Category: Cyber Security Objective Questions

Cyber Security Multiple Choice Questions on “Cyber Security Types – Wireless Security”.

1. ____________________ is the anticipation of unauthorized access or break to computers or data by means of wireless networks.
a) Wireless access
b) Wireless security
c) Wired Security
d) Wired device apps

Answer: b
Clarification: Wireless security is the anticipation of unauthorized access or breaks to computers or data by means of wireless networks. The most widespread types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and recently released WPA3.

2. Which among them has the strongest wireless security?
a) WEP
b) WPA
c) WPA2
d) WPA3

Answer: d
Clarification: The most extensive types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3. WPA3 is the strongest and recently released.

3. Which among the following is the least strong security encryption standard?
a) WEP
b) WPA
c) WPA2
d) WPA3

Answer: a
Clarification: A prime branch of cyber-security is wireless security. The most widespread types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3. WEP is notoriously weak encryption standard.

4. _________ is an old IEEE 802.11 standard from the year 1999.
a) WPA2
b) WPA3
c) WEP
d) WPA

Answer: c
Clarification: The most widespread types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3. WEP is an old IEEE 802.11 standard from the year 1999.

5. _______________ is the central node of 802.11 wireless operations.
a) WPA
b) Access Point
c) WAP
d) Access Port

Answer: b
Clarification: The central node of 802.11 wireless operations is the Access Point (AP). It is that interface which acts as an intermediary of a wired & wireless network; and all the associated wireless clients’ use this to exchange data with it.

6. AP is abbreviated as _____________
a) Access Point
b) Access Port
c) Access Position
d) Accessing Port

Answer: a
Clarification: The central node of 802.11 is that interface which acts as an intermediary of a wired & wireless network; and all the associated wireless clients’ use this and exchange data.

7. ___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage.
a) Base Signal Station
b) Base Transmitter Station
c) Base Transceiver Station
d) Transceiver Station

Answer: c
Clarification: Base Transceiver Station (BTS) which is also known as a base station (BS) or radio base station (RBS) is alike as that of Access Point (AP) from 802.11, & the mobile operators use it for offering signal coverage.

8. BTS stands for ___________________
a) Basement Transceiver Server
b) Base Transmitter Station
c) Base Transceiver Server
d) Base Transceiver Station

Answer: d
Clarification: Base Transceiver Station is a section of equipment which facilitates wireless communication from 802.11 & the mobile operators use it for offering signal coverage. Examples are GSM, 3G, 4G etc.

9. There are __________ types of wireless authentication modes.
a) 2
b) 3
c) 4
d) 5

Answer: a
Clarification: There are 2 achievable authentication types or schemes which are implemented in the wireless security. These are Pre-Shared Key – based authentication & Open Authentication.

10. When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called _____________
a) AP-handshaking
b) 4-way handshake
c) 4-way connection
d) wireless handshaking

Answer: b
Clarification: When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called 4-way handshake.

11. WPS stands for __________________
a) WiFi Protected System
b) WiFi Protected Setup
c) WiFi Protocol Setup
d) Wireless Protected Setup

Answer: b
Clarification: WPS stands for WiFi Protected Setup began to show up a few years back on wireless access points as a new way of adding or connecting new devices to the network by just pushing a key (within the router) & inserting the password.

12. It is recommended to use WPA2 or WPA3 encryption standard as they are strong and more secure.
a) True
b) False

Answer: a
Clarification: It is recommended to use WPA2 or WPA3 encryption standard as they are strong and more secure. WPA2 & WPA3 characterizes the protocols a router & Wi-Fi client devices use for performing “handshake” securely for communication.

13. ___________ is a process of wireless traffic analysis that may be helpful for forensic investigations or during troubleshooting any wireless issue.
a) Wireless Traffic Sniffing
b) WiFi Traffic Sniffing
c) Wireless Traffic Checking
d) Wireless Transmission Sniffing

Answer: a
Clarification: Wireless Traffic Sniffing is a process of analyzing wireless traffic that may be helpful for forensic investigations or during troubleshooting any wireless issue.

14. Which of the following is a Wireless traffic Sniffing tool?
a) Maltego
b) BurpSuit
c) Nessus
d) Wireshark

Answer: d
Clarification: The process of analyzing wireless traffic that may be helpful for forensic investigations or during troubleshooting any wireless issue is called Wireless Traffic Sniffing. Popular tools used in this case are Wireshark and Kismet.

15. ___________________ began to show up few years back on wireless access points as a new way of adding or connecting new devices.
a) WPA2
b) WPA
c) WPS
d) WEP

Answer: c
Clarification: WiFi Protected Setup (WPS) began to show up a few years back on wireless access points as a new way of adding or connecting new devices to the network by just pushing a key (within the router) & typing an eight-digit password on the client device.

Cyber Security Multiple Choice Questions on “Attack Vectors – DNS Hacking and Security”.

1. __________ is a naming system given to different computers which adapt to human-readable domain names.
a) HTTP
b) DNS
c) WWW
d) ISP

Answer: b
Clarification: DNS is a naming system given to different computers that adapt to human-readable domain names. For example, Google.co.in has a computer-readable IP address which is 8.8.8.8 & 8.8.4.4 as the primary & secondary DNS addresses.

2. DNS stands for _____________
a) Data Name System
b) Domain Name Server
c) Domain Name System
d) Domain’s Naming System

Answer: c
Clarification: Domain Name System can be compared to the phonebook of the WWW. Users’ access information over the web through these human readable domain names. For example www.google.co.in gas computer-readable IP address which is 8.8.8.8 & 8.8.4.4 as the primary & secondary DNS addresses.

3. Some security issues might exist owing to misconfigured __________________ which can direct to disclosure of information regarding the domain.
a) DNS names
b) HTTP setup
c) ISP setup
d) FTP-unsecured

Answer: a
Clarification: Some security issues might exist owing to misconfigured DNS names which can direct to disclosure of information regarding the domain. DNS adapts to human readable domain names.

4. ______________ is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings.
a) DNS mal-functioning
b) DNS cracking
c) DNS redirecting
d) DNS hijacking

Answer: d
Clarification: Misconfigured DNS names which can direct to disclosure of information regarding the domain. DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings.

5. _____________ can be attained by the use of malware or by changing the server’s settings.
a) DNS poisoning
b) DNS cracking
c) DNS hijacking
d) DNS redirecting

Answer: c
Clarification: DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings. It can be attained by the use of malware or by changing the server’s settings.

6. There are _________ main types of DNS hijacking.
a) 4
b) 2
c) 3
d) 5

Answer: b
Clarification: There are two main types of DNS hijacking. These are by infecting the computer with malware or DNS trojans and the other type is hacking the target website and changes its DNS address.

7. DNS trojans are used for performing a type of DNS hijacking.
a) True
b) False

Answer: a
Clarification: DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings. There are two main types of DNS hijacking. These are by infecting the computer with malware or DNS trojans.

8. The _______________ matches and maps to the user friendly domain name.
a) HTTP
b) DNS
c) WWW
d) ISP

Answer: b
Clarification: The DNS matches for directing the user-friendly domain name (like google.co.in) to its equivalent IP address. DNS servers are typically owned by any ISPs or other business organizations.

9. Which of the following is not an example of DNS hijacking?
a) ISP DNS hijacking
b) DNS hijacking for phishing
c) DNS hijacking for pharming
d) HTTP-based DNS hacking

Answer: d
Clarification: DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings. ISP DNS hijacking, DNS hijacking for phishing, DNS hijacking for pharming are some of the examples of DNS hijacking attack.

10. A ______________ is essentially a text file residing on the server that hosts different domain containing entries for dissimilar resource records.
a) Zone file
b) Robot file
c) Bot file
d) DNS file

Answer: a
Clarification: A Zone file is essentially a text file residing on the server that hosts different domain containing entries for dissimilar resource records. It is used in DNS hijacking.

11. ______________ which is also termed as DNS spoofing, is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet.
a) DNS poisoning
b) DNS re-routing
c) DNS cracking
d) Domain link poisoning

Answer: a
Clarification: DNS cache poisoning which is also termed as DNS spoofing, is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet away from genuine servers.

12. DNS poisoning is very dangerous because it can extend its reach from one ___________ to another.
a) ISP server
b) DNS server
c) Linux server
d) Domain user

Answer: b
Clarification: DNS poisoning which is also termed as DNS spoofing is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet. DNS poisoning is very dangerous because it can extend its reach from one DNS server to another.

13. A _________________ can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it.
a) Server data
b) Domain name
c) DNS cache
d) System file

Answer: c
Clarification: A DNS cache can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it. DNS poisoning is very dangerous because it can extend its reach from one DNS server to another.

14. The ____________ Domain Name Server data will get spread to the ISPs & will be cached there.
a) working
b) compromised
c) corrupted
d) poisoned

Answer: d
Clarification: DNS cache poisoning is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet. The poisoned Domain Name Server data will get spread to the ISPs & will be cached there.

15. The user could be influenced by DNS hijacking if the government of that country uses DNS redirecting as a mechanism to mask censorship.
a) True
b) False

Answer: a
Clarification: A DNS cache can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it. The user could be influenced by DNS hijacking if the government of that country uses DNS redirecting as a mechanism to mask censorship.

Cyber Security Multiple Choice Questions on “Ethical Hacking – History”.

1. In which year the term hacking was coined?
a) 1965-67
b) 1955-60
c) 1970-80
d) 1980-82

Answer: b
Clarification: The term came to origin in the year 1960s when very highly skilled professionals and individuals practice complex programming approaches to solve different problems.

2. From where the term ‘hacker’ first came to existence?
a) MIT
b) Stanford University
c) California
d) Bell’s Lab

Answer: a
Clarification: At MIT (Massachusetts Institute of Technology), the term ‘hacker’ first came into origin because individuals and high skilled professionals solve different problems using programming languages. Some similar terms were also coined in this regard such as – geeks & nerds.

3. What is the one thing that old hackers were fond of or find interests in?
a) Breaking Other’s system
b) Voracious thirst for knowledge
c) Cracking Phone calls
d) Learning new languages

Answer: b
Clarification: Hackers of the old era were considered the most influential individuals of society with intellectual learning inclination and thirst for knowledge.

4. In which year the first popular hacker conference took place?
a) 1994
b) 1995
c) 1993
d) 1992

Answer: c
Clarification: The first ever internationally recognized hacker’s conference took place in the year 1993 at Las Vegas, Nevada.

5. What is the name of the first hacker’s conference?
a) DEFCON
b) OSCON
c) DEVCON
d) SECCON

Answer: a
Clarification: DEFCON is one of the most popular and largest hacker’s as well as a security consultant’s conference that takes place every year in Las Vegas, Nevada, where government agents, security professionals, black and white hat hackers from all over the world attend that conference.

6. _______ is the oldest phone hacking techniques used by hackers to make free calls
a) Phishing
b) Spamming
c) Phreaking
d) Cracking

Answer: c
Clarification: Phreaking which is abbreviated as phone-hacking is a slang term and old hacking technique where skilled professionals study, explore & experiment telephone networks in order to acquire the free calling facility.

7. In which year, first practical technology hacking came into origin?
a) 1878
b) 1890
c) 1895
d) 1876

Answer: a
Clarification: The first hacking (related to telephone technology) was done when the phone company – named Bell Telephone started in the year 1878.

8. In which year, hacking became a practical crime and a matter of concern in the field of technology?
a) 1971
b) 1973
c) 1970
d) 1974

Answer: c
Clarification: For hackers 1970 was that era when hackers and cyber criminals figured out how wired technologies work and how these technologies can be exploited in order to gain additional advantage or misuse the technology.

9. Who was the first individual who performed a major hacking in the year 1971?
a) Steve Wozniak
b) Steve Jobs
c) Kevin Mitnick
d) John Draper

Answer: d
Clarification: In the year 1971, a Vietnam guy name John Draper figured it out as how to make phone calls free of cost. This type of phone hacking is termed Phreaking.

10. Name the hacker who breaks the ARPANET systems?
a) Jon von Neumann
b) Kevin Poulsen
c) Kevin Mitnick
d) John Draper

Answer: b
Clarification: The ARPANET (Advanced Research Project Agency Network) got hacked by Kevin Poulsen as he breaks into the Pentagon network and their associated system but got caught immediately in the year 1983.

11. Who coined the term “cyberspace”?
a) Andrew Tannenbaum
b) Scott Fahlman
c) William Gibson
d) Richard Stallman

Answer: c
Clarification: In the year 1821, an American – Canadian fiction pioneer cum writer, William Gibson explored the different streams of technologies and coined the term “cyberspace”. The term defines interconnected technologies that help in sharing information, interact with digital devices, storage and digital entertainment, computer and network security and stuff related to information technology.

12. In which year computer scientists try to integrate encryption techniques in TCP/IP protocol?
a) 1978
b) 1980
c) 1982
d) 1984

Answer: a
Clarification: TCP/IP suite needs prior security as it is one of the most popularly used protocol suites and hence some computer scientists in the year 1978, attempts to integrate the security algorithms though they face many impediments in this regard.

13. In which year the Computer Fraud & Abuse Act was adopted in the United States?
a) 1983
b) 1984
c) 1987
d) 1988

Answer: b
Clarification: This Cyber security bill got passed in the US in the year 1984 keeping this in concern that any computer related crimes do not go unpunished. This law also restricts users from unauthorized access of computer or data associated with it.

14. Who was the first individual to distribute computer worms through internet?
a) Vladimir Levin
b) Bill Landreth
c) Richard Stallman
d) Robert T. Morris

Answer: d
Clarification: Robert Tappan Morris, a Cornell University graduate student developed Morris Worm in 1988 and was accused of the crime (under US Computer Fraud and Abuse Act.) for spreading computer worms through Internet.

15. _____ is a powerful encryption tool released by Philip Zimmerman in the year 1991.
a) PGP (Protected Good Privacy)
b) AES (Advanced Encryption Standard)
c) PGP (Pretty Good Privacy)
d) DES (Data Encryption Standard)

Answer: c
Clarification: This encryption program package name PGP (Pretty Good Privacy) became popular across the globe because it helps in providing authentication in data communication as well as help in maintaining privacy through cryptographic algorithms by encryption & decryption of plain texts (in emails and files) to cipher texts and vice versa.

Cyber Security Multiple Choice Questions on “VPNs”.

1. VPN is abbreviated as __________
a) Visual Private Network
b) Virtual Protocol Network
c) Virtual Private Network
d) Virtual Protocol Networking

Answer: c
Clarification: A Virtual Private Network i.e. VPN is a technique used in networking or other intermediate networks for connecting computers and making them isolated remote computer networks, maintaining a tunnel of security and privacy.

2. __________ provides an isolated tunnel across a public network for sending and receiving data privately as if the computing devices were directly connected to the private network.
a) Visual Private Network
b) Virtual Protocol Network
c) Virtual Protocol Networking
d) Virtual Private Network

Answer: d
Clarification: A Virtual Private Network i.e. VPN is a technique used in networking or other intermediate networks for connecting computers and making them isolated remote computer networks, maintaining a tunnel of security and privacy.

3. Which of the statements are not true to classify VPN systems?
a) Protocols used for tunnelling the traffic
b) Whether VPNs are providing site-to-site or remote access connection
c) Securing the network from bots and malwares
d) Levels of security provided for sending and receiving data privately

Answer: c
Clarification: VPN systems have specific protocols for tunnelling the traffic, secure remote access connectivity as well as make sure how many levels of security it is providing for private data communication.

4. What types of protocols are used in VPNs?
a) Application level protocols
b) Tunnelling protocols
c) Network protocols
d) Mailing protocols

Answer: a
Clarification: All VPNs are formed with a combination of tunnelling protocols as well as encryption techniques for maintaining privacy and security.

5. VPNs uses encryption techniques to maintain security and privacy which communicating remotely via public network.
a) True
b) False

Answer: a
Clarification: All VPNs are formed with a combination of tunnelling protocols as well as encryption techniques for maintaining privacy and security.

6. There are _________ types of VPNs.
a) 3
b) 2
c) 5
d) 4

Answer: b
Clarification: VPNs are of two types. These are remote access VPNs & Site-to-site VPNs. Remote Access VPNs are used for business & home users. Site-to-site VPNs are mainly used in companies and firms with different geographical locations.

7. Site-to-site VPNs are also known as ________
a) Switch-to-switch VPNs
b) Peer-to-Peer VPNs
c) Point-to-point VPNs
d) Router-to-router VPNs

Answer: d
Clarification: Site-to-site VPNs are also known as Router-to-router VPNs. They are mainly used in companies and firms with different geographical locations.

8. _________ type of VPNs are used for home private and secure connectivity.
a) Remote access VPNs
b) Site-to-site VPNs
c) Peer-to-Peer VPNs
d) Router-to-router VPNs

Answer: a
Clarification: Remote access VPN allows individual users to connect to private networks at home and access resources remotely.

9. Which types of VPNs are used for corporate connectivity across companies residing in different geographical location?
a) Remote access VPNs
b) Site-to-site VPNs
c) Peer-to-Peer VPNs
d) Country-to-country VPNs

Answer: b
Clarification: Site-to-site VPNs are also known as Router-to-router VPNs which are typically used in companies and firms for connecting remotely different branches with different geographical locations.

10. Site-to-Site VPN architecture is also known as _________
a) Remote connection based VPNs
b) Peer-to-Peer VPNs
c) Extranet based VPN
d) Country-to-country VPNs

Answer: c
Clarification: Site-to-site VPN architecture is also known as extranet based VPNs because these type of VPNs are typically used to connect firms externally between different branches of the same company.

11. There are ________ types of VPN protocols.
a) 3
b) 4
c) 5
d) 6

Answer: d
Clarification: There are six types of protocols used in VPN. These are Internet Protocol Security or IPSec, Layer 2 Tunnelling Protocol (L2TP), Point – to – Point Tunnelling Protocol (PPTP), Secure Sockets Layer (SSL), OpenVPN and Secure Shell (SSH).

12. For secure connection, Remote access VPNs rely on ___________ and ____________
a) IPSec, SSL
b) L2TP, SSL
c) IPSec, SSH
d) SSH, SSL

Answer: a
Clarification: A remote-access VPN typically depends on either Secure Sockets Layer (SSL) or IP Security (IPsec) for a secure connection over public network.

13. A ______ can hide a user’s browsing activity.
a) Firewall
b) Antivirus
c) Incognito mode
d) VPN

Answer: d
Clarification: VPNs are used for hiding user’s browsing activities and maintain anonymity. This also helps in preventing user’s personal browsing data leakage and protects the leakage of browsing habits.

14. __________ masks your IP address.
a) Firewall
b) Antivirus
c) VPN
d) Incognito mode

Answer: c
Clarification: VPNs are used for masking user’s IP address and maintain anonymity. This protects leakage of IP address that almost every website grabs when a user opens a website.

15. _________ are also used for hides user’s physical location.
a) Firewall
b) Antivirus
c) Incognito mode
d) VPN

Answer: d
Clarification: VPNs are used for hiding your physical location which helps in maintaining anonymity. Using IP address and browsing habits, link search, your physical location can be traced.

16. Using VPN, we can access _______________
a) Access sites that are blocked geographically
b) Compromise other’s system remotely
c) Hide our personal data in the cloud
d) Encrypts our local drive files while transferring

Answer: a
Clarification: With the help of VPN, users can access and connect to sites that are kept blocked by the ISPs based on a specific geographic location.

Cyber Security Multiple Choice Questions on “Network Models – OSI Model Security”.

1. The ____________ model is 7-layer architecture where each layer is having some specific functionality to perform.
a) TCP/IP
b) Cloud
c) OSI
d) OIS

Answer: c
Clarification: The OSI model is 7-layer architecture where each layer is having some specific functionality to perform. All these layers work in collaboration for transmitting the data from 1 person to another worldwide.

2. The full form of OSI is OSI model is ______________
a) Open Systems Interconnection
b) Open Software Interconnection
c) Open Systems Internet
d) Open Software Internet

Answer: a
Clarification: The OSI model is 7-layer architecture where each layer is having some specific functionality to perform. All these layers work in collaboration for transmitting the data from 1 person to another worldwide.

3. Which of the following is not physical layer vulnerability?
a) Physical theft of data & hardware
b) Physical damage or destruction of data & hardware
c) Unauthorized network access
d) Keystroke & Other Input Logging

Answer: c
Clarification: Unauthorized network access is not an example of physical layer vulnerability. The rest three – Physical theft of data & hardware, damage or destruction of data & hardware and keystroke & Other Input Logging are physical layer vulnerabilities.

4. In __________________ layer, vulnerabilities are directly associated with physical access to networks and hardware.
a) physical
b) data-link
c) network
d) application

Answer: a
Clarification: In the physical layer, vulnerabilities are directly associated with physical access to networks and hardware such as unauthorised network access, damage or destruction of data & hardware and keystroke & Other Input Logging.

5. Loss of power and unauthorized change in the functional unit of hardware comes under problems and issues of the physical layer.
a) True
b) False

Answer: a
Clarification: Loss of power and unauthorized change in the functional unit of hardware comes under problems and issues of the physical layer. Other such issues are unauthorised network access, damage or destruction of data & hardware and keystroke & Other Input Logging.

6. Which of the following is not a vulnerability of the data-link layer?
a) MAC Address Spoofing
b) VLAN circumvention
c) Switches may be forced for flooding traffic to all VLAN ports
d) Overloading of transport-layer mechanisms

Answer: d
Clarification: MAC Address Spoofing, VLAN circumvention and switches may be forced for flooding traffic to all VLAN ports are examples of data-link layer vulnerability.

7. ____________ is data-link layer vulnerability where stations are forced to make direct communication with another station by evading logical controls.
a) VLAN attack
b) VLAN Circumvention
c) VLAN compromisation method
d) Data-link evading

Answer: b
Clarification: VLAN Circumvention is data-link layer vulnerability where stations are forced to make direct communication with another station by evading logical controls implemented using subnets and firewalls.

8. ________________may be forced for flooding traffic to all VLAN ports allowing interception of data through any device that is connected to a VLAN.
a) Switches
b) Routers
c) Hubs
d) Repeaters

Answer: a
Clarification: Switches may be forced for flooding traffic to all VLAN ports allowing interception of data through any device that are connected to a VLAN. It is a vulnerability of data link layer.

9. Which of the following is not a vulnerability of the network layer?
a) Route spoofing
b) Identity & Resource ID Vulnerability
c) IP Address Spoofing
d) Weak or non-existent authentication

Answer: d
Clarification: Weak or non-existent authentication is a vulnerability of the session layer. Route spoofing, identity & resource ID vulnerability & IP Address Spoofing are examples of network layer vulnerability.

10. Which of the following is an example of physical layer vulnerability?
a) MAC Address Spoofing
b) Physical Theft of Data
c) Route spoofing
d) Weak or non-existent authentication

Answer: b
Clarification: Physical theft of data is an example of physical layer vulnerability. Other such issues are unauthorized network access, damage or destruction of data & hardware and keystroke & Other Input Logging.

11. Which of the following is an example of data-link layer vulnerability?
a) MAC Address Spoofing
b) Physical Theft of Data
c) Route spoofing
d) Weak or non-existent authentication

Answer: a
Clarification: MAC Address spoofing is an example of data-link layer vulnerability. VLAN circumvention, as well as switches, may be forced for flooding traffic to all VLAN ports are some other examples of data-link layer vulnerability.

12. Which of the following is an example of network layer vulnerability?
a) MAC Address Spoofing
b) Physical Theft of Data
c) Route spoofing
d) Weak or non-existent authentication

Answer: c
Clarification: Route spoofing is an example of network layer vulnerability. Other examples of network layer vulnerabilities are IP Address Spoofing and Identity & Resource ID Vulnerability.

13. Which of the following is an example of physical layer vulnerability?
a) MAC Address Spoofing
b) Route spoofing
c) Weak or non-existent authentication
d) Keystroke & Other Input Logging

Answer: d
Clarification: Keystroke & other input logging is an example of physical layer vulnerability. Other such physical layer vulnerabilities are unauthorized network access, damage or destruction of data & hardware and keystroke & Other Input Logging.

14. Which of the following is an example of data-link layer vulnerability?
a) Physical Theft of Data
b) VLAN circumvention
c) Route spoofing
d) Weak or non-existent authentication

Answer: b
Clarification: VLAN circumvention is an example of data-link layer vulnerability. MAC Address Spoofing, as well as switches, may be forced for flooding traffic to all VLAN ports are some other examples of data-link layer vulnerability.

Cyber Security Multiple Choice Questions on “Attack Vectors – Virus and Worms”.

1. There are _________ types of computer virus.
a) 5
b) 7
c) 10
d) 12

Answer: c
Clarification: There are a total of 10 types of virus. These are categorized based on their working and characteristics. These are System or Boot Sector Virus, Direct Action Virus, Resident Virus, Multipartite Virus, Polymorphic Virus, Overwrite Virus, Space-filler Virus, File infectors, Macro Virus, Rootkit virus.

2. Which of the following is not a type of virus?
a) Boot sector
b) Polymorphic
c) Multipartite
d) Trojans

Answer: d
Clarification: Types of viruses are System or Boot Sector Virus, Direct Action Virus, Resident Virus, Multipartite Virus, Polymorphic Virus, Overwrite Virus, Space-filler Virus, File infectors, Macro Virus, Rootkit virus. Trojan does not come under types of virus.

3. A computer ________ is a malicious code which self-replicates by copying itself to other programs.
a) program
b) virus
c) application
d) worm

Answer: b
Clarification: A computer virus is a malicious code which self-replicates by copying itself to other programs. The computer virus gets spread by itself into other executable code or documents. The intention of creating a virus is to infect vulnerable systems.

4. Which of them is not an ideal way of spreading the virus?
a) Infected website
b) Emails
c) Official Antivirus CDs
d) USBs

Answer: c
Clarification: The ideal means of spreading computer virus are through emails, USB drives that are used portable and injected and ejected in different systems as well as from infected websites. Antivirus selling vendors do not place a virus in their CDs and DVDs.

5. In which year Apple II virus came into existence?
a) 1979
b) 1980
c) 1981
d) 1982

Answer: c
Clarification: In mid-1981, the 1^st virus for Apple computers with the name Apple II came into existence. It was also called Elk Cloner, which resided in the boot sectors of a 3.3 floppy disk.

6. In mid-1981, the 1^st virus for Apple computers with the name _________ came into existence.
a) Apple I
b) Apple II
c) Apple III
d) Apple Virus

Answer: b
Clarification: In mid-1981, the 1^st virus for Apple computers with the name Apple II came into existence. It was also called Elk Cloner, which resided in the boot sectors of a 3.3 floppy disk.

7. The virus hides itself from getting detected by ______ different ways.
a) 2
b) 3
c) 4
d) 5

Answer: b
Clarification: The virus hides itself from getting detected in three different ways. These are by encrypting itself, by altering the disk directory with additional virus bytes or it uses stealth algorithm to redirect disk data.

8. _______________ infects the master boot record and it is challenging and a complex task to remove this virus.
a) Boot Sector Virus
b) Polymorphic
c) Multipartite
d) Trojans

Answer: a
Clarification: Boot Sector Virus infects the master boot record & it is a challenging & a complex task to remove such virus. Mostly such virus spreads through removable devices.

9. ________________ gets installed & stays hidden in your computer’s memory. It stays involved to the specific type of files which it infects.
a) Boot Sector Virus
b) Direct Action Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: b
Clarification: Direct Action Virus gets installed & stays hidden in your computer’s memory. Such type of virus stays involved to the specific type of files which it infects.

10. Direct Action Virus is also known as ___________
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: a
Clarification: Direct Action Virus is also known as a non-resident virus which gets installed & stays hidden in your computer’s memory. Such type of virus stays involved to the specific type of files which it infects.

11. ______________ infects the executables as well as the boot sectors.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: d
Clarification: Multipartite Virus infects the executables as well as the boot sectors. It infects the computer or get into any system through multiple mediums and are hard to remove.

12. ______________ are difficult to identify as they keep on changing their type and signature.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: c
Clarification: Polymorphic Virus is difficult to identify as they keep on changing their type and signature. They’re not easily detectable by traditional antivirus. It usually changes the signature pattern whenever it replicates itself.

13. ____________ deletes all the files that it infects.
a) Non-resident virus
b) Overwrite Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: b
Clarification: Overwrite virus deletes all files that it infects. It can be removed by only deleting those infected files. Mostly, it gets spread via emails.

14. _____________ is also known as cavity virus.
a) Non-resident virus
b) Overwrite Virus
c) Polymorphic Virus
d) Space-filler Virus

Answer: d
Clarification: Space-fillers are a special type of virus which usually does not cause any serious harm to the system except it fills up the empty space in memory and codes leading to wastage of memory.

15. Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a) Research purpose
b) Pranks
c) Identity theft
d) Protection

Answer: d
Clarification: Computer virus is not created for protection. Virus writers may have other reasons like for research purpose, pranks, vandalism, financial gain, identity theft, and some other malicious purposes.