Category: Cyber Security Objective Questions

Cyber Security Multiple Choice Questions on “Attack Vectors – Caches and Cookies”.

1. Which of the following data is not appropriate here, if you delete cache, cookies, and browser history?
a) Address bar predictions
b) Saved passwords
c) Browser plug-ins
d) Shopping cart content

Answer: c
Clarification: Clearing the browser’s cookies, cache & history may eradicate data such as address bar predictions, saved passwords and shopping cart contents. In this way, hackers won’t be able to take your data through browser hacking or cookie stealing.

2. ____________ are tiny files which get downloaded to your system when you visit a website.
a) Cookies
b) Caches
c) Bots
d) Crawlers

Answer: a
Clarification: Cookies are tiny files which get downloaded to your system when you visit a website. They are a very important part of hacking and so clearing the browser’s cookies, cache & history may eradicate data such as address bar predictions, saved passwords and shopping cart contents so that hackers don’t steal them.

3. Browser ___________ are impermanent internet files which helps the browsers download web images, data & documents for rapid performance & viewing in the future.
a) plug-ins
b) cache
c) ad-on
d) history

Answer: b
Clarification: Browser caches are impermanent internet files that helps the browsers download web images, data & documents for rapid performance & viewing in the future.

4. ___________ is just a group of data downloaded for helping in displaying a web page faster.
a) plug-ins
b) cache
c) ad-ons
d) history

Answer: b
Clarification: A cache is just a group of data downloaded for helping in displaying a web page faster. These files help the browsers download web images, data & documents for rapid performance & viewing in the future.

5. Attackers could steal ___________ to achieve illegitimate accessing to online accounts & disturbs the personal information.
a) plug-ins
b) cache
c) cookies
d) history

Answer: c
Clarification: Attackers could steal cookies to achieve illegitimate accessing online accounts & disturbs the personal information. Hence, clearing the browser’s cookies may eradicate data such as saved passwords and IDs as well as shopping cart contents.

6. Which of the following is not an example of browsing data?
a) Forms and Search-bar data
b) Cache data
c) Downloading history
d) Start bar search data

Answer: d
Clarification: Attackers may target data such as forms and Search-bar data, cache & cookies data, browsing and download history records, active logins and site preferences to steal user’s sensitive data.

7. There are cookies that are designed to track your browsing habits & aim ads to you.
a) True
b) False

Answer: a
Clarification: Cookies are tiny files which get downloaded to your system when you visit a website. There are cookies that are designed to track your browsing habits & aim ads that are relevant to the user.

8. Keeping browsing habits & aiming specific ads to you is harmless but it might reduce your online privacy.
a) True
b) False

Answer: a
Clarification: There are cookies that are designed to track your browsing habits & aim ads that are relevant to the user. Keeping browsing habits & aiming specific ads to users is harmless but it might reduce your online privacy.

9. There are ____________ that are designed to track your browsing habits & aim ads that are relevant to the user.
a) plug-ins
b) cache
c) cookies
d) history

Answer: c
Clarification: Cookies are tiny files which get downloaded to your system when you visit a website. There are cookies that are designed to track your browsing habits & aim ads that are relevant to the user.

Cyber Security Multiple Choice Questions on “Ethical Hacking – Types of Hackers & Security Professionals”.

1. Hackers who help in finding bugs and vulnerabilities in a system & don’t intend to crack a system are termed as ________
a) Black Hat hackers
b) White Hat Hackers
c) Grey Hat Hackers
d) Red Hat Hackers

Answer: b
Clarification: White Hat Hackers are cyber security analysts and consultants who have the intent to help firms and Governments in the identification of loopholes as well as help to perform penetration tests for securing a system.

2. Which is the legal form of hacking based on which jobs are provided in IT industries and firms?
a) Cracking
b) Non ethical Hacking
c) Ethical hacking
d) Hactivism

Answer: c
Clarification: Ethical Hacking is an ethical form of hacking done by white-hat hackers for performing penetration tests and identifying potential threats in any organizations and firms.

3. They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes. Who are “they” referred to here?
a) Gray Hat Hackers
b) White Hat Hackers
c) Hactivists
d) Black Hat Hackers

Answer: d
Clarification: Black Hat hackers also termed as ‘crackers’ and are a major type of cyber criminals who take unauthorized access in user’s account or system and steal sensitive data or inject malware into the system for their profit or to harm the organization.

4. ________ are the combination of both white as well as black hat hackers.
a) Grey Hat hackers
b) Green Hat hackers
c) Blue Hat Hackers
d) Red Hat Hackers

Answer: a
Clarification: Grey Hat Hackers have a blending character of both ethical as well as un-ethical hacker. They hack other’s systems for fun but do not harm the system, exploits bugs and vulnerabilities in network without the knowledge of the admin or the owner.

5. The amateur or newbie in the field of hacking who don’t have many skills about coding and in-depth working of security and hacking tools are called ________
a) Sponsored Hackers
b) Hactivists
c) Script Kiddies
d) Whistle Blowers

Answer: c
Clarification: Script Kiddies are new to hacking and at the same time do not have many interests in developing coding skills or find bugs of their own in systems; rather they prefer downloading of available tools (developed by elite hackers) and use them to break any system or network. They just try to gain attention of their friend circles.

6. Suicide Hackers are those _________
a) who break a system for some specific purpose with or without keeping in mind that they may suffer long term imprisonment due to their malicious activity
b) individuals with no knowledge of codes but an expert in using hacking tools
c) who know the consequences of their hacking activities and hence try to prevent them by erasing their digital footprints
d) who are employed in an organization to do malicious activities on other firms

Answer: a
Clarification: Suicide hackers are those who break into any network or system with or without knowing the consequences of the cyber crime and its penalty. There are some suicide hackers who intentionally do crimes and get caught to bring their names in the headlines.

7. Criminal minded individuals who work for terrorist organizations and steal information of nations and other secret intelligence are _________
a) State sponsored hackers
b) Blue Hat Hackers
c) Cyber Terrorists
d) Red Hat Hackers

Answer: c
Clarification: Cyber Terrorists are very expert programmers and cyber criminals who hide themselves while doing malicious activities over the internet and they are smart enough to hide themselves or their tracks of action. They are hired for gaining unauthorised access to nation’s data centres or break into the network of intelligence agencies.

8. One who disclose information to public of a company, organization, firm, government and private agency and he/she is the member or employee of that organization; such individuals are termed as ___________
a) Sponsored hackers
b) Crackers
c) Hactivist
d) Whistleblowers

Answer: d
Clarification: Whistleblowers are those individuals who is a member or an employee of any specific organization and is responsible for disclosing private information of those organizations, firms, either government or private.

9. These types of hackers are the most skilled hackers in the hackers’ community. Who are “they” referred to?
a) White hat Hackers
b) Elite Hackers
c) Licensed Penetration Testers
d) Red Hat Hackers

Answer: b
Clarification: The tag “Elite hackers” are considered amongst the most reputed hackers who possess most of the hacking and security skills. They are treated with utmost respect in the hackers’ community. Zero day vulnerabilities, serious hacking tools and newly introduced bugs are found and developed by them.

10. _________ are those individuals who maintain and handles IT security in any firm or organization.
a) IT Security Engineer
b) Cyber Security Interns
c) Software Security Specialist
d) Security Auditor

Answer: a
Clarification: This is an intermediary level of position of an individual in an organization or firm who builds and preserves different systems and its associated security tools of the firm of organization to which he/she belongs.

11. Role of security auditor is to ____________
a) secure the network
b) probe for safety and security of organization’s security components and systems
c) detects and prevents cyber attacks and threats to organization
d) does penetration testing on different web applications

Answer: b
Clarification: Security auditors are those who conduct auditing of various computer and network systems on an organization or company and reports the safety and security issues as well as helps in suggesting improvements or enhancements in any particular system that is threat prone.

12. ________ are senior level corporate employees who have the role and responsibilities of creating and designing secured network or security structures.
a) Ethical Hackers
b) Chief Technical Officer
c) IT Security Engineers
d) Security Architect

Answer: d
Clarification: Security architect are those senior grade employees of an organization who are in charge of building, designing, implementing and testing of secured network topologies, protocols as well as secured computers in an organization.

13. __________ security consultants uses database security monitoring & scanning tools to maintain security to different data residing in the database / servers / cloud.
a) Database
b) Network
c) System
d) Hardware

Answer: a
Clarification: Database Security consultants are specific individuals hired in order to monitor and scan the database systems and keep them secured from unwanted threats and attacks by giving access to restricted users, blocking unwanted files, multi-factor access control etc.

14. Governments hired some highly skilled hackers. These types of hackers are termed as _______
a) Special Hackers
b) Government Hackers
c) Cyber Intelligence Agents
d) Nation / State sponsored hackers

Answer: d
Clarification: Nation / State sponsored hackers are specific individuals who are employed or hired by the government of that nation or state and protect the nation from cyber terrorists and other groups or individuals and to reveal their plans, communications and actions.

15. Someone (from outside) who tests security issues for bugs before launching a system or application, and who is not a part of that organization or company are ______
a) Black Hat hacker
b) External penetration tester
c) Blue Hat hacker
d) White Hat Hacker

Answer: c
Clarification: Blue Hat Hackers are outsiders yet security testers who are temporarily hired for performing outsourced security test for bugs and vulnerabilities in any system before launching it to the market or making the application live.

Cyber Security Multiple Choice Questions on “Linux OS and its Security”.

1. _________ is one of the most secured Linux OS that provides anonymity and an incognito option for securing its user data.
a) Fedora
b) Tails
c) Ubuntu
d) OpenSUSE

Answer: b
Clarification: If any user is looking for Linux based security solutions, Tails is one of the most popular Linux-based operating systems that provides anonymity and an incognito option for securing its user data.

2. Which of the following OS does not comes under a secured Linux OS list?
a) Qubes OS
b) Tails
c) Tin Hat
d) Ubuntu

Answer: d
Clarification: Qubes OS, Tails OS, and Tin Hat are amongst the most secured Linux Operating Systems (OS) that provide fast and secure Linux experience along with maintaining anonymity for the users.

3. ____________ is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users’ data private.
a) Fedora
b) Ubuntu
c) Whonix
d) Kubuntu

Answer: c
Clarification: Whonix is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users’ data private. One VM is a Tor Gateway that runs Debian while the other is Workstation.

4. Subgraph OS is a Debian based Linux distro which provides hardcore anonymity and is approved by Edward Snowden.
a) True
b) False

Answer: a
Clarification: Subgraph OS is a secured Debian-based Linux distro which provides hardcore anonymity and is approved by Edward Snowden. It helps the users give anonymous digital experience along with data hardening feature.

5. Which of the following comes under secured Linux based OS?
a) Ubuntu
b) Fedora
c) Kubuntu
d) Tails

Answer: d
Clarification: If any user is looking for Linux based security solutions, Tails is one of the most popular Linux-based operating systems that provide anonymity and incognito option for securing its user data.

6. Using the ______ account of a UNIX system, one can carry out administrative functions.
a) root
b) administrative
c) user
d) client

Answer: a
Clarification: Using the root account of a UNIX system, one can carry out administrative functions in the system. Rest of the accounts in the system are unprivileged, i.e. other accounts have no rights beyond accessing of files having proper permission.

7. In your Linux-based system, you have to log-in with your root account for managing any feature of your system.
a) True
b) False

Answer: b
Clarification: Try to avoid logging in as a root user. In your Linux-based system, you don’t have to log-in with your root account for managing any feature of your system. For the administrative task, you can use the tool or command ‘sudo’ or ‘su’ that gives root privileges.

8. In a Linux-based system, the accounts may be members of 1 or more than one group.
a) True
b) False

Answer: a
Clarification: In a Linux-based system, the accounts may be members of 1 or more groups. If any group has been assigned to access resources, then from the security perspective, one needs to keep in mind that every member of that group gets access to it automatically.

9. MAC is abbreviated as _______________
a) Machine Access Control
b) Mandatory Accounts Control
c) Mandatory Access Controlling
d) Mandatory Access Control

Answer: d
Clarification: Mandatory Access Control systems provides separation of a computer and its OS into several small discrete sections. This is because the user of a system can only utilize those pieces of a system for which they’ve been given permission to.

10. _______________ in a system is given so that users can use dedicated parts of the system for which they’ve been given access to.
a) Machine Access Control
b) Mandatory Accounts Control
c) Mandatory Access Control
d) Mandatory Access Controlling

Answer: c
Clarification: Mandatory Access Control is a technique that provides separation of a computer with its OS into several small discrete sections so that the user of a system can only utilize those pieces of a system for which they’ve been given permission to.

11. DTE is abbreviated as ___________________
a) Domain and Type Enforcing
b) Domain and Type Enforcement
c) DNS and Type Enforcement
d) DNS and Type Enforcing

Answer: b
Clarification: Domain and Type Enforcement is a technique for access-control in technology and in OS like Linux which helps in limiting the access of programs that are running, to limited users, or only to those who have permission to access.

12. RBAC is abbreviated as ______________
a) Rule-Based Accessing Control
b) Role-Based Access Control
c) Rule-Based Access Control
d) Role-Based Accessing Control

Answer: b
Clarification: RBAC which is abbreviated as Role-Based Access Control defines a set of functions for users in a Linux system and is often built on top of DTE systems. Here users can log for certain roles and run particular programs that are apposite for the role.

Cyber Security Multiple Choice Questions & Answers on “Network Models – OSI Model Security”.

1. Which of the following is not a transport layer vulnerability?
a) Mishandling of undefined, poorly defined
b) The Vulnerability that allows “fingerprinting” & other enumeration of host information
c) Overloading of transport-layer mechanisms
d) Unauthorized network access

Answer: d
Clarification: The different vulnerabilities of the Transport layer are mishandling of undefined, poorly defined, Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.

2. Which of the following is not session layer vulnerability?
a) Mishandling of undefined, poorly defined
b) Spoofing and hijacking of data based on failed authentication attempts
c) Passing of session-credentials allowing intercept and unauthorized use
d) Weak or non-existent authentication mechanisms

Answer: a
Clarification: Vulnerabilities of session layer of the OSI model are spoofing and hijacking of data based on failed authentication attempts, weak or non-existent authentication mechanisms, and the passing of session-credentials allowing intercept and unauthorized use.

3. Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a) Physical layer
b) Data-link Layer
c) Session layer
d) Presentation layer

Answer: c
Clarification: Session identification may be subject to spoofing may lead to data leakage which depends on failed authentication attempts and allow hackers to allow brute-force attacks on access credentials.

4. Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a) True
b) False

Answer: a
Clarification: Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets. This type of attacks is done in the transport layer of the OSI model.

5. Which of the following is not an example of presentation layer issues?
a) Poor handling of unexpected input can lead to the execution of arbitrary instructions
b) Unintentional or ill-directed use of superficially supplied input
c) Cryptographic flaws in the system may get exploited to evade privacy
d) Weak or non-existent authentication mechanisms

Answer: d
Clarification: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-directed use of superficially supplied input, and poor handling of unexpected input are examples of presentation layer flaws.

6. Which of the following is not a vulnerability of the application layer?
a) Application design bugs may bypass security controls
b) Inadequate security controls force “all-or-nothing” approach
c) Logical bugs in programs may be by chance or on purpose be used for crashing programs
d) Overloading of transport-layer mechanisms

Answer: d
Clarification: Application design flaws may bypass security controls, inadequate security controls as well as logical bugs in programs may be by chance or on purpose be used for crashing programs. These all are part of application layer vulnerability.

7. Which of the following is an example of Transport layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls

Answer: b
Clarification: Overloading of transport-layer mechanisms is an example of transport layer vulnerability. Other examples of Transport layer vulnerability are mishandling of undefined, poorly defined, Vulnerability that allows “fingerprinting” & other enumeration of host information.

8. Which of the following is an example of session layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls

Answer: a
Clarification: Weak or non-existent mechanisms for authentication is an example of session layer vulnerability. Other examples are spoofing and the hijacking of data based on failed-authentication attempts & passing of session-credentials allowing intercept and unauthorized use.

9. Which of the following is an example of presentation layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) highly complex application security controls
d) poor handling of unexpected input

Answer: d
Clarification: Poor handling of unexpected input is an example of presentation layer vulnerability. Cryptographic flaws may be exploited to circumvent privacy, unintentional use of superficially supplied input are some other examples of presentation layer vulnerability.

10. Which of the following is an example of application layer vulnerability?
a) Cryptographic flaws lead to the privacy issue
b) Very complex application security controls
c) MAC Address Spoofing
d) Weak or non-existent authentication

Answer: b
Clarification: Very complex application security controls can be an example of application layer vulnerability. Inadequate security controls, as well as logical bugs in programs, are some other examples of such type.

Cyber Security Multiple Choice Questions on “Attack Vectors – Trojans and Backdoors”.

1. A ___________ is a small malicious program that runs hidden on infected system.
a) Virus
b) Trojan
c) Shareware
d) Adware

Answer: b
Clarification: A Trojan is a small malicious program that runs hidden on the infected system. They are created with the intent and they infected the system by misleading the user. It works in the background and steals sensitive data.

2. ____________ works in background and steals sensitive data.
a) Virus
b) Shareware
c) Trojan
d) Adware

Answer: c
Clarification: Trojans are malicious files designed to work hidden on the infected system. They are intended to infect the system by misleading the user. It works in the background and steals sensitive information about the target user.

3. By gaining access to the Trojaned system the attacker can stage different types of attack using that ____________ program running in the background.
a) Trojan
b) Virus
c) Antivirus
d) Anti-malware

Answer: a
Clarification: By gaining access to the Trojaned system the attacker can stage different types of attack using that Trojan program running in the background when the infected user’s system goes online.

4. Trojan creators do not look for _______________
a) Credit card information
b) Confidential data
c) Important documents
d) Securing systems with such programs

Answer: d
Clarification: Trojan creators do not look for securing victim’s system with their programs, rather they create such trojans for stealing credit card and financial details as well as important documents and files.

5. Which of them is not a proper way of getting into the system?
a) IM
b) Attachments
c) Official product sites
d) Un-trusted sites, freeware and pirated software

Answer: c
Clarification: Official product sites such as Microsoft’s site giving the option for downloading their updates and OS won’t contain any Trojans. Other than that Trojans can access your system by email attachments, Instant Messaging apps, un-trusted sites & links.

6. Which of the following port is not used by Trojans?
a) UDP
b) TCP
c) SMTP
d) MP

Answer: d
Clarification: MP is not a valid port name and does not have any port number also. But usually, Trojans likeBack Orifice, Deep Throat use UDP port; Trojans like Netbus, Master Paradise uses TCP & SMTP port to gain access to a system.

7. Trojans do not do one of the following. What is that?
a) Deleting Data
b) Protecting Data
c) Modifying Data
d) Copying Data

Answer: b
Clarification: Trojans perform malicious actions and operations. These are to modify data, copy data to its creator, delete data from the infected system or blocking data by carrying ransomware or other malicious programs along with it.

8. Some Trojans carry ransomware with them to encrypt the data and ask for ransom.
a) True
b) False

Answer: a
Clarification: Trojans are usually created to carry out the following actions like: modify data, copy data to its creator, delete data from the infected system or blocking data by carrying ransomware embedded in it.

9. Once activated __________ can enable ____________to spy on the victim, steal their sensitive information & gain backdoor access to the system.
a) virus, cyber-criminals
b) malware, penetration testers
c) trojans, cyber-criminals
d) virus, penetration testers

Answer: c
Clarification: Once activated, trojans can enable cyber-criminals to spy on the victim, steal their sensitive information & gain backdoor access to the system.

10. Trojans can not ______________
a) steal data
b) self-replicate
c) steal financial information
d) steal login credentials

Answer: b
Clarification: A Trojan is a malicious program that runs hidden on the infected system. They are developed with the intent and they infected the system by misleading the user. It works behind the system and steals sensitive data but cannot self-replicate.

11. A _______________ provides malicious users remote control over the targeted computer.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: b
Clarification: A Backdoor Trojan provides malicious users remote control over the targeted computer. These trojans enable the author to perform anything they desire on the infected system which includes sending, receiving, launching & deleting files.

12. _______________ programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: c
Clarification: Trojan-Banker is programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards. They work silently in the back of the system process to steal such data.

13. ______________ perform automated DoS (Denial of Service) attacks on a targeted web address.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: a
Clarification: DDoS Trojan performs automated DoS (Denial of Service) attacks on a targeted web address. By sending multiple requests from your system, it can target different websites which can lead to a Denial of Service attack.

14. Trojan-Downloader is a special type of trojans which can download & install new versions of malicious programs.
a) True
b) False

Answer: a
Clarification: Trojan-Downloader is another type of trojans that can download & install new versions of malicious programs. They work secretly & keep on downloading other malicious programs when the system is online.

15. ____________ work in background & keeps on downloading other malicious programs when the system is online.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: d
Clarification: Trojan-Downloader is a special type of trojans that work secretly & keep on downloading other malicious programs when the system is online. They can also download & install new versions of malicious programs.

Cyber Security Multiple Choice Questions on “Attack Vectors – Social Networking Security”.

1. Which of the following is the most viral section of the internet?
a) Chat Messenger
b) Social networking sites
c) Tutorial sites
d) Chat-rooms

Answer: b
Clarification: Social networking sites are the most used sites and the most viral section of the internet. So users must keep their accounts secure and safe from getting into wrong hands.

2. ____________ type of sites are known as friend-of-a-friend site.
a) Chat Messenger
b) Social networking sites
c) Tutorial sites
d) Chat-rooms

Answer: b
Clarification: Social networking sites are the most used site which acts to connect people for social interaction. So users must keep their accounts secure & safe from getting into wrong hands.

3. Which of the following is not an appropriate measure for securing social networking accounts?
a) Strong passwords
b) Link your account with a phone number
c) Never write your password anywhere
d) Always maintain a soft copy of all your passwords in your PC

Answer: d
Clarification: ‘Always maintain a soft copy of all your passwords in your PC’ is not an appropriate measure for securing your online accounts because, if your system got accessed by anyone or anybody put spyware or screen-recording malware, then all your passwords will get revealed.

4. Which of them is a proper measure of securing social networking account?
a) Never keep your password with any relevant names
b) Keep written records of your passwords
c) Keep records of your password in audio format in your personal cell-phone
d) Passwords are kept smaller in size to remember

Answer: a
Clarification: Never keep your password with any relevant names because there are different types of hackers who either use password guessing techniques or some of them are hard-working and they do social engineering and research on different data associated to the victim.

5. If hackers gain access to your social media accounts, they can do some illicit or shameless act to degrade your reputation.
a) True
b) False

Answer: a
Clarification: Yes, there are script-kiddies or young-hackers who start their hacking career by cracking simple & weak passwords to enlighten their skills to others. These hackers may gain access to your social media accounts & can do some illicit or shameless act on behalf of your name to degrade your reputation.

6. ________________ is a popular tool to block social-media websites to track your browsing activities.
a) Fader
b) Blur
c) Social-Media Blocker
d) Ad-blocker

Answer: b
Clarification: Blur is a free browser extension and a popular tool used to block social-media websites to track your browsing activities & prevent users from these surfing pattern stealers.

7. Try to keep your passwords without meaning so that _____________ attack becomes almost impossible to perform successfully.
a) social engineering
b) phishing
c) password guessing
d) brute force

Answer: c
Clarification: Try to keep your passwords without meaning so that password guessing attack becomes almost impossible to perform successfully. This will reduce the potential to do both passwords guessing as well as dictionary attacks.

8. Keeping the password by the name of your pet is a good choice.
a) True
b) False

Answer: b
Clarification: Keeping the password by the name of your pet is not at all a good choice. Because they do social engineering & research on different data associated with you as a victim and will perform password guessing techniques.

9. Increase your security for social media account by always ____________ as you step away from the system.
a) signing in
b) logging out
c) signing up
d) logging in

Answer: b
Clarification: Increase your security for social media account by always logging out as you step away from the system. This will reduce both remote hacking as well as physical hacking.

10. Clicking on enticing Ads can cause trouble.
a) True
b) False

Answer: a
Clarification: Clicking on enticing Ads can cause trouble. Viruses & malware frequently find their mode of entering onto the victim computer through these annoying & enticing ads.

11. Strangers cannot cause much trouble if we connect to them over social media.
a) True
b) False

Answer: b
Clarification: Strangers can cause huge trouble if we connect to them or chat with them without knowing exact details or whether the account is genuine or not. The stranger may send infected links which you might click and will redirect you to infected sites.

12. Part of the social media sites are the various games & 3^rd party applications which helps ______________ to get access to your data.
a) ethical hackers
b) penetration testers
c) security auditors
d) cyber-criminals

Answer: d
Clarification: Part of the social media sites are the various games & 3^rd party applications which help cyber criminals to get access to your data. In this way, they can compromise your account or grab your valuable & confidential data.

13. Many social media sites and services provide _______________ for legitimate account verification.
a) Retina scanning
b) Fingerprint scanning
c) CAPTCHA
d) 2-step verification

Answer: d
Clarification: With 2-Step Verification (which is also known as 2-factor authentication), users can add an extra layer of security to your account. After login, it asks for your existing phone number to send an OTP for layer-2 verification.

14. Scanning your system and destroying suspicious files can reduce risks of data compromise or leakage of compromised data over social media.
a) True
b) False

Answer: a
Clarification: Scanning your system and destroying suspicious files can reduce risks of data compromise or leakage of compromised data over social media. There are different website caches and bots that gets automatically downloaded to your system when you open different social-media sites and they store your sensitive data related to your social media account.

15. Different social media services offer tips as of how to use their services and site, still maintaining a high altitude of security.
a) True
b) False

Answer: a
Clarification: Different social media services offer tips as of how to use their services and site, still maintaining a high altitude of security. Every user must use those links to educate themselves and learn various features towards social-media security.