Cyber law & Security Policy Multiple Choice Questions
1. Which of the following is a cybercrime?
A. Hacking
B. Worm attack
C. Virus attack
D. All of these
2. The use of the Internet or other electronic means to stalk or harass an individual, a group of individuals, or an organisation is termed:
A. Cyberspace
B. Cyber stalking
C. Pornography
D. None of these
3. ………. Refers to email that appears to have been originated from one source when it was actually sent from another source.
A. Email bombing
B. Email spoofing
C. Email spamming
D. None of these
4. In cyber law terminology ‘DoS’ means:
A. Denial of Service
B. Disc operating System
C. Distant operator Service
D. None of these
5. ………. refers to sending email to thousands and thousands of users-similar to a chain letter.
A. Email spamming
B. Email bombing
C. Trojan attack
D. None of these
6. By hacking web server taking control on another person’s website called as web ……….
A. Spoofing
B. Hijacking
C. Spamming
D. None of these
7. Programs that multiply like viruses but spread from computer to computer are called as:
A. Worms
B. Virus
C. Boot
D. None of these
8. Section 66F of IT Act deals with
A. Cyber stalking
B. Email bombing
C. Child pornography
D. Cyber terrorism
9. Act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity is called
A. email bombing
B. Spamming
C. Cyber stalking
D. Phishing
10. Use of electronic messaging systems to send unsolicited bulk messages are called
A. email bombing
B. Spamming
C. Cyber stalking
D. Phishing
11. The practice of making a transmission appears to come from an authorized user.
A. Hacking
B. Spoofing
C. Spamming
D. spamdexing
12. Which section of IT Act covers most of the common crimes arising out of “Unauthorised Access”
A. Section 66
B. Section 67
C. Section 73
D. Section 74
13. In cyber law terminology ‘DDoS’ means:
A. Distributed Denial of Service
B. Disc operating System
C. Distant operator Service
D. None of these
14. The use of the Internet or other electronic means to stalk or harass an individual, a group of individuals, or an organisation is termed:
A. Cyberspace
B. Cyber stalking
C. Pornography
D. None of these
15. Programs that multiply like viruses but spread from computer to computer are called as:
A. Worms
B. Virus
C. Boot
D. None of these
16. Section 66C of IT Act deals with
A. Cyber stalking
B. Email bombing
C. Child pornography
D. Punishment for Identity Theft
17. Section-66E of IT Act deals with
A. Punishment for violation of Privacy
B. Spamming
C. Cyber stalking
D. Phishing
18. India’s first cyber police station
A. Delhi
B. Bangalore
C. Chennai
D. Mumbai
19. Information Technology Amendment Act form in year
A. 2000
B. 2001
C. 2008
D. 2009
20. Punishment for sending offensive massages through communication service are belong
A. 66A
B. 65
C. 66B
D. 66F
21. Vishing is mean for
A. SMS phishing
B. Voice phishing
C. Phishing
D. All the above.
22. This is a program in which malicious or harmful code is contained inside apparently harmless programming or data.
A. War dialer
B. Spam trap
C. Trojan horse
D. Email
23. Which of the following is the most important to install and keep up to date on your personal computer?
A. Anti-virus and anti-spyware software
B. A Firewall
C. Operating system updates
D. All of the above must be installed and kept up to date
24. What is “phishing?”
A. “Spoofed” e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords
B. A type of computer virus
C. An example of a strong password
D. None of the above
25. What type of attack relies on the trusting nature of employees and the art of deception?
A. Social Engineering
B. Fraud
C. Phishing
D. Dumpster Diving
26. This is a document that states in writing how a company plans to protect the company’s physical and IT assets.
A. Data Encryption Standard
B. Security policy
C. Public key certificate
D. Access control list
27. Which of the following are examples of Mobile virus:
A. Skull Trojan
B. Cabir Worm
C. Mosquito Trojan
D. All of the above
28. Amendments to the Indian IT act which are new offences are added:
A. 67A (Sexually explicit content)
B. 67B (Child pornography)
C. 66F (Cyber terrorism).
D. All of the above.
29. Which are the following is not part of cyber space:
A. Computer
B. Computer network
C. Website
D. Calculator
30. Temparing of computer soucre code cover in:
A. Section 66A
B. Section 66B
C. Section 65
D. Section 67
31. Section 79 of the Indian IT Act declares that any 3rd party information or personal data leakage in corporate firms or organizations will be a punishable offense.
A. True
B. False
Answer: A
Explanation: Section 79 of the Indian IT Act covers some of the corporate and business laws circulating technologies and cyberspace; declares that any 3rd party information or personal data leakage in corporate firms or organizations will be a punishable offense.
32. The full form of Malware is ________
A. Malfunctioned Software
B. Multipurpose Software
C. Malicious Software
D. Malfunctioning of Security
Answer: C
Explanation: Different types of harmful software and programs that can pose threats to a system, network or anything related to cyberspace are termed as Malware. Examples of some common malware are Virus, Trojans, Ransomware, spyware, worms, rootkits etc.
33. Who deploy Malwares to a system or network?
A. Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
B. Criminal organizations, White hat hackers, malware developers, cyber-terrorists
C. Criminal organizations, Black hat hackers, software developers, cyber-terrorists
D. Criminal organizations, gray hat hackers, Malware developers, Penetration testers
Answer: A
Explanation: Criminal-minded organizations, groups and individuals cyber-terrorist groups, Black hat hackers, malware developers etc are those who can deploy malwares to any target system or network in order to deface that system.
34. _____________ is a code injecting method used for attacking the database of a system / website.
A. HTML injection
B. SQL Injection
C. Malicious code injection
D. XML Injection
Answer: B
Explanation: SQLi (Structured Query Language Injection) is a popular attack where SQL code is targeted or injected; for breaking the web application having SQL vulnerabilities. This allows the attacker to run malicious code and take access to the database of that server.
35. XSS is abbreviated as __________
A. Extreme Secure Scripting
B. Cross Site Security
C. X Site Scripting
D. Cross Site Scripting
Answer: D
Explanation: Cross Site Scripting is another popular web application attack type that can hamper the reputation of any site.
36. This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?
A. SQL injection
B. HTML Injection
C. Cross Site Scripting (XSS)
D. Cross Site Request Forgery (XSRF)
Answer: C
Explanation: XSS attack can be infused by putting the malicious code (which gets automatically run) in any comment section or feedback section of any webpage (usually a blogging page). This can hamper the reputation of a site and the attacker may place any private data or personal credentials.
37. When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
A. Database crash attack
B. DoS (Denial of Service) attack
C. Data overflow Attack
D. Buffer Overflow attack
Answer: D
Explanation: The Buffer overflow attack takes place when an excessive amount of data occurs in the buffer, which it cannot handle and lead to data being over-flow into its adjoined storage. This attack can cause a system or application crash and can lead to malicious entry-point.
38. Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called ___________
A. Session Hijacking
B. Session Fixation
C. Cookie stuffing
D. Session Spying
Answer: A
Explanation: Using session hijacking, which is popularly known as cookie hijacking is an exploitation method for compromising the user’s session for gaining unauthorized access to user’s information.
39. Which of this is an example of physical hacking?
A. Remote Unauthorised access
B. Inserting malware loaded USB to a system
C. SQL Injection on SQL vulnerable site
D. DDoS (Distributed Denial of Service) attack
Answer: B
Explanation: If a suspicious gain access to server room or into any confidential area with a malicious pen-drive loaded with malware which will get triggered automatically once inserted to USB port of any employee’s PC; such attacks come under physical hacking, because that person in gaining unauthorized physical access to any room or organization first, then managed to get an employee’s PC also, all done physically – hence breaching physical security.
40. Which of them is not a wireless attack?
A. Eavesdropping
B. MAC Spoofing
C. Wireless Hijacking
D. Phishing
Answer: D
Explanation: Wireless attacks are malicious attacks done in wireless systems, networks or devices. Attacks on Wi-Fi network is one common example that general people know. Other such sub-types of wireless attacks are wireless authentication attack, Encryption cracking etc.
41. An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
A. Cyber-crime
B. Cyber Attack
C. System hijacking
D. Digital crime
Answer: B
Explanation: Cyber attack is an umbrella term used to classify different computer & network attacks or activities such as extortion, identity theft, email hacking, digital spying, stealing hardware, mobile hacking and physical security breaching.
42. Which method of hacking will record all your keystrokes?
A. Keyhijacking
B. Keyjacking
C. Keylogging
D. Keyboard monitoring
Answer: C
Explanation: Keylogging is the method or procedure of recording all the key strokes/keyboard button pressed by the user of that system.
43. _________ are the special type of programs used for recording and tracking user’s keystroke.
A. Keylogger
B. Trojans
C. Virus
D. Worms
Answer: A
Explanation: Keyloggers are surveillance programs developed for both security purpose as well as done for hacking passwords and other personal credentials and information. This type of programs actually saves the keystrokes done using a keyboard and then sends the recorded keystroke file to the creator of such programs.
44. These are a collective term for malicious spying programs used for secretly monitoring someone’s activity and actions over a digital medium.
A. Malware
B. Remote Access Trojans
C. Keyloggers
D. Spyware
Answer: D
Explanation: Spyware is professional malicious spying software that is hard to detect by anti-malware or anti-virus programs because they are programmed in such a skillful way. These types of software keep on collecting personal information, surfing habits, surfing history as well as credit card details.
45. Stuxnet is a _________
A. Worm
B. Virus
C. Trojan
D. Antivirus
Answer: A
Explanation: Stuxnet is a popular and powerful worm that came into existence in mid 2010, which was very powerful as it was accountable for the cause of huge damage to Iran’s Nuclear program. It mainly targets the PLCs (Programmable Logic Controllers) in a system.
46. ___________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise harms anyone in order to accomplish political gain.
A. Cyber-warfare
B. Cyber campaign
C. Cyber-terrorism
D. Cyberattack
Answer: C
Explanation: Cyber-terrorism is the term used to describe internet terrorism, where individuals and groups are anonymously misusing ethnicities, religions as well as threaten any technology user, which may lead to even loss of life.
47. What is the name of the IT law that India is having in the Indian legislature?
A. India’s Technology (IT) Act, 2000
B. India’s Digital Information Technology (DIT) Act, 2000
C. India’s Information Technology (IT) Act, 2000
D. The Technology Act, 2008
Answer: C
Explanation: The Indian legislature thought of adding a chapter that is dedicated to cyber law. This finally brought India’s Information Technology (IT) Act, 2000 which deals with the different cyber-crimes and their associated laws.
48. In which year India’s IT Act came into existence?
A. 2000
B. 2001
C. 2002
D. 2003
Answer: A
Explanation: On 17th Oct 2000, the Indian legislature thought of adding a chapter that is dedicated to cyber law, for which India’s Information Technology (IT) Act, 2000 came into existence.
49. What is the full form of ITA-2000?
A. Information Tech Act -2000
B. Indian Technology Act -2000
C. International Technology Act -2000
D. Information Technology Act -2000
Answer: D
Explanation: Information Technology Act -2000 (ITA-2000), came into existence on 17th Oct 2000, that is dedicated to cyber-crime and e-commerce law in India.
50. The Information Technology Act -2000 bill was passed by K. R. Narayanan.
A. True
B. False
Answer: B
Explanation: The bill was passed & signed by Dr. K. R. Narayanan on 9th May, in the year 2000. The bill got finalised by head officials along with the Minister of Information Technology, Dr. Pramod Mahajan.
51. Under which section of IT Act, stealing any digital asset or information is written a cyber-crime.
A. 65
B. 65-D
C. 67
D. 70
Answer: A
Explanation: When a cyber-criminal steals any computer documents, assets or any software’s source code from any organization, individual, or from any other means then the cyber crime falls under section 65 of IT Act, 2000.
52. What is the punishment in India for stealing computer documents, assets or any software’s source code from any organization, individual, or from any other means?
A. 6 months of imprisonment and a fine of Rs. 50,000
B. 1 year of imprisonment and a fine of Rs. 100,000
C. 2 years of imprisonment and a fine of Rs. 250,000
D. 3 years of imprisonment and a fine of Rs. 500,000
Answer: D
Explanation: The punishment in India for stealing computer documents, assets or any software’s source code from any organization, individual, or from any other means is 3 years of imprisonment and a fine of Rs. 500,000.
53. What is the updated version of the IT Act, 2000?
A. IT Act, 2007
B. Advanced IT Act, 2007
C. IT Act, 2008
D. Advanced IT Act, 2008
Answer: C
Explanation: In the year 2008, the IT Act, 2000 was updated and came up with a much broader and precise law on different computer-related crimes and cyber offenses.
54. In which year the Indian IT Act, 2000 got updated?
A. 2006
B. 2008
C. 2010
D. 2012
Answer: B
Explanation: In the year 2008, the IT Act, 2000 was updated and came up with a much broader and precise law on different computer-related crimes and cyber offenses.
55. What type of cyber-crime, its laws and punishments does section 66 of the Indian IT Act holds?
A. Cracking or illegally hack into any system
B. Putting antivirus into the victim
C. Stealing data
D. Stealing hardware components
Answer: A
Explanation: Under section 66 of IT Act, 2000 which later came up with a much broader and precise law says that cracking or illegally hacking into any victim’s computer is a crime. It covers a wide range of cyber-crimes under this section of the IT Act.
56. Accessing computer without prior authorization is a cyber-crimes that come under _______
A. Section 65
B. Section 66
C. Section 68
D. Section 70
Answer: B
Explanation: Under section 66 of IT Act, 2000 which later came up with a much broader and precise law says that without prior authorization or permission, if any individual access any computer system, it is a cyber-crime.
57. Cracking digital identity of any individual or doing identity theft, comes under __________ of IT Act.
A. Section 65
B. Section 66
C. Section 68
D. Section 70
Answer: B
Explanation: Under section 66 of IT Act, 2000 which later came up with a much broader and precise law (as IT Act, 2008) says that if any individual steals the identity or misuse any victim’s identity for his/her own profit, it is a cyber-crime.
58. Accessing Wi-Fi dishonestly is a cyber-crime.
A. True
B. False
Answer: A
Explanation: Under section 66 of IT Act, 2000 which later came up with a much broader and precise law (as IT Act, 2008) says that if any individual access anyone’s Wi-Fi network without the permission of the owner or for doing a malicious activity, it is a cyber-crime.
59. Download copy, extract data from an open system done fraudulently is treated as _________
A. cyber-warfare
B. cyber-security act
C. data-backup
D. cyber-crime
Answer: D
Explanation: Download copy, extract data from an open system done fraudulently is treated as according to section 66 of the Indian IT Act.
60. Any cyber-crime that comes under section 66 of IT Act, the accused person gets fined of around Rs ________
A. 2 lacs
B. 3 lacs
C. 4 lacs
D. 5 lacs
Answer: D
Explanation: Any cyber-crime that comes under section 66 of the Indian IT Act, the person accused of such cyber-crime gets fined of around five lacs rupees.
61. How many years of imprisonment can an accused person face, if he/she comes under any cyber-crime listed in section 66 of the Indian IT Act, 2000?
A. 1 year
B. 2 years
C. 3 years
D. 4 years
Answer: C
Explanation: Any cyber-crime that comes under section 66 of the Indian IT Act, the person accused of such cyber-crime gets fined of around five lacs rupees and 3 years of imprisonment.
62. Any digital content which any individual creates and is not acceptable to the society, it’s a cyber-crime that comes under _________ of IT Act.
A. Section 66
B. Section 67
C. Section 68
D. Section 69
Answer: B
Explanation: Any digital content which is either lascivious is not acceptable by the society or viewers or that digital item corrupts the minds of the audience, then the creator of such contents falls under the cyber-crime of section 67 of the Indian IT Act.
63. IT Act 2008 make cyber-crime details more precise where it mentioned if anyone publishes sexually explicit digital content then under ___________ of IT Act, 2008 he/she has to pay a legitimate amount of fine.
A. section 67-A
B. section 67-B
C. section 67-C
D. section 67-D
Answer: A
Explanation: IT Act 2008 makes cyber-crime details more precise where it mentioned if anyone publishes sexually explicit digital content then under section 67 – A he/she has to pay a legitimate amount of fine.
64. If anyone publishes sexually explicit type digital content, it will cost that person imprisonment of _________ years.
A. 2
B. 3
C. 4
D. 5
Answer: D
Explanation: IT Act 2008 make cyber-crime details more precise where it mentioned if anyone publishes sexually explicit digital content then under section 67 – A he/she has to pay a legitimate amount of fine and imprisonment of five years.
65. Using spy cameras in malls and shops to capture private parts of any person comes under _______ of IT Act, 2008.
A. Section 66
B. Section 67
C. Section 68
D. Section 69
Answer: B
Explanation: Using of spy cameras in malls and shops to capture private parts of any person, without the concern of that victim, then it comes under section 67 of IT Act, 2008 as a punishable offense.
66. Using spy cameras in malls and shops to capture private parts of any person comes under section 67 of IT Act, 2008 and is punished with a fine of Rs. 5 Lacs.
A. True
B. False
Answer: A
Explanation: Using of spy cameras in malls and shops to capture private parts of any person, without the concern of that victim, then it comes under section 67 of IT Act, 2008 where the person doing such crime is punished with a fine of Rs. 5 Lacs.
67. Using of spy cameras in malls and shops to capture private parts of any person comes under section 67 of IT Act, 2008 and is punished with imprisonment of ___________
A. 2 years
B. 3 years
C. 4 years
D. 5 years
Answer: B
Explanation: Using of spy cameras in malls and shops to capture private parts of any person, without the concern of that victim, then it comes under section 67 of IT Act, 2008 where the person doing such crime is punished with imprisonment of 3 years.
68. Misuse of digital signatures for fraudulent purposes comes under __________ of IT Act.
A. section 65
B. section 66
C. section 71
D. section 72
Answer: D
Explanation: Cyber-criminals and black hat hackers do one common form of cyber-crime that is a misuse of digital signatures. The law for this fraudulent act comes under section 72 of the Indian IT Act.
69. Sending offensive message to someone comes under _____________ of the Indian IT Act ______
A. section 66-A, 2000
B. section 66-B, 2008
C. section 67, 2000
D. section 66-A, 2008
Answer: D
Explanation: Sending an offensive message, emails o any digital content through an electronic medium to your recipient is a punishable offense that comes under section 66 – A of the Indian IT Act, 2008.
70. Stealing of digital files comes under __________ of the Indian IT Act.
A. section 66-A
B. section 66-B
C. section 66-C
D. section 66-D
Answer: C
Explanation: Stealing of digital files, e-documents from any system or cloud or electronic device is a punishable offense that comes under section 66 – C of the Indian IT Act.
71. Which of the following is not a type of cyber crime?
A. Data theft
B. Forgery
C. Damage to data and systems
D. Installing antivirus for protection
Answer: D
Explanation: Cyber crimes are one of the most threatening terms that is an evolving phase. It is said that major percentage of the World War III will be based on cyber-attacks by cyber armies of different countries.
72. Cyber-laws are incorporated for punishing all criminals only.
A. True
B. False
Answer: B
Explanation: Cyber-laws were incorporated in our law book not only to punish cyber criminals but to reduce cyber crimes and tie the hands of citizens from doing illicit digital acts that harm or damage other’s digital property or identity.
73. Cyber-crime can be categorized into ________ types.
A. 4
B. 3
C. 2
D. 6
Answer: C
Explanation: Cyber crime can be categorized into 2 types. These are peer-to-peer attack and computer as weapon. In peer-to-peer attack, attackers target the victim users; and in computer as weapon attack technique, computers are used by attackers for a mass attack such as illegal and banned photo leak, IPR violation, pornography, cyber terrorism etc.
74. Which of the following is not a type of peer-to-peer cyber-crime?
A. Phishing
B. Injecting Trojans to a target victim
C. MiTM
D. Credit card details leak in deep web
Answer: D
Explanation: Phishing, injecting Trojans and worms to individuals comes under peer-to-peer cyber crime. Whereas, leakage of credit card data of a large number of people in deep web comes under computer as weapon cyber-crime.
75. Which of the following is not an example of a computer as weapon cyber-crime?
A. Credit card fraudulent
B. Spying someone using keylogger
C. IPR Violation
D. Pornography
Answer: B
Explanation: DDoS (Distributed Denial of Service), IPR violation, pornography are mass attacks done using a computer. Spying someone using keylogger is an example of peer-to-peer attack.
76. Which of the following is not done by cyber criminals?
A. Unauthorized account access
B. Mass attack using Trojans as botnets
C. Email spoofing and spamming
D. Report vulnerability in any system
Answer: D
Explanation: Cyber-criminals are involved in activities like accessing online accounts in unauthorized manner; use Trojans to attack large systems, sending spoofed emails. But cyber-criminals do not report any bug is found in a system, rather they exploit the bug for their profit.