Explore topic-wise MCQs in Cyber Security.

This section includes 147 Mcqs, each offering curated multiple-choice questions to sharpen your Cyber Security knowledge and support exam preparation. Choose a topic below to get started.

101.

Physical hacking is not at all possible in hospitals, banks, private firms, and non-profit organizations.

A. True
B. False
C. May be True or False
D. Can't say
Answer» C. May be True or False
Discussion
102.

___________ is a special form of attack using which hackers’ exploit – human psychology.

A. Cross Site Scripting
B. Insecure network
C. Social Engineering
D. Reverse Engineering
Answer» D. Reverse Engineering
Discussion
103.

Known bugs can be solved or removed by __________________ develop by the vendors of the application.

A. removing the application
B. changing the software
C. installing security patches
D. installing database patches
Answer» D. installing database patches
Discussion
104.

A _________ can gain access illegally to a system if the system is not properly tested in scanning and gaining access phase.

A. security officer
B. malicious hacker
C. security auditor
D. network analyst
Answer» C. security auditor
Discussion
105.

__________ is the last phase of ethical hacking process.

A. Scanning
B. Tracks clearing
C. Reconnaissance
D. Reporting
Answer» E.
Discussion
106.

Which of the following is not a footprint-scanning tool?

A. SuperScan
B. TcpView
C. Maltego
D. OWASP Zed
Answer» D. OWASP Zed
Discussion
107.

_______________ in a system is given so that users can use dedicated parts of the system for which they’ve been given access to.

A. Machine Access Control
B. Mandatory Accounts Control
C. Mandatory Access Control
D. Mandatory Access Controlling
Answer» D. Mandatory Access Controlling
Discussion
108.

Which of them is not a track clearing technique?

A. Altering log files
B. Tunnelling
C. Port Scanning
D. Footprint removing
Answer» D. Footprint removing
Discussion
109.

While looking for a single entry point where penetration testers can test the vulnerability, they use ______ phase of ethical hacking.

A. Reconnaissance
B. Scanning
C. Gaining access
D. Maintaining access
Answer» C. Gaining access
Discussion
110.

IKE is abbreviated as Internet Key Exchange.

A. True
B. False
C. May be True or False
D. Can't say
Answer» B. False
Discussion
111.

Authentication in PCT requires _____ keys.

A. 1
B. 2
C. 3
D. 4
Answer» C. 3
Discussion
112.

S/MIME is abbreviated as __________________

A. Secure/Multimedia Internet Mailing Extensions
B. Secure/Multipurpose Internet Mailing Extensions
C. Secure/Multimedia Internet Mail Extensions
D. Secure/Multipurpose Internet Mail Extensions
Answer» E.
Discussion
113.

Users are able to see a pad-lock icon in the address bar of the browser when there is _______ connection.

A. HTTP
B. HTTPS
C. SMTP
D. SFTP
Answer» C. SMTP
Discussion
114.

__________ is used for encrypting data at network level.

A. IPSec
B. HTTPS
C. SMTP
D. S/MIME
Answer» B. HTTPS
Discussion
115.

____________ is a Debian-Linux based OS that has 2 VMs (Virtual Machines) that help in preserving users’ data private.

A. Fedora
B. Ubuntu
C. Whonix
D. Kubuntu
Answer» D. Kubuntu
Discussion
116.

In the ______________ layer of OSI model, packet filtering firewalls are implemented.

A. Application layer
B. Session layer
C. Presentation layer
D. Network layer
Answer» E.
Discussion
117.

Which of the following do not comes under security measures for cloud in firms?

A. Firewall
B. Antivirus
C. Load Balancer
D. Encryption
Answer» C. Load Balancer
Discussion
118.

________ is the ability of an individual to gain physical access to an authorized area.

A. Network accessing
B. Database accessing
C. Remote accessing
D. Physical accessing
Answer» E.
Discussion
119.

Which of the following is the port number for SFTP service?

A. 21
B. 22
C. 23
D. 69
Answer» C. 23
Discussion
120.

Which of the following is the port number for FTP data?

A. 20
B. 21
C. 22
D. 23
Answer» B. 21
Discussion
121.

One advantage of Stateful Multilayer Inspection firewall is __________

A. costlier but easy to understand
B. large to manage
C. complex internal architecture
D. large to manage but efficient
Answer» D. large to manage but efficient
Discussion
122.

An attacker may use automatic brute forcing tool to compromise your ____________

A. username
B. employee ID
C. system / PC name
D. password
Answer» E.
Discussion
123.

Which of the following is the port number for SSH (Secure Shell)?

A. 20
B. 21
C. 22
D. 23
Answer» D. 23
Discussion
124.

We can also implement ____________ in Stateful Multilayer Inspection firewall.

A. external programs
B. algorithms
C. policies
D. algorithms and external programs
Answer» C. policies
Discussion
125.

________ is an attack technique occurs when excess data gets written to a memory block.

A. Over buffering
B. Buffering
C. Buffer overflow
D. Memory full
Answer» D. Memory full
Discussion
126.

Even our emails contain the IP address of the sender which helps in the enumeration. We can get this IP from ___________ from within the email.

A. ‘forward’ option
B. ‘show original’ option
C. ‘Show full email’
D. ‘View Original’ option
Answer» C. ‘Show full email’
Discussion
127.

Attackers commonly target ____________ for fetching IP address of a target or victim user.

A. websites
B. web pages
C. ip tracker
D. emails
Answer» B. web pages
Discussion
128.

Information Gathering about the system or the person or about organization or network is not important.

A. True
B. False
C. May be True or False
D. Can't say
Answer» C. May be True or False
Discussion
129.

Let suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________

A. buffer
B. external storage
C. processing power
D. local storage
Answer» B. external storage
Discussion
130.

This is the model designed for guiding the policies of Information security within a company, firm or organization. What is “this” referred to here?

A. Confidentiality
B. Non-repudiation
C. CIA Triad
D. Authenticity
Answer» D. Authenticity
Discussion
131.

Which method of hacking will record all your keystrokes?

A. Keyhijacking
B. Keyjacking
C. Keylogging
D. Keyboard monitoring
Answer» D. Keyboard monitoring
Discussion
132.

When you use the word _____ it means you are protecting your data from getting disclosed.

A. Confidentiality
B. Integrity
C. Authentication
D. Availability
Answer» B. Integrity
Discussion
133.

These are a collective term for malicious spying programs used for secretly monitoring someone’s activity and actions over a digital medium.

A. Malware
B. Remote Access Trojans
C. Keyloggers
D. Spyware
Answer» E.
Discussion
134.

_________ are the special type of programs used for recording and tracking user’s keystroke.

A. Keylogger
B. Trojans
C. Virus
D. Worms
Answer» B. Trojans
Discussion
135.

Lack of access control policy is a _____________

A. Bug
B. Threat
C. Vulnerability
D. Attack
Answer» D. Attack
Discussion
136.

Possible threat to any information cannot be ________________

A. reduced
B. transferred
C. protected
D. ignored
Answer» E.
Discussion
137.

Compromising confidential information comes under _________

A. Bug
B. Threat
C. Vulnerability
D. Attack
Answer» C. Vulnerability
Discussion
138.

This helps in identifying the origin of information and authentic user. This referred to here as __________

A. Confidentiality
B. Integrity
C. Authenticity
D. Availability
Answer» D. Availability
Discussion
139.

Data integrity gets compromised when _____ and _____ are taken control off.

A. Access control, file deletion
B. Network, file permission
C. Access control, file permission
D. Network, system
Answer» D. Network, system
Discussion
140.

Data ___________ is used to ensure confidentiality.

A. Encryption
B. Locking
C. Deleting
D. Backup
Answer» B. Locking
Discussion
141.

Which of these is not a proper method of maintaining confidentiality?

A. Biometric verification
B. ID and password based verification
C. 2-factor authentication
D. switching off the phone
Answer» E.
Discussion
142.

_______ of information means, only authorised users are capable of accessing the information.

A. Confidentiality
B. Integrity
C. Non-repudiation
D. Availability
Answer» E.
Discussion
143.

Why these 4 elements (confidentiality, integrity, authenticity & availability) are considered fundamental?

A. They help understanding hacking better
B. They are key elements to a security breach
C. They help understands security and its components better
D. They help to understand the cyber-crime better
Answer» D. They help to understand the cyber-crime better
Discussion
144.

An attempt to harm, damage or cause threat to a system or network is broadly termed as ______

A. Cyber-crime
B. Cyber Attack
C. System hijacking
D. Digital crime
Answer» C. System hijacking
Discussion
145.

Which of them is not a wireless attack?

A. Eavesdropping
B. MAC Spoofing
C. Wireless Hijacking
D. Phishing
Answer» E.
Discussion
146.

Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called ___________

A. Session Hijacking
B. Session Fixation
C. Cookie stuffing
D. Session Spying
Answer» B. Session Fixation
Discussion
147.

This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?

A. SQL injection
B. HTML Injection
C. Cross Site Scripting (XSS)
D. Cross Site Request Forgery (XSRF)
Answer» D. Cross Site Request Forgery (XSRF)
Discussion