70 most frequently asked Information and Cyber Security mcq

Information and Cyber Security multiple choice questions, Cyber Security multiple choice questions, Information and Cyber Security mcq, Information and Cyber Security mcq questions and answers
Information and Cyber Security mcq

70 most important Information and cyber security (ICS) multiple choice questions. These ICS mcq questions are meant for online exams of various universities. The below cyber security mcq questions can also be asked for interviews. We are planning to provide you ics mcq pdf along with the other study material.

Information and Cyber Security multiple choice questions (mcq)

Q.1. What is the full form of LDAP?
A : Light Weight Directory Access Provider
B : Light Weight Directory Access Protocol
C : Light Weight Directory Access Program
D : Light Weight Directory Access Protection

Advertisement

Light Weight Directory Access Protocol

Q.3. What is the full form of CIA under information security?
A : Confidentiality Integrity Availability
B : Criminal Investigation Agency
C : Cost Information Agency
D : Credit Integrity Assement

Confidentiality Integrity Availability

Q.4. What is called periodic assessment of security vulnerability in computer system?
A : Threat
B : Attack
C : Hacking
D : Security audit

Advertisement

Security audit

Q.5. What is called a single point of access for several networking services?
A : Phishing
B : Web service
C : Directory service
D : Worms

Advertisement

Directory service

Q.6. Which activities endanger the sovereignty and integrity of nation?
A : Cyber Terrorism
B : Cyber vandalism
C : Cyber squatting
D : Carding

Cyber Terrorism

Q.8. Which method go through all the files or network elements with an intention to detect something unusual?
A : Probing
B : Phishing
C : Infecting
D : Scanning

Advertisement

Scanning

Q.9. Victims of cyber attack might loose _______.
A : data
B : money
C : both a & b
D : none of them

Advertisement

both a & b

Q.10. Under information security, any device having _______is classified as a computing device.
A : processor
B : memory
C : both a & b
D : neither a nor b

both a & b

Q.

Advertisement

A : Worms
B : Phishing attacks
C : Trojans
D : Computer Viruses

Worms

Q.13. Attacking the victims through fake URL resembling that of a valid financial Institution is called_____ .
A : Worms
B : Phishing attack
C : Trojans
D : Computer Viruses

Phishing attack

Q.14. Getting the user ID and password from a victim through dubious program is called_____attack.
A : Worms
B : Phishing attack
C : Trojan
D : Computer Viruses

Advertisement

Trojan

Q.15. A malicious program spreading through Internet and storage media and attacking the data in victims computer is called_______.
A : Worms
B : Phishing attack
C : Trojan
D : Computer Virus

Computer Virus

Q.16. Potential weaknesses in IT infrastructure through which a cyber attack might occur is called __.
A : strength
B : antivirus
C : vulnerability
D : port

vulnerability

Q.17. Vulnerability for cyber attack may be in______.
A : operating system
B : application software
C : IT infrastructure
D : all of them

Advertisement

all of them

Q.18. To protect the network infrastructure from vulnerability, _____ is setup.
A : firewall
B : Internet security software
C : both a & b
D : none of them

both a & b

Q.19. The person using vulnerability in operating system or application software or IT infrastructure to intrude in to the computer of a victim is called ______ .
A : hacker
B : cracker
C : maker
D : taker

Advertisement

hacker

Q.20. Periodic assessment of security vulnerability in computer systems is called _______audit.
A : threat
B : attack
C : hacking
D : security

security

Q.21. The security audit team______ to keep the computers safe from cyber attacks.
A : assesses vulnerability
B : decides the safety measures through hardware and software
C : considers latest threat scenario and implements information safety
D : all of them

all of them

Q.22. To ensure information safety, ________should be implemented.
A : physical access security
B : password access security
C : secure IT infrastructure
D : all of them

all of them

Q.23. A single point of access for several networking services is called _____.
A : Directory Service
B : web server
C : email server
D : none of them

Advertisement

Directory Service

Q.24. Directory service permits security administrators to ______.
A : concentrate on security of directory service instead of individual machines
B : create new vulnerabilities
C : damage the security of computers
D : create new virus

concentrate on security of directory service instead of individual machines

Q.25. Directory service should be able to _______in the infrastructure.
A : include new services
B : esaily search for information in the network
C : the information stored on the directory server should be accessible from any operating system
D : all of them

all of them

Q.27. Protecting access to a computer through________ is called access control.
A : physical restriction of entry
B : password security for login
C : both a & b
D : none of them

Advertisement

both a & b

Q.28. Security should be implemented at the stage of ______in software.
A : development stage
B : entire life cycle
C : Sofware Development Life Cycle (SDLC)
D : all of them

all of them

Q.29. SDLC in software development stands for _____.
A : Software Development Life Circus
B : Software Development Life Cycle
C : Software Drafting Life Cycle
D : Software Development Lead Cycle

Software Development Life Cycle

Q.30. Protection from______ of source code means non-disclosure of the source code to outsiders.
A : disclosure
B : alteration
C : destruction
D : log of changes (whois making request)

Advertisement

disclosure

Q.31. Protection from ______of source code means alloting the right to edit the source code to authorized persons only.
A : disclosure
B : alteration
C : destruction
D : log of changes (whois making request)

alteration

Q.32. Protection from _______of source code means protection of any individual from destroying the software source code.
A : disclosure
B : alteration
C : destruction
D : log of changes (whois making request)

destruction

Q.33. Protection from ________of source code means recording all changes made to the source code and the person making such changes.
A : disclosure
B : alteration
C : destruction
D : log of changes (who is making request)

Advertisement

D : log of changes (who is making request)

Q.32. _______of access rights in source code development means verification of role before permitting access to source code.
A : verification
B : maintaining historical records
C : error handling
D : log of changes (whois making request)

verification

Q.34. _____in source code development means handling of configuration errors, session errors and exceptions.
A : verification
B : maintaining historical records
C : error handling
D : log of changes (whois making request)

error handling

Q.35. Protecting the data divulged by customers from unauthorized access is called____.
A : privacy protection
B : audit
C : antinvirus
D : vulnerability

privacy protection

Q.36. Information on criminal records of individuals, financial data of companies, genetic information, address, mobile number, email ID, record of web surfing behaviour, record of credit card, record of debit card, netbanking details, etc. are classified under ______.
A : privacy protection
B : audit
C : antinvirus
D : vulnerability

Advertisement

privacy protection

Q.37. Information security audit may be conducted with reference to _____ .
A : vulnerabilities
B : threats
C : preventive measures
D : all of them

all of them

Q.38. Information security audit analyses events of past threats to formulate _____.
A : security measures
B : safe practices
C : software protection
D : all of them

all of them

Q.39. Any single employee ______hold all data needed for making a complete financial transaction.
A : should not
B : should
C : may
D : might

should not

Q.40. IT audit of the firm should be conducted periodically, which may be every______ .
A : fortnight
B : month
C : quarter
D : all of them

Advertisement

all of them

Q.41. IT act aims to_______ .
A : protect victims of cyber fraud
B : punish misbehious involving technology
C : both a & b
D : none of them

both a & b

Q.64. _____ can keep unwanted ads to show up?
A : Adware
B : Hardware
C : Malware
D : Spyware

Adware

Q.65. There are broadly how many categories of IT risks?
A : 3
B : 5
C : 2
D : 7

Q.66. ______ servers provides a central storeroom for storing and managing information?
A : Clint
B : Directory
C : Post
D : Group

Advertisement

Directory

Q.67. ______ generally refers to a system that can control, monitor and restrict the movement of people, assets or vehicles, in, out and around a building or site?
A : Access control
B : Security Guard
C : Form Denial
D : None

Access control

Q.68. Which chapter of the IT awareness Act talks about electronic governance?
A : 4
B : 3
C : 2
D : 1

3

Q.69. Chapter 7 of the IT awareness act deals with?
A : E- Commerce
B : Electronic Governance
C : Digital Signature
D : None

Digital Signature

Q.70. Which chapter of the IT awareness act talks about penalities and adjudication?
A : 5
B : 7
C : 11
D : 9

9

Q.71. The IT awareness act addresses which of the following issues?
A : Legal recognition of electronic documents
B : Legal Recognition of digital signatures
C : Offenses and contraventions
D : All of the above

All of the above

Q.72. Why would a hacker use a proxy server?
A : To create a stronger connection with the target
B : To create a ghost server on the network.
C : To obtain a remote access connection.
D : To hide malicious activity on the network.

To hide malicious activity on the network.

Q.73. What type of symmetric key algorithm using a streaming cipher to encrypt information?
A : RC4
B : Blowfish
C : SHA
D : MD5

RC4

Q.74. Which of the following is not a factor in securing the environment against an attack on security?
A : The education of the attacker
B : The system configuration
C : The network architecture
D : The business strategy of the company

The business strategy of the company

Q.75. What type of attack uses a fraudulent server with a relay address?
A : NTLM
B : MITM
C : NetBIOS
D : SMB

Advertisement

MITM

Q.76. To hide information inside a picture, what technology is used?
A : Rootkits
B : Bitmapping
C : Steganography
D : Image Rendering

Steganography

Q.77. Which phase of hacking performs actual attack on a network or system?
A : Reconnaissance
B : Maintaining Access
C : Scanning
D : Gaining Access

Gaining Access

Q.79. Which federal code applies the consequences of hacking activities that disrupt subway transit system?
A : Electronic Communications Interception of Oral Communications
B : 18 U.S.C $ 1029
C : Cyber security Enhancement Act 2002
D : 18 U.S.C. $ 1030

Advertisement

Cyber security Enhancement Act 2002

Q.80. Which ports should be blocked to prevent null session enumeration?
A : Port 120 and 445
B : Port 135 and 136
C : Port 110 and 137
D : Port 135 and 139

Port 135 and 139

Q.81.The first phase of hacking an IT system is compromise of which foundation of security?
A : Availability
B : Confidentiality
C : Integrity
D : Authentication

Confidentiality

Q.82. How is IP address spoofing detected?
A : Installing and configuring a IDS that can read the IP header
B : Comparing the TTL value of the actual and spoofed addresses
C : Implementing a firewall to the network
D : Identify all TCP sessions that are initiated but does not complete successfully

Comparing the TTL value of the actual and spoofed addresses

Q.83. Which of the following is not a typical characteristic of an ethical hacker?
A : Excellent knowledge of windows.
B : Understands the process of exploiting network vulnerabilities.
C : patience, persistence and perseverance.
D : Has the highest level of security for the organization.

Has the highest level of security for the organization.

Q.84. What type of rootkit will patch, hook, or replace the version of system call in order to hide information?
A : Library level rootkits
B : Kernel level rootkits
C : System level rootkits
D : Application level rootkits

Library level rootkits

Q.85. What is the purpose of a Denial service attack?
A : Exploit a weakness in the TCP/IP stack
B : To execute a Trojan on a system
C : To overload a system so it is no longer operational
D : To shutdown services by turning them off

To overload a system so it is no longer operational

Q.86. Which of the following will allow footprinting to be conducted without detection?
A : PingSweep
B : Traceroute
C : War Dialers
D : ARIN

Advertisement

ARIN

Q.87. Performing hacking activities with the intent of gaining visibility for an unfair situation is called_______.
A : Cracking
B : Analysis
C : Hacktivism
D : Exploitation

Hacktivism

Q.88. What is the most important activity in system hacking?
A : Information gathering
B : Cracking passwords
C : Escalating privileges
D : Covering tracks

Cracking passwords

Q.90. Why would HTTP Tunneling be used?
A : To identify proxy servers
B : Web activity is not scanned
C : To bypass a firewall
D : HTTP is a easy protocol to work with

To bypass a firewall

Q.91. Keyloggers are a form of _______.
A : Spyware
B : Shoulder surfing
C : Trojan
D : Social engineering

Advertisement

Spyware

Q.94. Having individuals provide personal information to obtain a free offer provided through the internet is considered what type of social engineering?
A : Web-based
B : Human-base
C : User-based
D : Computer-based

Computer-based

Q.95. _____framework made cracking of vulnerabilities easy like point and click.
A : .Net
B : Metasploit
C : Zeus
D : Ettercap

Metasploit

Q.96. _____ is a popular tool used for discovering networks as well as in security auditing.
A : Ettercap
B : Metasploit
C : Nmap
D : Burp Suit

Nmap

Q.97. Which of the below mentioned tool is used for Wi-Fi hacking?
A : Wireshark
B : Nessus
C : Aircrack-ng
D : Snort

Aircrack-ng

Q.98. Aircrac-ng is used for ______
A : Firewall bypassing
B : Wi-Fi attacks
C : Packet filtering
D : System password cracking

Advertisement

Wi-Fi attacks

Q.99. ______ is a web application assessment security tool.
A : LC4
B : Weblnspect
C : Ettercap
D : QualysGuard

Weblnspect

Q.100. _____ is a password recovery and auditing tool.
A : LC3
B : LC4
C : Network Stumbler
D : Maltego

Advertisement

PGP

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top