Cyber Security MCQ (Multiple Choice Questions) - SchoolingAxis

 

Que - In which year the term hacking was coined?
a. 1965-67
b. 1955-60
c. 1970-80
d. 1980-82

Answer- 1955-60

Que - From where the term 'hacker' first came to existence?
a. MIT
b. Stanford University
c. California
d. Bell's Lab

Answer- MIT

Que - What is the one thing that old hackers were fond of or find interests in?
a. Breaking Other's system
b. Voracious thirst for knowledge
c. Cracking Phone calls
d. Learning new languages

Answer- Voracious thirst for knowledge

Que - In which year the first popular hacker conference took place?
a. 1994
b. 1995
c. 1993
d. 1992

Answer- 1993

Que - What is the name of the first hacker's conference?
a. DEFCON
b. OSCON
c. DEVCON
d. SECCON

Answer- DEFCON

Que - _______ is the oldest phone hacking techniques used by hackers to make free calls
a. Phishing
b. Spamming
c. Phreaking
d. Cracking

Answer- Phreaking

Que - In which year, first practical technology hacking came into origin?
a. 1878
b. 1890
c. 1895
d. 1876

Answer- 1878

Que - In which year, hacking became a practical crime and a matter of concern in the field of technology?
a. 1971
b. 1973
c. 1970
d. 1974

Answer- 1970

Que - Who was the first individual who performed a major hacking in the year 1971?
a. Steve Wozniak
b. Steve Jobs
c. Kevin Mitnick
d. John Draper

Answer- John Draper

Que - Name the hacker who breaks the ARPANET systems?
a. Jon von Neumann
b. Kevin Poulsen
c. Kevin Mitnick
d. John Draper

Answer- Kevin Poulsen

Que - Who coined the term "cyberspace"?
a. Andrew Tannenbaum
b. Scott Fahlman
c. William Gibson
d. Richard Stallman

Answer- William Gibson

Que - In which year computer scientists try to integrate encryption technique in TCP/IP protocol?
a. 1978
b. 1980
c. 1982
d. 1984

Answer- 1978

Que - In which year the Computer Fraud & Abuse Act was adopted in the United States?
a. 1983
b. 1984
c. 1987
d. 1988

Answer- 1984

Que - Who was the first individual to distribute computer worms through internet?
a. Vladimir Levin
b. Bill Landreth
c. Richard Stallman
d. Robert T. Morris

Answer- Robert T. Morris

Que - _____ is a powerful encryption tool released by Philip Zimmerman in the year 1991.
a. PGP (Protected Good Privacy)
b. AES (Advanced Encryption Standard)
c. PGP (Pretty Good Privacy)
d. DES (Data Encryption Standard)

Answer- PGP (Pretty Good Privacy)

Que - Hackers who help in finding bugs and vulnerabilities in a system & don't intend to crack a system are termed as ________
a. Black Hat hackers
b. White Hat Hackers
c. Grey Hat Hackers
d. Red Hat Hackers

Answer- White Hat Hackers

Que - Which is the legal form of hacking based on which jobs are provided in IT industries and firms?
a. Cracking
b. Non ethical Hacking
c. Ethical hacking
d. Hactivism

Answer- Ethical hacking

Que - They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes. Who are "they" referred to here?
a. Gray Hat Hackers
b. White Hat Hackers
c. Hactivists
d. Black Hat Hackers

Answer- Black Hat Hackers

Que - ________ are the combination of both white as well as black hat hackers.
a. Grey Hat hackers
b. Green Hat hackers
c. Blue Hat Hackers
d. Red Hat Hackers

Answer- Grey Hat hackers

Que - The amateur or newbie in the field of hacking who don't have many skills about coding and in-depth working of security and hacking tools are called ________
a. Sponsored Hackers
b. Hactivists
c. Script Kiddies
d. Whistle Blowers

Answer- Script Kiddies

Que - Suicide Hackers are those _________
a. who break a system for some specific purpose with or without keeping in mind that they may suffer long term imprisonment due to their malicious activity
b. individuals with no knowledge of codes but an expert in using hacking tools
c. who know the consequences of their hacking activities and hence try to prevent them by erasing their digital footprints
d. who are employed in an organization to do malicious activities on other firms

Answer- who break a system for some specific purpose with or without keeping in mind that they may suffer long term imprisonment due to their malicious activity

Que - Criminal minded individuals who work for terrorist organizations and steal information of nations and other secret intelligence are _________
a. State sponsored hackers
b. Blue Hat Hackers
c. Cyber Terrorists
d. Red Hat Hackers

Answer- Cyber Terrorists

Que - One who disclose information to public of a company, organization, firm, government and private agency and he/she is the member or employee of that organization; such individuals are termed as ___________
a. Sponsored hackers
b. Crackers
c. Hactivist
d. Whistleblowers

Answer- Whistleblowers

Que - These types of hackers are the most skilled hackers in the hackers' community. Who are "they" referred to?
a. White hat Hackers
b. Elite Hackers
c. Licensed Penetration Testers
d. Red Hat Hackers

Answer- Elite Hackers

Que - _________ are those individuals who maintain and handles IT security in any firm or organization.
a. IT Security Engineer
b. Cyber Security Interns
c. Software Security Specialist
d. Security Auditor

Answer- IT Security Engineer

Que - Role of security auditor is to ____________
a. secure the network
b. probe for safety and security of organization's security components and systems
c. detects and prevents cyber attacks and threats to organization
d. does penetration testing on different web applications

Answer- probe for safety and security of organization's security components and systems

Que - ________ are senior level corporate employees who have the role and responsibilities of creating and designing secured network or security structures.
a. Ethical Hackers
b. Chief Technical Officer
c. IT Security Engineers
d. Security Architect

Answer- Security Architect

Que - __________ security consultants uses database security monitoring & scanning tools to maintain security to different data residing in the database / servers / cloud.
a. Database
b. Network
c. System
d. Hardware

Answer- Database

Que - Governments hired some highly skilled hackers. These types of hackers are termed as _______
a. Special Hackers
b. Government Hackers
c. Cyber Intelligence Agents
d. Nation / State sponsored hackers

Answer- Nation / State sponsored hackers

Que - Someone (from outside) who tests security issues for bugs before launching a system or application, and who is not a part of that organization or company are ______
a. Black Hat hacker
b. External penetration tester
c. Blue Hat hacker
d. White Hat Hacker

Answer- Blue Hat hacker

Que - The full form of Malware is ________
a. Malfunctioned Software
b. Multipurpose Software
c. Malicious Software
d. Malfunctioning of Security

Answer- Malicious Software

Que - Who deploy Malwares to a system or network?
a. Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
b. Criminal organizations, White hat hackers, malware developers, cyber-terrorists
c. Criminal organizations, Black hat hackers, software developers, cyber-terrorists
d. Criminal organizations, gray hat hackers, Malware developers, Penetration testers

Answer- Criminal organizations, Black hat hackers, malware developers, cyber-terrorists

Que - _____________ is a code injecting method used for attacking the database of a system / website.
a. HTML injection
b. SQL Injection
c. Malicious code injection
d. XML Injection

Answer- SQL Injection

Que - XSS is abbreviated as __________
a. Extreme Secure Scripting
b. Cross Site Security
c. X Site Scripting
d. Cross Site Scripting

Answer- Cross Site Scripting

Que - This attack can be deployed by infusing a malicious code in a website's comment section. What is "this" attack referred to here?
a. SQL injection
b. HTML Injection
c. Cross Site Scripting (XSS)
d. Cross Site Request Forgery (XSRF)

Answer- Cross Site Scripting (XSS)

Que - When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
a. Database crash attack
b. DoS (Denial of Service) attack
c. Data overflow Attack
d. Buffer Overflow attack

Answer- Buffer Overflow attack

Que - Compromising a user's session for exploiting the user's data and do malicious activities or misuse user's credentials is called ___________
a. Session Hijacking
b. Session Fixation
c. Cookie stuffing
d. Session Spying

Answer- Session Hijacking

Que - Which of this is an example of physical hacking?
a. Remote Unauthorised access
b. Inserting malware loaded USB to a system
c. SQL Injection on SQL vulnerable site
d. DDoS (Distributed Denial of Service) attack

Answer- Inserting malware loaded USB to a system

Que - Which of them is not a wireless attack?
a. Eavesdropping
b. MAC Spoofing
c. Wireless Hijacking
d. Phishing

Answer- Phishing

Que - An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
a. Cyber-crime
b. Cyber Attack
c. System hijacking
d. Digital crime

Answer- Cyber Attack

Que - Which method of hacking will record all your keystrokes?
a. Keyhijacking
b. Keyjacking
c. Keylogging
d. Keyboard monitoring

Answer- Keylogging

Que - _________ are the special type of programs used for recording and tracking user's keystroke.
a. Keylogger
b. Trojans
c. Virus
d. Worms

Answer- Keylogger

Que - These are a collective term for malicious spying programs used for secretly monitoring someone's activity and actions over a digital medium.
a. Malware
b. Remote Access Trojans
c. Keyloggers
d. Spyware

Answer- Spyware

Que - Stuxnet is a _________
a. Worm
b. Virus
c. Trojan
d. Antivirus

Answer- Worm

Que - ___________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise harms anyone in order to accomplish political gain.
a. Cyber-warfare
b. Cyber campaign
c. Cyber-terrorism
d. Cyber attack

Answer- Cyber-terrorism

Que - In general how many key elements constitute the entire security structure?
a. 1
b. 2
c. 3
d. 4

Answer- 4

Que - According to the CIA Triad, which of the below-mentioned element is not considered in the triad?
a. Confidentiality
b. Integrity
c. Authenticity
d. Availability

Answer- Authenticity

Que - This is the model designed for guiding the policies of Information security within a company, firm or organization. What is "this" referred to here?
a. Confidentiality
b. Non-repudiation
c. CIA Triad
d. Authenticity

Answer- CIA Triad

Que - CIA triad is also known as ________
a. NIC (Non-repudiation, Integrity, Confidentiality)
b. AIC (Availability, Integrity, Confidentiality)
c. AIN (Availability, Integrity, Non-repudiation)
d. AIC (Authenticity, Integrity, Confidentiality)

Answer- AIC (Availability, Integrity, Confidentiality)

Que - When you use the word _____  it means you are protecting your data from getting disclosed.
a. Confidentiality
b. Integrity
c. Authentication
d. Availability

Answer- Confidentiality

Que - ______ means the protection of data from modification by unknown users.
a. Confidentiality
b. Integrity
c. Authentication
d. Non-repudiation

Answer- Integrity

Que - When integrity is lacking in a security system, _________ occurs.
a. Database hacking
b. Data deletion
c. Data tampering
d. Data leakage

Answer- Data tampering

Que - _______ of information means, only authorised users are capable of accessing the information.
a. Confidentiality
b. Integrity
c. Non-repudiation
d. Availability

Answer- Availability

Que - Why these 4 elements (confidentiality, integrity, authenticity & availability) are considered fundamental?
a. They help understanding hacking better
b. They are key elements to a security breach
c. They help understands security and its components better
d. They help to understand the cyber-crime better

Answer- They help understands security and its components better

Que - This helps in identifying the origin of information and authentic user. This referred to here as __________
a. Confidentiality
b. Integrity
c. Authenticity
d. Availability

Answer- Authenticity

Que - Data ___________ is used to ensure confidentiality.
a. Encryption
b. Locking
c. Deleting
d. Backup

Answer- Encryption

Que - Which of these is not a proper method of maintaining confidentiality?
a. Biometric verification
b. ID and password based verification
c. 2-factor authentication
d. switching off the phone

Answer- switching off the phone

Que - Data integrity gets compromised when _____ and  _____ are taken control off.
a. Access control, file deletion
b. Network, file permission
c. Access control, file permission
d. Network, system

Answer- Access control, file permission

Que - ______ is the latest technology that faces an extra challenge because of CIA paradigm.
a. Big data
b. Database systems
c. Cloud storages
d. Smart dust

Answer- Big data

Que - One common way to maintain data availability is __________
a. Data clustering
b. Data backup
c. Data recovery
d. Data Altering

Answer- Data backup

Que - _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction.
a. Network Security
b. Database Security
c. Information Security
d. Physical Security

Answer- Information Security

Que - From the options below, which of them is not a threat to information security?
a. Disaster
b. Eavesdropping
c. Information leakage
d. Unchanged default password

Answer- Unchanged default password

Que - From the options below, which of them is not a vulnerability to information security?
a. flood
b. without deleting data, disposal of storage media
c. unchanged default password
d. latest patches and updates not done

Answer- flood

Que - _____ platforms are used for safety and protection of information in the cloud.
a. Cloud workload protection platforms
b. Cloud security protocols
c. AWS
d. One Drive

Answer- Cloud workload protection platforms

Que - Which of the following information security technology is used for avoiding browser-based hacking?
a. Anti-malware in browsers
b. Remote browser access
c. Adware remover in browsers
d. Incognito mode in a browser

Answer- Remote browser access

Que - The full form of EDR is _______
a. Endpoint Detection and recovery
b. Early detection and response
c. Endpoint Detection and response
d. Endless Detection and Recovery

Answer- Endpoint Detection and response

Que - _______ technology is used for analyzing and monitoring traffic in network and information flow.
a. Cloud access security brokers (CASBs)
b. Managed detection and response (MDR)
c. Network Security Firewall
d. Network traffic analysis (NTA)

Answer- Network traffic analysis (NTA)

Que - Compromising confidential information comes under _________
a. Bug
b. Threat
c. Vulnerability
d. Attack

Answer- Threat

Que - Lack of access control policy is a _____________
a. Bug
b. Threat
c. Vulnerability
d. Attack

Answer- Vulnerability

Que - Possible threat to any information cannot be ________________
a. reduced
b. transferred
c. protected
d. ignored

Answer- ignored

Que - How many basic processes or steps are there in ethical hacking?
a. 4
b. 5
c. 6
d. 7

Answer- 6

Que - ____________ is the information gathering phase in ethical hacking from the target user.
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining access

Answer- Reconnaissance

Que - Which of the following is not a reconnaissance tool or technique for information gathering?
a. Hping
b. NMAP
c. Google Dorks
d. Nexpose

Answer- Nexpose

Que - There are ______ subtypes of reconnaissance.
a. 2
b. 3
c. 4
d. 5

Answer- 2

Que - Which of the following is an example of active reconnaissance?
a. Searching public records
b. Telephone calls as a help desk or fake customer care person
c. Looking for the target's details in the database
d. Searching the target's details in paper files

Answer- Telephone calls as a help desk or fake customer care person

Que - Which of the following is an example of passive reconnaissance?
a. Telephonic calls to target victim
b. Attacker as a fake person for Help Desk support
c. Talk to the target user in person
d. Search about target records in online people database

Answer- Search about target records in online people database

Que - ________ phase in ethical hacking is known as the pre-attack phase.
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining access

Answer- Scanning

Que - While looking for a single entry point where penetration testers can test the vulnerability, they use ______ phase of ethical hacking.
a. Reconnaissance
b. Scanning
c. Gaining access
d. Maintaining access

Answer- Scanning

Que - Which of them do not comes under scanning methodologies?
a. Vulnerability scanning
b. Sweeping
c. Port Scanning
d. Google Dorks

Answer- Google Dorks

Que - Which of them is not a scanning tool?
a. NMAP
b. Nexpose
c. Maltego
d. Nessus

Answer- Maltego

Que - Which of the following comes after scanning phase in ethical hacking?
a. Scanning
b. Maintaining access
c. Reconnaissance
d. Gaining access

Answer- Gaining access

Que - In __________ phase the hacker exploits the network or system vulnerabilities.
a. Scanning
b. Maintaining access
c. Reconnaissance
d. Gaining access

Answer- Gaining access

Que - Which of the following is not done in gaining access phase?
a. Tunnelling
b. Buffer overflow
c. Session hijacking
d. Password cracking

Answer- Tunnelling

Que - Which of the below-mentioned penetration testing tool is popularly used in gaining access phase?
a. Maltego
b. NMAP
c. Metasploit
d. Nessus

Answer- Metasploit

Que - A _________ can gain access illegally to a system if the system is not properly tested in scanning and gaining access phase.
a. security officer
b. malicious hacker
c. security auditor
d. network analyst

Answer- malicious hacker

Que - In which phase, the hackers install backdoors so that his/her ownership with the victim's system can be retained later?
a. Scanning
b. Maintaining access
c. Maintaining Access
d. Gaining access

Answer- Maintaining Access

Que - _______ is the tool used for this purpose.
a. Powersploit
b. Aircrack-ng
c. Snort
d. Nmap

Answer- Powersploit

Que - Which of the following hacking tools and techniques hackers' do not use for maintaining access in a system?
a. Rootkits
b. Backdoors
c. Trojans
d. Wireshark

Answer- Wireshark

Que - In _______ phase, the hackers try to hide their footprints.
a. Scanning
b. Tracks clearing
c. Reconnaissance
d. Gaining access

Answer- Tracks clearing

Que - Which of them is not a track clearing technique?
a. Altering log files
b. Tunnelling
c. Port Scanning
d. Footprint removing

Answer- Port Scanning

Que - __________ is the last phase of ethical hacking process.
a. Scanning
b. Tracks clearing
c. Reconnaissance
d. Reporting

Answer- Reporting

Que - Which of the following is not a footprint-scanning tool?
a. SuperScan
b. TcpView
c. Maltego
d. OWASP Zed

Answer- Maltego

Que - ___________ is a special form of attack using which hackers' exploit - human psychology.
a. Cross Site Scripting
b. Insecure network
c. Social Engineering
d. Reverse Engineering

Answer- Social Engineering

Que - Which of the following do not comes under Social Engineering?
a. Tailgating
b. Phishing
c. Pretexting
d. Spamming

Answer- Spamming

Que - _________ involves scams where an individual (usually an attacker) lie to a person (the target victim) to acquire privilege data.
a. Phishing
b. Pretexting
c. Spamming
d. Vishing

Answer- Pretexting

Que - Which of the following is the technique used to look for information in trash or around dustbin container?
a. Pretexting
b. Baiting
c. Quid Pro Quo
d. Dumpster diving

Answer- Dumpster diving

Que - Which of the following is not an example of social engineering?
a. Dumpster diving
b. Shoulder surfing
c. Carding
d. Spear phishing

Answer- Carding

Que - In a phishing, attackers target the ________ technology to so social engineering.
a. Emails
b. WI-FI network
c. Operating systems
d. Surveillance camera

Answer- Emails

Que - Tailgating is also termed as ___________
a. Piggybacking
b. Pretexting
c. Phishing
d. Baiting

Answer- Piggybacking

Que - Physical hacking is not at all possible in hospitals, banks, private firms, and non-profit organizations.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Stealing pen drives and DVDs after tailgating is an example of lack of _______ security.
a. network security
b. physical security
c. database security
d. wireless security

Answer- physical security

Que - ________ is the ability of an individual to gain physical access to an authorized area.
a. Network accessing
b. Database accessing
c. Remote accessing
d. Physical accessing

Answer- Physical accessing

Que - Which of the following is not considering the adequate measure for physical security?
a. Lock the drawers
b. Keep strong passwords for corporate laptops and mobile phones
c. Keep confidential organization's document file open in the desk
d. Hide your hand against camera while inserting the PIN code

Answer- Keep confidential organization's document file open in the desk

Que - Which of the following is not a physical security measure to protect against physical hacking?
a. Add front desk & restrict unknown access to the back room
b. Create a phishing policy
c. Analyze how employees maintain their physical data and data storage peripheral devices
d. Updating the patches in the software you're working at your office laptop.

Answer- Updating the patches in the software you're working at your office laptop.

Que - IT security department must periodically check for security logs and entries made during office hours.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of them is not an example of physical hacking?
a. Walk-in using piggybacking
b. Sneak-in
c. Break-in and steal
d. Phishing

Answer- Phishing

Que - Physical _________ is important to check & test for possible physical breaches.
a. penetration test
b. security check
c. hacking
d. access

Answer- penetration test

Que - ___________ ensures the integrity and security of data that are passing over a network.
a. Firewall
b. Antivirus
c. Pentesting Tools
d. Network-security protocols

Answer- Network-security protocols

Que - Which of the following is not a strong security protocol?
a. HTTPS
b. SSL
c. SMTP
d. SFTP

Answer- SMTP

Que - Which of the following is not a secured mail transferring methodology?
a. POP3
b. SSMTP
c. Mail using PGP
d. S/MIME

Answer- POP3

Que - __________ is a set of conventions & rules set for communicating two or more devices residing in the same network?
a. Security policies
b. Protocols
c. Wireless network
d. Network algorithms

Answer- Protocols

Que - TSL (Transport Layer Security) is a cryptographic protocol used for securing HTTP/HTTPS based connection.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - HTTPS is abbreviated as _________
a. Hypertexts Transfer Protocol Secured
b. Secured Hyper Text Transfer Protocol
c. Hyperlinked Text Transfer Protocol Secured
d. Hyper Text Transfer Protocol Secure

Answer- Hyper Text Transfer Protocol Secure

Que - SSL primarily focuses on _______
a. integrity and authenticity
b. integrity and non-repudiation
c. authenticity and privacy
d. confidentiality and integrity

Answer- integrity and authenticity

Que - In SSL, what is used for authenticating a message?
a. MAC (Message Access Code)
b. MAC (Message Authentication Code)
c. MAC (Machine Authentication Code)
d. MAC (Machine Access Code)

Answer- MAC (Message Authentication Code)

Que - __________ is used for encrypting data at network level.
a. IPSec
b. HTTPS
c. SMTP
d. S/MIME

Answer- IPSec

Que - S/MIME is abbreviated as __________________
a. Secure/Multimedia Internet Mailing Extensions
b. Secure/Multipurpose Internet Mailing Extensions
c. Secure/Multimedia Internet Mail Extensions
d. Secure/Multipurpose Internet Mail Extensions

Answer- Secure/Multipurpose Internet Mail Extensions

Que - Users are able to see a pad-lock icon in the address bar of the browser when there is _______ connection.
a. HTTP
b. HTTPS
c. SMTP
d. SFTP

Answer- HTTPS

Que - Why did SSL certificate require in HTTP?
a. For making security weak
b. For making information move faster
c. For encrypted data sent over HTTP protocol
d. For sending and receiving emails unencrypted

Answer- For encrypted data sent over HTTP protocol

Que - SFTP is abbreviated as ________
a. Secure File Transfer Protocol
b. Secured File Transfer Protocol
c. Secure Folder Transfer Protocol
d. Secure File Transferring Protocol

Answer- Secure File Transfer Protocol

Que - PCT is abbreviated as ________
a. Private Connecting Technology
b. Personal Communication Technology
c. Private Communication Technique
d. Private Communication Technology

Answer- Private Communication Technology

Que - Authentication in PCT requires _____ keys.
a. 1
b. 2
c. 3
d. 4

Answer- 2

Que - The latest version of TLS is _____
a. version 1.1
b. version 1.2
c. version 2.1
d. version 1.3

Answer- version 1.2

Que - SIP is abbreviated as __________
a. Session Initiation Protocol
b. Secured Initiation Protocol
c. Secure Initiation Protocol
d. Session Integration Protocol

Answer- Session Initiation Protocol

Que - In which of the following cases Session Initiation Protocol is not used?
a. Instant Messaging
b. Voice over LTE (VoLTE)
c. Internet telephony
d. Data Transferring

Answer- Data Transferring

Que - SRTP is abbreviated as ________
a. Secure Relay Transport Protocol
b. Secure Real-time Transferring Protocol
c. Secure Real-time Transport Protocol
d. Secure Real-time Transportation Protocol

Answer- Secure Real-time Transport Protocol

Que - ESP is abbreviated as ____________
a. Encapsulating Security Payload
b. Encapsulating Secure Protocol
c. Encrypted Secure Payload
d. Encapsulating Secure Payload

Answer- Encapsulating Secure Payload

Que - ________ is the entity for issuing digital certificates.
a. Certificate Authority (CA)
b. Cert Authority (CA)
c. Cert Authorization (CA)
d. Certificate Authorization (CA)

Answer- Certificate Authority (CA)

Que - IKE is abbreviated as Internet Key Exchange.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ________ is any action that might compromise cyber-security.
a. Threat
b. Vulnerability
c. Exploit
d. Attack

Answer- Threat

Que - Existence of weakness in a system or network is called _______
a. Threat
b. Vulnerability
c. Exploit
d. Attack

Answer- Vulnerability

Que - When any IT product, system or network is in need for testing for security reasons, then the term used is called _________
a. Threat
b. Vulnerability
c. Target of Evaluation
d. Attack

Answer- Target of Evaluation

Que - An/A ________ is an act that violates cyber-security.
a. Threat
b. Vulnerability
c. Exploit
d. Attack

Answer- Attack

Que - ________ is a way to breach the security by using the vulnerability of that system.
a. Threat
b. Vulnerability
c. Exploit
d. Attack

Answer- Exploit

Que - _________ is an act of hacking by the means of which a political or social message is conveyed.
a. Hacktivism
b. Whistle-blowing
c. Surveillance
d. Pseudonymization

Answer- Hacktivism

Que - _______ is the method of developing or creating a structurally similar yet unauthentic and illegitimate data of any firm or company.
a. Data copying
b. Data masking
c. Data breaching
d. Data duplicating

Answer- Data masking

Que - Data masking is also known as _________
a. Data obfuscation
b. Data copying
c. Data breaching
d. Data duplicating

Answer- Data obfuscation

Que - ________ automates an action or attack so that repetitive tasks are done at a faster rate.
a. Auto-bots
b. Cookie-bots
c. Robots
d. Bots

Answer- Bots

Que - Backdoors are also known as ____________
a. Trap doors
b. Front doors
c. Cover doors
d. Back entry

Answer- Trap doors

Que - Adware are pre-chosen _______ developed to display ads.
a. banner
b. software
c. malware
d. shareware

Answer- software

Que - ________ is an attack technique occurs when excess data gets written to a memory block.
a. Over buffering
b. Buffering
c. Buffer overflow
d. Memory full

Answer- Buffer overflow

Que - Finding & publishing any user's identity with the help of different personal details is called ________
a. Doxing
b. Data breaching
c. Personal data copying
d. Secure File Transferring Protocol

Answer- Doxing

Que - In IP address, IP is abbreviated as __________
a. Internet Program
b. Internet Protocol
c. Intuition Programs
d. Internet Pathway

Answer- Internet Protocol

Que - Whaling is the technique used to take deep and _________ information about any individual.
a. sensitive
b. powerful
c. useless
d. casual

Answer- sensitive

Que - _________ are a specific section of any virus or malware that performs illicit activities in a system.
a. Malicious programs
b. Worms
c. Spyware
d. Payload

Answer- Payload

Que - ____________ is a scenario when information is accessed without authorization.
a. Data infiltration
b. Data Hack
c. Information compromise
d. Data Breach

Answer- Data Breach

Que - ____________ is an attempt to steal, spy, damage or destroy computer systems, networks or their associated information.
a. Cyber-security
b. Cyber attack
c. Digital hacking
d. Computer security

Answer- Cyber attack

Que - ___________ is a device which secretly collects data from credit / debit cards.
a. Card Skimmer
b. Data Stealer
c. Card Copier
d. Card cloner

Answer- Card Skimmer

Que - _____________ is a technique used when artificial clicks are made which increases revenue because of pay-per-click.
a. Clickjacking
b. Clickfraud
c. Keylogging
d. Click-hacking

Answer- Clickfraud

Que - __________ is the practice implemented to spy someone using technology for gathering sensitive information.
a. Cyber espionage
b. Cyber-spy
c. Digital Spying
d. Spyware

Answer- Cyber espionage

Que - ____________ is the way or technique through which majority of the malware gets installed in our system.
a. Drive-by click
b. Drive-by redirection
c. Drive-by download
d. Drive-by injecting USB devices

Answer- Drive-by download

Que - ______ is the term used for toolkits that are purchased and used for targeting different exploits.
a. Exploit bag
b. Exploit set
c. Exploit Toolkit
d. Exploit pack

Answer- Exploit pack

Que - Identity theft is the term used when a cyber-thief uses anybody's personal information to impersonate the victim for their benefit.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _________ is the hacking approach where cyber-criminals design fake websites or pages for tricking or gaining additional traffic.
a. Cyber-replication
b. Mimicking
c. Website-Duplication
d. Pharming

Answer- Cyber-replication

Que - RAM-Scraping is a special kind of malware that looks (scrape) for sensitive data in the hard drive.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - When you book online tickets by swiping your card, the details of the card gets stored in ______
a. database system
b. point-of-sale system
c. servers
d. hard drives

Answer- point-of-sale system

Que - Point-of-sale intrusion does not deal with financial details and credit card information.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - _______ are deadly exploits where the vulnerability is known and found by cyber-criminals but not known and fixed by the owner of that application or company.
a. Unknown attacks
b. Secret attacks
c. Elite exploits
d. Zero-day exploits

Answer- Zero-day exploits

Que - Zero-day exploits are also called __________
a. zero-day attacks
b. hidden attacks
c. un-patched attacks
d. un-fixed exploits

Answer- zero-day attacks

Que - There are ______ major types of ports in computers.
a. 1
b. 2
c. 3
d. 4

Answer- 2

Que - PS2 and DVI are examples of Logical ports.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Physical ports are usually referred to as ___________
a. jacks
b. cables
c. interfaces
d. hardware plugs

Answer- interfaces

Que - ____________ are logical numbers assigned for logical connections.
a. Logical ports
b. Physical ports
c. Networking cables
d. IP address

Answer- Logical ports

Que - Number of logical ports ranges from _____ to _____
a. 0, 255
b. 1, 65535
c. 1, 65536
d. 0, 65536

Answer- 0, 65536

Que - Logical ports are also known as ________________
a. numbered ports
b. virtual numbering
c. virtual ports
d. network protocol ports

Answer- virtual ports

Que - Virtual ports help software in sharing without interference all hardware resources.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ________ needs some control for data flow on each and every logical port.
a. Antivirus
b. Network firewall
c. Intrusion Detection Systems (IDS)
d. Anti-malware

Answer- Network firewall

Que - The logical port is associated with the type of protocol used along with the IP address of the host.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is the port number for FTP data?
a. 20
b. 21
c. 22
d. 23

Answer- 20

Que - Which of the following is the port number for FTP control?
a. 20
b. 21
c. 22
d. 23

Answer- 21

Que - Which of the following is the port number for SSH (Secure Shell)?
a. 20
b. 21
c. 22
d. 23

Answer- 22

Que - Which of the following is the port number for Telnet?
a. 20
b. 21
c. 22
d. 23

Answer- 23

Que - Which of the following is the port number for SMTP service?
a. 29
b. 27
c. 25
d. 23

Answer- 25

Que - Which of the following are the port numbers for IPSec service?
a. 50, 51
b. 49, 50
c. 51, 52
d. 23, 24

Answer- 50, 51

Que - Which of the following are the port numbers for DHCP?
a. 66, 67
b. 67, 68
c. 65, 66
d. 68, 69

Answer- 65, 66

Que - Which of the following is the port number for TFTP service?
a. 69
b. 70
c. 71
d. 72

Answer- 69

Que - Port 80 handles unencrypted web traffic.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Why it is important to know which service is using which port number?
a. For database security
b. For reporting data security to the auditor
c. For understanding which data is going through secured traffic and which is not
d. For checking unused data traffic

Answer- For understanding which data is going through secured traffic and which is not

Que - Which of the following is the port number for SFTP service?
a. 21
b. 22
c. 23
d. 69

Answer- 22

Que - Which of the following is the port number for HTTP?
a. 79
b. 80
c. 81
d. 82

Answer- 80

Que - TACACS+ uses TCP port 49.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is the port number for Kerberos?
a. 87
b. 88
c. 89
d. 86

Answer- 88

Que - Which of the following is the port number for POP3?
a. 110
b. 111
c. 112
d. 113

Answer- 110

Que - Which of the following is the port number for SNMP?
a. 160
b. 161
c. 162
d. 163

Answer- 161

Que - Which of the following is the port number for SNMP - Trap?
a. 160
b. 161
c. 162
d. 163

Answer- 162

Que - Firewalls can be of _______ kinds.
a. 1
b. 2
c. 3
d. 4

Answer- 3

Que - _________________ is the kind of firewall is connected between the device and the network connecting to internet.
a. Hardware Firewall
b. Software Firewall
c. Stateful Inspection Firewall
d. Microsoft Firewall

Answer- Hardware Firewall

Que - _________ is software that is installed using internet connection or they come by-default with operating systems.
a. Hardware Firewall
b. Software Firewall
c. Stateful Inspection Firewall
d. Microsoft Firewall

Answer- Software Firewall

Que - Which of the following is not a software firewall?
a. Windows Firewall
b. Outpost Firewall Pro
c. Endian Firewall
d. Linksys Firewall

Answer- Linksys Firewall

Que - Firewall examines each ____________ that are entering or leaving the internal network.
a. emails users
b. updates
c. connections
d. data packets

Answer- data packets

Que - A firewall protects which of the following attacks?
a. Phishing
b. Dumpster diving
c. Denial of Service (DoS)
d. Shoulder surfing

Answer- Denial of Service (DoS)

Que - There are ______ types of firewall.
a. 5
b. 4
c. 3
d. 2

Answer- 4

Que - Packet filtering firewalls are deployed on ________
a. routers
b. switches
c. hubs
d. repeaters

Answer- routers

Que - In the ______________ layer of OSI model, packet filtering firewalls are implemented.
a. Application layer
b. Session layer
c. Presentation layer
d. Network layer

Answer- Network layer

Que - The __________ defines the packet filtering firewall rules.
a. Access Control List
b. Protocols
c. Policies
d. Ports

Answer- Access Control List

Que - ACL stands for _____________
a. Access Condition List
b. Anti-Control List
c. Access Control Logs
d. Access Control List

Answer- Access Control List

Que - When a packet does not fulfil the ACL criteria, the packet is _________
a. resend
b. dropped
c. destroyed
d. acknowledged as received

Answer- dropped

Que - Network administrators can create their own ACL rules based on _______  ________ and _______
a. Address, Protocols and Packet attributes
b. Address, Protocols and security policies
c. Address, policies and Packet attributes
d. Network topology, Protocols and data packets

Answer- Address, Protocols and Packet attributes

Que - One advantage of Packet Filtering firewall is __________
a. more efficient
b. less complex
c. less costly
d. very fast

Answer- less costly

Que - Packet filtering firewalls work effectively in _________ networks.
a. very simple
b. smaller
c. large
d. very large complex

Answer- smaller

Que - Packet filtering firewalls are vulnerable to __________
a. hardware vulnerabilities
b. MiTM
c. phishing
d. spoofing

Answer- spoofing

Que - Circuit-level gateway firewalls are installed in _______ layer of OSI model.
a. Application layer
b. Session layer
c. Presentation layer
d. Network layer

Answer- Session layer

Que - Which of these comes under the advantage of Circuit-level gateway firewalls?
a. They maintain anonymity and also inexpensive
b. They are light-weight
c. They're expensive yet efficient
d. They preserve IP address privacy yet expensive

Answer- They maintain anonymity and also inexpensive

Que - Which of the following is a disadvantage of Circuit-level gateway firewalls?
a. They're expensive
b. They're complex in architecture
c. They do not filter individual packets
d. They're complex to setup

Answer- They do not filter individual packets

Que - _____________ gateway firewalls are deployed in application-layer of OSI model.
a. Packet Filtering Firewalls
b. Circuit Level Gateway Firewalls
c. Application-level Gateway Firewalls
d. Stateful Multilayer Inspection Firewalls

Answer- Application-level Gateway Firewalls

Que - Application level gateway firewalls protect the network for specific _____________
a. application layer protocol
b. session layer protocol
c. botnet attacks
d. network layer protocol

Answer- application layer protocol

Que - Application level gateway firewalls are also used for configuring cache-servers.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ___________ firewalls are a combination of other three types of firewalls.
a. Packet Filtering
b. Circuit Level Gateway
c. Application-level Gateway
d. Stateful Multilayer Inspection

Answer- Stateful Multilayer Inspection

Que - Stateful Multilayer Inspection firewall cannot perform which of the following?
a. Filter network layer packets
b. Check for legitimate session
c. Scans for illicit data packets at the presentation layer
d. Evaluate packets at application lager

Answer- Scans for illicit data packets at the presentation layer

Que - We can also implement ____________ in Stateful Multilayer Inspection firewall.
a. external programs
b. algorithms
c. policies
d. algorithms and external programs

Answer- algorithms

Que - One advantage of Stateful Multilayer Inspection firewall is __________
a. costlier but easy to understand
b. large to manage
c. complex internal architecture
d. large to manage but efficient

Answer- complex internal architecture

Que - Packet filtering firewalls are also called ____________
a. first generation firewalls
b. second generation firewalls
c. third generation firewalls
d. fourth generation firewalls

Answer- first generation firewalls

Que - Stateful Multilayer firewalls are also called ____________
a. first generation firewalls
b. second generation firewalls
c. third generation firewalls
d. fourth generation firewalls

Answer- second generation firewalls

Que - Application layer firewalls are also called ____________
a. first generation firewalls
b. second generation firewalls
c. third generation firewalls
d. fourth generation firewalls

Answer- third generation firewalls

Que - VPN is abbreviated as __________
a. Visual Private Network
b. Virtual Protocol Network
c. Virtual Private Network
d. Virtual Protocol Networking

Answer- Virtual Private Network

Que - __________ provides an isolated tunnel across a public network for sending and receiving data privately, as if the computing devices were directly connected to the private network.
a. Visual Private Network
b. Virtual Protocol Network
c. Virtual Protocol Networking
d. Virtual Private Network

Answer- Virtual Private Network

Que - Which of the statements are not true to classify VPN systems?
a. Protocols used for tunnelling the traffic
b. Whether VPNs are providing site-to-site or remote access connection
c. Securing the network from bots and malwares
d. Levels of security provided for sending and receiving data privately

Answer- Securing the network from bots and malwares

Que - What types of protocols are used in VPNs?
a. Application level protocols
b. Tunnelling protocols
c. Network protocols
d. Mailing protocols

Answer- Application level protocols

Que - VPNs uses encryption techniques to maintain security and privacy which communicating remotely via public network.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - There are _________ types of VPNs.
a. 3
b. 2
c. 5
d. 4

Answer- 2

Que - Site-to-site VPNs are also known as ________
a. Switch-to-switch VPNs
b. Peer-to-Peer VPNs
c. Point-to-point VPNs
d. Router-to-router VPNs

Answer- Router-to-router VPNs

Que - _________ type of VPNs are used for home private and secure connectivity.
a. Remote access VPNs
b. Site-to-site VPNs
c. Peer-to-Peer VPNs
d. Router-to-router VPNs

Answer- Remote access VPNs

Que - Which types of VPNs are used for corporate connectivity across companies residing in different geographical location?
a. Remote access VPNs
b. Site-to-site VPNs
c. Peer-to-Peer VPNs
d. Country-to-country VPNs

Answer- Site-to-site VPNs

Que - Site-to-Site VPN architecture is also known as _________
a. Remote connection based VPNs
b. Peer-to-Peer VPNs
c. Extranet based VPN
d. Country-to-country VPNs

Answer- Extranet based VPN

Que - There are ________ types of VPN protocols.
a. 3
b. 4
c. 5
d. 6

Answer- 6

Que - For secure connection, Remote access VPNs rely on ___________ and  ____________
a. IPSec, SSL
b. L2TP, SSL
c. IPSec, SSH
d. SSH, SSL

Answer- IPSec, SSL

Que - A ______ can hide a user's browsing activity.
a. Firewall
b. Antivirus
c. Incognito mode
d. VPN

Answer- VPN

Que - __________ masks your IP address.
a. Firewall
b. Antivirus
c. VPN
d. Incognito mode

Answer- VPN

Que - _________ are also used for hides user's physical location.
a. Firewall
b. Antivirus
c. Incognito mode
d. VPN

Answer- VPN

Que - Using VPN, we can access _______________
a. Access sites that are blocked geographically
b. Compromise other's system remotely
c. Hide our personal data in the cloud
d. Encrypts our local drive files while transferring

Answer- Access sites that are blocked geographically

Que - _________ is one of the most secured Linux OS that provides anonymity and incognito option for securing its user data.
a. Fedora
b. Tails
c. Ubuntu
d. OpenSUSE

Answer- Tails

Que - Which of the following OS does not comes under a secured Linux OS list?
a. Qubes OS
b. Tails
c. Tin Hat
d. Ubuntu

Answer- Ubuntu

Que - ____________ is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users' data private.
a. Fedora
b. Ubuntu
c. Whonix
d. Kubuntu

Answer- Whonix

Que - Subgraph OS is a Debian based Linux distro which provides hardcore anonymity and is approved by Edward Snowden.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following comes under secured Linux based OS?
a. Ubuntu
b. Fedora
c. Kubuntu
d. Tails

Answer- Tails

Que - Using the ______ account of a UNIX system, one can carry out administrative functions.
a. root
b. administrative
c. user
d. client

Answer- root

Que - In your Linux-based system, you have to log-in with your root account for managing any feature of your system.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - In a Linux-based system, the accounts may be members of 1 or more than one group.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - MAC is abbreviated as _______________
a. Machine Access Control
b. Mandatory Accounts Control
c. Mandatory Access Controlling
d. Mandatory Access Control

Answer- Mandatory Access Control

Que - _______________  in a system is given so that users can use dedicated parts of the system for which they've been given access to.
a. Machine Access Control
b. Mandatory Accounts Control
c. Mandatory Access Control
d. Mandatory Access Controlling

Answer- Mandatory Access Control

Que - DTE is abbreviated as ___________________
a. Domain and Type Enforcing
b. Domain and Type Enforcement
c. DNS and Type Enforcement
d. DNS and Type Enforcing

Answer- Domain and Type Enforcement

Que - RBAC is abbreviated as ______________
a. Rule-Based Accessing Control
b. Role-Based Access Control
c. Rule-Based Access Control
d. Role-Based Accessing Control

Answer- Role-Based Access Control

Que - A __________ is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers.
a. stack
b. queue
c. external storage
d. buffer

Answer- buffer

Que - In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
a. Phishing
b. MiTM
c. Buffer-overflow
d. Clickjacking

Answer- Buffer-overflow

Que - How many types of buffer-overflow attack are there?
a. 4
b. 2
c. 5
d. 3

Answer- 2

Que - Let suppose a search box of an application can take at most 200 words, and you've inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________
a. buffer
b. external storage
c. processing power
d. local storage

Answer- buffer

Que - ______________ is a widespread app's coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
a. Memory leakage
b. Buffer-overrun
c. Less processing power
d. Inefficient programming

Answer- Buffer-overrun

Que - Buffer-overflow is also known as ______________
a. buffer-overrun
b. buffer-leak
c. memory leakage
d. data overflow

Answer- buffer-overrun

Que - Buffer-overflow may remain as a bug in apps if __________ are not done fully.
a. boundary hacks
b. memory checks
c. boundary checks
d. buffer checks

Answer- boundary checks

Que - Applications developed by programming languages like ____ and  ______ have this common buffer-overflow error.
a. C, Ruby
b. Python, Ruby
c. C, C++
d. Tcl, C

Answer- C, C++

Que - Why apps developed in languages like C, C++ is prone to Buffer-overflow?
a. No string boundary checks in predefined functions
b. No storage check in the external memory
c. No processing power check
d. No database check

Answer- No string boundary checks in predefined functions

Que - Old operating systems like _______ and NT-based systems have buffer-overflow attack a common vulnerability.
a. Windows 7
b. Chrome
c. IOS12
d. UNIX

Answer- UNIX

Que - Buffer-overflow attack can take place if a machine can execute a code that resides in the data/stack segment.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Among the two types ____________buffer-overflow is complex to execute and the least common attack that may take place.
a. memory-based
b. queue-based
c. stack-based
d. heap-based

Answer- heap-based

Que - _____________ buffer overflows, which are more common among attackers.
a. Memory-based
b.
Queue-based
c. Stack-based
d. Heap-based

Answer- Stack-based

Que - With the lack of boundary check, the program ends abnormally and leads to ___________ error.
a. logical
b. segmentation
c. compile-time
d. syntax

Answer- segmentation

Que - In an application that uses heap, the memory for data is allocated ____________
a. logical
b. dynamically
c. statically
d. at the beginning of the program

Answer- dynamically

Que - In an application that uses stack, the memory for data is allocated ____________
a. logical
b. dynamically
c. statically
d. at the end of the program

Answer- statically

Que - Malicious code can be pushed into the _________ during ______________ attack.
a. stack, buffer-overflow
b. queue, buffer-overflow
c. memory-card, buffer-overflow
d. external drive, buffer-overflow

Answer- stack, buffer-overflow

Que - Variables that gets created dynamically when a function (such as malloc()) is called is created in the form of _______ data-structure.
a. array
b. queue
c. stack
d. heap

Answer- heap

Que - How many primary ways are there for detecting buffer-overflow?
a. 6
b. 3
c. 2
d. 5

Answer- 2

Que - Testing for buffer-overflow in a system can be done manually and has two possible ways.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Attackers commonly target ____________ for fetching IP address of a target or victim user.
a. websites
b. web pages
c. ip tracker
d. emails

Answer- websites

Que - Developing a fake or less useful website and is meant to just fetch the IP address is very easily done by attackers.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - What common web scripting languages are used by attackers to fetch various details from its surfing users?
a. Tcl and C
b. C++ and HTML
c. HTML and Python
d. Perl and JavaScript

Answer- Perl and JavaScript

Que - ______________ is the first phase of ethical hacking.
a. DNS poisoning
b. Footprinting
c. ARP-poisoning
d. Enumeration

Answer- Enumeration

Que - Enumeration is done to gain information. Which of the following cannot be achieved using enumeration?
a. IP Tables
b. SNMP data, if not secured appropriately
c. Private chats
d. List of username and password policies

Answer- Private chats

Que - Enumeration does not depend on which of the following services?
a. DNS enumeration
b. SNMP enumeration
c. NTP enumeration
d. HTTPS enumeration

Answer- HTTPS enumeration

Que - __________ suite is used for NTP enumeration.
a. DNS
b. NTP
c. HTTP
d. SNMP

Answer- NTP

Que - enum4linux is used to enumerate _______________
a. Linux systems
b. Windows systems
c. Chrome systems
d. Mac systems

Answer- Linux systems

Que - ___________ is used that tries for guessing the usernames by using SMTP service.
a. smtp-user-enum
b. smtp-enum
c. snmp-enum
d. snmp-user-enum

Answer- smtp-user-enum

Que - To stop your system from getting enumerated, you have to disable all services.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Even our emails contain the IP address of the sender which helps in the enumeration. We can get this IP from ___________ from within the email.
a. forward' option
b. show original' option
c. Show full email'
d. View Original' option

Answer- show original' option

Que - __________________is a computing action used in which usernames & info about user-groups, shares as well as services of networked computers can be regained.
a. Hardware enumeration
b. System enumeration
c. Network enumeration
d. Cloud enumeration

Answer- Network enumeration

Que - Network enumeration is the finding of __________ or devices on a network.
a. hosts
b. servers
c. network connection
d. cloud storage

Answer- hosts

Que - A _______________ is a computer program implemented for recovering usernames & info on groups, shares as well as services of networked computers.
a. hardware enumerator
b. software enumerator
c. network enumerator
d. cloud enumerator

Answer- network enumerator

Que - Network enumerator is also known as ________________
a. hardware scanner
b. software enumerator
c. program enumerator
d. network scanner

Answer- network scanner

Que - An ethical hacker must need to have the skills of understanding the problem, networking knowledge and to know how the technology works.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _________ persistence and up-to-date with the latest technological updates and their flaws are some of the major qualities; an ethical hacker must need to have.
a. Lack of understanding
b. Weak programming skills
c. High patience
d. Low perseverance

Answer- High patience

Que - ________________ enables a hacker to open a piece of program or application and re-build it with further features & capabilities.
a. Social engineering
b. Reverse engineering
c. Planting malware
d. Injecting code

Answer- Reverse engineering

Que - Which of the following do not comes under the intangible skills of hackers?
a. Creative thinking
b. Problem-solving capability
c. Persistence
d. Smart attacking potential

Answer- Smart attacking potential

Que - Why programming language is important for ethical hackers and security professionals?
a. Only to write malware
b. For solving problems and building tool and programs
c. To teach programming
d. To develop programs to harm others

Answer- For solving problems and building tool and programs

Que - Understanding of ___________ is also important for gaining access to a system through networks.
a. os
b. email-servers
c. networking
d. hardware

Answer- networking

Que - For hacking a database or accessing and manipulating data which of the following language the hacker must know?
a. SQL
b. HTML
c. Tcl
d. F

Answer- SQL

Que - Information Gathering about the system or the person or about organization or network is not important.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - ________________ is an ethical hacking technique used for determining what operating system (OS) is running on a remote computer.
a. Footprinting
b. Cyber-printing
c. OS fingerprinting
d. OS penetration testing

Answer- OS fingerprinting

Que - How many types of fingerprinting are there in ethical hacking?
a. 5
b. 4
c. 3
d. 2

Answer- 2

Que - _______________________ is gained if you send especially skilled packets to a target machine.
a. Active fingerprinting
b. Passive fingerprinting
c. OS fingerprinting
d. Network fingerprinting

Answer- Active fingerprinting

Que - _______________________ is based on sniffer traces from the remote system.
a. Active fingerprinting
b. Passive fingerprinting
c. OS fingerprinting
d. Network fingerprinting

Answer- Passive fingerprinting

Que - How many basic elements are there for OS fingerprinting?
a. 2
b. 3
c. 4
d. 5

Answer- 4

Que - Which of the following do not comes under the important element of OS fingerprinting?
a. TTL
b. TOS
c. DF bits
d. Firewall

Answer- Firewall

Que - By analyzing the factors like TTL, DF bits, Window Size and TOS of a packet, an ethical hacker may verify the operating system remotely.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ______________ is a common tool used for doing OS fingerprinting.
a. Hping
b. Wireshark
c. Nmap
d. Nessus

Answer- Nmap

Que - To secure your system from such type of attack, you have to hide your system behind any VPN or proxy server.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - A _____________ is a network scanning practice through which hackers can use to conclude to a point which IP address from a list of IP addresses is mapping to live hosts.
a. ping-based hacking
b. ping sweep
c. ping-range
d. pinging

Answer- ping sweep

Que - Ping sweep is also known as ________________
a. ICMP sweep
b. SNMP sweep
c. SGNP sweep
d. SICMP sweep

Answer- ICMP sweep

Que - The _____________ command is used on Linux for getting the DNS and host-related information.
a. dnslookup
b. lookup
c. nslookup
d. infolookup

Answer- nslookup

Que - ___________________ is the method used to locate all the DNS-servers and their associated records for an organization.
a. DNS enumeration
b. DNS hacking
c. DNS cracking
d. DNS server hacking

Answer- DNS enumeration

Que - Which of the following operations DNSenum cannot perform?
a. Perform reverse lookups
b. Get the host's addresses
c. Get extra names and sub-domains through Google scraping
d. Get the admin password

Answer- Get the admin password

Que - The configuration of DNS needs to be done in a secure way.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ________________ are piece of programs or scripts that allow hackers to take control over any system.
a. Exploits
b. Antivirus
c. Firewall by-passers
d. Worms

Answer- Exploits

Que - The process of finding vulnerabilities and exploiting them using exploitable scripts or programs are known as _____________
a. infiltrating
b. exploitation
c. cracking
d. hacking

Answer- exploitation

Que - Which of them is not a powerful vulnerability detecting tool?
a. Nessus
b. Nexpose
c. Metasploit
d. Nmap

Answer- Nmap

Que - __________ is the specific search engine for exploits where anyone can find all the exploits associated to vulnerability.
a. Google
b. Bing
c. Exploit-db
d. Exploit-engine

Answer- Exploit-db

Que - Which of the following are not a vulnerability-listed site/database?
a. Exploit-db
b. Common Vulnerabilities and Exposures (CVE)
c. National Vulnerability Database (NVD)
d. Bing Vulnerability database (BVD)

Answer- Bing Vulnerability database (BVD)

Que - There are __________ types of exploits based on their working.
a. two
b. three
c. four
d. Five

Answer- two

Que - How many types of exploits are there based on their nature from hacking's perspective?
a. 4
b. 3
c. 2
d. 5

Answer- 2

Que - Known exploits have a confirmation of and measures can be taken against it to resolve them.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Unknown exploits are those exploits that have not yet been reported openly and hence present a straightforward attack at firms and the government agencies.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - A ____________ is a set of changes done to any program or its associated data designed for updating, fixing, or improving it.
a. scratch
b. patch
c. fixer
d. resolver

Answer- patch

Que - Fixing of security vulnerabilities in a system by additional programs is known as __________ patches.
a. hacking
b. database
c. server
d. security

Answer- security

Que - Known bugs can be solved or removed by __________________ develop by the vendors of the application.
a. removing the application
b. changing the software
c. installing security patches
d. installing database patches

Answer- installing security patches

Que - ___________________ are some very frequent updates that come for every anti-virus.
a. Patch update
b. Data update
c. Code update
d. Definition update

Answer- Definition update

Que - National Vulnerability Database (NVD) is _________________ repository of data regarding vulnerability standards.
a. U.S. government
b. India government
c. Russian government
d. China Government

Answer- U.S. government

Que - CVE is a directory of lists of publicly recognized information security vulnerabilities as well as exposures.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not a type of cyber crime?
a. Data theft
b. Forgery
c. Damage to data and systems
d. Installing antivirus for protection

Answer- Installing antivirus for protection

Que - Cyber-laws are incorporated for punishing all criminals only.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Cyber-crime can be categorized into ________ types.
a. 4
b. 3
c. 2
d. 6

Answer- 2

Que - Which of the following is not a type of peer-to-peer cyber-crime?
a. Phishing
b. Injecting Trojans to a target victim
c. MiTM
d. Credit card details leak in deep web

Answer- Credit card details leak in deep web

Que - Which of the following is not an example of a computer as weapon cyber-crime?
a. Credit card fraudulent
b. Spying someone using keylogger
c. IPR Violation
d. Pornography

Answer- Spying someone using keylogger

Que - Which of the following is not done by cyber criminals?
a. Unauthorized account access
b. Mass attack using Trojans as botnets
c. Email spoofing and spamming
d. Report vulnerability in any system

Answer- Report vulnerability in any system

Que - Accessing computer without prior authorization is a cyber-crimes that come under _______
a. Section 65
b. Section 66
c. Section 68
d. Section 70

Answer- Section 66

Que - Cracking digital identity of any individual or doing identity theft, comes under __________ of IT Act.
a. Section 65
b. Section 66
c. Section 68
d. Section 70

Answer- Section 66

Que - Accessing Wi-Fi dishonestly is a cyber-crime.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Download copy, extract data from an open system done fraudulently is treated as _________
a. cyber-warfare
b. cyber-security act
c. data-backup
d. cyber-crime

Answer- cyber-crime

Que - Which of the following attach is not used by LC4 to recover Windows password?
a. Brute-force attack
b. Dictionary attack
c. MiTM attack
d. Hybrid attacks

Answer- MiTM attack

Que - ____________is the world's most popular vulnerability scanner used in companies for checking vulnerabilities in the network.
a. Wireshark
b. Nessus
c. Snort
d. WebInspect

Answer- Nessus

Que - _____________ is a tool which can detect registry issues in an operating system.
a. Network Stumbler
b. Ettercap
c. Maltego
d. LANguard Network Security Scanner

Answer- LANguard Network Security Scanner

Que - Network Stumbler is a Windows Wi-Fi monitoring tool.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ToneLoc is abbreviated as __________
a. Tone Locking
b. Tone Locator
c. Tone Locker
d. Tune Locator

Answer- Tone Locker

Que - __________ is a debugger and exploration tool.
a. Netdog
b. Netcat
c. Tcpdump
d. BackTrack

Answer- Netcat

Que - __________ is a popular command-line packet analyser.
a. Wireshark
b. Snort
c. Metasploit
d. Tcpdump

Answer- Tcpdump

Que - ________________ is a platform that essentially keeps the log of data from networks, devices as well as applications in a single location.
a. EventLog Analyser
b. NordVPN
c. Wireshark
d. PacketFilter Analyzer

Answer- EventLog Analyser

Que - ______________ is competent to restore corrupted Exchange Server Database files as well as recovering unapproachable mails in mailboxes.
a. Outlook
b. Nessus
c. Mailbox Exchange Recovery
d. Mail Exchange Recovery toolkit

Answer- Mailbox Exchange Recovery

Que - ________________ helps in protecting businesses against data breaches that may make threats to cloud.
a. Centrify
b. Mailbox Exchange Recovery
c. Nessus
d. Dashline

Answer- Centrify

Que - __________ is a popular corporate security tool that is used to detect the attack on email with cloud only services.
a. Cain and Abel
b. Proofpoint
c. Angry IP Scanner
d. Ettercap

Answer- Proofpoint

Que - _____________ helps in protecting corporate data, communications and other assets.
a. Snort
b. CipherCloud
c. Burp Suit
d. Wireshark

Answer- CipherCloud

Que - _________ framework made cracking of vulnerabilities easy like point and click.
a. .Net
b. Metasploit
c. Zeus
d. Ettercap

Answer- Metasploit

Que - Nmap is abbreviated as Network Mapper.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - __________ is a popular tool used for discovering networks as well as in security auditing.
a. Ettercap
b. Metasploit
c. Nmap
d. Burp Suit

Answer- Nmap

Que - Which of this Nmap do not check?
a. services different hosts are offering
b. on what OS they are running
c. what kind of firewall is in use
d. what type of antivirus is in use

Answer- what type of antivirus is in use

Que - Which of the following deals with network intrusion detection and real-time traffic analysis?
a. John the Ripper
b. L0phtCrack
c. Snort
d. Nessus

Answer- Snort

Que - Wireshark is a ____________ tool.
a. network protocol analysis
b. network connection security
c. connection analysis
d. defending malicious packet-filtering

Answer- network protocol analysis

Que - Which of the below-mentioned tool is used for Wi-Fi hacking?
a. Wireshark
b. Nessus
c. Aircrack-ng
d. Snort

Answer- Aircrack-ng

Que - Aircrack-ng is used for ____________
a. Firewall bypassing
b. Wi-Fi attacks
c. Packet filtering
d. System password cracking

Answer- Wi-Fi attacks

Que - _____________ is a popular IP address and port scanner.
a. Cain and Abel
b. Snort
c. Angry IP Scanner
d. Ettercap

Answer- Angry IP Scanner

Que - _______________ is a popular tool used for network analysis in multiprotocol diverse network.
a. Snort
b. SuperScan
c. Burp Suit
d. EtterPeak

Answer- EtterPeak

Que - ____________ scans TCP ports and resolves different hostnames.
a. SuperScan
b. Snort
c. Ettercap
d. QualysGuard

Answer- SuperScan

Que - ___________ is a web application assessment security tool.
a. LC4
b. WebInspect
c. Ettercap
d. QualysGuard

Answer- WebInspect

Que - Which of the following attack-based checks WebInspect cannot do?
a. cross-site scripting
b. directory traversal
c. parameter injection
d. injecting shell code

Answer- injecting shell code

Que - ________ is a password recovery and auditing tool.
a. LC3
b. LC4
c. Network Stumbler
d. Maltego

Answer- LC4

Que - L0phtCrack is formerly known as LC3.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - ___________ is a weakness that can be exploited by attackers.
a. System with Virus
b. System without firewall
c. System with vulnerabilities
d. System with strong password

Answer- System with vulnerabilities

Que - _________ is the sum of all the possible points in software or system where unauthorized users can enter as well as extract data from the system.
a. Attack vector
b. Attack surface
c. Attack point
d. Attack arena

Answer- Attack surface

Que - ____________ is the cyclic practice for identifying & classifying and then solving the vulnerabilities in a system.
a. Bug protection
b. Bug bounty
c. Vulnerability measurement
d. Vulnerability management

Answer- Vulnerability management

Que - Risk and vulnerabilities are the same things.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - _____________ is a special type of vulnerability that doesn't possess risk.
a. Vulnerabilities without risk
b. Vulnerabilities without attacker
c. Vulnerabilities without action
d. Vulnerabilities no one knows

Answer- Vulnerabilities without risk

Que - A/An __________ is a piece of software or a segment of command that usually take advantage of a bug to cause unintended actions and behaviors.
a. malware
b. trojan
c. worms
d. exploit

Answer- exploit

Que - There are ________ types of exploit.
a. 3
b. 2
c. 5
d. 4

Answer- 2

Que - Remote exploits is that type of exploits acts over any network to exploit on security vulnerability.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ________ type of exploit requires accessing to any vulnerable system for enhancing privilege for an attacker to run the exploit.
a. Local exploits
b. Remote exploits
c. System exploits
d. Network exploits

Answer- Local exploits

Que - ___________ is a technique used by penetration testers to compromise any system within a network for targeting other systems.
a. Exploiting
b. Cracking
c. Hacking
d. Pivoting

Answer- Pivoting

Que - A _________ is a software bug that attackers can take advantage to gain unauthorized access in a system.
a. System error
b. Bugged system
c. Security bug
d. System virus

Answer- Security bug

Que - Security bugs are also known as _______
a. security defect
b. security problems
c. system defect
d. software error

Answer- security defect

Que - __________ is the timeframe from when the loophole in security was introduced till the time when the bug was fixed.
a. Time-frame of vulnerability
b. Window of vulnerability
c. Time-lap of vulnerability
d. Entry-door of vulnerability

Answer- Window of vulnerability

Que - ISMS is abbreviated as __________
a. Information Server Management System
b. Information Security Management Software
c. Internet Server Management System
d. Information Security Management System

Answer- Information Security Management System

Que - A zero-day vulnerability is a type of vulnerability unknown to the creator or vendor of the system or software.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - What is the ethics behind training how to hack a system?
a. To think like hackers and know how to defend such attacks
b. To hack a system without the permission
c. To hack a network that is vulnerable
d. To corrupt software or service using malware

Answer- To think like hackers and know how to defend such attacks

Que - Performing a shoulder surfing in order to check other's password is ____________ ethical practice.
a. a good
b. not so good
c. very good social engineering practice
d. a bad

Answer- a bad

Que - ___________ has now evolved to be one of the most popular automated tools for unethical hacking.
a. Automated apps
b. Database software
c. Malware
d. Worms

Answer- Malware

Que - Leaking your company data to the outside network without prior permission of senior authority is a crime.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _____________ is the technique used in business organizations and firms to protect IT assets.
a. Ethical hacking
b. Unethical hacking
c. Fixing bugs
d. Internal data-breach

Answer- Ethical hacking

Que - The legal risks of ethical hacking include lawsuits due to __________ of personal data.
a. stealing
b. disclosure
c. deleting
d. hacking

Answer- disclosure

Que - Before performing any penetration test, through legal procedure, which key points listed below is not mandatory?
a. Know the nature of the organization
b. Characteristics of work done in the firm
c. System and network
d. Type of broadband company used by the firm

Answer- Type of broadband company used by the firm

Que - An ethical hacker must ensure that proprietary information of the firm does not get leaked.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - After performing ____________ the ethical hacker should never disclose client information to other parties.
a. hacking
b. cracking
c. penetration testing
d. exploiting

Answer- penetration testing

Que - __________ is the branch of cyber security that deals with morality and provides different theories and a principle regarding the view-points about what is right and wrong.
a. Social ethics
b. Ethics in cyber-security
c. Corporate ethics
d. Ethics in black hat hacking

Answer- Ethics in black hat hacking

Que - ________ helps to classify arguments and situations, better understand a cyber-crime and helps to determine appropriate actions.
a. Cyber-ethics
b. Social ethics
c. Cyber-bullying
d. Corporate behaviour

Answer- Cyber-ethics

Que - A penetration tester must identify and keep in mind the ___________ & ___________ requirements of a firm while evaluating the security postures.
a. privacy and security
b. rules and regulations
c. hacking techniques
d. ethics to talk to seniors

Answer- privacy and security

Que - ___________ is an activity that takes place when cyber-criminals infiltrates any data source and takes away or alters sensitive information.
a. Data-hack
b. Data-stealing
c. Database altering
d. Data breach

Answer- Data breach

Que - Which of these is not a step followed by cyber-criminals in data breaching?
a. Research and info-gathering
b. Attack the system
c. Fixing the bugs
d. Exfiltration

Answer- Fixing the bugs

Que - What types of data are stolen by cyber-criminals in most of the cases?
a. Data that will  pay once sold
b. Data that has no value
c. Data like username and passwords only
d. Data that is old

Answer- Data that will  pay once sold

Que - Which of the companies and organizations do not become the major targets of attackers for data stealing?
a. Business firms
b. Medical and Healthcare
c. Government and secret agencies
d. NGOs

Answer- NGOs

Que - ___________ will give you an USB which will contain ___________ that will take control of your system in the background.
a. Attackers, Trojans
b. White hat hackers, antivirus
c. White hat hackers, Trojans
d. Attackers, antivirus

Answer- Attackers, Trojans

Que - An attacker, who is an employee of your firm may ___________ to know your system password.
a. do peeping
b. perform network jamming
c. do shoulder surfing
d. steal your laptop

Answer- do shoulder surfing

Que - You may throw some confidential file in a dustbin which contains some of your personal data. Hackers can take your data from that thrown-away file also, using the technique _________
a. Dumpster diving
b. Shoulder surfing
c. Phishing
d. Spamming

Answer- Dumpster diving

Que - ATM Skimmers are used to take your confidential data from your ATM cards.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _____________ will encrypt all your system files and will ask you to pay a ransom in order to decrypt all the files and unlock the system.
a. Scareware
b. Ransomware
c. Adware
d. Spyware

Answer- Ransomware

Que - ______________ are special malware programs written by elite hackers and black hat hackers to spy your mobile phones and systems.
a. Scareware
b. Ransomware
c. Adware
d. Spyware

Answer- Spyware

Que - The antivirus or PC defender software in a system helps in detecting virus and Trojans.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Clicking a link which is there in your email which came from an unknown source can redirect you to ____________ that automatically installs malware in your system.
a. that vendor's site
b. security solution site
c. malicious site
d. software downloading site

Answer- malicious site

Que - An attacker may use automatic brute forcing tool to compromise your ____________
a. username
b. employee ID
c. system / PC name
d. password

Answer- password

Que - The attacker will use different bots (zombie PCs) to ping your system and the name of the attack is _________________
a. Distributed Denial-of-Service (DDoS)
b. Permanent Denial-of-Service (PDoS)
c. Denial-of-Service (DoS)
d. Controlled Denial-of-Service (CDoS)

Answer- Distributed Denial-of-Service (DDoS)

Que - Illicit hackers may enter your personal area or room or cabin to steal your laptop, pen drive, documents or other components to make their hands dirty on your confidential information.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _____________ is a malicious method used by cyber-criminals to trick a user into clicking on something different from what the user wants.
a. Click-hacking
b. Click-fraud
c. Clickjacking
d. Using torrent links

Answer- Clickjacking

Que - Through the clickjacking attack, the employee's confidential ______________ may get leaked or stolen.
a. information
b. papers
c. hardcopy files
d. media files

Answer- information

Que - Which of the following is not a proper aspect of user integration?
a. Employee's authentication
b. Physical authorization
c. Access control
d. Representing users in the database

Answer- Physical authorization

Que - It is very important to block unknown, strange and ______________ within the corporate network.
a. infected sites
b. programs
c. unwanted files
d. important folders

Answer- infected sites

Que - Every employee of the firm must need to have some basic knowledge of cyber-security and types of hacking and how they are done.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Use of _______________ can bring external files and worms and virus along with it to the internal systems.
a. smart-watch
b. pen drive
c. laptop
d. iPod

Answer- pen drive

Que - A ____________ takes over your system's browser settings and the attack will redirect the websites you visit some other websites of its preference.
a. MiTM
b. Browser hacking
c. Browser Hijacker
d. Cookie-stealing

Answer- Browser Hijacker

Que - ________________ has become a popular attack since last few years, and the attacker target board members, high-ranked officials and managing committee members of an organization.
a. Spyware
b. Ransomware
c. Adware
d. Shareware

Answer- Ransomware

Que - ________________ important and precious file is a solution to prevent your files from ransomware.
a. Deleting all
b. Keeping backup of
c. Not saving
d. Keeping in pen drive

Answer- Keeping backup of

Que - ___________ is the technique to obtain permission from a company for using, manufacturing & selling one or more products within a definite market area.
a. algorithm-licensing
b. code-licensing
c. item licensing
d. product licensing

Answer- product licensing

Que - Which of the following do not comes under security measures for cloud in firms?
a. Firewall
b. Antivirus
c. Load Balancer
d. Encryption

Answer- Antivirus

Que - It is important to limit ____________ to all data and information as well as limit the authority for installing software.
a. work-load
b. employee access
c. admin permission
d. installing unwanted apps

Answer- employee access

Que - One must isolate payment systems and payment processes from those computers that you think are used by ____________ or may contain ____________
a. strangers, keyloggers
b. strangers, antivirus
c. unknown, firewalls
d. unknown, antivirus

Answer- strangers, keyloggers

Que - If you're working in your company's system/laptop and suddenly a pop-up window arise asking you to update your security application, you must ignore it.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - The ____________ model is 7-layer architecture where each layer is having some specific functionality to perform.
a. TCP/IP
b. Cloud
c. OSI
d. OIS

Answer- OSI

Que - The full form of OSI is OSI model is ______________
a. Open Systems Interconnection
b. Open Software Interconnection
c. Open Systems Internet
d. Open Software Internet

Answer- Open Systems Interconnection

Que - Which of the following is not physical layer vulnerability?
a. Physical theft of data & hardware
b. Physical damage or destruction of data & hardware
c. Unauthorized network access
d. Keystroke & Other Input Logging

Answer- Unauthorized network access

Que - In __________________ layer, vulnerabilities are directly associated with physical access to networks and hardware.
a. physical
b. data-link
c. network
d. application

Answer- physical

Que - Loss of power and unauthorized change in the functional unit of hardware comes under problems and issues of the physical layer.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not a vulnerability of the data-link layer?
a. MAC Address Spoofing
b. VLAN circumvention
c. Switches may be forced for flooding traffic to all VLAN ports
d. Overloading of transport-layer mechanisms

Answer- Overloading of transport-layer mechanisms

Que - ____________ is data-link layer vulnerability where stations are forced to make direct communication with another station by evading logical controls.
a. VLAN attack
b. VLAN Circumvention
c. VLAN compromisation method
d. Data-link evading

Answer- VLAN Circumvention

Que - ________________may be forced for flooding traffic to all VLAN ports allowing interception of data through any device that is connected to a VLAN.
a. Switches
b. Routers
c. Hubs
d. Repeaters

Answer- Switches

Que - Which of the following is not a vulnerability of the network layer?
a. Route spoofing
b. Identity & Resource ID Vulnerability
c. IP Address Spoofing
d. Weak or non-existent authentication

Answer- Weak or non-existent authentication

Que - Which of the following is an example of physical layer vulnerability?
a. MAC Address Spoofing
b. Physical Theft of Data
c. Route spoofing
d. Weak or non-existent authentication

Answer- Physical Theft of Data

Que - Which of the following is an example of data-link layer vulnerability?
a. MAC Address Spoofing
b. Physical Theft of Data
c. Route spoofing
d. Weak or non-existent authentication

Answer- MAC Address Spoofing

Que - Which of the following is an example of network layer vulnerability?
a. MAC Address Spoofing
b. Physical Theft of Data
c. Route spoofing
d. Weak or non-existent authentication

Answer- Route spoofing

Que - Which of the following is an example of physical layer vulnerability?
a. MAC Address Spoofing
b. Route spoofing
c. Weak or non-existent authentication
d. Keystroke & Other Input Logging

Answer- Keystroke & Other Input Logging

Que - Which of the following is an example of data-link layer vulnerability?
a. Physical Theft of Data
b. VLAN circumvention
c. Route spoofing
d. Weak or non-existent authentication

Answer- VLAN circumvention

Que - Which of the following is not a transport layer vulnerability?
a. Mishandling of undefined, poorly defined
b. The Vulnerability that allows "fingerprinting" & other enumeration of host information
c. Overloading of transport-layer mechanisms
d. Unauthorized network access

Answer- Unauthorized network access

Que - Which of the following is not session layer vulnerability?
a. Mishandling of undefined, poorly defined
b. Spoofing and hijacking of data based on failed authentication attempts
c. Passing of session-credentials allowing intercept and unauthorized use
d. Weak or non-existent authentication mechanisms

Answer- Mishandling of undefined, poorly defined

Que - Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a. Physical layer
b. Data-link Layer
c. Session layer
d. Presentation layer

Answer- Session layer

Que - Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not an example of presentation layer issues?
a. Poor handling of unexpected input can lead to the execution of arbitrary instructions
b. Unintentional or ill-directed use of superficially supplied input
c. Cryptographic flaws in the system may get exploited to evade privacy
d. Weak or non-existent authentication mechanisms

Answer- Weak or non-existent authentication mechanisms

Que - Which of the following is not a vulnerability of the application layer?
a. Application design bugs may bypass security controls
b. Inadequate security controls force "all-or-nothing" approach
c. Logical bugs in programs may be by chance or on purpose be used for crashing programs
d. Overloading of transport-layer mechanisms

Answer- Overloading of transport-layer mechanisms

Que - Which of the following is an example of Transport layer vulnerability?
a. weak or non-existent mechanisms for authentication
b. overloading of transport-layer mechanisms
c. poor handling of unexpected input
d. highly complex application security controls

Answer- overloading of transport-layer mechanisms

Que - Which of the following is an example of session layer vulnerability?
a. weak or non-existent mechanisms for authentication
b. overloading of transport-layer mechanisms
c. poor handling of unexpected input
d. highly complex application security controls

Answer- weak or non-existent mechanisms for authentication

Que - Which of the following is an example of presentation layer vulnerability?
a. weak or non-existent mechanisms for authentication
b. overloading of transport-layer mechanisms
c. highly complex application security controls
d. poor handling of unexpected input

Answer- poor handling of unexpected input

Que - Which of the following is an example of application layer vulnerability?
a. Cryptographic flaws lead to the privacy issue
b. Very complex application security controls
c. MAC Address Spoofing
d. Weak or non-existent authentication

Answer- Very complex application security controls

Que - TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - TCP/IP is composed of _______ number of layers.
a. 2
b. 3
c. 4
d. 5

Answer- 4

Que - Trusted TCP/IP commands have the same needs & go through the identical verification process. Which of them is not a TCP/IP command?
a. ftp
b. rexec
c. tcpexec
d. telnet

Answer- tcpexec

Que - Connection authentication is offered for ensuring that the remote host has the likely Internet Protocol (IP) ___________ & _________
a. address, name
b. address, location
c. network, name
d. network, location

Answer- address, name

Que - Application layer sends & receives data for particular applications using Hyper Text Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP).
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - TLS vulnerability is also known as Return of Bleichenbacher's Oracle Threat
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - RoBOT is abbreviated as ___________
a. Return of Bleichenbacher's Oracle Team
b. Rise of Bleichenbacher's Oracle Threat
c. Return of Bleichenbacher's Operational Threat
d. Return of Bleichenbacher's Oracle Threat

Answer- Return of Bleichenbacher's Oracle Threat

Que - There are __________ different versions of IP popularly used.
a. 2
b. 3
c. 4
d. 5

Answer- 2

Que - ____________ is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.
a. TCP Spoofing
b. TCP Blind Spoofing
c. IP Spoofing
d. IP Blind Spoofing

Answer- TCP Blind Spoofing

Que - ___________ is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server.
a. SYN flooding attack
b. ACK flooding attack
c. SYN & ACK flooding attack
d. Packet flooding attack

Answer- SYN flooding attack

Que - Which of them is not an attack done in the network layer of the TCP/IP model?
a. MITM attack
b. DoS attack
c. Spoofing attack
d. Shoulder surfing

Answer- Shoulder surfing

Que - Which of them is not an appropriate method of router security?
a. Unused ports should be blocked
b. Unused interfaces and services should be disabled
c. Routing protocol needs to be programmed by security experts
d. Packet filtering needs to be enabled

Answer- Routing protocol needs to be programmed by security experts

Que - Which 2 protocols are used in the Transport layer of the TCP/IP model?
a. UDP and HTTP
b. TCP and UDP
c. HTTP and TCP
d. ICMP and HTTP

Answer- TCP and UDP

Que - Which of the protocol is not used in the network layer of the TCP/IP model?
a. ICMP
b. IP
c. IGMP
d. HTTP

Answer- HTTP

Que - ____________ protocol attack is done in the data-link layer.
a. HTTP
b. DNS
c. TCP/IP
d. POP

Answer- DNS

Que - _____________ is the illicit transmission of data from inside an organization or personal system to an external location or recipient.
a. Database hacking
b. Data leakage
c. Data cracking
d. Data revealing

Answer- Data leakage

Que - Data leakage threats do not usually occur from which of the following?
a. Web and email
b. Mobile data storage
c. USB drives and laptops
d. Television

Answer- Television

Que - Data leakage is popularly known as ___________
a. data theft
b. data crack
c. low and slow data theft
d. slow data theft

Answer- low and slow data theft

Que - There are __________ major types of data leakage.
a. 2
b. 3
c. 4
d. 5

Answer- 3

Que - Unauthorized data leakage doesn't essentially mean intended or malicious.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Unintentional data leakage can still result in the same penalties and reputational damage.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - When leakage of data is done purposely or because of the lack of employee's concern toward confidential data is called ___________ done by employees of an organization.
a. Ill-intentional data leakage
b. Malfunctioned in database
c. A malfunction in online data
d. ill-intension of an outsider

Answer- Ill-intentional data leakage

Que - Which of them is not an example of physical data leakage?
a. dumpster diving
b. shoulder surfing
c. printers and photocopiers
d. phishing

Answer- phishing

Que - ______________ is the unauthorized movement of data.
a. Data exfiltration
b. Data infiltration
c. Data cracking
d. Database hacking

Answer- Data exfiltration

Que - Which of them is an example of physical data leakage?
a. Dumpster diving
b. MiTM
c. DDoS
d. Phishing

Answer- Dumpster diving

Que - Which of them is not an example of data leakage done using electronic communication with malicious intent?
a. Phishing
b. Spoofed Email
c. Attacks using malware
d. Dumpster diving

Answer- Dumpster diving

Que - The three steps of data loss prevention are - Identify, Discover and______________
a. Classify
b. Clarify
c. Deletion
d. Detection

Answer- Classify

Que - Which of the following is not a step of data-loss prevention?
a. Identify
b. Manage
c. Classify
d. Discover

Answer- Manage

Que - Mapping of data-flow in an organization is very useful in understanding the risk better due to actual & potential data leakage.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Data leakage prevention is based on factors like access controls, persistent, encryption, alerting, tokenization, blocking dynamic data masking, etc.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Data leakage threats are done by internal agents. Which of them is not an example of an internal data leakage threat?
a. Data leak by 3rd Party apps
b. Data leak by partners
c. Data leak by employees
d. Data leak from stolen credentials from the desk

Answer- Data leak by 3rd Party apps

Que - _____________ focuses on the detection & prevention of sensitive data exfiltration and lost data.
a. Data loss prevention
b. Data loss measurement
c. Data stolen software
d. Data leak prevention

Answer- Data loss prevention

Que - ________________ is a component of the reconnaissance stage that is used to gather possible information for a target computer system or network.
a. Fingerprinting
b. 3D printing
c. Footprinting
d. Data printing

Answer- Footprinting

Que - How many types of footprinting are there?
a. 5
b. 4
c. 3
d. 2

Answer- 2

Que - ________________ is one of the 3 pre-attacking phase.
a. Fingerprinting
b. 3D printing
c. Footprinting
d. Data printing

Answer- Footprinting

Que - A/An ______________ spends 85% of his/her time in profiling an organization and rest amount in launching the attack.
a. security analyst
b. attacker
c. auditor
d. network engineer

Answer- attacker

Que - _______________ is necessary to methodically & systematically ensure all pieces of information related to target.
a. Fingerprinting
b. 3D printing
c. Footprinting
d. Data printing

Answer- Footprinting

Que - Which of the following is not a spot from where attackers seek information?
a. Domain name
b. IP address
c. System enumeration
d. Document files

Answer- Document files

Que - Which of them is not an information source over the internet for target attackers?
a. Whois
b. YouTube
c. Nslookup
d. Archive sites

Answer- YouTube

Que - Footprinting is used to collect information such as namespace, employee info, phone number and emails, job details.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Spywares can be used to steal _______________ from the attacker's browser.
a. browsing history
b. company details
c. plug-ins used
d. browser details

Answer- browsing history

Que - https://archive.org is a popular site where one can enter a domain name in its search box for finding out how the site was looking at a given date.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Information about people is available people search sites. Which of them is an example of people data searching site?
a. people.com
b. indivinfo.org
c. intelius.com
d. peopleinfo.org

Answer- intelius.com

Que - You can attain a series of IP addresses allotted to a particular company using __________ site.
a. https://www.ipdata.org/
b. https://www.arin.net/
c. https://www.ipip.com/
d. https://www.goipaddr.net/

Answer- https://www.arin.net/

Que - ARIN is abbreviated as _____________
a. American Registry for Internet Numbers
b. American Registry for IP Numbers
c. All Registry for Internet Numbers
d. American Registry for IP Numbering

Answer- American Registry for Internet Numbers

Que - Using spyware is an example of _________ type of information gathering.
a. active
b. passive
c. active & passive
d. non-passive

Answer- active

Que - Collecting freely available information over the internet is an example of ____________ type of information gathering.
a. active
b. passive
c. active & passive
d. non-passive

Answer- passive

Que - ____________ is the term used for gathering information about your competitors from online resources, researches, and newsgroups.
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering

Answer- Competitive Intelligence gathering

Que - The ______________ intelligence gathering is non-interfering & subtle in nature.
a. cognitive
b. competitive
c. cyber
d. concrete

Answer- competitive

Que - In the world of data, where data is considered the oil and fuel of modern technology _____________ is both a product and a process.
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering

Answer- Competitive Intelligence gathering

Que - Which of them is not a proper step in competitive intelligence data processing?
a. Data gathering
b. Data analysis
c. Information security
d. Network analysis

Answer- Network analysis

Que - Which one of the following is a proper step in competitive intelligence data processing?
a. Competitors' data compromising
b. Data hacking
c. Data analysis
d. Competitors' data stealing

Answer- Data analysis

Que - There are __________ types of cognitive hacking and information gathering which is based on the source type, from where data is fetched.
a. 6
b. 5
c. 4
d. 3

Answer- 3

Que - ______________ is important to grab a quick understanding and analyzing about your competitors or target user's need.
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering

Answer- Competitive Intelligence gathering

Que - Which of them is not a reason for competitive information gathering?
a. Compare your product with competitors
b. Analyze the market position of yours with competitors
c. Fetching confidential plans about your competitors
d. Pull out a list of your competitive firms in the market

Answer- Fetching confidential plans about your competitors

Que - Competitive information gathering if done in the form of active attack using malware or by other illicit means can put your hired hacker or your company at stake.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Predict and analyze the tactics of competitors from data taken out from online data sources is a crime.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - https://www.bidigital.com/ci/ is a website which is used for _________________
a. Competitive Intelligence gathering
b. Cognitive Intelligence gathering
c. Cyber Intelligence gathering
d. Competitors Info gathering

Answer- Competitive Intelligence gathering

Que - Which of the following is a site used for Competitive Intelligence gathering?
a. https://www.bidigital.gov/
b. https://www.cig.com/ci/
c. https://www.coginfo.com/ci/
d. https://www.bidigital.com/ci/

Answer- https://www.bidigital.com/ci/

Que - Which of the following is not an example of a firm that provides info regarding competitive intelligence gathering?
a. Carratu International
b. CI Center
c. Microsoft CI
d. Marven Consulting Group

Answer- Microsoft CI

Que - Using _____________ for doing competitive information gathering is a crime.
a. Spyware
b. Antivirus
c. Anti-malware
d. Adware

Answer- Spyware

Que - Competitive Intelligence gathering is both a ___________ and a ____________
a. process, product
b. process, item
c. product & data to sell to 3rd party
d. data to sell to a 3rd party and a product

Answer- process, product

Que - There are _______ types of scanning.
a. 2
b. 3
c. 4
d. 5

Answer- 3

Que - Which of the following is not an objective of scanning?
a. Detection of the live system running on network
b. Discovering the IP address of the target system
c. Discovering the services running on target system
d. Detection of spyware in a system

Answer- Detection of spyware in a system

Que - For discovering the OS running on the target system, the scanning has a specific term. What is it?
a. Footprinting
b. 3D Printing
c. Fingerprinting
d. screen-printing

Answer- Fingerprinting

Que - Which of them is not a scanning methodology?
a. Check for live systems
b. Check for open ports
c. Identifying the malware in the system
d. Identifying of services

Answer- Identifying the malware in the system

Que - ICMP scanning is used to scan _______________
a. open systems
b. live systems
c. malfunctioned systems
d. broken systems

Answer- live systems

Que - In live system scanning, it is checked which hosts are up in the network by pinging the systems in the network.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of them do not comes under NETBIOS information?
a. Name of the system / PC
b. Workgroup name
c. MAC address
d. RAM space

Answer- RAM space

Que - A ______________ is a simple network scanning technique used for determining which range of IP address map to live hosts.
a. scan sweep
b. ping sweep
c. scan ping
d. host ping

Answer- ping sweep

Que - Ping sweep is also known as ________________
a. ICMP Sweep
b. ICMP Call
c. IGMP Sweep
d. ICMP pinging

Answer- ICMP Sweep

Que - If any given address is running live, it will return an ICMP ECHO reply.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - __________ scanning is done when a series of messages are sent by someone keeping in mind to break into a computer.
a. Network
b. Port
c. Vulnerability
d. System

Answer- Port

Que - ____________ scanning is a procedure to identify active hosts on your network.
a. Network
b. Port
c. Vulnerability
d. System

Answer- Network

Que - _____________ scanning is an automatic process for identifying vulnerabilities of the system within a network.
a. Network
b. Port
c. Vulnerability
d. System

Answer- Vulnerability

Que - Which of them is not a standard scanning type or terminology?
a. Network
b. Port
c. Vulnerability
d. System

Answer- System

Que - In port scanning, a port is always associated with the _____________ (typically of host system) & the type of ____________ employed for communication.
a. IP address, protocol
b. MAC address, protocol
c. IP address, IMEI number
d. MAC address, network model

Answer- IP address, protocol

Que - ________________ is a tool which uses traceroute-like techniques for analyzing IP packet responses.
a. Firewalk
b. Firesweep
c. PingSweeper
d. ICMPwalker

Answer- Firewalk

Que - In port scanning, a _________ is always associated with an IP address (usually of the host system) & the type of protocol (UDP or TCP) employed for communication.
a. address
b. port
c. system
d. network

Answer- port

Que - Firewalk tool employs a technique to determine the ___________ rules in place on the ___________ forwarding device.
a. filter, packet
b. filter, port
c. routing, packet
d. routing, port

Answer- filter, packet

Que - Firewalk works by sending ________ & ________ packets.
a. UDP, HTTP
b. TCP, HTTP
c. ICMP, TCP
d. UDP, TCP

Answer- UDP, TCP

Que - Using 3-way handshake, it is possible to check for open ports.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of them is not a standard flag used in TCP communication between client and server?
a. Synchronize
b. Acknowledgment
c. Finish
d. Start

Answer- Start

Que - How many standard flags are used in a TCP communication?
a. 4
b. 5
c. 6
d. 7

Answer- 6

Que - Which of the following is not a valid scanning method?
a. Xmas Tree scan
b. SYN Stealth scan
c. Null Scan
d. Cloud scan

Answer- Cloud scan

Que - ___________ is a command-line TCP/IP packet assembler and analyzer tool.
a. IGMP Ping
b. Hping2
c. Nmap
d. Maltego

Answer- Hping2

Que - Which of the following is not a feature of Hping2 tool?
a. Firewall testing
b. Port scanning
c. Network testing
d. Server malware scanning

Answer- Server malware scanning

Que - _________________is quite an esoteric process for preventing session creation through a particular port.
a. Port knocking
b. Port cracking
c. Port hacking
d. Port-jacking

Answer- Port knocking

Que - Which one of them is not a network scanner?
a. NMAP
b. Qualys
c. SoftPerfect
d. Netcat

Answer- Netcat

Que - Which of them is not a port scanning tool?
a. Netcat
b. Unicornscan
c. Maltego
d. Angry IP Scanner

Answer- Maltego

Que - Which of them is not a vulnerability scanning tool?
a. Nexpose
b. Nessus Professional
c. Snort
d. Nikto Web scanner

Answer- Snort

Que - There are _______ major ways of stealing email information.
a. 2
b. 3
c. 4
d. 5

Answer- 4

Que - Which of them is not a major way of stealing email information?
a. Stealing cookies
b. Reverse Engineering
c. Password Phishing
d. Social Engineering

Answer- Reverse Engineering

Que - ____________ is the method for keeping sensitive information in email communication & accounts secure against unofficial access, loss, or compromise.
a. Email security
b. Email hacking
c. Email protection
d. Email safeguarding

Answer- Email security

Que - _____________ is a famous technological medium for the spread of malware, facing problems of spam, & phishing attacks.
a. Cloud
b. Pen drive
c. Website
d. Email

Answer- Email

Que - Which of them is not a proper method for email security?
a. Use Strong password
b. Use email Encryption
c. Spam filters and malware scanners
d. Click on unknown links to explore

Answer- Click on unknown links to explore

Que - If a website uses a cookie, or a browser contains the cookie, then every time you visit that website, the browser transfers the cookie to that website.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - The stored cookie which contains all your personal data about that website can be stolen away by _____________ using _____________ or trojans.
a. attackers, malware
b. hackers, antivirus
c. penetration testers, malware
d. penetration testers, virus

Answer- attackers, malware

Que - If the data stored in the _____________ is not encrypted, then after cookie stealing, attackers can see information such as username and password stored by the cookie.
a. memory
b. quarantine
c. cookies
d. hard drive

Answer- cookies

Que - Which of the following is a non-technical type of intrusion or attack technique?
a. Reverse Engineering
b. Malware Analysis
c. Social Engineering
d. Malware Writing

Answer- Social Engineering

Que - Which of them is an example of grabbing email information?
a. Cookie stealing
b. Reverse engineering
c. Port scanning
d. Banner grabbing

Answer- Cookie stealing

Que - _____________ is the technique used for tricking users to disclose their username and passwords through fake pages.
a. Social Engineering
b. Phishing
c. Cookie Stealing
d. Banner Grabbing

Answer- Phishing

Que - Using email hacking illicit hackers can send & spread ___________   virus _____________ and spam emails.
a. trojans, redirected malicious URLs
b. antivirus, patches
c. cracked software, redirected malicious URLs
d. malware, security patches

Answer- trojans, redirected malicious URLs

Que - Unsolicited Bulk E-mails (UBI) are called __________
a. SMS
b. MMS
c. Spam emails
d. Malicious emails

Answer- Spam emails

Que - Fraudulent email messages are some fake email messages that seem legitimate which ask for your bank details and reply those emails with updated confidential information.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is a micro-virus that can bring down the confidentiality of an email (specifically)?
a. Zeus
b. Stuxnet
c. Reaper Exploit
d. Friday the 13

Answer- Reaper Exploit

Que - Email users who use IE as their _________________ are vulnerable to Reaper Exploit.
a. Web engine
b. Rendering engine
c. Game engine
d. HTML engine

Answer- HTML engine

Que - _______________ needs to be turned off in order to prevent from this attack.
a. Email scripting
b. Email attachments
c. Email services
d. Third party email programs

Answer- Email scripting

Que - Which of the following is a tool to monitor outgoing traffic of target PC's email and intercept all the emails sent from it?
a. Wireshark
b. Advanced Stealth Email Redirector
c. MS Outlook
d. Cisco Jabber

Answer- Advanced Stealth Email Redirector

Que - Advanced SER is abbreviated as ___________
a. Advanced Stealth Electronic Redirector
b. Advanced Security Email Redirector
c. Advanced Stealth Email Redirector
d. Advanced Stealth Email Recorder

Answer- Advanced Stealth Email Redirector

Que - Which of the following will not help in preserving email security?
a. Create a strong password
b. Connect your email to a phone number
c. Use two-factor authentication for password verification and login
d. Click on unknown links and sites

Answer- Click on unknown links and sites

Que - Once the email is compromised, all other sites and services online associated with this email can be compromised.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _____________ is an encryption program or add-ons which provides cryptographic privacy & authentication for email communication.
a. Powerful Good Privacy
b. Pretty Good Privacy
c. Pretty Good Encryption
d. Pretty Strong Encryption

Answer- Pretty Good Privacy

Que - PGP is abbreviated as _______________
a. Pretty Good Privacy
b. Powerful Good Privacy
c. Protocol Giving Privacy
d. Pretty Good Protocol

Answer- Pretty Good Privacy

Que - Which of them is not an example of business email security tool?
a. Microsoft Office Trust Center
b. Sendinc
c. Hushmail Business
d. Cisco Jabber

Answer- Cisco Jabber

Que - Which of them is not an example of business email security tool?
a. Enlocked
b. RPost Office
c. MS Outlook
d. Sendinc

Answer- MS Outlook

Que - ________________ is a free extension of browser that enables you in decrypting as well as encrypting emails.
a. Enlocked
b. MS Outlook
c. Cisco Jabber
d. Mailvelope

Answer- Mailvelope

Que - Which of the following is not an email related hacking tool?
a. Email Finder Pro
b. Sendinc
c. Mail PassView
d. Mail Password

Answer- Sendinc

Que - _______________ is targeted bulk email marketing software.
a. Email Spider Toolkit
b. Email Spider Easy
c. Email Crawler Easy
d. Email Spider Toolkit

Answer- Email Spider Easy

Que - ______________ is a tool that is integrated with top 90 search engines to grab quick search for email addresses and other details.
a. Email Spider Toolkit
b. Email Spider Easy
c. Email Crawler Easy
d. Email Spider Toolkit

Answer- Email Spider Easy

Que - MegaHackerZ helps crackers to crack email passwords.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Password cracking in system hacking is of ________ types.
a. 2
b. 3
c. 4
d. 5

Answer- 4

Que - There are ________ major types of passwords.
a. 4
b. 5
c. 6
d. 7

Answer- 7

Que - In _______________ attacks an attacker do not contact with authorizing party for stealing password.
a. passive online
b. active online
c. offline
d. non-electronic

Answer- passive online

Que - Which of the following is an example of passive online attack?
a. Phishing
b. Social Engineering
c. Spamming
d. Wire sniffing

Answer- Wire sniffing

Que - Which of the following is not an example of a passive online attack?
a. MiTM
b. Reply Attack
c. Phishing
d. Wire sniffing

Answer- Phishing

Que - Which of the following do not comes under hurdles of passive online attack for hackers?
a. Hard to perpetrate
b. Computationally complex
c. Time taking, so patience has to be there
d. Tools not available

Answer- Tools not available

Que - Which of the following case comes under victims' list of an active online attack?
a. Strong password based accounts
b. Unsecured HTTP users
c. Open authentication points
d. Logged in systems and services

Answer- Open authentication points

Que - In _______________ password grabbing attack the attacker directly tries different passwords 1-by-1 against victim's system/account.
a. passive online
b. active online
c. offline attack
d. non-electronic

Answer- active online

Que - Which of them is not a disadvantage of active online attack?
a. Takes a long time
b. Easily and automatically detected
c. Need high network bandwidth
d. Need the patience to crack

Answer- Easily and automatically detected

Que - _________________ can be alternatively termed as password guessing attack.
a. passive online
b. active online
c. offline attack
d. non-electronic

Answer- active online

Que - ________________ attacks are carried out from a location other than the real computer where the password reside or was used.
a. passive online
b. active online
c. offline password
d. non-electronic

Answer- offline password

Que - _______________ attacks always need physical access to the system that is having password file or the hacker needs to crack the system by other means.
a. online
b. offline
c. password
d. non-electronic

Answer- offline

Que - Which of the following is not an example of offline password attack?
a. Dictionary attack
b. Rainbow attacks
c. Brute force attack
d. Spamming attack

Answer- Spamming attack

Que - Passwords need to be kept encrypted to protect from such offline attacks.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Saving passwords in the browser is a good habit.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Which of the following is not an advantage of dictionary attack?
a. Very fast
b. Time-saving
c. Easy to perform
d. Very tough and inefficient

Answer- Very tough and inefficient

Que - A _______________ is a process of breaking a password protected system or server by simply & automatically entering every word in a dictionary as a password.
a. Dictionary attack
b. Phishing attack
c. Social engineering attack
d. MiTM attack

Answer- Dictionary attack

Que - Which of the following comes under the advantage of dictionary attack?
a. Time-consuming
b. Moderate efficient
c. Very fast
d. Complex to carry-out

Answer- Very fast

Que - The hybrid attack is a combination of dictionary attack followed by inserting entropy & performs brute force.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Brute force attack is ______________
a. fast
b. inefficient
c. slow
d. complex to understand

Answer- slow

Que - A _____________ attack one of the simplest processes of gaining access to any password-protected system.
a. Clickjacking
b. Brute force
c. Eavesdropping
d. Waterhole

Answer- Brute force

Que - ____________ attack is a combination of Dictionary attack & brute force attack.
a. Syllable
b. Syllabi
c. Database
d. Phishing

Answer- Syllable

Que - Attackers can use the _______________ when he/she gets some information or hint regarding password he/she wants to crack.
a. Syllable attack
b. Rule-based attack
c. Offline attack
d. Hybrid attack

Answer- Rule-based attack

Que - _______________ are based on dictionary attack techniques.
a. Hybrid attacks
b. Network attacks
c. TCP attacks
d. Database attacks

Answer- Hybrid attacks

Que - _____________ are based on dictionary attack techniques where the dictionary attack is mixed with some numerals and special symbols.
a. Syllable attack
b. Rule-based attack
c. Offline attack
d. Hybrid attack

Answer- Hybrid attack

Que - Which of the following is not an example of non-technical attack techniques?
a. Shoulder surfing
b. Keyboard sniffing
c. Phishing
d. Social engineering

Answer- Phishing

Que - __________ passwords are next level of security.
a. BIOS
b. CMOS
c. SMOS
d. BOIS

Answer- BIOS

Que - BIOS is abbreviated as _______________
a. Basic Input Output Server
b. Basic Internet Output Systems
c. Basic Input Output System
d. Battery-based Input Output System

Answer- Basic Input Output System

Que - Most computers have BIOS which can be configured so that it can ask for a password once the system starts.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Find out, select & uninstall all ________________ programs from your computer.
a. useful
b. pre-installed
c. unwanted
d. utility

Answer- unwanted

Que - As a backup for securing your device, it is necessary to create a _____________
a. backup point
b. copy of files in separate drives
c. copy of files in the same drives
d. restore point

Answer- restore point

Que - The _______________ is a security app by Microsoft which is a built-in one into Windows OS that is designed to filter network data from your Windows system & block harmful communications or the programs which are initiating them.
a. Windows Security Essentials
b. Windows Firewall
c. Windows app blocker
d. Windows 10

Answer- Windows Firewall

Que - _____________ are essential because they frequently comprises of critical patches to security holes.
a. System software
b. Utility Software
c. Software executables
d. Software updates

Answer- Software updates

Que - The ______________ account and the __________ account have the same file privileges, but their working and functionalities have difference.
a. system, administrator
b. system, user
c. group, user
d. user, administrator

Answer- system, administrator

Que - ________________ is an anti-malware tool found in newer OS which is designed for protecting computers from viruses, spyware & other malware.
a. Norton Antivirus
b. Windows Defender
c. Anti-malware
d. Microsoft Security Essentials

Answer- Windows Defender

Que - ____________ is an application which now comes built-in Windows OS & it allows Windows users to encrypt all drive for security purpose.
a. MS Windows Defender
b. MSE
c. BitLocker
d. MS Office

Answer- BitLocker

Que - A __________ is a dedicatedly designed chip on an endpoint device which stores RSA encryption keys particular to the host system for the purpose of hardware authentication.
a. Trusted Platform Mode
b. Trusted Protocol Module
c. Trusted Privacy Module
d. Trusted Platform Module

Answer- Trusted Platform Module

Que - Which of the following is not an appropriate way of targeting a mobile phone for hacking?
a. Target mobile hardware vulnerabilities
b. Target apps' vulnerabilities
c. Setup Keyloggers and spyware in smart-phones
d. Snatch the phone

Answer- Snatch the phone

Que - Which of the following is not an OS for mobile?
a. Palm
b. Windows
c. Mango
d. Android

Answer- Mango

Que - Mobile Phone OS contains open APIs that may be _____________ attack.
a. useful for
b. vulnerable to
c. easy to
d. meant for

Answer- vulnerable to

Que - ____________ gets propagated through networks and technologies like SMS, Bluetooth, wireless medium, USBs and infrared to affect mobile phones.
a. Worms
b. Antivirus
c. Malware
d. Multimedia files

Answer- Malware

Que - ____________ is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.
a. OS Security
b. Database security
c. Cloud security
d. Mobile security

Answer- Mobile security

Que - Mobile security is also known as ____________
a. OS Security
b. Wireless security
c. Cloud security
d. Database security

Answer- Wireless security

Que - DDoS in mobile systems wait for the owner of the _____________ to trigger the attack.
a. worms
b. virus
c. botnets
d. programs

Answer- botnets

Que - Hackers cannot do which of the following after compromising your phone?
a. Steal your information
b. Rob your e-money
c. Shoulder surfing
d. Spying

Answer- Shoulder surfing

Que - Hackers cannot do which of the following after compromising your phone?
a. Shoulder surfing
b. Accessing your voice mail
c. Steal your information
d. Use your app credentials

Answer- Shoulder surfing

Que - App permissions can cause trouble as some apps may secretly access your memory card or contact data.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Activate _____________ when you're required it to use, otherwise turn it off for security purpose.
a. Flash Light
b. App updates
c. Bluetooth
d. Rotation

Answer- Bluetooth

Que - Try not to keep ________________ passwords, especially fingerprint for your smart-phone, because it can lead to physical hacking if you're not aware or asleep.
a. Biometric
b. PIN-based
c. Alphanumeric
d. Short

Answer- Biometric

Que - Which of the following tool is used for Blackjacking?
a. BBAttacker
b. BBProxy
c. Blackburried
d. BBJacking

Answer- BBProxy

Que - BBProxy tool is used in which mobile OS?
a. Android
b. Symbian
c. Raspberry
d. Blackberry

Answer- Blackberry

Que - Which of the following is not a security issue for PDAs?
a. Password theft
b. Data theft
c. Reverse engineering
d. Wireless vulnerability

Answer- Reverse engineering

Que - ____________________ is the anticipation of unauthorized access or break to computers or data by means of wireless networks.
a. Wireless access
b. Wireless security
c. Wired Security
d. Wired device apps

Answer- Wireless security

Que - Which among them has the strongest wireless security?
a. WEP
b. WPA
c. WPA2
d. WPA3

Answer- WPA3

Que - Which among the following is the least strong security encryption standard?
a. WEP
b. WPA
c. WPA2
d. WPA3

Answer- WEP

Que - _________ is an old IEEE 802.11 standard from the year 1999.
a. WPA2
b. WPA3
c. WEP
d. WPA

Answer- WEP

Que - _______________ is the central node of 802.11 wireless operations.
a. WPA
b. Access Point
c. WAP
d. Access Port

Answer- Access Point

Que - AP is abbreviated as _____________
a. Access Point
b. Access Port
c. Access Position
d. Accessing Port

Answer- Access Point

Que - ___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage.
a. Base Signal Station
b. Base Transmitter Station
c. Base Transceiver Station
d. Transceiver Station

Answer- Base Transceiver Station

Que - BTS stands for ___________________
a. Basement Transceiver Server
b. Base Transmitter Station
c. Base Transceiver Server
d. Base Transceiver Station

Answer- Base Transceiver Station

Que - There are __________ types of wireless authentication modes.
a. 2
b. 3
c. 4
d. 5

Answer- 2

Que - When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called _____________
a. AP-handshaking
b. 4-way handshake
c. 4-way connection
d. wireless handshaking

Answer- 4-way handshake

Que - WPS stands for __________________
a. WiFi Protected System
b. WiFi Protected Setup
c. WiFi Protocol Setup
d. Wireless Protected Setup

Answer- WiFi Protected Setup

Que - It is recommended to use WPA2 or WPA3 encryption standard as they are strong and more secure.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ___________ is a process of wireless traffic analysis that may be helpful for forensic investigations or during troubleshooting any wireless issue.
a. Wireless Traffic Sniffing
b. WiFi Traffic Sniffing
c. Wireless Traffic Checking
d. Wireless Transmission Sniffing

Answer- Wireless Traffic Sniffing

Que - Which of the following is a Wireless traffic Sniffing tool?
a. Maltego
b. BurpSuit
c. Nessus
d. Wireshark

Answer- Wireshark

Que - ___________________ began to show up few years back on wireless access points as a new way of adding or connecting new devices.
a. WPA2
b. WPA
c. WPS
d. WEP

Answer- WPS

Que - There are _________ types of computer virus.
a. 5
b. 7
c. 10
d. 12

Answer- 10

Que - Which of the following is not a type of virus?
a. Boot sector
b. Polymorphic
c. Multipartite
d. Trojans

Answer- Trojans

Que - A computer ________ is a malicious code which self-replicates by copying itself to other programs.
a. program
b. virus
c. application
d. worm

Answer- virus

Que - Which of them is not an ideal way of spreading the virus?
a. Infected website
b. Emails
c. Official Antivirus CDs
d. USBs

Answer- Official Antivirus CDs

Que - In which year Apple II virus came into existence?
a. 1979
b. 1980
c. 1981
d. 1982

Answer- 1981

Que - In mid-1981, the 1st virus for Apple computers with the name _________ came into existence.
a. Apple I
b. Apple II
c. Apple III
d. Apple Virus

Answer- Apple II

Que - The virus hides itself from getting detected by ______ different ways.
a. 2
b. 3
c. 4
d. 5

Answer- 3

Que - _______________ infects the master boot record and it is challenging and a complex task to remove this virus.
a. Boot Sector Virus
b. Polymorphic
c. Multipartite
d. Trojans

Answer- Boot Sector Virus

Que - ________________ gets installed & stays hidden in your computer's memory. It stays involved to the specific type of files which it infects.
a. Boot Sector Virus
b. Direct Action Virus
c. Polymorphic Virus
d. Multipartite Virus

Answer- Direct Action Virus

Que - Direct Action Virus is also known as ___________
a. Non-resident virus
b. Boot Sector Virus
c. Polymorphic Virus
d. Multipartite Virus

Answer- Non-resident virus

Que - ______________ infects the executables as well as the boot sectors.
a. Non-resident virus
b. Boot Sector Virus
c. Polymorphic Virus
d. Multipartite Virus

Answer- Multipartite Virus

Que - ______________ are difficult to identify as they keep on changing their type and signature.
a. Non-resident virus
b. Boot Sector Virus
c. Polymorphic Virus
d. Multipartite Virus

Answer- Polymorphic Virus

Que - ____________ deletes all the files that it infects.
a. Non-resident virus
b. Overwrite Virus
c. Polymorphic Virus
d. Multipartite Virus

Answer- Overwrite Virus

Que - _____________ is also known as cavity virus.
a. Non-resident virus
b. Overwrite Virus
c. Polymorphic Virus
d. Space-filler Virus

Answer- Space-filler Virus

Que - Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a. Research purpose
b. Pranks
c. Identity theft
d. Protection

Answer- Protection

Que - A ___________ is a small malicious program that runs hidden on infected system.
a. Virus
b. Trojan
c. Shareware
d. Adware

Answer- Trojan

Que - ____________ works in background and steals sensitive data.
a. Virus
b. Shareware
c. Trojan
d. Adware

Answer- Trojan

Que - By gaining access to the Trojaned system the attacker can stage different types of attack using that ____________ program running in the background.
a. Trojan
b. Virus
c. Antivirus
d. Anti-malware

Answer- Trojan

Que - Trojan creators do not look for _______________
a. Credit card information
b. Confidential data
c. Important documents
d. Securing systems with such programs

Answer- Securing systems with such programs

Que - Which of them is not a proper way of getting into the system?
a. IM
b. Attachments
c. Official product sites
d. Un-trusted sites, freeware and pirated software

Answer- Official product sites

Que - Which of the following port is not used by Trojans?
a. UDP
b. TCP
c. SMTP
d. MP

Answer- MP

Que - Trojans do not do one of the following. What is that?
a. Deleting Data
b. Protecting Data
c. Modifying Data
d. Copying Data

Answer- Protecting Data

Que - Some Trojans carry ransomware with them to encrypt the data and ask for ransom.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Once activated, ___________ can enable ____________to spy on the victim, steal their sensitive information & gain backdoor access to the system.
a. virus, cyber-criminals
b. malware, penetration testers
c. trojans, cyber-criminals
d. virus, penetration testers

Answer- trojans, cyber-criminals

Que - Trojans can not ______________
a. steal data
b. self-replicate
c. steal financial information
d. steal login credentials

Answer- self-replicate

Que - A _______________ provides malicious users remote control over the targeted computer.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader

Answer- Backdoor Trojan

Que - _______________ programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader

Answer- Trojan-Banker

Que - ______________ perform automated DoS (Denial of Service) attacks on a targeted web address.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader

Answer- DDoS-Trojan

Que - Trojan-Downloader is a special type of trojans which can download & install new versions of malicious programs.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ____________ work in background & keeps on downloading other malicious programs when the system is online.
a. DDoS-Trojan
b. Backdoor Trojan
c. Trojan-Banker
d. Trojan-Downloader

Answer- Trojan-Downloader

Que - Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a. Research purpose
b. Pranks
c. Identity theft
d. Protection

Answer- Protection

Que - A/an ___________ is a program that steals your logins & passwords for instant messaging applications.
a. IM - Trojans
b. Backdoor Trojans
c. Trojan-Downloader
d. Ransom Trojan

Answer- IM - Trojans

Que - _____________ can modify data on your system - so that your system doesn't run correctly or you can no longer access specific data, or it may even ask for ransom in order to give your access.
a. IM - Trojans
b. Backdoor Trojans
c. Trojan-Downloader
d. Ransom Trojan

Answer- Ransom Trojan

Que - The ______________ can cost you money, by sending text messages from your mobile phone numbers.
a. IM - Trojans
b. Backdoor Trojans
c. SMS Trojan
d. Ransom Trojan

Answer- SMS Trojan

Que - Trojan-Spy programs can keep an eye on how you are using your system.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - A ___________ is a method in which a computer security mechanism is bypassed untraceable for accessing the computer or its information.
a. front-door
b. backdoor
c. clickjacking
d. key-logging

Answer- backdoor

Que - A _________________ may be a hidden part of a program, a separate infected program a Trojan in disguise of an executable or code in the firmware of any system's hardware.
a. crypter
b. virus
c. backdoor
d. key-logger

Answer- backdoor

Que - Backdoors cannot be designed as ______________
a. the hidden part of a program
b. as a part of Trojans
c. embedded code of the firmware
d. embedded with anti-malware

Answer- embedded with anti-malware

Que - Trojans having backdoors are harmless.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - The threat of backdoors started when ____________ & ____________ OSs became widely accepted.
a. single-user, Windows
b. multiuser, networked
c. single-user, UNIX
d. multiuser, UNIX

Answer- multiuser, networked

Que - Backdoors are also known as ______________
a. Malware-doors
b. Trojan-backups
c. Front-doors
d. Trapdoors

Answer- Trapdoors

Que - __________ is a powerful RAT build using the language Delphi 7.
a. Stuxnet
b. T-Bomb
c. Beast
d. Zeus

Answer- Beast

Que - Which of the following is a remote Trojan?
a. Troya
b. DaCryptic
c. BankerA
d. Game-Troj

Answer- Troya

Que - A ___________ consists of at least one bot server or controller and one or more client-bots.
a. Virus
b. Trojan
c. Botnet
d. Adware

Answer- Botnet

Que - Botnets are managed by ______________
a. Bot-holders
b. Bot-herders
c. Bot-trainers
d. Bot-creators

Answer- Bot-herders

Que - A _____________ is a number of Internet-connected systems, where each of them is running one or more bots.
a. Trojan
b. Virus
c. Worms
d. Botnet

Answer- Botnet

Que - _____________ are implemented to carry out distributed DDoS attacks, steal data, send spam messages & permits the hacker to access various devices & its connection.
a. Trojan
b. Virus
c. Botnet
d. Worms

Answer- Botnet

Que - Botnets are not used for ______________
a. Perform DDoS
b. Steal bulk amount of sensitive data
c. Spamming
d. Encrypting for ransom

Answer- Encrypting for ransom

Que - The owner of botnets can control the botnet using ___________________ software.
a. trojans
b. command and control
c. servers
d. infected servers

Answer- command and control

Que - The full form of C&C is ____________
a. command and control
b. copy and cut
c. command and capture
d. copy and control

Answer- command and control

Que - The word "botnet" is a blend of the words _____________ & ___________
a. robot, network
b. rocket, network
c. bot, network
d. bot, internet

Answer- robot, network

Que - Botnets are not the logical connection of which of the following?
a. Smart-phones
b. IoT devices
c. Computer systems
d. Modems

Answer- Modems

Que - Infected computers and other systems within the botnet are called __________
a. killers
b. vampires
c. zombies
d. gargoyles

Answer- zombies

Que - The bot program allows the bot-herders to perform all operations from a ___________ location.
a. local
b. open
c. corporate
d. remote

Answer- remote

Que - Nowadays, most botnets rely on existing _______________ networks for communication.
a. server-to-server
b. peer-to-peer
c. client-to-server
d. host-to-server

Answer- peer-to-peer

Que - Which of the following is not an example of a botnet program?
a. Zeus
b. GameOver
c. ZeroAccess
d. MyDoom

Answer- MyDoom

Que - Which of the following is an example of Botnet?
a. Zeus
b. ILOVEYOU
c. Storm Worm
d. MyDoom

Answer- Zeus

Que - Which of the following is an example of a Botnet program?
a. Slammer
b. GameOver
c. Stuxnet
d. Anna Kournikova

Answer- GameOver

Que - _______________deals with the protection of an individual's information which is implemented while using the Internet on any computer or personal device.
a. Digital agony
b. Digital privacy
c. Digital secrecy
d. Digital protection

Answer- Digital privacy

Que - _______________ is a combined term which encompasses 3 sub-pillars; information privacy, individual privacy, and communication privacy.
a. Digital Integrity
b. Digital privacy
c. Digital secrecy
d. Digital protection

Answer- Digital privacy

Que - Which of the following do not comes under the three pillars of digital privacy?
a. Information privacy
b. Individual privacy
c. Communication privacy
d. Family privacy

Answer- Family privacy

Que - Which of the following is not an appropriate solution for preserving privacy?
a. Use privacy-focussed SE
b. Use private Browser-window
c. Disable cookies
d. Uninstall Antivirus

Answer- Uninstall Antivirus

Que - Which of the following is not an appropriate solution for preserving privacy?
a. Use privacy-focussed SE
b. Close all logical ports
c. Do not use malicious sites and torrent sites
d. Use VPN

Answer- Close all logical ports

Que - Which of the following is not a private Search-engine?
a. Yahoo
b. DuckDuckGo
c. StartPage
d. Wolfram Alpha

Answer- Yahoo

Que - Which of the following is a private Search-engine and do not track our searching data?
a. Google
b. Search Encrypt
c. Bing
d. Yahoo

Answer- Search Encrypt

Que - It is necessary to use ________________ for maintaining searched data privacy.
a. Private email services
b. Private search engines
c. Tor Browser
d. Private Browser window

Answer- Private search engines

Que - Which of the following browser is used for Privacy purpose?
a. Chrome
b. Firefox
c. Opera
d. Tor

Answer- Tor

Que - The Tor browser protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - The __________________ protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.
a. Cookie removers
b. Private Search Engines
c. Tor browser
d. VPNs

Answer- Tor browser

Que - Which of the following is not an example of privacy-browser?
a. Tor
b. Brave
c. Epic
d. Opera

Answer- Opera

Que - ____________ allow its users to attach to the internet via a remote or virtual server which preserves privacy.
a. Cookie removers
b. VPNs
c. Tor browser
d. Private Search Engines

Answer- VPNs

Que - The ____________ transferred between your device & the server is securely encrypted if you are using VPNs.
a. data
b. virus
c. music files
d. document files

Answer- data

Que - The data transferred between your device & the server is securely _____________ if you're using VPNs.
a. locked
b. sealed
c. packed
d. encrypted

Answer- encrypted

Que - A ______________ tries to formulate a web resource occupied or busy its users by flooding the URL of the victim with unlimited requests than the server can handle.
a. Phishing attack
b. DoS attack
c. Website attack
d. MiTM attack

Answer- DoS attack

Que - During a DoS attack, the regular traffic on the target _____________ will be either dawdling down or entirely interrupted.
a. network
b. system
c. website
d. router

Answer- website

Que - The intent of a ______________ is to overkill the targeted server's bandwidth and other resources of the target website.
a. Phishing attack
b. DoS attack
c. Website attack
d. MiTM attack

Answer- DoS attack

Que - DoS is abbreviated as _____________________
a. Denial of Service
b. Distribution of Server
c. Distribution of Service
d. Denial of Server

Answer- Denial of Service

Que - A DoS attack coming from a large number of IP addresses, making it hard to manually filter or crash the traffic from such sources is known as a _____________
a. GoS attack
b. PDoS attack
c. DoS attack
d. DDoS attack

Answer- DDoS attack

Que - DDoS stands for _________________
a. Direct Distribution of Server
b. Distributed Denial of Service
c. Direct Distribution of Service
d. Distributed Denial of Server

Answer- Distributed Denial of Service

Que - Instead of implementing single computer & its internet bandwidth, a ____________ utilizes various systems & their connections for flooding the targeted website.
a. GoS attack
b. PoS attack
c. DDoS attack
d. DoS attack

Answer- DDoS attack

Que - There are ______ types of DoS attack.
a. 2
b. 3
c. 4
d. 5

Answer- 2

Que - Application layer DoS attack is also known as _______________
a. Layer4 DoS attack
b. Layer5 DoS attack
c. Layer6 DoS attack
d. Layer7 DoS attack

Answer- Layer7 DoS attack

Que - ___________ is a type of DoS threats to overload a server as it sends a large number of requests requiring resources for handling & processing.
a. Network Layer DoS
b. Physical Layer DoS
c. Transport Layer DoS
d. Application Layer DoS

Answer- Application Layer DoS

Que - Which of the following is not a type of application layer DoS?
a. HTTP flooding
b. Slowloris
c. TCP flooding
d. DNS query flooding

Answer- TCP flooding

Que - Network layer attack is also known as ________________
a. Layer3-4 DoS attack
b. Layer5 DoS attack
c. Layer6-7 DoS attack
d. Layer2 DoS attack

Answer- Layer3-4 DoS attack

Que - Which of the following do not comes under network layer DoS flooding?
a. UDP flooding
b. HTTP Flooding
c. SYN flooding
d. NTP Amplification

Answer- HTTP Flooding

Que - Which of the following do not comes under network layer DoS flooding?
a. DNS amplification
b. UDP flooding
c. DNS query flooding
d. NTP Amplification

Answer- DNS query flooding

Que - DDoS are high traffic events that are measured in Gigabits per second (Gbps) or packets per second (PPS).
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - A DDoS with 20 to 40 Gbps is enough for totally shutting down the majority network infrastructures.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ______________ is an internet scam done by cyber-criminals where the user is convinced digitally to provide confidential information.
a. Phishing attack
b. DoS attack
c. Website attack
d. MiTM attack

Answer- Phishing attack

Que - In _______________ some cyber-criminals redirect the legitimate users to different phishing sites and web pages via emails, IMs, ads and spyware.
a. URL Redirection
b. DoS
c. Phishing
d. MiTM attack

Answer- Phishing

Que - Phishers often develop ______________ websites for tricking users & filling their personal data.
a. legitimate
b. illegitimate
c. genuine
d. official

Answer- illegitimate

Que - Which of the following type of data, phishers cannot steal from its target victims?
a. bank details
b. phone number
c. passwords
d. apps installed in the mobile

Answer- apps installed in the mobile

Que - Algorithm-Based Phishing was developed in the year __________
a. 1988
b. 1989
c. 1990
d. 1991

Answer- 1990

Que - ______________ was the first type of phishing where the phishers developed an algorithm for generating random credit card numbers.
a. Algo-based phishing
b. Email-based phishing
c. Domain Phishing
d. Vishing

Answer- Algo-based phishing

Que - Email Phishing came into origin in the year __________
a. 1990
b. 2000
c. 2005
d. 2015

Answer- 2000

Que - _________________ type of phishing became very popular as if it has been sent from a legitimate source with a legitimate link to its official website.
a. Algo-based phishing
b. Email-based phishing
c. Domain Phishing
d. Vishing

Answer- Email-based phishing

Que - _____________ refers to phishing performed over smart-phone by calling.
a. Algo-based phishing
b. Email-based phishing
c. Domain Phishing
d. Vishing

Answer- Vishing

Que - _____________ = voice + phishing.
a. Algo-based phishing
b. Vishing
c. Domain Phishing
d. Email-based phishing

Answer- Vishing

Que - Victims of phishing are mostly ___________________
a. Tech enthusiast
b. Professional computer engineers
c. Lack of computer knowledge
d. Lack of management skill

Answer- Lack of computer knowledge

Que - ___________________ is usually targeted by nature where the emails are exclusively designed to target any exact user.
a. Algo-based phishing
b. Vishing
c. Domain Phishing
d. Spear phishing

Answer- Spear phishing

Que - ____________ or smishing is one of the simplest types of phishing where the target victims may get a fake order detail with a cancellation link.
a. Algo-based phishing
b. SMS phishing
c. Domain Phishing
d. Spear phishing

Answer- SMS phishing

Que - ________________ phishing is that type of phishing where the construction of a fake webpage is done for targeting definite keywords & waiting for the searcher to land on the fake webpage.
a. Voice
b. SMS
c. Search engine
d. Email

Answer- Search engine

Que - Which of the following is not an example or type of phishing?
a. Spear phishing
b. Deceptive phishing
c. Whaling
d. Monkey in the Middle

Answer- Monkey in the Middle

Que - _____________ is data interception method used by hackers.
a. Phishing
b. DoS
c. Sniffing
d. MiTM

Answer- Sniffing

Que - Sniffing is also known as ___________________
a. network-tapping
b. wiretapping
c. net-tapping
d. wireless-tapping

Answer- wiretapping

Que - _____________ are programs or devices that capture the vital information from the target network or particular network.
a. Routers
b. Trappers
c. Wireless-crackers
d. Sniffers

Answer- Sniffers

Que - Which of them is not an objective of sniffing for hackers?
a. Fetching passwords
b. Email texts
c. Types of files transferred
d. Geographic location of a user

Answer- Geographic location of a user

Que - Which of the following tech-concepts cannot be sniffed?
a. Router configuration
b. ISP details
c. Email Traffic
d. Web Traffic

Answer- ISP details

Que - Which of the following tech-concepts cannot be sniffed?
a. Cloud sessions
b. FTP passwords
c. Telnet passwords
d. Chat sessions

Answer- Cloud sessions

Que - Which of the below-mentioned protocol is not susceptible to sniffing?
a. HTTP
b. SMTP
c. POP
d. TCP

Answer- TCP

Que - Which of the below-mentioned protocol is not susceptible to sniffing?
a. NNTP
b. UDP
c. FTP
d. IMAP

Answer- UDP

Que - There are __________ types of sniffing.
a. 2
b. 3
c. 4
d. 5

Answer- 2

Que - Active sniffing is difficult to detect.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Which of the following is not a sniffing tool?
a. Wireshark
b. Dude Sniffer
c. Maltego
d. Look@LAN

Answer- Maltego

Que - A sniffer, on the whole turns your system's NIC to the licentious mode so that it can listen to all your data transmitted on its division.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - A ______________ on the whole turns your system's NIC to the licentious mode so that it can listen to all your data transmitted on its division.
a. Phishing site
b. Sniffer tool
c. Password cracker
d. NIC cracker

Answer- Sniffer tool

Que - In _____________ sniffing, the network traffic is not only supervised & locked, but also be can be altered in different ways to accomplish the attack.
a. passive
b. signal
c. network
d. active

Answer- active

Que - __________________ are those devices which can be plugged into your network at the hardware level & it can monitor traffic.
a. Hardware sniffers & analyzers
b. Hardware protocol analyzers
c. Hardware protocol sniffers
d. Hardware traffic sniffers and observers

Answer- Hardware protocol analyzers

Que - _____________ attack is the exploitation of the web-session & its mechanism that is usually managed with a session token.
a. Session Hacking
b. Session Hijacking
c. Session Cracking
d. Session Compromising

Answer- Session Hijacking

Que - The most commonly used session hijacking attack is the _______________
a. IP hacking
b. IP spooling
c. IP spoofing
d. IP tracking

Answer- IP spoofing

Que - ________________ are required because HTTP uses a lot of diverse TCP connections, so, the web server needs a means to distinguish every user's connections.
a. Internet
b. Network
c. Hijacking
d. Sessions

Answer- Sessions

Que - Since most _______________________ occur at the very beginning of the TCP session, this allows hackers to gain access to any system.
a. authentications
b. breaches
c. integrations
d. associations

Answer- authentications

Que - _______________ is done only after the target user has connected to the server.
a. Server hacking
b. Banner grabbing
c. Cracking
d. Hijacking

Answer- Hijacking

Que - In _______________ attack, the attacker doesn't actively take over another user to perform the attack.
a. phishing
b. spoofing
c. hijacking
d. vishing

Answer- spoofing

Que - There are ___________ types of session hijacking.
a. 2
b. 3
c. 4
d. 5

Answer- 2

Que - With ___________________ attack, an attacker hijacks a session but do not alter anything. They just sit back and watch or record all the traffic and data being sent forth.
a. network session hijacking
b. passive session hijacking
c. active session hijacking
d. social-networking session hijacking

Answer- passive session hijacking

Que - In an _________________ attack, an attacker finds an active session & takes over that session.
a. network session hijacking
b. passive session hijacking
c. active session hijacking
d. social-networking session hijacking

Answer- active session hijacking

Que - Session hijacking takes place at ____________ number of levels.
a. five
b. four
c. three
d. two

Answer- two

Que - The ______________ hijacking is implemented on the data flow of protocol shared by all web applications.
a. network level
b. physical level
c. application level
d. data level

Answer- network level

Que - Which of the following example do not comes under network level session hijacking.
a. TCP/IP Hijacking
b. RST Hijacking
c. Domain Hijacking
d. Blind Hijacking

Answer- Domain Hijacking

Que - In ___________________ session hijacking, hackers gain session ID for taking control of existing session or even create a new unauthorized session.
a. network level
b. physical level
c. application level
d. data level

Answer- physical level

Que - Which of them is not a session hijacking tool?
a. Juggernaut
b. IP watcher
c. Wireshark
d. Paros HTTP Hijacker

Answer- Wireshark

Que - Which of the following is a session hijacking tool?
a. T-Sight
b. Wireshark
c. Maltego
d. Nessus

Answer- T-Sight

Que - Hjksuite Tool is a collection of programs for hijacking. It contains a library called hjklib which can help in implementing TCP/IP stack-over hijacking.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not an appropriate way to compromise web servers?
a. Misconfiguration in OS
b. Using network vulnerabilities
c. Misconfiguration in networks
d. Bugs in OS which allow commands to run on web servers

Answer- Using network vulnerabilities

Que - Which of the following is not an appropriate method of defacing web server?
a. Fetching credentials through MiTM
b. Brute-forcing Admin Password
c. IP address spoofing
d. DNS Attack through cache poisoning

Answer- IP address spoofing

Que - Which of the following is not an appropriate method of defacing web server?
a. Mail server intrusion
b. Web application bugs
c. Web shares misconfiguration
d. Sessions hijacking

Answer- Sessions hijacking

Que - _________ is one of the most widely used web server platforms.
a. IIS
b. IAS
c. ISS
d. AIS

Answer- IIS

Que - IIS stands for __________________
a. Interconnected Information Server
b. Interconnected Information Services
c. Internet Information Server
d. Internet Information Services

Answer- Internet Information Services

Que - ____________ is a tiny script that if uploaded to a web server can give hacker complete control of a remote PC.
a. Spyware
b. ASP Trojan
c. Web ransomware
d. Stuxnet

Answer- ASP Trojan

Que - ____________ logs all the visits in log files which is located at <%systemroot%>\logfiles.
a. IIS
b. Microsoft Server
c. Linux
d. IAS

Answer- IIS

Que - Which of the following is not a web server attack type?
a. DOS attack
b. Website Defacement using SQLi
c. Directory Traversal
d. Password guessing

Answer- Password guessing

Que - ______________ tool clears the log entries in the IIS log files filtered by an IP address.
a. CleanIISLoging
b. CleanLogger
c. CleanIISLog
d. ClearIISLog

Answer- CleanIISLog

Que - CleanIISLog is not a hacking tool.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Which of the following is not an appropriate countermeasure for web server hacking?
a. Patch updates need to be done regularly
b. Not to use default configurations
c. Use IDS and firewalls with signature updates
d. Use low-speed internet

Answer- Use low-speed internet

Que - Which of the following is not an appropriate countermeasure for web server hacking?
a. Using OS or antivirus without updates
b. Scan web server applications for vulnerabilities
c. Using secure protocols
d. Follow strict access control policy

Answer- Using OS or antivirus without updates

Que - _____________ focuses on the detection & prevention of sensitive data exfiltration and lost data.
a. Data loss prevention
b. Data loss measurement
c. Data stolen software
d. Data leak prevention

Answer- Data loss prevention

Que - A _______________ is a program application which is stored on a remote-server & distributed over the Internet when a user uses a browser interface to request for such applications.
a. Android application
b. Web application
c. PC application
d. Cloud application

Answer- Web application

Que - Which of the following is not an example of web application hacking?
a. Defacing websites
b. Stealing credit card information
c. Reverse engineering PC apps
d. Exploiting server-side scripting

Answer- Reverse engineering PC apps

Que - _______________ hacking refers to mistreatment of applications through HTTP or HTTPS that can be done by manipulating the web application through its graphical web interface or by tampering the Uniform Resource Identifier (URI).
a. Android application
b. Web application
c. PC application
d. Cloud application

Answer- Web application

Que - Which of the following is not an appropriate method of web application hacking?
a. XSS
b. CSRF
c. SQLi
d. Brute-force

Answer- Brute-force

Que - XSS stands for _________________
a. Crack Site Scripting
b. Cross Site Server
c. Cross Site Scripting
d. Crack Server Scripting

Answer- Cross Site Scripting

Que - Which of the following is not an example of web application hacking?
a. DNS Attack
b. Dumpster diving
c. Injecting Malicious code
d. Using the shell to destroy web application data

Answer- Dumpster diving

Que - Which of the following is not a threat of web application?
a. Reverse engineering
b. Command injection
c. DMZ protocol attack
d. Buffer Overflow

Answer- Reverse engineering

Que - Which of the following is not a threat of web application?
a. Session poisoning
b. Phishing
c. Cryptographic interception
d. Cookie snooping

Answer- Phishing

Que - ________ Injection attack is a special attack done through character elements "Carriage Return" or "Line Feed." Exploitation can be done when an attacker is capable to inject a CRLF series in an HTTP stream.
a. XSS
b. CSRF
c. CRLF
d. SQL

Answer- CRLF

Que - Which of the following scripting language is used for injecting executable malicious code for web-app hacking?
a. C++
b. Tcl
c. Frame-Script
d. JavaScript

Answer- JavaScript

Que - ______________ takes advantage if hidden fields that work as the only security measure in some applications.
a. Parameter tampering
b. Data tampering
c. Tampering of network topology
d. Protocol tampering

Answer- Parameter tampering

Que - _____________ is the attack method for decoding user credentials. Using this technique an attacker can log on as a user & gain access to unauthorized data.
a. Cache Snooping
b. Cookie-jacking
c. Cookie Snooping
d. Cache-compromising

Answer- Cookie Snooping

Que - Which of the following is not an example of web application hacking technique?
a. LDAP injection
b. Cryptanalysis
c. Race condition attack
d. OS command injection.

Answer- Cryptanalysis

Que - _____________ are unwanted software intended to pitch advertisements upon the user's screen, most often within a web browser.
a. Shareware
b. Adware
c. Bloatware
d. Ransomware

Answer- Adware

Que - PUP is abbreviated as ____________
a. Potentially Useless Programs
b. Potentially Unwanted Protocols
c. Potentially Unwanted Programs
d. Partial Unwanted Programs

Answer- Potentially Unwanted Programs

Que - Users might invite some bogus virus in his/her system by clicking the ____________
a. Shareware
b. Spyware
c. URL
d. Adware

Answer- Adware

Que - Which among the following is not an abnormal symptom found once you click any malicious adware?
a. Automatic opening of new tabs in the browser
b. Automatic updates of antivirus
c. Changes in home page
d. Popping up of new Search engines on your browser

Answer- Automatic updates of antivirus

Que - Once _____________ hijacks your system, it might perform different sorts of unwanted tasks.
a. Server hacking
b. Banner grabbing
c. Cracking
d. Hijacking

Answer- Hijacking

Que - Creators of _____________ also sell your browsing behaviour & information to 3rd parties.
a. Shareware
b. Spyware
c. URL
d. Adware

Answer- Adware

Que - Modern ____________ can even use it to target users with additional s that are customized to the browsing habits.
a. smart shareware
b. smart adware
c. smart bloatware
d. smart spyware

Answer- smart adware

Que - Creators of adware also sell your browsing behaviour & information to 3rd parties.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which among the following is not a symptom of your system compromised with adware?
a. Website links redirect to sites unlike from what user is intended
b. Web browser acts slows to a crawl
c. System takes restarts frequently
d. The browser might crash frequently

Answer- System takes restarts frequently

Que - Malicious adware may sneak into your system by __________ different ways.
a. five
b. four
c. three
d. two

Answer- two

Que - Which of the following term is not a valid terminology and type of adware?
a. Mobile adware
b. Mac Adware
c. Smart-home adware
d. Windows adware

Answer- Smart-home adware

Que - Adware will not come to your system if you are using Chrome.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - ________________ are unnecessary software which infiltrates user's system, spy on user's activities, stealing internet usage data & sensitive information of that user.
a. Shareware
b. Spyware
c. Ransomware
d. Freeware

Answer- Spyware

Que - They spy on our digital habits and spy on which data is more sensitive or useful for its creator. Who are 'they' referring to here?
a. Shareware
b. Ransomware
c. Spyware
d. Freeware

Answer- Spyware

Que - Spyware collects user's personal data & spreads it to______________ data-firms, or its creator.
a. advertisers
b. dark-market
c. antivirus company
d. share market

Answer- advertisers

Que - Which of the following activity is not done by spyware?
a. sell internet usage data
b. capture credit card details
c. user's personal identity
d. steal signature of the different virus

Answer- steal signature of the different virus

Que - Which of the following activity is not done by spyware?
a. Monitors your internet activity
b. Track user's login details and passwords
c. Uninstalls your mobile browser
d. Spy on sensitive information

Answer- Uninstalls your mobile browser

Que - Spyware is not a powerful & one of the most widespread threats on the internet.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - It actually infects your device easily & makes it hard to _____________
a. delete
b. identify
c. modify
d. copy

Answer- identify

Que - There are __________ main types of spyware.
a. 2
b. 3
c. 4
d. 5

Answer- 4

Que - _____________ track the user's online activities like search queries, history pages & downloads, for selling purposes.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies

Answer- Tracking cookies

Que - _____________ tracks your data and displays those products as ads for promotions.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies

Answer- Ad-based spyware

Que - _________________ disguises them as legitimate software & appear as Java or Flash Player updates. They will periodically collect your system data and send it to its creator.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies

Answer- Spy-trojans

Que - ____________ records all your key-strokes, chat-room dialogs, program run in your system, and system details.
a. Ad-based spyware
b. System Monitors
c. Spy-trojans
d. Tracking cookies

Answer- System Monitors

Que - Which of the following do not lead you to invite spyware into your system?
a. Accepting fishy prompt or pop-ups
b. Downloading apps from an unreliable source
c. Opening unknown attachments
d. Installing antivirus patches

Answer- Installing antivirus patches

Que - As you sense your device has been infected with spyware, you should run a scan with your existing security software/AV for making sure it has cleaned up all malicious contents.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not an anti-spyware tool?
a. MalwareBytes Anti-Malware tool
b. SpyBot Search and Destroy
c. Emsisoft Emergency Kit
d. MS Firewall Defender

Answer- MS Firewall Defender

Que - If you've accidentally clicked any pop-up which seems malicious, it is recommended to take steps to remove it and proactively change your ________ and delete browsing activities from web browser.
a. passwords
b. email ID
c. name
d. address

Answer- passwords

Que - ______________ can be defined as the duplication of another creator's or developer's product trailing a thorough examination of its production or development.
a. Reverse hacking
b. Cracking
c. Social engineering
d. Reverse engineering

Answer- Reverse engineering

Que - _____________ can be made functional to diverse aspects of software development & hardware improvement activities.
a. Reverse hacking
b. Cracking
c. Reverse engineering
d. Social engineering

Answer- Reverse engineering

Que - RE is often defined as the crafting technique of ____________ who uses his skills to remove copy protection or trial versions from software or media.
a. crackers
b. risk assessment team
c. auditors
d. surveillance monitoring team

Answer- crackers

Que - Which of the following activity is a good aspect of reverse engineering in ethical hacking?
a. Cracking the trial version of the product to make it full-version
b. Removing the product key insertion step
c. Jumping the code for premium facilities
d. Determining the vulnerabilities in the product.

Answer- Determining the vulnerabilities in the product.

Que - Which of the following activity is a good aspect of reverse engineering in ethical hacking?
a. Cracking the trial version of the product to make it full-version
b. Removing the product key insertion step
c. Jumping the code for premium facilities
d. Determine whether the app contains any undocumented functionality

Answer- Determine whether the app contains any undocumented functionality

Que - Which of the following is not a proper use of RE for ethical hackers?
a. Check for poorly designed protocols
b. Check for error conditions
c. Cracking for making paid apps free for use
d. Testing for boundary conditions

Answer- Cracking for making paid apps free for use

Que - ________________ is the opposite of assembler.
a. Reassembler
b. Disassembler
c. Compiler
d. Interpreter

Answer- Disassembler

Que - ______________ comes under tools for reverse engineering (RE).
a. Reassembler
b. Compiler
c. Disassembler
d. Interpreter

Answer- Disassembler

Que - De-compilation is not done for _______________
a. Recovery of lost source code
b. Migration of assembly language
c. Determining the existence of malicious code in any app
d. Targeting users with stealing code

Answer- Targeting users with stealing code

Que - Which of the following is not a disassembler tool?
a. IDA Pro
b. PE Explorer
c. Turbo C
d. W32DASM

Answer- Turbo C

Que - There are ______ types of reverse engineering methodologies.
a. 6
b. 2
c. 5
d. 3

Answer- 2

Que - Which of the following is not an actual Reverse Engineering tool?
a. Debugger
b. Disassembler
c. Text Editor
d. Hex Editor

Answer- Text Editor

Que - Hex editors permit programmers to inspect & alter binaries based on some software requirements.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - PE & Resource Viewer permits programmers to inspect & alter resources which are entrenched in the EXE file of any software.
a. PE & Resource Viewer
b. Debugger
c. Disassembler
d. Hex Editor

Answer- PE & Resource Viewer

Que - IDAPro is used as a _________________ in manual binary code analysis and also used a debugger.
a. PE & Resource Viewer
b. Debugger
c. Disassembler
d. Hex Editor

Answer- Disassembler

Que - ________________ is a type of reverse engineering tool that is used to dissect binary codes into assembly codes.
a. PE & Resource Viewer
b. Debugger
c. Disassembler
d. Hex Editor

Answer- Disassembler

Que - Which of the following is not a function or use of disassembler?
a. Extracting functions & libraries
b. Extracting strings and values
c. Assemble medium-level codes
d. Dissect binary codes

Answer- Assemble medium-level codes

Que - Which of the following is not a feature of IDAPro?
a. Instant debugging
b. Connect local and remote systems easily
c. Explore in-depth binary data
d. Convert machine language to high-level code

Answer- Convert machine language to high-level code

Que - A _____________ takes executable file as input and tries to generate high level code.
a. Debugger
b. Decompiler
c. Disassembler
d. Hex Editor

Answer- Decompiler

Que - ________________ does not attempt to reverse the actions of compiler; rather it transforms the input program repeatedly until HLL code is achieved.
a. Debugger
b. Hex Editor
c. Disassembler
d. Decompiler

Answer- Decompiler

Que - _____________ will not recreate the original source file created by the compiler.
a. Debugger
b. Hex Editor
c. Decompiler
d. Disassembler

Answer- Decompiler

Que - Which of the following is not a decompiler tool?
a. DCC decompiler
b. Borol and C
c. Boomerang Decompiler
d. ExeToC

Answer- Borol and C

Que - REC stands for ________________
a. Reverse Engineering Compiler
b. Reverse Engineering Computer
c. Return-to-Code Engineering Compiler
d. Reversing Engineered Compiler

Answer- Reverse Engineering Compiler

Que - _______________ is a universal interactive program environment for reverse engineering.
a. TurboC
b. Andromeda Decompiler
c. IDAPro
d. PE Explorer

Answer- Andromeda Decompiler

Que - Which one is not an example of .Net application decompiler?
a. Salamander
b. Dis
c. Decompiler.Net
d. MultiRipper

Answer- MultiRipper

Que - __________ is a naming system given to different computers which adapt to human-readable domain names.
a. HTTP
b. DNS
c. WWW
d. ISP

Answer- DNS

Que - DNS stands for _____________
a. Data Name System
b. Domain Name Server
c. Domain Name System
d. Domain's Naming System

Answer- Domain Name System

Que - Some security issues might exist owing to misconfigured __________________ which can direct to disclosure of information regarding the domain.
a. DNS names
b. HTTP setup
c. ISP setup
d. FTP-unsecured

Answer- DNS names

Que - ______________ is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system's TCP/IP settings.
a. DNS mal-functioning
b. DNS cracking
c. DNS redirecting
d. DNS hijacking

Answer- DNS hijacking

Que - _____________ can be attained by the use of malware or by changing the server's settings.
a. DNS poisoning
b. DNS cracking
c. DNS hijacking
d. DNS redirecting

Answer- DNS hijacking

Que - There are _________ main types of DNS hijacking.
a. 4
b. 2
c. 3
d. 5

Answer- 2

Que - DNS trojans are used for performing a type of DNS hijacking.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - The _______________ matches and maps to the user friendly domain name.
a. HTTP
b. DNS
c. WWW
d. ISP

Answer- DNS

Que - Which of the following is not an example of DNS hijacking?
a. ISP DNS hijacking
b. DNS hijacking for phishing
c. DNS hijacking for pharming
d. HTTP-based DNS hacking

Answer- HTTP-based DNS hacking

Que - A ______________ is essentially a text file residing on the server that hosts different domain containing entries for dissimilar resource records.
a. Zone file
b. Robot file
c. Bot file
d. DNS file

Answer- Zone file

Que - ______________ which is also termed as DNS spoofing, is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of internet.
a. DNS poisoning
b. DNS re-routing
c. DNS cracking
d. Domain link poisoning

Answer- DNS poisoning

Que - DNS poisoning is very dangerous because it can extend its reach from one ___________ to another.
a. ISP server
b. DNS server
c. Linux server
d. Domain user

Answer- DNS server

Que - A _________________ can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it.
a. Server data
b. Domain name
c. DNS cache
d. System file

Answer- DNS cache

Que - The ____________ Domain Name Server data will get spread to the ISPs & will be cached there.
a. working
b. compromised
c. corrupted
d. poisoned

Answer- poisoned

Que - The user could be influenced by DNS hijacking if the government of that country uses DNS redirecting as a mechanism to mask censorship.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following data is not appropriate here, if you delete cache, cookies, and browser history?
a. Address bar predictions
b. Saved passwords
c. Browser plug-ins
d. Shopping cart content

Answer- Browser plug-ins

Que - ____________ are tiny files which get downloaded to your system when you visit a website.
a. Cookies
b. Caches
c. Bots
d. Crawlers

Answer- Cookies

Que - Browser ___________ are impermanent internet files which helps the browsers download web images, data & documents for rapid performance & viewing in the future.
a. plug-ins
b. cache
c. ad-on
d. history

Answer- cache

Que - ___________ is just a group of data downloaded for helping in displaying a web page faster.
a. plug-ins
b. cache
c. ad-ons
d. history

Answer- cache

Que - Attackers could steal ___________ to achieve illegitimate accessing to online accounts & disturbs the personal information.
a. plug-ins
b. cache
c. cookies
d. history

Answer- cookies

Que - Which of the following is not an example of browsing data?
a. Forms and Search-bar data
b. Cache data
c. Downloading history
d. Start bar search data

Answer- Start bar search data

Que - There are cookies that are designed to track your browsing habits & aim ads to you.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is the most viral section of the internet?
a. Chat Messenger
b. Social networking sites
c. Tutorial sites
d. Chat-rooms

Answer- Social networking sites

Que - ____________ type of sites are known as friend-of-a-friend site.
a. Chat Messenger
b. Social networking sites
c. Tutorial sites
d. Chat-rooms

Answer- Social networking sites

Que - Which of the following is not an appropriate measure for securing social networking accounts?
a. Strong passwords
b. Link your account with a phone number
c. Never write your password anywhere
d. Always maintain a soft copy of all your passwords in your PC

Answer- Always maintain a soft copy of all your passwords in your PC

Que - Which of them is a proper measure of securing social networking account?
a. Never keep your password with any relevant names
b. Keep written records of your passwords
c. Keep records of your password in audio format in your personal cell-phone
d. Passwords are kept smaller in size to remember

Answer- Never keep your password with any relevant names

Que - If hackers gain access to your social media accounts, they can do some illicit or shameless act to degrade your reputation.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ________________ is a popular tool to block social-media websites to track your browsing activities.
a. Fader
b. Blur
c. Social-Media Blocker
d. Ad-blocker

Answer- Blur

Que - Try to keep your passwords without meaning so that _____________ attack becomes almost impossible to perform successfully.
a. social engineering
b. phishing
c. password guessing
d. brute force

Answer- password guessing

Que - Keeping the password by the name of your pet is a good choice.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Increase your security for social media account by always ____________ as you step away from the system.
a. signing in
b. logging out
c. signing up
d. logging in

Answer- logging out

Que - Clicking on enticing Ads can cause trouble.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Strangers cannot cause much trouble if we connect to them over social media.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Que - Part of the social media sites are the various games & 3rd party applications which helps ______________ to get access to your data.
a. ethical hackers
b. penetration testers
c. security auditors
d. cyber-criminals

Answer- cyber-criminals

Que - Many social media sites and services provide _______________ for legitimate account verification.
a. Retina scanning
b. Fingerprint scanning
c. CAPTCHA
d. 2-step verification

Answer- 2-step verification

Que - Scanning your system and destroying suspicious files can reduce risks of data compromise or leakage of compromised data over social media.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Different social media services offer tips as of how to use their services and site, still maintaining a high altitude of security.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ______________ is populating the inbox of any target victim with unsolicited or junk emails.
a. Phishing
b. Spamming
c. Hooking
d. DoS

Answer- Spamming

Que - _________________ technique is also used in product .
a. Phishing
b. Cookies
c. e-Banners
d. Spamming

Answer- e-Banners

Que - Which of the following is not a technique used by spanners?
a. Spoofing the domain
b. Sending attached virus in spams
c. Junk tags associated with spam-emails
d. Making important deals through such emails

Answer- Making important deals through such emails

Que - ___________ are used which crawl web pages looking for email Ids and copies them to the database.
a. Caches
b. Cookies
c. Bots
d. Spiders

Answer- Spiders

Que - Which of the following is not a proper way of how spammers get the email Ids?
a. When a user registers to online services, blogs, and sites
b. Databases formed by spiders fetching email Ids from different sources
c. From offline form fill-up documents
d. Online ad-tracking tools

Answer- From offline form fill-up documents

Que - There are ___________ major ways of spamming.
a. 4
b. 2
c. 3
d. 5

Answer- 2

Que - There are _______ types of spamming.
a. 3
b. 4
c. 5
d. 6

Answer- 6

Que - Which of the following is not a type of spamming attack?
a. Page-jacking
b. Image spamming
c. Spear phishing
d. Blog & wiki spamming

Answer- Spear phishing

Que - Which of the following is not a bulk emailing tool?
a. Fairlogic Worldcast
b. 123 Hidden sender
c. YL Mail Man
d. NetCut

Answer- NetCut

Que - Which of the following is not a bulk emailing tool?
a. Wireshark
b. Sendblaster
c. Direct Sender
d. Hotmailer

Answer- Wireshark

Que - Which of the following is not an anti-spam technique?
a. Signature-based content filtering
b. DNS routing
c. Bayesian Content Filtering
d. Collaborative content filtering

Answer- DNS routing

Que - Which of the following is not an anti-spam technique?
a. Reputation control
b. Sender policy framework
c. DNS-based block-list
d. Domain-based blocking

Answer- Domain-based blocking

Que - ___________ is a tool used as spam filter in association with email programs and automatically intercepts spam emails.
a. Nessus
b. SpamExpert Desktop
c. Spam-Rescurer
d. Burp-Suite

Answer- SpamExpert Desktop

Que - Which of the following is not an anti-spamming tool or system?
a. Spam-Eater Pro
b. SpyTech Spam Agent
c. SpamExperts Desktop
d. Anti-spyware Tech

Answer- Anti-spyware Tech

Que - _________________ is the process or mechanism used for converting ordinary plain text into garbled non-human readable text & vice-versa.
a. Malware Analysis
b. Exploit writing
c. Reverse engineering
d. Cryptography

Answer- Cryptography

Que - ______________ is a means of storing & transmitting information in a specific format so that only those for whom it is planned can understand or process it.
a. Malware Analysis
b. Cryptography
c. Reverse engineering
d. Exploit writing

Answer- Cryptography

Que - When plain text is converted to unreadable format, it is termed as _____________
a. rotten text
b. raw text
c. cipher-text
d. ciphen-text

Answer- cipher-text

Que - Cryptographic algorithms are based on mathematical algorithms where these algorithms use ___________ for a secure transformation of data.
a. secret key
b. external programs
c. add-ons
d. secondary key

Answer- secret key

Que - Cryptography can be divided into ______ types.
a. 5
b. 4
c. 3
d. 2

Answer- 2

Que - Data which is easily readable & understandable without any special algorithm or method is called _________________
a. cipher-text
b. plain text
c. raw text
d. encrypted text

Answer- plain text

Que - Plain text are also called _____________
a. cipher-text
b. raw text
c. clear-text
d. encrypted text

Answer- clear-text

Que - There are ________ types of cryptographic techniques used in general.
a. 2
b. 3
c. 4
d. 5

Answer- 3

Que - Conventional cryptography is also known as _____________ or symmetric-key encryption.
a. secret-key
b. public key
c. protected key
d. primary key

Answer- secret-key

Que - Data Encryption Standard is an example of a _____________ cryptosystem.
a. conventional
b. public key
c. hash key
d. asymmetric-key

Answer- conventional

Que - _______________ cryptography deals with traditional characters, i.e., letters & digits directly.
a. Modern
b. Classic
c. Asymmetric
d. Latest

Answer- Classic

Que - ____________ cryptography operates on binary-bit series and strings.
a. Modern
b. Classic
c. Traditional
d. Primitive

Answer- Modern

Que - __________ cryptography has always been focussing on the concept of 'security through obscurity'.
a. Modern
b. Asymmetric
c. Classic
d. Latest

Answer- Classic

Que - ________________ cryptography is based on publicly known mathematically designed algorithms to encrypt the information.
a. Modern
b. Classic
c. Traditional
d. Primitive

Answer- Modern

Que - _____________________ is the art & science of cracking the cipher-text without knowing the key.
a. Cracking
b. Cryptanalysis
c. Cryptography
d. Crypto-hacking

Answer- Cryptanalysis

Que - The process of disguising plaintext in such a way that its substance gets hidden (into what is known as cipher-text) is called _________________
a. cryptanalysis
b. decryption
c. reverse engineering
d. encryption

Answer- encryption

Que - The method of reverting the encrypted text which is known as cipher text to its original form i.e. plain text is known as ________________
a. cryptanalysis
b. decryption
c. reverse engineering
d. encryption

Answer- decryption

Que - Which of the following is not the primary objective of cryptography?
a. Confidentiality
b. Data Integrity
c. Data Redundancy
d. Authentication

Answer- Data Redundancy

Que - Which of the following is not the primary objective of cryptography?
a. Confidentiality
b. Data Redundancy
c. Non-repudiation
d. Authentication

Answer- Data Redundancy

Que - Cryptography offers a set of required security services. Which of the following is not among that 4 required security services?
a. Encryption
b. Message Authentication codes
c. Hash functions
d. Steganography

Answer- Steganography

Que - A cryptosystem is also termed as ______________
a. secure system
b. cipher system
c. cipher-text
d. secure algorithm

Answer- cipher system

Que - ______________ is the mathematical procedure or algorithm which produces a cipher-text for any specified plaintext.
a. Encryption Algorithm
b. Decryption Algorithm
c. Hashing Algorithm
d. Tuning Algorithm

Answer- Encryption Algorithm

Que - _______________ takes the plain text and the key as input for creating cipher-text.
a. Decryption Algorithm
b. Hashing Algorithm
c. Tuning Algorithm
d. Encryption Algorithm

Answer- Decryption Algorithm

Que - ____________________ is a mathematical algorithm that produces a unique plain text for a given cipher text along with a decryption key.
a. Decryption Algorithm
b. Hashing Algorithm
c. Tuning Algorithm
d. Encryption Algorithm

Answer- Decryption Algorithm

Que - A set of all probable decryption keys are collectively termed as ____________
a. key-stack
b. key bunch
c. key space
d. key pack

Answer- key space

Que - Encryption-decryption in cryptosystem is done in ______ ways.
a. 4
b. 3
c. 5
d. 2

Answer- 2

Que - In _____________________ same keys are implemented for encrypting as well as decrypting the information.
a. Symmetric Key Encryption
b. Asymmetric Key Encryption
c. Asymmetric Key Decryption
d. Hash-based Key Encryption

Answer- Symmetric Key Encryption

Que - In __________________ 2 different keys are implemented for encrypting as well as decrypting that particular information.
a. Symmetric Key Encryption
b. Asymmetric Key Encryption
c. Asymmetric Key Decryption
d. Hash-based Key Encryption

Answer- Symmetric Key Encryption

Que - A set of all probable decryption keys are collectively termed as key space.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ____________ is a mono-alphabetic encryption code wherein each & every letter of plain-text is replaced by another letter in creating the cipher-text.
a. Polyalphabetic Cipher
b. Caesar Cipher
c. Playfair Cipher
d. Monoalphabetic Cipher

Answer- Caesar Cipher

Que - _____________ is the concept that tells us about the replacement of every alphabet by another alphabet and the entire series gets 'shifted' by some fixed quantity.
a. Rolling Cipher
b. Shift Cipher
c. Playfair Cipher
d. Block Cipher

Answer- Shift Cipher

Que - ________________ is a cipher formed out of substitution where for a given key-value the cipher alphabet for every plain text remains fixed all through the encryption procedure.
a. Polyalphabetic Cipher
b. Caesar Cipher
c. Playfair Cipher
d. Monoalphabetic Cipher

Answer- Monoalphabetic Cipher

Que - In Playfair cipher, at first, a key table is produced. That key table is a 5 by 5 grid of alphabets which operates as the key to encrypt the plaintext.
a. Rolling Cipher
b. Shift Cipher
c. Playfair Cipher
d. Block Cipher

Answer- Playfair Cipher

Que - ______________ employs a text string as a key that is implemented to do a series of shifts on the plain-text.
a. Vigenere Cipher
b. Shift Cipher
c. Playfair Cipher
d. Block Cipher

Answer- Shift Cipher

Que - The ________________ has piece of the keyword that has the same length as that of the plaintext.
a. Block Cipher
b. One-time pad
c. Hash functions
d. Vigenere Cipher

Answer- One-time pad

Que - In _____________ a sequence of actions is carried out on this block after a block of plain-text bits is chosen for generating a block of cipher-text bits.
a. Block Cipher
b. One-time pad
c. Hash functions
d. Vigenere Cipher

Answer- Block Cipher

Que - In _______________ the plain-text is processed 1-bit at a time & a series of actions is carried out on it for generating one bit of cipher-text.
a. Block Cipher
b. One-time pad
c. Stream cipher
d. Vigenere Cipher

Answer- Stream cipher

Que - The procedure to add bits to the last block is termed as _________________
a. decryption
b. hashing
c. tuning
d. padding

Answer- padding

Que - Which of the following is not an example of a block cipher?
a. DES
b. IDEA
c. Caesar cipher
d. Twofish

Answer- Caesar cipher

Que - Data Encryption Standard is implemented using the Feistel Cipher which employs 16 round of Feistel structure.
a. DES
b. IDEA
c. Caesar cipher
d. Twofish

Answer- DES

Que - DES stands for ________________
a. Data Encryption Security
b. Data Encrypted Standard
c. Device Encryption Standard
d. Data Encryption Standard

Answer- Data Encryption Standard

Que - ____________ carries out all its calculations on bytes rather than using bits and is at least 6-times faster than 3-DES.
a. AES
b. DES
c. IDEA
d. Twofish

Answer- AES

Que - AES stands for ________________
a. Advanced Encryption Security
b. Advanced Encryption Standard
c. Advanced Encrypted Standard
d. Active Encryption Standard

Answer- Advanced Encryption Standard

Que - AES is at least 6-times faster than 3-DES.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - _____________ is another data hiding technique which can be used in conjunction with cryptography for the extra-secure method of protecting data.
a. Cryptography
b. Steganography
c. Tomography
d. Chorography

Answer- Steganography

Que - _____________ is hiding of data within data, where we can hide images, text, and other messages within images, videos, music or recording files.
a. Cryptography
b. Tomography
c. Steganography
d. Chorography

Answer- Steganography

Que - Steganography follows the concept of security through obscurity.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - The word ________________is a combination of the Greek words 'steganos' which means "covered or concealed", and 'graphein' which means "writing".
a. Cryptography
b. Tomography
c. Steganography
d. Chorography

Answer- Steganography

Que - A ________________ tool permits security professional or a hacker to embed hidden data within a carrier file like an image or video which can later be extracted from them.
a. Cryptography
b. Tomography
c. Chorography
d. Steganography

Answer- Steganography

Que - Which of the following is not a steganography tool?
a. Xaio steganography
b. Image steganography
c. ReaperExploit
d. Steghide

Answer- ReaperExploit

Que - Which of the following is not a steganography tool?
a. Crypture
b. SteganographX Plus
c. rSteg
d. Burp Suite

Answer- Burp Suite

Que - The main motive for using steganography is that hackers or other users can hide a secret message behind a ______________
a. special file
b. ordinary file
c. program file
d. encrypted file

Answer- ordinary file

Que - People will normally think it as a normal/regular file and your secret message will pass on without any _______________
a. suspicion
b. decryption
c. encryption
d. cracking

Answer- suspicion

Que - By using ______________ you can diminish the chance of data leakage.
a. Cryptography
b. Tomography
c. Chorography
d. Steganography

Answer- Chorography

Que - _____________ makes it likely for its users to hide their physical locations & offering a variety of services like web publishing or an IM maintaining privacy.
a. AnonyMode
b. In-private mode
c. Incognito mode
d. Tor

Answer- Tor

Que - TOR stands for _______________
a. The Open Router
b. The Onion Reader
c. The Onion Router
d. Tactical Onion Router

Answer- The Onion Router

Que - Tor services are also popularly known as _____________
a. onion services
b. garlic services
c. privacy policy service
d. anti-surveillance service

Answer- onion services

Que - Tor was originally designed for the _____________ for protecting government communications.
a. U.S. Navy
b. Indian Navy
c. US army
d. Chinese cyber army

Answer- U.S. Navy

Que - Tor is written in ______ language having roughly 146,000 LOC (lines of code).
a. C
b. C++
c. C
d. Objective C

Answer- C

Que - __________ contains a huge proxy DB which users can use to protect their online privacy and preserve their identity online.
a. AnonyMode
b. In-private mode
c. Incognito mode
d. Tor

Answer- Tor

Que - The _________ is developed for negotiating a virtual tunnel throughout the network by encrypting & arbitrarily bouncing all of its communications via relay networks.
a. AnonyMode
b. Tor
c. Incognito mode
d. In-private mode

Answer- Tor

Que - Which of the following online services' privacy cannot be protected using Tor?
a. Instant messaging
b. Browsing data
c. Relay chats
d. Login using ID

Answer- Login using ID

Que - Tor is usually used by the military, cyber-criminals, activists, journalists, law enforcement officers etc.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - ___________________ is employed by encrypting the application layer with a communication protocol stack, nested in various layers of onion.
a. Privacy routing
b. Onion routing
c. Turbo routing
d. DHCP routing

Answer- Onion routing

Que - The term _____________ means taking care of a user's name as well as the identity hidden or veiled using a variety of applications.
a. pseudonymous
b. anonymous
c. eponymous
d. homonymous

Answer- anonymous

Que - Sometimes __________________ anonymize them to perform criminal activities.
a. virus
b. incident handlers
c. cyber-criminals
d. ethical hackers

Answer- cyber-criminals

Que - An _______________ allows users for accessing the web while blocking the trackers or agents that keep tracing the identity online.
a. intranet
b. extranet
c. complex network
d. anonymity network

Answer- anonymity network

Que - _________ services are examples of anonymity services that conceal the location and usage of any user.
a. Tor
b. Encrypted router
c. Firewall
d. HTTPS

Answer- Tor

Que - Another anonymity network is the I2P identity-sensitive network which gets distributed & is dynamic in nature as they route traffic through other peers.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not an example of approaches for maintaining anonymity?
a. Use of VPNs
b. Use of Tor Browser
c. Use of Proxy servers
d. Use of Antivirus

Answer- Use of Antivirus

Que - Which of the following is not an example of approaches for maintaining anonymity?
a. Using encrypted search engines that don't share your search data
b. Use firewalls
c. Fake email services
d. Use file shielders

Answer- Use firewalls

Que - Big multinational companies are providing us with search engines to easily search for data for free. But they are also taking our searched data and browsing habits as well as choices.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Which of the following is not a VPN used for preserving our anonymity?
a. Nord VPN
b. Express VPN
c. Microsoft Security Essential
d. CyberGhost

Answer- Microsoft Security Essential

Que - __________________ are those search engines that are intended and designed not to take our searched data or browsing habits hence do not hampers our online privacy.
a. Paid search engines
b. Incognito mode
c. In-private mode
d. Private search engines

Answer- Private search engines

Que - Which of the following is a private search engine?
a. Bing
b. Google
c. Duckduckgo
d. Yahoo

Answer- Duckduckgo

Que - Which of the following is not a private search engine?
a. StartPage
b. Baidu
c. SearX.me
d. Qwant

Answer- SearX.me

Que - Which of the below-mentioned search engine can provide you with anonymity while searching?
a. Privatelee
b. Baidu
c. Google
d. Bing

Answer- Privatelee

Que - The ____________ is anything which your search engine cannot search.
a. Haunted web
b. World Wide Web
c. Surface web
d. Deep Web

Answer- Deep Web

Que - The ______________ is categorized as an unknown segment of the Deep Web which has been purposely kept hidden & is inaccessible using standard web browsers.
a. Haunted web
b. World Wide Web
c. Dark web
d. Surface web

Answer- Dark web

Que - ________________ is a network construct over the internet that is encrypted. It offers anonymity to its users. Tor (The Onion Router) is a common service of Darknet.
a. Freenet
b. Darknet
c. ARPANET
d. Stuxnet

Answer- Darknet

Que - A special tool is necessary for entering the network which is _______________ that helps the anonymous internet users to access into the Tor's network and use various Tor services.
a. Opera browser
b. Mozilla browser
c. Chrome browser
d. Tor browser

Answer- Tor browser

Que - ____________ is also a part of darknet that is employed for transferring files anonymously.
a. Freenet
b. Darknet
c. ARPANET
d. Stuxnet

Answer- Freenet

Que - One example of a popular website on ______________ is the silk-road that was used to sell drugs that were later taken down by the FBI.
a. Freenet
b. Darknet
c. ARPANET
d. Stuxnet

Answer- Darknet

Que - Deep web is also known as ______________
a. Freenet
b. Darknet
c. ARPANET
d. Hidden web

Answer- Hidden web

Que - The popular computer scientist _____________ has coined the term "deep web" in the year 2001.
a. Mr. Tim B. Lee
b. Mr. Narcos Maralli
c. Mr. Michael K. Bergman
d. Mr. Ken Thompson

Answer- Mr. Michael K. Bergman

Que - The popular computer scientist Mr. Michael K. Bergman has coined the term "deep web" in the year ____________
a. 2000
b. 2001
c. 2002
d. 2003

Answer- 2001

Que - The __________ was a huge marketplace of Dark Web specifically famous for selling of illegal drugs & narcotics as well as you can find a wide range of other goods for sale.
a. Silk Road
b. Cotton Road
c. Dark Road
d. Drug Road

Answer- Silk Road

Que - Your online activity can still be tracked even if you use different Tor services, but not in much detail.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- TRUE

Que - Tor (The Onion Router) is not a service or part of the darknet.
a. TRUE
b. FALSE
c. Nothing can be said
d. None of the mentioned

Answer- FALSE

Previous Post Next Post

Responsive Ad