Category: Cyber Security Objective Questions

Cyber Security Multiple Choice Questions on “Attack Vectors – Social Networking Security”.

1. Which of the following is the most viral section of the internet?
a) Chat Messenger
b) Social networking sites
c) Tutorial sites
d) Chat-rooms

Answer: b
Clarification: Social networking sites are the most used sites and the most viral section of the internet. So users must keep their accounts secure and safe from getting into wrong hands.

2. ____________ type of sites are known as friend-of-a-friend site.
a) Chat Messenger
b) Social networking sites
c) Tutorial sites
d) Chat-rooms

Answer: b
Clarification: Social networking sites are the most used site which acts to connect people for social interaction. So users must keep their accounts secure & safe from getting into wrong hands.

3. Which of the following is not an appropriate measure for securing social networking accounts?
a) Strong passwords
b) Link your account with a phone number
c) Never write your password anywhere
d) Always maintain a soft copy of all your passwords in your PC

Answer: d
Clarification: ‘Always maintain a soft copy of all your passwords in your PC’ is not an appropriate measure for securing your online accounts because, if your system got accessed by anyone or anybody put spyware or screen-recording malware, then all your passwords will get revealed.

4. Which of them is a proper measure of securing social networking account?
a) Never keep your password with any relevant names
b) Keep written records of your passwords
c) Keep records of your password in audio format in your personal cell-phone
d) Passwords are kept smaller in size to remember

Answer: a
Clarification: Never keep your password with any relevant names because there are different types of hackers who either use password guessing techniques or some of them are hard-working and they do social engineering and research on different data associated to the victim.

5. If hackers gain access to your social media accounts, they can do some illicit or shameless act to degrade your reputation.
a) True
b) False

Answer: a
Clarification: Yes, there are script-kiddies or young-hackers who start their hacking career by cracking simple & weak passwords to enlighten their skills to others. These hackers may gain access to your social media accounts & can do some illicit or shameless act on behalf of your name to degrade your reputation.

6. ________________ is a popular tool to block social-media websites to track your browsing activities.
a) Fader
b) Blur
c) Social-Media Blocker
d) Ad-blocker

Answer: b
Clarification: Blur is a free browser extension and a popular tool used to block social-media websites to track your browsing activities & prevent users from these surfing pattern stealers.

7. Try to keep your passwords without meaning so that _____________ attack becomes almost impossible to perform successfully.
a) social engineering
b) phishing
c) password guessing
d) brute force

Answer: c
Clarification: Try to keep your passwords without meaning so that password guessing attack becomes almost impossible to perform successfully. This will reduce the potential to do both passwords guessing as well as dictionary attacks.

8. Keeping the password by the name of your pet is a good choice.
a) True
b) False

Answer: b
Clarification: Keeping the password by the name of your pet is not at all a good choice. Because they do social engineering & research on different data associated with you as a victim and will perform password guessing techniques.

9. Increase your security for social media account by always ____________ as you step away from the system.
a) signing in
b) logging out
c) signing up
d) logging in

Answer: b
Clarification: Increase your security for social media account by always logging out as you step away from the system. This will reduce both remote hacking as well as physical hacking.

10. Clicking on enticing Ads can cause trouble.
a) True
b) False

Answer: a
Clarification: Clicking on enticing Ads can cause trouble. Viruses & malware frequently find their mode of entering onto the victim computer through these annoying & enticing ads.

11. Strangers cannot cause much trouble if we connect to them over social media.
a) True
b) False

Answer: b
Clarification: Strangers can cause huge trouble if we connect to them or chat with them without knowing exact details or whether the account is genuine or not. The stranger may send infected links which you might click and will redirect you to infected sites.

12. Part of the social media sites are the various games & 3^rd party applications which helps ______________ to get access to your data.
a) ethical hackers
b) penetration testers
c) security auditors
d) cyber-criminals

Answer: d
Clarification: Part of the social media sites are the various games & 3^rd party applications which help cyber criminals to get access to your data. In this way, they can compromise your account or grab your valuable & confidential data.

13. Many social media sites and services provide _______________ for legitimate account verification.
a) Retina scanning
b) Fingerprint scanning
c) CAPTCHA
d) 2-step verification

Answer: d
Clarification: With 2-Step Verification (which is also known as 2-factor authentication), users can add an extra layer of security to your account. After login, it asks for your existing phone number to send an OTP for layer-2 verification.

14. Scanning your system and destroying suspicious files can reduce risks of data compromise or leakage of compromised data over social media.
a) True
b) False

Answer: a
Clarification: Scanning your system and destroying suspicious files can reduce risks of data compromise or leakage of compromised data over social media. There are different website caches and bots that gets automatically downloaded to your system when you open different social-media sites and they store your sensitive data related to your social media account.

15. Different social media services offer tips as of how to use their services and site, still maintaining a high altitude of security.
a) True
b) False

Answer: a
Clarification: Different social media services offer tips as of how to use their services and site, still maintaining a high altitude of security. Every user must use those links to educate themselves and learn various features towards social-media security.

Cyber Security Multiple Choice Questions on “Cyber Attacks Types”.

1. The full form of Malware is ________
a) Malfunctioned Software
b) Multipurpose Software
c) Malicious Software
d) Malfunctioning of Security

Answer: c
Clarification: Different types of harmful software and programs that can pose threats to a system, network or anything related to cyberspace are termed as Malware. Examples of some common malware are Virus, Trojans, Ransomware, spyware, worms, rootkits etc.

2. Who deploy Malwares to a system or network?
a) Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
b) Criminal organizations, White hat hackers, malware developers, cyber-terrorists
c) Criminal organizations, Black hat hackers, software developers, cyber-terrorists
d) Criminal organizations, gray hat hackers, Malware developers, Penetration testers

Answer: a
Clarification: Criminal-minded organizations, groups and individuals cyber-terrorist groups, Black hat hackers, malware developers etc are those who can deploy malwares to any target system or network in order to deface that system.

3. _____________ is a code injecting method used for attacking the database of a system / website.
a) HTML injection
b) SQL Injection
c) Malicious code injection
d) XML Injection

Answer: b
Clarification: SQLi (Structured Query Language Injection) is a popular attack where SQL code is targeted or injected; for breaking the web application having SQL vulnerabilities. This allows the attacker to run malicious code and take access to the database of that server.

4. XSS is abbreviated as __________
a) Extreme Secure Scripting
b) Cross Site Security
c) X Site Scripting
d) Cross Site Scripting

Answer: d
Clarification: Cross Site Scripting is another popular web application attack type that can hamper the reputation of any site.

5. This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?
a) SQL injection
b) HTML Injection
c) Cross Site Scripting (XSS)
d) Cross Site Request Forgery (XSRF)

Answer: c
Clarification: XSS attack can be infused by putting the malicious code (which gets automatically run) in any comment section or feedback section of any webpage (usually a blogging page). This can hamper the reputation of a site and the attacker may place any private data or personal credentials.

6. When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
a) Database crash attack
b) DoS (Denial of Service) attack
c) Data overflow Attack
d) Buffer Overflow attack

Answer: d
Clarification: The Buffer overflow attack takes place when an excessive amount of data occurs in the buffer, which it cannot handle and lead to data being over-flow into its adjoined storage. This attack can cause a system or application crash and can lead to malicious entry-point.

7. Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called ___________
a) Session Hijacking
b) Session Fixation
c) Cookie stuffing
d) Session Spying

Answer: a
Clarification: Using session hijacking, which is popularly known as cookie hijacking is an exploitation method for compromising the user’s session for gaining unauthorized access to user’s information.

8. Which of this is an example of physical hacking?
a) Remote Unauthorised access
b) Inserting malware loaded USB to a system
c) SQL Injection on SQL vulnerable site
d) DDoS (Distributed Denial of Service) attack

Answer: b
Clarification: If a suspicious gain access to server room or into any confidential area with a malicious pen-drive loaded with malware which will get triggered automatically once inserted to USB port of any employee’s PC; such attacks come under physical hacking, because that person in gaining unauthorized physical access to any room or organization first, then managed to get an employee’s PC also, all done physically – hence breaching physical security.

9. Which of them is not a wireless attack?
a) Eavesdropping
b) MAC Spoofing
c) Wireless Hijacking
d) Phishing

Answer: d
Clarification: Wireless attacks are malicious attacks done in wireless systems, networks or devices. Attacks on Wi-Fi network is one common example that general people know. Other such sub-types of wireless attacks are wireless authentication attack, Encryption cracking etc.

10. An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
a) Cyber-crime
b) Cyber Attack
c) System hijacking
d) Digital crime

Answer: b
Clarification: Cyber attack is an umbrella term used to classify different computer & network attacks or activities such as extortion, identity theft, email hacking, digital spying, stealing hardware, mobile hacking and physical security breaching.

11. Which method of hacking will record all your keystrokes?
a) Keyhijacking
b) Keyjacking
c) Keylogging
d) Keyboard monitoring

Answer: c
Clarification: Keylogging is the method or procedure of recording all the key strokes/keyboard button pressed by the user of that system.

12. _________ are the special type of programs used for recording and tracking user’s keystroke.
a) Keylogger
b) Trojans
c) Virus
d) Worms

Answer: a
Clarification: Keyloggers are surveillance programs developed for both security purpose as well as done for hacking passwords and other personal credentials and information. This type of programs actually saves the keystrokes done using a keyboard and then sends the recorded keystroke file to the creator of such programs.

13. These are a collective term for malicious spying programs used for secretly monitoring someone’s activity and actions over a digital medium.
a) Malware
b) Remote Access Trojans
c) Keyloggers
d) Spyware

Answer: d
Clarification: Spyware is professional malicious spying software that is hard to detect by anti-malware or anti-virus programs because they are programmed in such a skillful way. These types of software keep on collecting personal information, surfing habits, surfing history as well as credit card details.

14. Stuxnet is a _________
a) Worm
b) Virus
c) Trojan
d) Antivirus

Answer: a
Clarification: Stuxnet is a popular and powerful worm that came into existence in mid 2010, which was very powerful as it was accountable for the cause of huge damage to Iran’s Nuclear program. It mainly targets the PLCs (Programmable Logic Controllers) in a system.

15. ___________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise harms anyone in order to accomplish political gain.
a) Cyber-warfare
b) Cyber campaign
c) Cyber-terrorism
d) Cyber attack

Answer: c
Clarification: Cyber- terrorism is the term used to describe internet terrorism, where individuals and groups are anonymously misusing ethnicities, religions as well as threaten any technology user, which may lead to even loss of life.

Cyber Security Multiple Choice Questions on “Buffer Overflow”.

1. A __________ is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers.
a) stack
b) queue
c) external storage
d) buffer

Answer: d
Clarification: A buffer is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers. The buffer can handle data only if limited data is inserted.

2. In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
a) Phishing
b) MiTM
c) Buffer-overflow
d) Clickjacking

Answer: c
Clarification: In a buffer-overflow attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.

3. How many types of buffer-overflow attack are there?
a) 4
b) 2
c) 5
d) 3

Answer: b
Clarification: There are two different types of buffer-overflow attack. These are stack-based and heap-based buffer overflow. In both the cases, this type of exploit takes advantage of an application that waits for user’s input.

4. Let suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________
a) buffer
b) external storage
c) processing power
d) local storage

Answer: a
Clarification: In a scenario, where to suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually, this is because of the limited buffer.

5. ______________ is a widespread app’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
a) Memory leakage
b) Buffer-overrun
c) Less processing power
d) Inefficient programming

Answer: b
Clarification: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.

6. Buffer-overflow is also known as ______________
a) buffer-overrun
b) buffer-leak
c) memory leakage
d) data overflow

Answer: a
Clarification: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by app developers which could be exploited by an attacker for gaining access or malfunctioning your system.

7. Buffer-overflow may remain as a bug in apps if __________ are not done fully.
a) boundary hacks
b) memory checks
c) boundary checks
d) buffer checks

Answer: c
Clarification: Buffer-overflow may remain as a bug in apps if boundary checks are not done fully by developers or are skipped by the QA (Quality Assurance) testers of the software development team.

8. Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.
a) C, Ruby
b) Python, Ruby
c) C, C++
d) Tcl, C#

Answer: c
Clarification: Applications developed by programming languages like C and C++ have this common buffer-overflow error. The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data.

9. Why apps developed in languages like C, C++ is prone to Buffer-overflow?
a) No string boundary checks in predefined functions
b) No storage check in the external memory
c) No processing power check
d) No database check

Answer: a
Clarification: The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data fetched from some other variable holding larger data.

10. Old operating systems like _______ and NT-based systems have buffer-overflow attack a common vulnerability.
a) Windows 7
b) Chrome
c) IOS12
d) UNIX

Answer: d
Clarification: Old operating systems like UNIX and NT-based systems have buffer-overflow attack a common vulnerability. This is because they were developed in old programming languages.

Cyber Security Multiple Choice Questions on “Network Models – TCP-IP Model Security”.

1. TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together.
a) True
b) False

Answer: a
Clarification: TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together. Each layer is composed of header and payload.

2. TCP/IP is composed of _______ number of layers.
a) 2
b) 3
c) 4
d) 5

Answer: c
Clarification: TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together. Each layer is composed of header and payload.

3. Trusted TCP/IP commands have the same needs & go through the identical verification process. Which of them is not a TCP/IP command?
a) ftp
b) rexec
c) tcpexec
d) telnet

Answer: c
Clarification: Trusted TCP/IP commands such as ftp, rexec and telnet have the same needs & go through the identical verification process. Internet & TCP/IP are often implemented synonymously.

4. Connection authentication is offered for ensuring that the remote host has the likely Internet Protocol (IP) ___________ & _________
a) address, name
b) address, location
c) network, name
d) network, location

Answer: a
Clarification: Connection authentication is offered for ensuring that the remote host has the likely Internet Protocol (IP)’s address & name. This avoids a remote host to masquerade as an added remote host.

5. Application layer sends & receives data for particular applications using Hyper Text Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP).
a) True
b) False

Answer: a
Clarification: Application layer sends & receives data for particular applications using HyperText Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP). Hence, data encryption for HTTP and SMTP is important.

6. TLS vulnerability is also known as Return of Bleichenbacher’s Oracle Threat.
a) True
b) False

Answer: a
Clarification: Return of Bleichenbacher’s Oracle Threat is a transport layer vulnerability that allows an attacker to get hold of the RSA key essential to decrypt TLS traffic below certain conditions.

7. RoBOT is abbreviated as ___________
a) Return of Bleichenbacher’s Oracle Team
b) Rise of Bleichenbacher’s Oracle Threat
c) Return of Bleichenbacher’s Operational Threat
d) Return of Bleichenbacher’s Oracle Threat

Answer: d
Clarification: Return of Bleichenbacher’s Oracle Threat is a transport layer vulnerability that allows an attacker to get hold of the RSA key essential to decrypt TLS traffic below certain conditions.

8. There are __________ different versions of IP popularly used.
a) 2
b) 3
c) 4
d) 5

Answer: a
Clarification: There are two different versions of IPs used popularly over the internet. These are IPv4 and IPv6. IPv4 is a 32-bits numeric address written in decimal with 4 numbers separated by dots whereas IPv6 addresses are 128-bits written in hexadecimal & separated by colons.

9. ____________ is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.
a) TCP Spoofing
b) TCP Blind Spoofing
c) IP Spoofing
d) IP Blind Spoofing

Answer: b
Clarification: TCP Blind Spoofing is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.

10. ___________ is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server.
a) SYN flooding attack
b) ACK flooding attack
c) SYN & ACK flooding attack
d) Packet flooding attack

Answer: a
Clarification: SYN flooding attack is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server. The SYN & ACK segments need to begin in a TCP connection.

11. Which of them is not an attack done in the network layer of the TCP/IP model?
a) MITM attack
b) DoS attack
c) Spoofing attack
d) Shoulder surfing

Answer: d
Clarification: MITM, Denial of Service (DoS), and spoofing attacks are possible in the network layer of the TCP/IP model. It is important to secure the network layer as it is the only means to make certain that your application is not getting flooded with attacks.

12. Which of them is not an appropriate method of router security?
a) Unused ports should be blocked
b) Unused interfaces and services should be disabled
c) Routing protocol needs to be programmed by security experts
d) Packet filtering needs to be enabled

Answer: c
Clarification: Unused ports should be blocked, Unused interfaces and services should be disabled, and Packet filtering needs to be enabled are some of the security measures that need to be taken for the routers.

13. Which 2 protocols are used in the Transport layer of the TCP/IP model?
a) UDP and HTTP
b) TCP and UDP
c) HTTP and TCP
d) ICMP and HTTP

Answer: b
Clarification: The transport layer can voluntarily declare the consistency of communications. Transmission Control Protocol (TCP) & User Datagram Protocol (UDP) are the most common transport layer protocols.

14. Which of the protocol is not used in the network layer of the TCP/IP model?
a) ICMP
b) IP
c) IGMP
d) HTTP

Answer: d
Clarification: Internet Control Message Protocol (ICMP), Internet Protocol (IP) and Internet Group Management Protocol (IGMP) are used in the network layer. HTTP is used in application layer of TCP/IP model.

15. ____________ protocol attack is done in the data-link layer.
a) HTTP
b) DNS
c) TCP/IP
d) POP

Answer: b
Clarification: DNS protocol attack is done in the application layer of the TCP/IP model which allows attackers to modify DNS records in order to misdirect user traffic and land them in some malicious or spoofed address.

Cyber Security Questions and Answers for Aptitude test on “Attack Vectors – Trojans and Backdoors”.

1. A/an ___________ is a program that steals your logins & passwords for instant messaging applications.
a) IM – Trojans
b) Backdoor Trojans
c) Trojan-Downloader
d) Ransom Trojan

Answer: a
Clarification: An IM Trojan is a program that steals your logins & passwords for instant messaging applications. It popularly attacked apps like AOL, Yahoo Pager, and Skype with vulnerabilities.

2. _____________ can modify data on your system – so that your system doesn’t run correctly or you can no longer access specific data, or it may even ask for ransom in order to give your access.
a) IM – Trojans
b) Backdoor Trojans
c) Trojan-Downloader
d) Ransom Trojan

Answer: d
Clarification: Ransom Trojan can modify data on your system – so that your system doesn’t run correctly or you can no longer access specific data, or it may even ask for ransom in order to give your access.

3. The ______________ can cost you money, by sending text messages from your mobile phone numbers.
a) IM – Trojans
b) Backdoor Trojans
c) SMS Trojan
d) Ransom Trojan

Answer: c
Clarification: The SMS Trojans can cost you money, by sending text messages from your mobile phone numbers. These generally target the smart-phones & some of them are designed to send their own composed SMS also, to embarrass the receiver as well as the sender of the SMS.

4. Trojan-Spy programs can keep an eye on how you are using your system.
a) True
b) False

Answer: a
Clarification: Trojan-Spy programs can keep an eye on how you are using your system. These are one of the most notorious silent observers which even track your browsing data and record your behaviour. Also, it keeps track of all the programs you use.

5. A ___________ is a method in which a computer security mechanism is bypassed untraceable for accessing the computer or its information.
a) front-door
b) backdoor
c) clickjacking
d) key-logging

Answer: b
Clarification: Using backdoors hackers can breach computer security mechanism for accessing the computer or its information. This type of code usually comes attached with Trojans.

6. A _________________ may be a hidden part of a program, a separate infected program a Trojan in disguise of an executable or code in the firmware of any system’s hardware.
a) crypter
b) virus
c) backdoor
d) key-logger

Answer: c
Clarification: A backdoor may be a hidden part of a program, a separate infected program a Trojan in disguise of an executable or code in the firmware of any system’s hardware.

7. Backdoors cannot be designed as ______________
a) the hidden part of a program
b) as a part of Trojans
c) embedded code of the firmware
d) embedded with anti-malware

Answer: d
Clarification: Cyber-criminals use backdoors as a means through which they can bypassed security postures untraceable. They may be a hidden part of a program, a separate infected program a Trojan in disguise of an executable or code in the firmware of any system’s hardware.

8. Trojans having backdoors are harmless.
a) True
b) False

Answer: b
Clarification: Backdoor trojans can cause huge damage as this is a method used by hackers to breach computer security mechanism. These types of code usually come attached with Trojans programs and can steal your personal data.

9. The threat of backdoors started when ____________ & ____________ OSs became widely accepted.
a) single-user, Windows
b) multiuser, networked
c) single-user, UNIX
d) multiuser, UNIX

Answer: b
Clarification: Hackers take the help of backdoor to breach security mechanism & bypassed for stealing different types of information from the target system. The threat of backdoors started when multiuser & networked OS became widely accepted.

10. Backdoors are also known as ______________
a) Malware-doors
b) Trojan-backups
c) Front-doors
d) Trapdoors

Answer: d
Clarification: Trapdoors popularly known as backdoors are used my cyber-criminals as a method in which a system’s security methods can be bypassed untraceable.

11. __________ is a powerful RAT build using the language Delphi 7.
a) Stuxnet
b) T-Bomb
c) Beast
d) Zeus

Answer: c
Clarification: Beast is a powerful RAT build using the language Delphi 7. One special feature of Beast is that it can help attackers to create all types of Trojans & it has capabilities of multiple Trojan types.

12. Which of the following is a remote Trojan?
a) Troya
b) DaCryptic
c) BankerA
d) Game-Troj

Answer: a
Clarification: Trojan is a small malicious program that runs hidden on the infected system. They are created with the intent and they infected the system by misleading the user. Troya is a remote Trojan that works remotely for its creator.

Cyber Security Multiple Choice Questions on “Attack Vectors – Spamming”.

1. ______________ is populating the inbox of any target victim with unsolicited or junk emails.
a) Phishing
b) Spamming
c) Hooking
d) DoS

Answer: b
Clarification: Spamming is populating the inbox of any target victim with unsolicited or junk emails. These junk emails may contain malicious computer programs that may harm the recipient.

2. _________________ technique is also used in product advertisement.
a) Phishing
b) Cookies
c) e-Banners
d) Spamming

Answer: c
Clarification: Spamming attack over-fills the mail box of the target victim with unwanted spontaneous emails. The technique is also used in product advertisement through mass mailing.

3. Which of the following is not a technique used by spanners?
a) Spoofing the domain
b) Sending attached virus in spams
c) Junk tags associated with spam-emails
d) Making important deals through such emails

Answer: d
Clarification: Spoofing the domain, sending attached virus & junk tags associated with spam-emails are some of the techniques used by spammers. Spam is one of the popular attack techniques.

4. ___________ are used which crawl web pages looking for email Ids and copies them to the database.
a) Caches
b) Cookies
c) Bots
d) Spiders

Answer: d
Clarification: Spiders also known as crawlers are used which crawl different web pages looking for email Ids and copies them to the database. These emails are collected together and used for the purpose of spamming.

5. Which of the following is not a proper way of how spammers get the email Ids?
a) When a user registers to online services, blogs, and sites
b) Databases formed by spiders fetching email Ids from different sources
c) From offline form fill-up documents
d) Online ad-tracking tools

Answer: c
Clarification: Spammers can get email IDs from sources such as data when a user registers to online services, blogs, and sites, databases formed by spiders fetching email Ids from different sources, online ad-tracking tools, email-ID extraction tools, spyware and cookies etc.

6. There are ___________ major ways of spamming.
a) 4
b) 2
c) 3
d) 5

Answer: b
Clarification: There are two major ways of spamming. First, by Usenet spam, where a single message is sent to more than 50 recipients or more Usenet newsgroup, which has become old form of attack. The second one is by email-spam which target individual users and tools are used to send spams directly to them.

7. There are _______ types of spamming.
a) 3
b) 4
c) 5
d) 6

Answer: d
Clarification: Spam attack populates the mail-box of any victim with unwanted emails. There are 6 types of spamming attack. These are by hidden text and links, double-tags, cloaking, blog & wiki spams, image spamming, and page-jacking.

8. Which of the following is not a type of spamming attack?
a) Page-jacking
b) Image spamming
c) Spear phishing
d) Blog & wiki spamming

Answer: c
Clarification: Spear phishing is not an example of a spamming attack. Hidden text & links, double-tags, cloaking, blog & wiki spams, image spamming, and page-jacking are types of spamming attack.

9. Which of the following is not a bulk emailing tool?
a) Fairlogic Worldcast
b) 123 Hidden sender
c) YL Mail Man
d) NetCut

Answer: d
Clarification: Bulk emailing tools are used for sending spams and emails in an uncountable number to flood the recipient’s inbox with junk emails. Fairlogic Worldcast, 123 Hidden sender, YL Mail Man, Sendblaster are examples of bulk emailing tool.

10. Which of the following is not a bulk emailing tool?
a) Wireshark
b) Sendblaster
c) Direct Sender
d) Hotmailer

Answer: a
Clarification: There are tools and applications used for sending spams and emails in a huge number for flooding the recipient’s inbox with unwanted emails. Sendblaster, direct Sender, hotmailer are examples of bulk emailing tool.

11. Which of the following is not an anti-spam technique?
a) Signature-based content filtering
b) DNS routing
c) Bayesian Content Filtering
d) Collaborative content filtering

Answer: b
Clarification: Anti-spamming techniques help in reducing the spamming of unwanted messages and emails. Signature-based content filtering, Bayesian Content Filtering, and collaborative content filtering are examples of anti-spam technique.

12. Which of the following is not an anti-spam technique?
a) Reputation control
b) Sender policy framework
c) DNS-based block-list
d) Domain-based blocking

Answer: d
Clarification: The techniques used in dropping the spamming of unwanted messages and emails. Reputation control, sender policy framework, DNS-based block-list are some of the anti-spamming techniques.

13. ___________ is a tool used as spam filter in association with email programs and automatically intercepts spam emails.
a) Nessus
b) SpamExpert Desktop
c) Spam-Rescurer
d) Burp-Suite

Answer: b
Clarification: SpamExpert Desktop is a tool used as a spam filter in association with email programs and automatically intercepts spam emails. It is not keyword dependent for detecting spams; rather it checks the email content.

14. Which of the following is not an anti-spamming tool or system?
a) Spam-Eater Pro
b) SpyTech Spam Agent
c) SpamExperts Desktop
d) Anti-spyware Tech

Answer: d
Clarification: Some anti-spamming tools and systems that can be used for preventing your email from spamming are Spam-Eater Pro, SpyTech Spam Agent, SpamExperts Desktop etc.