Kiến Thức Chung

[MCQ’s] Cyber Security Law

Bạn đang xem: [MCQ’s] Cyber Security Law Tại Website bpackingapp.com

1. In general how many key elements constitute the entire security structure?
a) 1
b) 2
c) 3
d) 4
Answer: d
Explanation: The 4 key elements that constitute the security are: confidentiality, integrity, authenticity & availability. Authenticity is not considered as one of the key elements in some other security models, but the popular CIA Triad eliminates this as authenticity at times comes under confidentiality & availability.

2. According to the CIA Triad, which of the below-mentioned element is not considered in the triad?
a) Confidentiality
b) Integrity
c) Authenticity
d) Availability
Answer: c
Explanation: According to the CIA triad the three components that a security need is the Confidentiality, Integrity, Availability (as in short read as CIA).cyber-security-questions-answers-elements-security-q2

3. This is the model designed for guiding the policies of Information security within a company, firm or organization. What is “this” referred to here?
a) Confidentiality
b) Non-repudiation
c) CIA Triad
d) Authenticity
Answer: c
Explanation: Various security models were being developed till date. This is by far the most popular and widely used model which focuses on the information’s confidentiality, integrity as well as availability and how these key elements can be preserved for a better security in any organization.

4. CIA triad is also known as ________
a) NIC (Non-repudiation, Integrity, Confidentiality)
b) AIC (Availability, Integrity, Confidentiality)
c) AIN (Availability, Integrity, Non-repudiation)
d) AIC (Authenticity, Integrity, Confidentiality)
Answer: b
Explanation: This approach of naming it CIA Triad as AIC (Availability, Integrity, Confidentiality) Triad because people get confused about this acronym with the abbreviation and the secret agency name Central Intelligence Agency.

5. When you use the word _____ it means you are protecting your data from getting disclosed.
a) Confidentiality
b) Integrity
c) Authentication
d) Availability
Answer: a
Explanation: Confidentiality is what every individual prefer in terms of physical privacy as well as digital privacy. This term means our information needs to be protected from getting disclose to unauthorised parties, for which we use different security mechanisms like password protection, biometric security, OTPs (One Time Passwords) etc.

6. ______ means the protection of data from modification by unknown users.
a) Confidentiality
b) Integrity
c) Authentication
d) Non-repudiation
Answer: b
Explanation: A information only seems valuable if it is correct and do not get modified during its journey in the course of arrival. The element integrity makes sure that the data sent or generated from other end is correct and is not modified by any unauthorised party in between.

7. When integrity is lacking in a security system, _________ occurs.
a) Database hacking
b) Data deletion
c) Data tampering
d) Data leakage
Answer: c
Explanation: The term data tampering is used when integrity is compromised in any security model and checking its integrity later becomes costlier. Example: let suppose you sent $50 to an authorised person and in between a Man in the Middle (MiTM) attack takes place and the value has tampered to $500. This is how integrity is compromised.

8. _______ of information means, only authorised users are capable of accessing the information.
a) Confidentiality
b) Integrity
c) Non-repudiation
d) Availability
Answer: d
Explanation: Information seems useful only when right people (authorised users) access it after going through proper authenticity check. The key element availability ensures that only authorised users are able to access the information.

9. Why these 4 elements (confidentiality, integrity, authenticity & availability) are considered fundamental?
a) They help understanding hacking better
b) They are key elements to a security breach
c) They help understands security and its components better
d) They help to understand the cyber-crime better
Answer: c
Explanation: The four elements of security viz. confidentiality, integrity, authenticity & availability helps in better understanding the pillars of security and its different components.

10. This helps in identifying the origin of information and authentic user. This referred to here as __________
a) Confidentiality
b) Integrity
c) Authenticity
d) Availability
Answer: c
Explanation: The key element, authenticity helps in assuring the fact that the information is from the original source.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

11. Data ___________ is used to ensure confidentiality.
a) Encryption
b) Locking
c) Deleting
d) Backup
Answer: a
Explanation: Data encryption is the method of converting plain text to cipher-text and only authorised users can decrypt the message back to plain text. This preserves the confidentiality of data.

12. Which of these is not a proper method of maintaining confidentiality?
a) Biometric verification
b) ID and password based verification
c) 2-factor authentication
d) switching off the phone
Answer: d
Explanation: Switching off the phone in the fear of preserving the confidentiality of data is not a proper solution for data confidentiality. Fingerprint detection, face recognition, password-based authentication, two-step verifications are some of these.

13. Data integrity gets compromised when _____ and _____ are taken control off.
a) Access control, file deletion
b) Network, file permission
c) Access control, file permission
d) Network, system
Answer: c
Explanation: The two key ingredients that need to be kept safe are: access control & file permission in order to preserve data integrity.

14. ______ is the latest technology that faces an extra challenge because of CIA paradigm.
a) Big data
b) Database systems
c) Cloud storages
d) Smart dust
Answer: a
Explanation: Big data has additional challenges that it has to face because of the tremendous volume of data that needs protection as well as other key elements of the CIA triad, which makes the entire process costly and time-consuming.

15. One common way to maintain data availability is __________
a) Data clustering
b) Data backup
c) Data recovery
d) Data Altering
Answer: b
Explanation: For preventing data from data-loss, or damage data backup can be done and stored in a different geographical location so that it can sustain its data from natural disasters & unpredictable events.

16. ___________ is a special form of attack using which hackers’ exploit – human psychology.
a) Cross Site Scripting
b) Insecure network
c) Social Engineering
d) Reverse Engineering
Answer: c
Explanation: Using social engineering techniques, hackers try to exploit the victim’s mind to gain valuable information about that person such as his/her phone number, date of birth, pet name etc.

17. Which of the following do not comes under Social Engineering?
a) Tailgating
b) Phishing
c) Pretexting
d) Spamming

18. _________ involves scams where an individual (usually an attacker) lie to a person (the target victim) to acquire privilege data.
a) Phishing
b) Pretexting
c) Spamming
d) Vishing
Answer: b
Explanation: In the pretexting technique of social engineering, the attacker pretends in need of legitimate information from the victim for confirming his/her identity.

19. Which of the following is the technique used to look for information in trash or around dustbin container?
a) Pretexting
b) Baiting
c) Quid Pro Quo
d) Dumpster diving
Answer: d
Explanation: In the technology world, where information about a person seems everywhere; dumpster diving is the name of the technique where the attacker looks for information in dustbins and trashes. For example, after withdrawing money from ATM, the user usually throw the receipt in which the total amount and account details are mentioned. These type of information becomes helpful to a hacker, for which they use dumpster diving.

20. Which of the following is not an example of social engineering?
a) Dumpster diving
b) Shoulder surfing
c) Carding
d) Spear phishing
Answer: c
Explanation: Carding is the method of trafficking of bank details, credit cards or other financial information over the internet. Hence it’s a fraudulent technique used by hackers and does not comes under social engineering.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

21. In a phishing, attackers target the ________ technology to so social engineering.
a) Emails
b) WI-FI network
c) Operating systems
d) Surveillance camera
Answer: a
Explanation: In a phishing attack, the attacker fraudulently attempts to obtain sensitive data (such as username & passwords) of the target user and use emails to send fake links which redirect them to a fake webpage which looks legitimate.

22. Tailgating is also termed as ___________
a) Piggybacking
b) Pretexting
c) Phishing
d) Baiting
Answer: a
Explanation: Piggybacking is the technique used for social engineering, as the attacker or unauthorized person/individual follows behind an authorized person/employee & gets into an authorized area to observe the system, gain confidential data or for a fraudulent purpose.

23. Physical hacking is not at all possible in hospitals, banks, private firms, and non-profit organizations.
a) True
b) False
Answer: b
Explanation: Physical hacking, like other types of hacking, is possible in any institutions, organizations, clinics, private firms, banks or any other financial institutions. Hence, the above statement is false.

24. Stealing pen drives and DVDs after tailgating is an example of lack of _______ security.
a) network security
b) physical security
c) database security
d) wireless security
Answer: b
Explanation: When cyber-criminal gain access to an authorized area and steal pen drives and DVDs which contain sensitive information about an employee or about the organization, then it can be said that the physical security of the organization is weak.

25. ________ is the ability of an individual to gain physical access to an authorized area.
a) Network accessing
b) Database accessing
c) Remote accessing
d) Physical accessing
Answer: d
Explanation: Physical accessing without prior security checking is the ability of a person to gain access to any authorized area. Physical accessing is done using piggybacking or any other suspicious means.

26. Which of the following is not considering the adequate measure for physical security?
a) Lock the drawers
b) Keep strong passwords for corporate laptops and mobile phones
c) Keep confidential organization’s document file open in the desk
d) Hide your hand against camera while inserting the PIN code
Answer: c
Explanation: Keeping confidential files left open in the desk is not an adequate way of maintaining physical security; as anyone can pick these up and perform physical hacking.

27. Which of the following is not a physical security measure to protect against physical hacking?
a) Add front desk & restrict unknown access to the back room
b) Create a phishing policy
c) Analyze how employees maintain their physical data and data storage peripheral devices
d) Updating the patches in the software you’re working at your office laptop.
Answer: d
Explanation: Updating the patches in your working software does not come under security measures for physical hacking. Updating the patches will help your software get free from bugs and flaws in an application as they get a fix when patches are updated.

28. IT security department must periodically check for security logs and entries made during office hours.
a) True
b) False
Answer: a
Explanation: Checking for security logs and entries made by employees and other outsiders who entered the office can help in identifying whether any suspicious person is getting in and out of the building or not.

Xem thêm:   Xem Ngay Video này trước khi cập nhật IOS 14 Beta 1 – Things we should do before upgrading to iOS 14

Xem thêm :  Trời ơi! Thằng Playerduo nó chơi bẩn mình kìa

29. Which of them is not an example of physical hacking?
a) Walk-in using piggybacking
b) Sneak-in
c) Break-in and steal
d) Phishing
Answer: d
Explanation: Phishing does not come under physical security. Walk-in without proper authorization, sneaking in through glass windows or other means and breaking in and stealing sensitive documents are examples of physical hacking.

30. Physical _________ is important to check & test for possible physical breaches.
a) penetration test
b) security check
c) hacking
d) access
Answer: a
Explanation: Physical penetration test is important in order to check for the possible physical security breaches. Usually corporate firms and organizations stay busy in securing the networks and data and penetration testers are hired for data and network pentesting, but physical security breach can also equally hamper.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

31. _________ framework made cracking of vulnerabilities easy like point and click.
a) .Net
b) Metasploit
c) Zeus
d) Ettercap
Answer: b
Explanation: In the year 2003, the Metasploit framework was released which made finding and cracking of vulnerabilities easy and is used by both white as well as black hat hackers.

32. Nmap is abbreviated as Network Mapper.
a) True
b) False
Answer: a
Explanation: Network Mapper (Nmap) is a popular open-source tool used for discovering network as well as security auditing. It can be used for either a single host network or large networks.

33. __________ is a popular tool used for discovering networks as well as in security auditing.
a) Ettercap
b) Metasploit
c) Nmap
d) Burp Suit
Answer: c
Explanation: Network Mapper (Nmap) is a popular open-source tool used for discovering network as well as security auditing. It can be used for either a single host network or large networks.

34. Which of this Nmap do not check?
a) services different hosts are offering
b) on what OS they are running
c) what kind of firewall is in use
d) what type of antivirus is in use
Answer: d
Explanation: Network Mapper (Nmap) is a popular open-source tool used for discovering network as well as security auditing. It usually checks for different services used by the host, what operating system it is running and the type of firewall it is using.

35. Which of the following deals with network intrusion detection and real-time traffic analysis?
a) John the Ripper
b) L0phtCrack
c) Snort
d) Nessus
Answer: c
Explanation: Snort is a network intrusion detecting application that deals with real-time traffic analysis. As the rules are set and kept updated, they help in matching patterns against known patterns and protect your network.

36. Wireshark is a ____________ tool.
a) network protocol analysis
b) network connection security
c) connection analysis
d) defending malicious packet-filtering
Answer: a
Explanation: Wireshark is popular standardized network protocol analysis tools that allow in-depth check and analysis of packets from different protocols used by the system.

37. Which of the below-mentioned tool is used for Wi-Fi hacking?
a) Wireshark
b) Nessus
c) Aircrack-ng
d) Snort
Answer: c
Explanation: Weak wireless encryption protocols get easily cracked using Aircrack WPA and Aircrack WEP attacks that comes with Aircrack-ng tool. Its packet sniffing feature keeps track of all its traffic without making any attack.

38. Aircrack-ng is used for ____________
a) Firewall bypassing
b) Wi-Fi attacks
c) Packet filtering
d) System password cracking
Answer: b
Explanation: Weak wireless encryption protocols get easily cracked using Aircrack WPA and Aircrack WEP. Its packet sniffing feature keeps track of all its traffic without making any attack.

39. _____________ is a popular IP address and port scanner.
a) Cain and Abel
b) Snort
c) Angry IP Scanner
d) Ettercap
Answer: c
Explanation: Angry IP scanner is a light-weight, cross-platform IP and port scanning tool that scans a range of IP. It uses the concept of multithreading for making fast efficient scanning.

40. _______________ is a popular tool used for network analysis in multiprotocol diverse network.
a) Snort
b) SuperScan
c) Burp Suit
d) EtterPeak
Answer: d
Explanation: EtterPeak is a network analysis tool that can be used for multiprotocol heterogeneous networking architecture. It can help in sniffing packets of network traffic.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

41. ____________ scans TCP ports and resolves different hostnames.
a) SuperScan
b) Snort
c) Ettercap
d) QualysGuard
Answer: a
Explanation: SuperScan has a very nice user-friendly interface and it is used for scanning TCP ports as well as resolve hostnames. It is popularly used for scanning ports from a given range of IP.

42. ___________ is a web application assessment security tool.
a) LC4
b) WebInspect
c) Ettercap
d) QualysGuard
Answer: b
Explanation: WebInspect is a popular web application security tool used for identifying known vulnerabilities residing in web-application layer. It also helps in penetration testing of web servers.

43. Which of the following attack-based checks WebInspect cannot do?
a) cross-site scripting
b) directory traversal
c) parameter injection
d) injecting shell code

44. ________ is a password recovery and auditing tool.
a) LC3
b) LC4
c) Network Stumbler
d) Maltego
Answer: b
Explanation: LC4 which was previously known as L0phtCrack is a password auditing and recovery tool; used for testing strength of a password and also helps in recovering lost Microsoft Windows passwords.

45. L0phtCrack is formerly known as LC3.
a) True
b) False
Answer: b
Explanation: L0phtCrack is now commonly known as LC4 is a password auditing and recovery tool; used for testing strength of a password and also helps in recovering lost Microsoft Windows passwords.

46. Which of the following attach is not used by LC4 to recover Windows password?
a) Brute-force attack
b) Dictionary attack
c) MiTM attack
d) Hybrid attacks
Answer: c
Explanation: LC4 is a password auditing and recovery tool; used for testing strength of a password and also helps in recovering lost Microsoft Windows passwords using a hybrid attack, brute-force attack as well as using a dictionary attack.

47. ____________ is the world’s most popular vulnerability scanner used in companies for checking vulnerabilities in the network.
a) Wireshark
b) Nessus
c) Snort
d) WebInspect
Answer: b
Explanation: Nessus is a popular and proprietary network vulnerability scanning tool developed by Tenable Network Security. It helps in easily identifying vulnerabilities and fix them, which includes missing patches and software flaws.

48. _____________ is a tool which can detect registry issues in an operating system.
a) Network Stumbler
b) Ettercap
c) Maltego
d) LANguard Network Security Scanner
Answer: d
Explanation: LANguard Network Security Scanner helps in monitoring networks by scanning connected machines to provide information for every node. It can also be used for identifying registry issues.

49. Network Stumbler is a Windows Wi-Fi monitoring tool.
a) True
b) False
Answer: a
Explanation: Network Stumbler is a popular tool that helps in detecting WLANs and helps hackers in finding non-broadcasting wireless networks. It is popularly used as Wi-Fi scanning and monitoring tool for Windows.

50. ToneLoc is abbreviated as __________
a) Tone Locking
b) Tone Locator
c) Tone Locker
d) Tune Locator
Answer: c
Explanation: ToneLoc is a popular and primitive tool written for MS-DOS users. It is basically used by malicious attackers to guess user accounts, finding entry points in modems and locating modems connected in the network.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

51. __________ is a debugger and exploration tool.
a) Netdog
b) Netcat
c) Tcpdump
d) BackTrack
Answer: b
Explanation: Netcat is an easy Unix utility that helps in reading and writing data across network connections, using TCP or UDP protocol. It is popularly used as a debugger and exploration tool that is found free for Windows and Mac OS also.

52. __________ is a popular command-line packet analyser.
a) Wireshark
b) Snort
c) Metasploit
d) Tcpdump
Answer: d
Explanation: Tcpdump is a popular command-line network packet analyzer. It allows its user in displaying TCP / IP as well as other data packets being transmitted or received over the computer network.

53. ________________ is a platform that essentially keeps the log of data from networks, devices as well as applications in a single location.
a) EventLog Analyser
b) NordVPN
c) Wireshark
d) PacketFilter Analyzer
Answer: a
Explanation: EventLog Analyser is a tool that basically keeps the log of data from networks, devices as well as applications in a single location. Latest encryption techniques are used for securing its stored data.

54. ______________ is competent to restore corrupted Exchange Server Database files as well as recovering unapproachable mails in mailboxes.
a) Outlook
b) Nessus
c) Mailbox Exchange Recovery
d) Mail Exchange Recovery toolkit
Answer: c
Explanation: Mailbox Exchange Recovery is competent to restore corrupted Exchange Server Database files as well as recovering unapproachable mails in mailboxes. This tool is popularly used by ethical hackers and cyber-forensics investigators in recovering emails, calendars, attachments, contacts from inaccessible mail-servers.

55. ________________ helps in protecting businesses against data breaches that may make threats to cloud.
a) Centrify
b) Mailbox Exchange Recovery
c) Nessus
d) Dashline
Answer: a
Explanation: Centrify helps in protecting businesses against data breaches that may make threats to the cloud. This is done by securing Centrify users by providing internal, external and privileged users.

56. __________ is a popular corporate security tool that is used to detect the attack on email with cloud only services.
a) Cain and Abel
b) Proofpoint
c) Angry IP Scanner
d) Ettercap
Answer: b
Explanation: Proofpoint is a popular corporate security tool that is used to detect an attack on email with cloud-only services. It helps firms detect attack vectors and loopholes in different security systems through which attackers may gain access.

57. _____________ helps in protecting corporate data, communications and other assets.
a) Snort
b) CipherCloud
c) Burp Suit
d) Wireshark
Answer: b
Explanation: CipherCloud helps in protecting corporate data, different communications as well as other assets. This includes anti-virus scanning facility, encryption & traffic monitoring. In addition, it provides mobile security support also.

58. Which of the following is not an appropriate way of targeting a mobile phone for hacking?
a) Target mobile hardware vulnerabilities
b) Target apps’ vulnerabilities
c) Setup Keyloggers and spyware in smart-phones
d) Snatch the phone
Answer: d
Explanation: Snatching is not a type of hacking any smart-phone. Targeting the hardware and application level vulnerabilities and setting some keylogger or spyware in the target mobile can help get valuable info about the victim.

59. Which of the following is not an OS for mobile?
a) Palm
b) Windows
c) Mango
d) Android
Answer: c
Explanation: A mobile/smart-phone operating system is software which allows smart-phones, tablets, phablets & other devices to run apps & programs within it. Palm OS, Windows OS, and Android OS are some of the examples of Mobile OS.

60. Mobile Phone OS contains open APIs that may be _____________ attack.
a) useful for
b) vulnerable to
c) easy to
d) meant for
Answer: b
Explanation: Mobile phone operating systems contain open APIs that or may be vulnerable to different attacks. OS has a number of connectivity mechanisms through which attackers can spread malware.

Xem thêm:   Hướng Dẫn Mở Khóa iCloud Miễn Phí – How to open iCloud for free!

Xem thêm :  Phiếu bài tập toán lớp 4 – tuần 8

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

61. ____________ gets propagated through networks and technologies like SMS, Bluetooth, wireless medium, USBs and infrared to affect mobile phones.
a) Worms
b) Antivirus
c) Malware
d) Multimedia files
Answer: c
Explanation: Malware gets propagated through networks and technologies like SMS, Bluetooth, wireless medium, USBs and infrared to affect mobile phones.

62. ____________ is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.
a) OS Security
b) Database security
c) Cloud security
d) Mobile security
Answer: d
Explanation: Mobile security is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.

63. Mobile security is also known as ____________
a) OS Security
b) Wireless security
c) Cloud security
d) Database security
Answer: b
Explanation: Mobile security also known as wireless security is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.

64. DDoS in mobile systems wait for the owner of the _____________ to trigger the attack.
a) worms
b) virus
c) botnets
d) programs
Answer: c
Explanation: Botnets on compromised mobile devices wait for instructions from their owner. After getting the owner’s instruction it launches DDoS flood attack. This result in a failure in connecting calls or transmitting data.

65. Hackers cannot do which of the following after compromising your phone?
a) Steal your information
b) Rob your e-money
c) Shoulder surfing
d) Spying
Answer: c
Explanation: Shoulder surfing is done before compromising the mobile. So, hackers can steal your information; rob your e-money or do spying after compromising your smart-phone.

66. Hackers cannot do which of the following after compromising your phone?
a) Shoulder surfing
b) Accessing your voice mail
c) Steal your information
d) Use your app credentials
Answer: a
Explanation: Shoulder surfing is done before compromising the mobile. So, hackers can steal your information; accessing your voice mail or use your app credentials after compromising your smart-phone.

67. App permissions can cause trouble as some apps may secretly access your memory card or contact data.
a) True
b) False
Answer: a
Explanation: App permissions can cause trouble as some apps may secretly access your memory card or contact data. Almost all applications nowadays ask for such permission, so make sure you do a proper survey on these apps before allowing such access.

68. Activate _____________ when you’re required it to use, otherwise turn it off for security purpose.
a) Flash Light
b) App updates
c) Bluetooth
d) Rotation
Answer: c
Explanation: Activate Bluetooth when you’re required it to use, otherwise turn it off for security purpose. This is because; there are various tools and vulnerabilities that may gain access to your smart-phone using Bluetooth.

69. Try not to keep ________________ passwords, especially fingerprint for your smart-phone, because it can lead to physical hacking if you’re not aware or asleep.
a) Biometric
b) PIN-based
c) Alphanumeric
d) Short
Answer: a
Explanation: Try not to keep biometric passwords, especially fingerprint for your smart-phone containing very confidential data, because anyone can do physical hacking if you’re not aware or asleep.

70. Which of the following tool is used for Blackjacking?
a) BBAttacker
b) BBProxy
c) Blackburried
d) BBJacking
Answer: b
Explanation: BBProxy (installed on blackberry phones) is the name of the tool used to conduct blackjacking. What attackers do is they install BBProxy on user’s blackberry and once the tool is activated it opens a covert channel between the hacker and the compromised host.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

71. BBProxy tool is used in which mobile OS?
a) Android
b) Symbian
c) Raspberry
d) Blackberry
Answer: d
Explanation: BBProxy (installed on blackberry phones) is the name of the tool used to conduct blackjacking. What attackers do is they install BBProxy on user’s blackberry and once the tool is activated it opens a covert channel between the hacker and the compromised host.

72. Which of the following is not a security issue for PDAs?
a) Password theft
b) Data theft
c) Reverse engineering
d) Wireless vulnerability
Answer: c
Explanation: Reverse engineering is not an issue of PDA (Personal Digital Assistant). Password theft, data theft, wireless vulnerability exploitation, data corruption using virus are some of them.

73. Bit error rate provides the information about the type of error.
a) True
b) False
Answer: b
Explanation: Bit error rate does not provide information about the type of error. However, bit error rate (BER) evaluation gives a good indication of the performance of a particular modulation scheme.

74. Which of the following is specified by a specific number of bit errors occurring in a given transmission?
a) Bit error rate
b) Equally likely event
c) Outage event
d) Exhaustive events
Answer: c
Explanation: Outage event is specified by a specific number of bit errors occurring in a given transmission. Evaluating the probability of outage is one of the means to judge the effectiveness of the signalling scheme in a mobile radio channel.

75. Irreducible BER floor is created in frequency selective channels due to ____________
a) Intersymbol interference
b) Random spectral spreading
c) Time varying Doppler spread
d) Blind speed
Answer: a
Explanation: Frequency selective fading is caused due to multipath delay spread which causes intersymbol interference. It results in an irreducible BER floor for mobile systems.

76. Irreducible BER floor is created in non frequency selective channels due to ____________
a) Intersymbol interference
b) Multipath time delay
c) Time varying Doppler spread
d) Blind speed
Answer: c
Explanation: Even if a mobile channel is not frequency selective, the tie varying Doppler spread due to motion creates an irreducible BER floor. It is caused due random spectral spreading.

77. The performance of BPSK is best is term of BER because _______
a) Symbol offset interference does not exist
b) Existence of cross rail interference
c) No multipath delay
d) Doppler spread
Answer: a
Explanation: BER performance of BPSK is best among all the modulation schemes compared. This is because symbol offset interference does not exist in BPSK. Symbol offset interference is also called cross rail interference due to the fact that the eye diagram has multiple rails.

78. High capacity mobile systems are interference limited.
a) True
b) False
Answer: a
Explanation: High capacity mobile systems are interference limited, but they are not noise limited. It was clearly seen that when carrier to interference ratio (C/I) is large, the errors are primarily due to fading, and interference has very little effect. However, as C/I drops below a certain level, interference dominates the link performance.

79. Which of the following do not impact bit error rate in mobile communication systems?
a) Mobile velocity
b) Channel delay spread
c) Modulation format
d) Base station
Answer: d
Explanation: The mobile velocity, channel delay spread, interference levels and modulation formats all independently impact the raw bit error rate in mobile communication systems. And simulation is a powerful way to design or predict the performance of wireless communication links.

80. Coherence time refers to ____________
a) Time required attaining a call with the busy base station
b) Time required for synchronization between the transmitter and the receiver
c) Minimum time for change in magnitude and phase of the channel
d) None of the mentioned
Answer: b
Explanation: Coherence time is the time required for synchronization between the transmitter and receiver. It is the over which a propagating wave is said to be coherent.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

81. Doppler spread refers to _________
a) Signal fading due to Doppler shift in the channel
b) Temporary failure of message transfer
c) Large coherence time of the channel as compared to the delay constraints
d) All of the mentioned
Answer: a
Explanation: Doppler spread refers to signal fading due to Doppler shift in the channel. It is a measure of spectral broadening caused by time rate of change of the mobile radio channel.

82. A rake receiver uses multiple ______
a) Delay circuits
b) Correlators
c) Detectors
d) Flip flops
Answer: b
Explanation: A rake receiver uses multiple correlators to separately detect multiple strongest components. It is designed to counter the effects of multipath fading.

83. ____________________ is the anticipation of unauthorized access or break to computers or data by means of wireless networks.
a) Wireless access
b) Wireless security
c) Wired Security
d) Wired device apps
Answer: b
Explanation: Wireless security is the anticipation of unauthorized access or breaks to computers or data by means of wireless networks. The most widespread types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and recently released WPA3.

84. Which among them has the strongest wireless security?
a) WEP
b) WPA
c) WPA2
d) WPA3
Answer: d
Explanation: The most extensive types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3. WPA3 is the strongest and recently released.

85. Which among the following is the least strong security encryption standard?
a) WEP
b) WPA
c) WPA2
d) WPA3
Answer: a
Explanation: A prime branch of cyber-security is wireless security. The most widespread types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3. WEP is notoriously weak encryption standard.

86. _________ is an old IEEE 802.11 standard from the year 1999.
a) WPA2
b) WPA3
c) WEP
d) WPA
Answer: c
Explanation: The most widespread types of wireless securities are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2 and WPA3. WEP is an old IEEE 802.11 standard from the year 1999.

87. _______________ is the central node of 802.11 wireless operations.
a) WPA
b) Access Point
c) WAP
d) Access Port
Answer: b
Explanation: The central node of 802.11 wireless operations is the Access Point (AP). It is that interface which acts as an intermediary of a wired & wireless network; and all the associated wireless clients’ use this to exchange data with it.

88. AP is abbreviated as _____________
a) Access Point
b) Access Port
c) Access Position
d) Accessing Port
Answer: a
Explanation: The central node of 802.11 is that interface which acts as an intermediary of a wired & wireless network; and all the associated wireless clients’ use this and exchange data.

89. ___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage.
a) Base Signal Station
b) Base Transmitter Station
c) Base Transceiver Station
d) Transceiver Station
Answer: c
Explanation: Base Transceiver Station (BTS) which is also known as a base station (BS) or radio base station (RBS) is alike as that of Access Point (AP) from 802.11, & the mobile operators use it for offering signal coverage.

Xem thêm:   How to Go Through Airport Security Smoothly

Xem thêm :  Phân Tích Bài Thơ Khăn Thương Nhớ Ai …, Phân Tích Bài Ca Dao Khăn Thương Nhớ Ai

90. BTS stands for ___________________
a) Basement Transceiver Server
b) Base Transmitter Station
c) Base Transceiver Server
d) Base Transceiver Station
Answer: d
Explanation: Base Transceiver Station is a section of equipment which facilitates wireless communication from 802.11 & the mobile operators use it for offering signal coverage. Examples are GSM, 3G, 4G etc.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

91. There are __________ types of wireless authentication modes.
a) 2
b) 3
c) 4
d) 5
Answer: a
Explanation: There are 2 achievable authentication types or schemes which are implemented in the wireless security. These are Pre-Shared Key – based authentication & Open Authentication.

92. When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called _____________
a) AP-handshaking
b) 4-way handshake
c) 4-way connection
d) wireless handshaking
Answer: b
Explanation: When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called 4-way handshake.

93. WPS stands for __________________
a) WiFi Protected System
b) WiFi Protected Setup
c) WiFi Protocol Setup
d) Wireless Protected Setup
Answer: b
Explanation: WPS stands for WiFi Protected Setup began to show up a few years back on wireless access points as a new way of adding or connecting new devices to the network by just pushing a key (within the router) & inserting the password.

94. It is recommended to use WPA2 or WPA3 encryption standard as they are strong and more secure.
a) True
b) False
Answer: a
Explanation: It is recommended to use WPA2 or WPA3 encryption standard as they are strong and more secure. WPA2 & WPA3 characterizes the protocols a router & Wi-Fi client devices use for performing “handshake” securely for communication.

95. ___________ is a process of wireless traffic analysis that may be helpful for forensic investigations or during troubleshooting any wireless issue.
a) Wireless Traffic Sniffing
b) WiFi Traffic Sniffing
c) Wireless Traffic Checking
d) Wireless Transmission Sniffing
Answer: a
Explanation: Wireless Traffic Sniffing is a process of analyzing wireless traffic that may be helpful for forensic investigations or during troubleshooting any wireless issue.

96. Which of the following is a Wireless traffic Sniffing tool?
a) Maltego
b) BurpSuit
c) Nessus
d) Wireshark
Answer: d
Explanation: The process of analyzing wireless traffic that may be helpful for forensic investigations or during troubleshooting any wireless issue is called Wireless Traffic Sniffing. Popular tools used in this case are Wireshark and Kismet.

97. ___________________ began to show up few years back on wireless access points as a new way of adding or connecting new devices.
a) WPA2
b) WPA
c) WPS
d) WEP
Answer: c
Explanation: WiFi Protected Setup (WPS) began to show up a few years back on wireless access points as a new way of adding or connecting new devices to the network by just pushing a key (within the router) & typing an eight-digit password on the client device.

98. Which of the following are forms of malicious attack?
a) Theft of information
b) Modification of data
c) Wiping of information
d) All of the mentioned
Answer: d
Explanation: None.

99. What are the common security threats?
a) File Shredding
b) File sharing and permission
c) File corrupting
d) File integrity
Answer: b
Explanation: Sharing and associated permissions are usual exploits which can compromise the system.

100. From the following, which is not a common file permission?
a) Write
b) Execute
c) Stop
d) Read
Answer: c
Explanation: None.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

101. Which of the following is a good practice?
a) Give full permission for remote transferring
b) Grant read only permission
c) Grant limited permission to specified account
d) Give both read and write permission but not execute
Answer: c
Explanation: Limited access is a key method to circumvent unauthorized access and exploits.

102. What is not a good practice for user administration?
a) Isolating a system after a compromise
b) Perform random auditing procedures
c) Granting privileges on a per host basis
d) Using telnet and FTP for remote access
Answer: d
Explanation: Telnet and FTP are not encrypted and can be compromised.

103. Which of the following is the least secure method of authentication?
a) Key card
b) fingerprint
c) retina pattern
d) Password
Answer: d
Explanation: Passwords can be compromised more easily than to replicate a physical thing like key card, fingerprint or retina.

104. Which of the following is a strong password?
a) 19thAugust88
b) Delhi88
c) [email protected]
d) !augustdelhi
Answer: c
Explanation: It has a combination of Alphabet both capital and small along with number and special character. Thus always use complex password with a combination of all these.

105. Why is one time password safe?
a) It is easy to generated
b) It cannot be shared
c) It is different for every access
d) It is a complex encrypted password
Answer: c
Explanation: One time password is safe since it is generated per access and thus cannot be brute forced or deduced.

106. What does Light Directory Access Protocol (LDAP) doesn’t store?
a) Users
b) Address
c) Passwords
d) Security Keys
Answer: b
Explanation: None.

107. What is characteristic of RADIUS system?
a) It is essential for centralized encryption and authentication
b) It works on Network layer to deny access to unauthorized people
c) It provides centralized authentication mechanism via network devices
d) It’s a strong File access system
Answer: c
Explanation: None.

108. Which happens first authorization or authentication?
a) Authorization
b) Authentication
c) Authorization & Authentication are same
d) None of the mentioned
Answer: a
Explanation: None.

109. What are the characteristics of Authorization?
a) RADIUS and RSA
b) 3 way handshaking with syn and fin
c) Multilayered protection for securing resources
d) Deals with privileges and rights
Answer: d
Explanation: None.

110. What forces the user to change password at first login?
a) Default behavior of OS
b) Part of AES encryption practice
c) Devices being accessed forces the user
d) Account administrator
Answer: d
Explanation: Its administrator’s job to ensure that password of the user remains private and is known only to user. But while making a new user account he assigns a random general password to give it to user. Thus even administrator cannot access a particular users account.

Learn Machine Learning with Python from Scratch

Start your Machine learning & Data Science journey with Complete Hands-on Learning & doubt solving Support

Click Here!

111. What is not a best practice for password policy?
a) Deciding maximum age of password
b) Restriction on password reuse and history
c) Password encryption
d) Having change password every 2 years
Answer: d
Explanation: Old passwords are more vulnerable to being misplaced or compromised. Passwords should be changed periodically to enhance security.

112. _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction.
a) Network Security
b) Database Security
c) Information Security
d) Physical Security
Answer: c
Explanation: Information Security (abbreviated as InfoSec) is a process or set of processes used for protecting valuable information for alteration, destruction, deletion or disclosure by unauthorised users.

113. From the options below, which of them is not a threat to information security?
a) Disaster
b) Eavesdropping
c) Information leakage
d) Unchanged default password
Answer: d
Explanation: Disaster, eavesdropping and information leakage come under information security threats whereas not changing the default password of any system, hardware or any software comes under the category of vulnerabilities that the user may pose to its system.

114. From the options below, which of them is not a vulnerability to information security?
a) flood
b) without deleting data, disposal of storage media
c) unchanged default password
d) latest patches and updates not done
Answer: a
Explanation: Flood comes under natural disaster which is a threat to any information and not acts as a vulnerability to any system.

115. _____ platforms are used for safety and protection of information in the cloud.
a) Cloud workload protection platforms
b) Cloud security protocols
c) AWS
d) One Drive
Answer: a
Explanation: Nowadays data centres support workloads from different geographic locations across the globe through physical systems, virtual machines, servers, and clouds. Their security can be managed using Cloud workload protection platforms which manage policies regarding security of information irrespective of its location.

116. Which of the following information security technology is used for avoiding browser-based hacking?
a) Anti-malware in browsers
b) Remote browser access
c) Adware remover in browsers
d) Incognito mode in a browser
Answer: b
Explanation: Cyber-criminals target browsers for breaching information security. If a user establishes a remote browsing by isolating the browsing session of end user, cyber-criminals will not be able to infect the system along with browser with malware, ultimately reducing the attack surface area.

117. The full form of EDR is _______
a) Endpoint Detection and recovery
b) Early detection and response
c) Endpoint Detection and response
d) Endless Detection and Recovery
Answer: c
Explanation: It is a collective name for tools that monitor networks & endpoints of systems and record all the activities for further reporting, analysis & detection in a central database. Analyzing the reports generated through such EDR tools, loopholes in a system or any internal, as well as external breaching attempts can be detected.

118. _______ technology is used for analyzing and monitoring traffic in network and information flow.
a) Cloud access security brokers (CASBs)
b) Managed detection and response (MDR)
c) Network Security Firewall
d) Network traffic analysis (NTA)
Answer: d
Explanation: Network traffic analysis (NTA) is an approach of information security for supervising the traffic in any network, a flow of data over the network as well as malicious threats that are trying to breach the network. This technological solution also helps in triage the events detected by Network Traffic Analysing tools.

119. Compromising confidential information comes under _________
a) Bug
b) Threat
c) Vulnerability
d) Attack
Answer: b
Explanation: Threats are anything that may cause damage or harm to a computer system, individual or any information. Compromising of confidential information means extracting out sensitive data from a system by illegal manner.

120. Lack of access control policy is a _____________
a) Bug
b) Threat
c) Vulnerability
d) Attack
Answer: c
Explanation: Access control policies are incorporated to a security system for restricting of unauthorised access to any logical or physical system. Every security compliance program must need this as a fundamental component. Those systems which lack this feature is vulnerable.

121. Possible threat to any information cannot be ________________
a) reduced
b) transferred
c) protected
d) ignored
Answer: d
Explanation: When there lies a threat to any system, safeguards can be implemented, outsourced, distributed or transferred to some other system, protected using security tools and techniques but cannot be ignored.

Xem thêm bài viết thuộc chuyên mục: Tips – IT and Computing

Xem thêm bài viết thuộc chuyên mục: Kiến Thức Chung

Related Articles

Back to top button