Decryption algorithm

Answer: (c) Message Digest

12) Which of the following is typically used when hacking Wi-Fi?

a) Wireshark

b) Aircrack-ng

c) Norton

d) All of the above

Answer: (b) Aircrack-ng

13) Among the following, which is not a form of scanning?

a) Null Scan

b) Xmas Tree Scan

c) SYN Stealth

d) Cloud Scan

Answer: (d) Cloud Scan

14) The Code Red is similar to a:

a) Photo Editing Software

b) Antivirus Program

c) Video Editing Software

 d) Computer Virus

Answer: (d) Computer Virus

15) Which of these was the first antivirus software ever created?

a) Reaper

b) Ray Tomlinson

c) Creeper

d) Tinkered

Answer: (a) Reaper

1) What kind of malware does not replicate or clone itself through infection?

a) Rootkits

b) Worms

c) Viruses

d) Trojans

Answer: (d) Trojans

2) The DNS would convert any domain name into:

a) Hex

b) Binary

c) URL

d) IP

Answer: (c) URL

3) The most important step in system hacking is:

a) Cracking passwords

b) Covering tracks

c) Information gathering

d) None of the above

Answer: (a) Cracking passwords

4) Which of the following describes the different forms of scanning?

a) Client, Server, and network

b) Network, vulnerability, and port scanning

c) Port, network, and services

d) None of the above

Answer: (b) Network, vulnerability, and port scanning

5) Determine the attack type that employs a fake server with a relay address.

a) SMB

b) NetBIOS

c) NTLM

d) MITM

Answer: (d) MITM

6) Pick one of the following methods for hiding information inside a picture:

a) Image Rendering

b) Steganography

c) Rootkits

d) Bitmapping

Answer: (b) Steganography

7) Choose one of the following strategies to prevent browser-based hacking:

a) Adware remover in the browser

b) Anti-malware in the browser

c) Remote browser access

d) Incognito mode in the browser

Answer: c) Remote browser access

8) Which of these is the port number (default) for many web servers, including apache?

a) 80
 b) 20

c) 87

d) 40

Answer: (a) 80

9) They are malicious hackers whose primary goal is to commit cybercrimes to make money.
Who are "they" in this context?

a) White Hat Hackers

b) Black Hat Hackers

c) Hacktivists

d) Gray Hat Hackers

Answer: (b) Black Hat Hackers

10) Any company or organisation's IT security is managed and maintained by

a) IT Security Engineer

b) Security Auditor

c) CEO of the organisation

d) Software Security Specialist

Answer: (d) IT Security Engineer

11) What does EDR stand for?

a) Endless Detection and Response

b) Endpoint Detection and Response

c) Endpoint Detection and Recovery

d) Endless Detection and Recovery

Answer: (b) Endpoint Detection and Response

12) The _______ of a network is assessed using the response and transit times.

a) Longevity

b) Performance

c) Reliability
 d) Security

Answer: (b) Performance

13) Which of the following statements concerning the firewall is true?

a) It is a barrier created to stop files from hurting the company.

b) It is a tool put in place at a business's perimeter to stop uninvited physical entrance.

c) It is a device placed at an organisation's perimeter to prevent unwanted access.

d) None of the above

Answer: c) It is a device placed at an organisation's perimeter to prevent unwanted access.

14) Which of the following Cyber Security principles limits how privileges are started
whenever an object or subject is created?

a) Open-Design

b) Fail-safe Defaults

c) Least privilege

d) None of the above

Answer: (b) Fail-safe Defaults

15) Which of these conferences was the first one for hackers?

a) DEFCON

b) OSCON

c) SECTION

d) DEVON

Answer: (a) DEFCON

Do you possess a high level of experience and understanding in various security-related

fields? Then you should take this Microsoft Cybersecurity Architect SC100 Training!

Cyber Security related MCQ questions for advanced level

Cyber Security is divided into several parts, out of which one part covers the beginner-level
questions followed by the intermediate-level and advanced level. The set of questions
mentioned below focuses on the technical skills and knowledge of Cyber Security advanced
level questions:

1) What is changed when cypher algorithms are used?

a) Scalar test

b) Plain test

c) Complex test

d) None

Answer: (b) Plain test

2) What does CHAP stand for?

a) Circuit Handshake Authentication Protocols

b) Challenge Handshake Authentication Protocols

c) Circuit Hardware Authentication Protocols

d) Challenge Hardware Authentication Protocols

Answer: (b) Challenge Handshake Authentication Protocols

3) Which of the following is the least strong security encryption?

a) WPA

b) WPA3

c) WEP

d) WPA2

Answer: c) WEP

4) Which of the items listed below is the least strong security protocol?

a) SFTP

b) SSL

c) SMTP

d) HTTPS

Answer: c) SMTP

5) What is used for encrypting data at the network level?

a) IPSec

b) S/MIME
 c) SMTP

d) HTTPS

Answer: (a) IPSec

6) What does PCT stand for?

a) Private Connecting Technology

b) Private Communication Technique

c) Personal Communication Technology

d) Private Communication Technology

Answer: (d) Private Communication Technology

7) Which one of the following is a private search engine?

a) Bing

b) Google

c) Yahoo

d) Duckduckgo

Answer: (d) Duckduckgo

8) Choose the phrase from the list below that best describes the initial stage of ethical
hacking.

a) Footprinting

b) ARP Poisoning

c) DNS Poisoning

d) Enumeration

Answer: (a) Footprinting

9) What is the purpose of using a proxy server for a hacker?

a) Create a ghost server on the network

b) Create a stronger connection with the target

c) For obtaining remote access connection

d) Hiding malicious activity on the network

Answer: (d) Hiding malicious activity on the network

10) Determine the kind of symmetric key algorithm that encrypts data using a streaming
cypher.

a) Blowfish

b) MD5

c) RC4

d) SHA

Answer: c) RC4

11) Determine the number of characters the Linux OS will allow in file names.

a) 64

b) 256

c) 128

d) 32

Answer: (b) 256

12) Choose the one that is autonomous and does not require a host program from the list
below:

a) Trap door

b) Trojan horse

c) Virus

d) Worm

Answer: (d) Worm

13) A DNS translates a domain name to which of these:

a) Hex

b) IP

c) Binary

d) URL

Answer: (b)