Category: Cyber Security Objective Questions

Cyber Security Multiple Choice Questions on “Attack Vectors – Virus and Worms”.

1. There are _________ types of computer virus.
a) 5
b) 7
c) 10
d) 12

Answer: c
Clarification: There are a total of 10 types of virus. These are categorized based on their working and characteristics. These are System or Boot Sector Virus, Direct Action Virus, Resident Virus, Multipartite Virus, Polymorphic Virus, Overwrite Virus, Space-filler Virus, File infectors, Macro Virus, Rootkit virus.

2. Which of the following is not a type of virus?
a) Boot sector
b) Polymorphic
c) Multipartite
d) Trojans

Answer: d
Clarification: Types of viruses are System or Boot Sector Virus, Direct Action Virus, Resident Virus, Multipartite Virus, Polymorphic Virus, Overwrite Virus, Space-filler Virus, File infectors, Macro Virus, Rootkit virus. Trojan does not come under types of virus.

3. A computer ________ is a malicious code which self-replicates by copying itself to other programs.
a) program
b) virus
c) application
d) worm

Answer: b
Clarification: A computer virus is a malicious code which self-replicates by copying itself to other programs. The computer virus gets spread by itself into other executable code or documents. The intention of creating a virus is to infect vulnerable systems.

4. Which of them is not an ideal way of spreading the virus?
a) Infected website
b) Emails
c) Official Antivirus CDs
d) USBs

Answer: c
Clarification: The ideal means of spreading computer virus are through emails, USB drives that are used portable and injected and ejected in different systems as well as from infected websites. Antivirus selling vendors do not place a virus in their CDs and DVDs.

5. In which year Apple II virus came into existence?
a) 1979
b) 1980
c) 1981
d) 1982

Answer: c
Clarification: In mid-1981, the 1^st virus for Apple computers with the name Apple II came into existence. It was also called Elk Cloner, which resided in the boot sectors of a 3.3 floppy disk.

6. In mid-1981, the 1^st virus for Apple computers with the name _________ came into existence.
a) Apple I
b) Apple II
c) Apple III
d) Apple Virus

Answer: b
Clarification: In mid-1981, the 1^st virus for Apple computers with the name Apple II came into existence. It was also called Elk Cloner, which resided in the boot sectors of a 3.3 floppy disk.

7. The virus hides itself from getting detected by ______ different ways.
a) 2
b) 3
c) 4
d) 5

Answer: b
Clarification: The virus hides itself from getting detected in three different ways. These are by encrypting itself, by altering the disk directory with additional virus bytes or it uses stealth algorithm to redirect disk data.

8. _______________ infects the master boot record and it is challenging and a complex task to remove this virus.
a) Boot Sector Virus
b) Polymorphic
c) Multipartite
d) Trojans

Answer: a
Clarification: Boot Sector Virus infects the master boot record & it is a challenging & a complex task to remove such virus. Mostly such virus spreads through removable devices.

9. ________________ gets installed & stays hidden in your computer’s memory. It stays involved to the specific type of files which it infects.
a) Boot Sector Virus
b) Direct Action Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: b
Clarification: Direct Action Virus gets installed & stays hidden in your computer’s memory. Such type of virus stays involved to the specific type of files which it infects.

10. Direct Action Virus is also known as ___________
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: a
Clarification: Direct Action Virus is also known as a non-resident virus which gets installed & stays hidden in your computer’s memory. Such type of virus stays involved to the specific type of files which it infects.

11. ______________ infects the executables as well as the boot sectors.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: d
Clarification: Multipartite Virus infects the executables as well as the boot sectors. It infects the computer or get into any system through multiple mediums and are hard to remove.

12. ______________ are difficult to identify as they keep on changing their type and signature.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: c
Clarification: Polymorphic Virus is difficult to identify as they keep on changing their type and signature. They’re not easily detectable by traditional antivirus. It usually changes the signature pattern whenever it replicates itself.

13. ____________ deletes all the files that it infects.
a) Non-resident virus
b) Overwrite Virus
c) Polymorphic Virus
d) Multipartite Virus

Answer: b
Clarification: Overwrite virus deletes all files that it infects. It can be removed by only deleting those infected files. Mostly, it gets spread via emails.

14. _____________ is also known as cavity virus.
a) Non-resident virus
b) Overwrite Virus
c) Polymorphic Virus
d) Space-filler Virus

Answer: d
Clarification: Space-fillers are a special type of virus which usually does not cause any serious harm to the system except it fills up the empty space in memory and codes leading to wastage of memory.

15. Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a) Research purpose
b) Pranks
c) Identity theft
d) Protection

Answer: d
Clarification: Computer virus is not created for protection. Virus writers may have other reasons like for research purpose, pranks, vandalism, financial gain, identity theft, and some other malicious purposes.

Cyber Security Multiple Choice Questions on “Attack Vectors – Caches and Cookies”.

1. Which of the following data is not appropriate here, if you delete cache, cookies, and browser history?
a) Address bar predictions
b) Saved passwords
c) Browser plug-ins
d) Shopping cart content

Answer: c
Clarification: Clearing the browser’s cookies, cache & history may eradicate data such as address bar predictions, saved passwords and shopping cart contents. In this way, hackers won’t be able to take your data through browser hacking or cookie stealing.

2. ____________ are tiny files which get downloaded to your system when you visit a website.
a) Cookies
b) Caches
c) Bots
d) Crawlers

Answer: a
Clarification: Cookies are tiny files which get downloaded to your system when you visit a website. They are a very important part of hacking and so clearing the browser’s cookies, cache & history may eradicate data such as address bar predictions, saved passwords and shopping cart contents so that hackers don’t steal them.

3. Browser ___________ are impermanent internet files which helps the browsers download web images, data & documents for rapid performance & viewing in the future.
a) plug-ins
b) cache
c) ad-on
d) history

Answer: b
Clarification: Browser caches are impermanent internet files that helps the browsers download web images, data & documents for rapid performance & viewing in the future.

4. ___________ is just a group of data downloaded for helping in displaying a web page faster.
a) plug-ins
b) cache
c) ad-ons
d) history

Answer: b
Clarification: A cache is just a group of data downloaded for helping in displaying a web page faster. These files help the browsers download web images, data & documents for rapid performance & viewing in the future.

5. Attackers could steal ___________ to achieve illegitimate accessing to online accounts & disturbs the personal information.
a) plug-ins
b) cache
c) cookies
d) history

Answer: c
Clarification: Attackers could steal cookies to achieve illegitimate accessing online accounts & disturbs the personal information. Hence, clearing the browser’s cookies may eradicate data such as saved passwords and IDs as well as shopping cart contents.

6. Which of the following is not an example of browsing data?
a) Forms and Search-bar data
b) Cache data
c) Downloading history
d) Start bar search data

Answer: d
Clarification: Attackers may target data such as forms and Search-bar data, cache & cookies data, browsing and download history records, active logins and site preferences to steal user’s sensitive data.

7. There are cookies that are designed to track your browsing habits & aim ads to you.
a) True
b) False

Answer: a
Clarification: Cookies are tiny files which get downloaded to your system when you visit a website. There are cookies that are designed to track your browsing habits & aim ads that are relevant to the user.

8. Keeping browsing habits & aiming specific ads to you is harmless but it might reduce your online privacy.
a) True
b) False

Answer: a
Clarification: There are cookies that are designed to track your browsing habits & aim ads that are relevant to the user. Keeping browsing habits & aiming specific ads to users is harmless but it might reduce your online privacy.

9. There are ____________ that are designed to track your browsing habits & aim ads that are relevant to the user.
a) plug-ins
b) cache
c) cookies
d) history

Answer: c
Clarification: Cookies are tiny files which get downloaded to your system when you visit a website. There are cookies that are designed to track your browsing habits & aim ads that are relevant to the user.

Cyber Security Multiple Choice Questions on “Ethical Hacking – Types of Hackers & Security Professionals”.

1. Hackers who help in finding bugs and vulnerabilities in a system & don’t intend to crack a system are termed as ________
a) Black Hat hackers
b) White Hat Hackers
c) Grey Hat Hackers
d) Red Hat Hackers

Answer: b
Clarification: White Hat Hackers are cyber security analysts and consultants who have the intent to help firms and Governments in the identification of loopholes as well as help to perform penetration tests for securing a system.

2. Which is the legal form of hacking based on which jobs are provided in IT industries and firms?
a) Cracking
b) Non ethical Hacking
c) Ethical hacking
d) Hactivism

Answer: c
Clarification: Ethical Hacking is an ethical form of hacking done by white-hat hackers for performing penetration tests and identifying potential threats in any organizations and firms.

3. They are nefarious hackers, and their main motive is to gain financial profit by doing cyber crimes. Who are “they” referred to here?
a) Gray Hat Hackers
b) White Hat Hackers
c) Hactivists
d) Black Hat Hackers

Answer: d
Clarification: Black Hat hackers also termed as ‘crackers’ and are a major type of cyber criminals who take unauthorized access in user’s account or system and steal sensitive data or inject malware into the system for their profit or to harm the organization.

4. ________ are the combination of both white as well as black hat hackers.
a) Grey Hat hackers
b) Green Hat hackers
c) Blue Hat Hackers
d) Red Hat Hackers

Answer: a
Clarification: Grey Hat Hackers have a blending character of both ethical as well as un-ethical hacker. They hack other’s systems for fun but do not harm the system, exploits bugs and vulnerabilities in network without the knowledge of the admin or the owner.

5. The amateur or newbie in the field of hacking who don’t have many skills about coding and in-depth working of security and hacking tools are called ________
a) Sponsored Hackers
b) Hactivists
c) Script Kiddies
d) Whistle Blowers

Answer: c
Clarification: Script Kiddies are new to hacking and at the same time do not have many interests in developing coding skills or find bugs of their own in systems; rather they prefer downloading of available tools (developed by elite hackers) and use them to break any system or network. They just try to gain attention of their friend circles.

6. Suicide Hackers are those _________
a) who break a system for some specific purpose with or without keeping in mind that they may suffer long term imprisonment due to their malicious activity
b) individuals with no knowledge of codes but an expert in using hacking tools
c) who know the consequences of their hacking activities and hence try to prevent them by erasing their digital footprints
d) who are employed in an organization to do malicious activities on other firms

Answer: a
Clarification: Suicide hackers are those who break into any network or system with or without knowing the consequences of the cyber crime and its penalty. There are some suicide hackers who intentionally do crimes and get caught to bring their names in the headlines.

7. Criminal minded individuals who work for terrorist organizations and steal information of nations and other secret intelligence are _________
a) State sponsored hackers
b) Blue Hat Hackers
c) Cyber Terrorists
d) Red Hat Hackers

Answer: c
Clarification: Cyber Terrorists are very expert programmers and cyber criminals who hide themselves while doing malicious activities over the internet and they are smart enough to hide themselves or their tracks of action. They are hired for gaining unauthorised access to nation’s data centres or break into the network of intelligence agencies.

8. One who disclose information to public of a company, organization, firm, government and private agency and he/she is the member or employee of that organization; such individuals are termed as ___________
a) Sponsored hackers
b) Crackers
c) Hactivist
d) Whistleblowers

Answer: d
Clarification: Whistleblowers are those individuals who is a member or an employee of any specific organization and is responsible for disclosing private information of those organizations, firms, either government or private.

9. These types of hackers are the most skilled hackers in the hackers’ community. Who are “they” referred to?
a) White hat Hackers
b) Elite Hackers
c) Licensed Penetration Testers
d) Red Hat Hackers

Answer: b
Clarification: The tag “Elite hackers” are considered amongst the most reputed hackers who possess most of the hacking and security skills. They are treated with utmost respect in the hackers’ community. Zero day vulnerabilities, serious hacking tools and newly introduced bugs are found and developed by them.

10. _________ are those individuals who maintain and handles IT security in any firm or organization.
a) IT Security Engineer
b) Cyber Security Interns
c) Software Security Specialist
d) Security Auditor

Answer: a
Clarification: This is an intermediary level of position of an individual in an organization or firm who builds and preserves different systems and its associated security tools of the firm of organization to which he/she belongs.

11. Role of security auditor is to ____________
a) secure the network
b) probe for safety and security of organization’s security components and systems
c) detects and prevents cyber attacks and threats to organization
d) does penetration testing on different web applications

Answer: b
Clarification: Security auditors are those who conduct auditing of various computer and network systems on an organization or company and reports the safety and security issues as well as helps in suggesting improvements or enhancements in any particular system that is threat prone.

12. ________ are senior level corporate employees who have the role and responsibilities of creating and designing secured network or security structures.
a) Ethical Hackers
b) Chief Technical Officer
c) IT Security Engineers
d) Security Architect

Answer: d
Clarification: Security architect are those senior grade employees of an organization who are in charge of building, designing, implementing and testing of secured network topologies, protocols as well as secured computers in an organization.

13. __________ security consultants uses database security monitoring & scanning tools to maintain security to different data residing in the database / servers / cloud.
a) Database
b) Network
c) System
d) Hardware

Answer: a
Clarification: Database Security consultants are specific individuals hired in order to monitor and scan the database systems and keep them secured from unwanted threats and attacks by giving access to restricted users, blocking unwanted files, multi-factor access control etc.

14. Governments hired some highly skilled hackers. These types of hackers are termed as _______
a) Special Hackers
b) Government Hackers
c) Cyber Intelligence Agents
d) Nation / State sponsored hackers

Answer: d
Clarification: Nation / State sponsored hackers are specific individuals who are employed or hired by the government of that nation or state and protect the nation from cyber terrorists and other groups or individuals and to reveal their plans, communications and actions.

15. Someone (from outside) who tests security issues for bugs before launching a system or application, and who is not a part of that organization or company are ______
a) Black Hat hacker
b) External penetration tester
c) Blue Hat hacker
d) White Hat Hacker

Answer: c
Clarification: Blue Hat Hackers are outsiders yet security testers who are temporarily hired for performing outsourced security test for bugs and vulnerabilities in any system before launching it to the market or making the application live.

Cyber Security Multiple Choice Questions on “Linux OS and its Security”.

1. _________ is one of the most secured Linux OS that provides anonymity and an incognito option for securing its user data.
a) Fedora
b) Tails
c) Ubuntu
d) OpenSUSE

Answer: b
Clarification: If any user is looking for Linux based security solutions, Tails is one of the most popular Linux-based operating systems that provides anonymity and an incognito option for securing its user data.

2. Which of the following OS does not comes under a secured Linux OS list?
a) Qubes OS
b) Tails
c) Tin Hat
d) Ubuntu

Answer: d
Clarification: Qubes OS, Tails OS, and Tin Hat are amongst the most secured Linux Operating Systems (OS) that provide fast and secure Linux experience along with maintaining anonymity for the users.

3. ____________ is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users’ data private.
a) Fedora
b) Ubuntu
c) Whonix
d) Kubuntu

Answer: c
Clarification: Whonix is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users’ data private. One VM is a Tor Gateway that runs Debian while the other is Workstation.

4. Subgraph OS is a Debian based Linux distro which provides hardcore anonymity and is approved by Edward Snowden.
a) True
b) False

Answer: a
Clarification: Subgraph OS is a secured Debian-based Linux distro which provides hardcore anonymity and is approved by Edward Snowden. It helps the users give anonymous digital experience along with data hardening feature.

5. Which of the following comes under secured Linux based OS?
a) Ubuntu
b) Fedora
c) Kubuntu
d) Tails

Answer: d
Clarification: If any user is looking for Linux based security solutions, Tails is one of the most popular Linux-based operating systems that provide anonymity and incognito option for securing its user data.

6. Using the ______ account of a UNIX system, one can carry out administrative functions.
a) root
b) administrative
c) user
d) client

Answer: a
Clarification: Using the root account of a UNIX system, one can carry out administrative functions in the system. Rest of the accounts in the system are unprivileged, i.e. other accounts have no rights beyond accessing of files having proper permission.

7. In your Linux-based system, you have to log-in with your root account for managing any feature of your system.
a) True
b) False

Answer: b
Clarification: Try to avoid logging in as a root user. In your Linux-based system, you don’t have to log-in with your root account for managing any feature of your system. For the administrative task, you can use the tool or command ‘sudo’ or ‘su’ that gives root privileges.

8. In a Linux-based system, the accounts may be members of 1 or more than one group.
a) True
b) False

Answer: a
Clarification: In a Linux-based system, the accounts may be members of 1 or more groups. If any group has been assigned to access resources, then from the security perspective, one needs to keep in mind that every member of that group gets access to it automatically.

9. MAC is abbreviated as _______________
a) Machine Access Control
b) Mandatory Accounts Control
c) Mandatory Access Controlling
d) Mandatory Access Control

Answer: d
Clarification: Mandatory Access Control systems provides separation of a computer and its OS into several small discrete sections. This is because the user of a system can only utilize those pieces of a system for which they’ve been given permission to.

10. _______________ in a system is given so that users can use dedicated parts of the system for which they’ve been given access to.
a) Machine Access Control
b) Mandatory Accounts Control
c) Mandatory Access Control
d) Mandatory Access Controlling

Answer: c
Clarification: Mandatory Access Control is a technique that provides separation of a computer with its OS into several small discrete sections so that the user of a system can only utilize those pieces of a system for which they’ve been given permission to.

11. DTE is abbreviated as ___________________
a) Domain and Type Enforcing
b) Domain and Type Enforcement
c) DNS and Type Enforcement
d) DNS and Type Enforcing

Answer: b
Clarification: Domain and Type Enforcement is a technique for access-control in technology and in OS like Linux which helps in limiting the access of programs that are running, to limited users, or only to those who have permission to access.

12. RBAC is abbreviated as ______________
a) Rule-Based Accessing Control
b) Role-Based Access Control
c) Rule-Based Access Control
d) Role-Based Accessing Control

Answer: b
Clarification: RBAC which is abbreviated as Role-Based Access Control defines a set of functions for users in a Linux system and is often built on top of DTE systems. Here users can log for certain roles and run particular programs that are apposite for the role.

Cyber Security Multiple Choice Questions & Answers on “Network Models – OSI Model Security”.

1. Which of the following is not a transport layer vulnerability?
a) Mishandling of undefined, poorly defined
b) The Vulnerability that allows “fingerprinting” & other enumeration of host information
c) Overloading of transport-layer mechanisms
d) Unauthorized network access

Answer: d
Clarification: The different vulnerabilities of the Transport layer are mishandling of undefined, poorly defined, Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.

2. Which of the following is not session layer vulnerability?
a) Mishandling of undefined, poorly defined
b) Spoofing and hijacking of data based on failed authentication attempts
c) Passing of session-credentials allowing intercept and unauthorized use
d) Weak or non-existent authentication mechanisms

Answer: a
Clarification: Vulnerabilities of session layer of the OSI model are spoofing and hijacking of data based on failed authentication attempts, weak or non-existent authentication mechanisms, and the passing of session-credentials allowing intercept and unauthorized use.

3. Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a) Physical layer
b) Data-link Layer
c) Session layer
d) Presentation layer

Answer: c
Clarification: Session identification may be subject to spoofing may lead to data leakage which depends on failed authentication attempts and allow hackers to allow brute-force attacks on access credentials.

4. Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a) True
b) False

Answer: a
Clarification: Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets. This type of attacks is done in the transport layer of the OSI model.

5. Which of the following is not an example of presentation layer issues?
a) Poor handling of unexpected input can lead to the execution of arbitrary instructions
b) Unintentional or ill-directed use of superficially supplied input
c) Cryptographic flaws in the system may get exploited to evade privacy
d) Weak or non-existent authentication mechanisms

Answer: d
Clarification: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-directed use of superficially supplied input, and poor handling of unexpected input are examples of presentation layer flaws.

6. Which of the following is not a vulnerability of the application layer?
a) Application design bugs may bypass security controls
b) Inadequate security controls force “all-or-nothing” approach
c) Logical bugs in programs may be by chance or on purpose be used for crashing programs
d) Overloading of transport-layer mechanisms

Answer: d
Clarification: Application design flaws may bypass security controls, inadequate security controls as well as logical bugs in programs may be by chance or on purpose be used for crashing programs. These all are part of application layer vulnerability.

7. Which of the following is an example of Transport layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls

Answer: b
Clarification: Overloading of transport-layer mechanisms is an example of transport layer vulnerability. Other examples of Transport layer vulnerability are mishandling of undefined, poorly defined, Vulnerability that allows “fingerprinting” & other enumeration of host information.

8. Which of the following is an example of session layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls

Answer: a
Clarification: Weak or non-existent mechanisms for authentication is an example of session layer vulnerability. Other examples are spoofing and the hijacking of data based on failed-authentication attempts & passing of session-credentials allowing intercept and unauthorized use.

9. Which of the following is an example of presentation layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) highly complex application security controls
d) poor handling of unexpected input

Answer: d
Clarification: Poor handling of unexpected input is an example of presentation layer vulnerability. Cryptographic flaws may be exploited to circumvent privacy, unintentional use of superficially supplied input are some other examples of presentation layer vulnerability.

10. Which of the following is an example of application layer vulnerability?
a) Cryptographic flaws lead to the privacy issue
b) Very complex application security controls
c) MAC Address Spoofing
d) Weak or non-existent authentication

Answer: b
Clarification: Very complex application security controls can be an example of application layer vulnerability. Inadequate security controls, as well as logical bugs in programs, are some other examples of such type.

Cyber Security Multiple Choice Questions on “Attack Vectors – Trojans and Backdoors”.

1. A ___________ is a small malicious program that runs hidden on infected system.
a) Virus
b) Trojan
c) Shareware
d) Adware

Answer: b
Clarification: A Trojan is a small malicious program that runs hidden on the infected system. They are created with the intent and they infected the system by misleading the user. It works in the background and steals sensitive data.

2. ____________ works in background and steals sensitive data.
a) Virus
b) Shareware
c) Trojan
d) Adware

Answer: c
Clarification: Trojans are malicious files designed to work hidden on the infected system. They are intended to infect the system by misleading the user. It works in the background and steals sensitive information about the target user.

3. By gaining access to the Trojaned system the attacker can stage different types of attack using that ____________ program running in the background.
a) Trojan
b) Virus
c) Antivirus
d) Anti-malware

Answer: a
Clarification: By gaining access to the Trojaned system the attacker can stage different types of attack using that Trojan program running in the background when the infected user’s system goes online.

4. Trojan creators do not look for _______________
a) Credit card information
b) Confidential data
c) Important documents
d) Securing systems with such programs

Answer: d
Clarification: Trojan creators do not look for securing victim’s system with their programs, rather they create such trojans for stealing credit card and financial details as well as important documents and files.

5. Which of them is not a proper way of getting into the system?
a) IM
b) Attachments
c) Official product sites
d) Un-trusted sites, freeware and pirated software

Answer: c
Clarification: Official product sites such as Microsoft’s site giving the option for downloading their updates and OS won’t contain any Trojans. Other than that Trojans can access your system by email attachments, Instant Messaging apps, un-trusted sites & links.

6. Which of the following port is not used by Trojans?
a) UDP
b) TCP
c) SMTP
d) MP

Answer: d
Clarification: MP is not a valid port name and does not have any port number also. But usually, Trojans likeBack Orifice, Deep Throat use UDP port; Trojans like Netbus, Master Paradise uses TCP & SMTP port to gain access to a system.

7. Trojans do not do one of the following. What is that?
a) Deleting Data
b) Protecting Data
c) Modifying Data
d) Copying Data

Answer: b
Clarification: Trojans perform malicious actions and operations. These are to modify data, copy data to its creator, delete data from the infected system or blocking data by carrying ransomware or other malicious programs along with it.

8. Some Trojans carry ransomware with them to encrypt the data and ask for ransom.
a) True
b) False

Answer: a
Clarification: Trojans are usually created to carry out the following actions like: modify data, copy data to its creator, delete data from the infected system or blocking data by carrying ransomware embedded in it.

9. Once activated __________ can enable ____________to spy on the victim, steal their sensitive information & gain backdoor access to the system.
a) virus, cyber-criminals
b) malware, penetration testers
c) trojans, cyber-criminals
d) virus, penetration testers

Answer: c
Clarification: Once activated, trojans can enable cyber-criminals to spy on the victim, steal their sensitive information & gain backdoor access to the system.

10. Trojans can not ______________
a) steal data
b) self-replicate
c) steal financial information
d) steal login credentials

Answer: b
Clarification: A Trojan is a malicious program that runs hidden on the infected system. They are developed with the intent and they infected the system by misleading the user. It works behind the system and steals sensitive data but cannot self-replicate.

11. A _______________ provides malicious users remote control over the targeted computer.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: b
Clarification: A Backdoor Trojan provides malicious users remote control over the targeted computer. These trojans enable the author to perform anything they desire on the infected system which includes sending, receiving, launching & deleting files.

12. _______________ programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: c
Clarification: Trojan-Banker is programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards. They work silently in the back of the system process to steal such data.

13. ______________ perform automated DoS (Denial of Service) attacks on a targeted web address.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: a
Clarification: DDoS Trojan performs automated DoS (Denial of Service) attacks on a targeted web address. By sending multiple requests from your system, it can target different websites which can lead to a Denial of Service attack.

14. Trojan-Downloader is a special type of trojans which can download & install new versions of malicious programs.
a) True
b) False

Answer: a
Clarification: Trojan-Downloader is another type of trojans that can download & install new versions of malicious programs. They work secretly & keep on downloading other malicious programs when the system is online.

15. ____________ work in background & keeps on downloading other malicious programs when the system is online.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader

Answer: d
Clarification: Trojan-Downloader is a special type of trojans that work secretly & keep on downloading other malicious programs when the system is online. They can also download & install new versions of malicious programs.