1. Cyber Security gives protection for ________.

A. Data
B. Device
C. Network
D. All of these

2. Which of the following is defined as an attempt to steal, spy, damage or destroy computer
systems, networks, or their associated information?
A. Computer security
B. Cyber attack
C. Digital hacking
D. Cryptography

3. The procedure for determining the level of access that each individual has within an organization
refers to ___________.
A. Network security
B. Cloud security
C. Data security
D. Identity Management

4. The principle that ensures the data accessible by the authorized users and blocking access to
others is _______.
A. Confidentiality
B. Integrity
C. Availability
D. None of these

5. Which of the following is web-based cyberattack?

A. Virus
B. Worms
C. Bots
D. DNS Spoofing

6. Which one of the following is odd man out?

A. Injection attack
B. Brute force
C. Backdoor
D. Phishing

7. Which of the following attack is not harmful to the users?

A. Phishing
B. Ransomware
C. Adware
D. Virus

8. The group of hackers who do hacking for a cause are called as

A. Cyber criminals
B. Insider threats
C. State- sponsored attackers
D. Hacktivists

9. The threats in which employees try to avoid the policies of an organization put in place to
protect endpoints and valuable data are categorized as ____________.
A. Malicious threats
B. Negligent
C. Accidental threats
D. None of these

10. The group of hackers who hack the system illegally to steal money or to achieve their own illegal
goals are called as _____
A. Grey hat hackers
B. White hat hackers
C. State-sponsored attackers
D. Black hat hackers

11. The websites to showcase your work and let others know about yourself are known as
________.
A. Portfolio website
B. Educational website
C. Informational website
D. Non-profit website

12. Which of the following refers to the violation of the principle if a computer is no more
accessible?
A. Access control
B. Confidentiality
C. Availability
D. Integrity

13. Red teams are called as ______.

A. Unethical hackers
B. Ethical hackers
C. Hacktivists
D. Cyber criminals

14. In the CIA Triad, which one of the following is not involved?
A. Availability
B. Confidentiality
C. Authenticity
D. Integrity

15. In order to ensure the security of the data/ information, we need to ____________ the data.
A. Delete
B. Decrypt
C. Encrypt
D. Compress

16. A ____________ can be a hardware device or a software program that filters all the packets of
data that comes through a network, the internet, etc.
A. Antivirus
B. Firewall
C. Malware
D. Cookies

17. The DNS would translate any Domain name into ___________.
A. IP
B. URL
C. Binary
D. Hex

18. The letter A in CIA refers to

A. Authenticity
B. Authorization
C. Availability
D. Admissible

19. Which of the following is system-based attack?

A. Injection attack
B. Brute force
C. Backdoor
D. Phishing

20. Cyber terrorism belongs to which one of the following cyber crimes.
A. Society
B. Individual
C. Property
D. Organisation

21. The security that protects the software and devices from unwanted threats is known as ______.
A. Network security
B. Data security
C. Application security
D. Cloud security

22. A malicious software that secretly records information about user activities on their system is
known as _______.
A. Virus
B. Trojan horse
C. Adware
D. Spyware

23. Which one of the following cyber attack in which sender seems to be from genuine organization?
A. Phishing
B. Denial of Service
C. Brute force
D. Man-in-the-middle

24. Which of the following tips are suggested to avoid cyber attack?
A. Use strong passwords
B. Don’t open suspicious mails
C. Periodic data backup
D. All of these

25. Session hijacking is done by _____.

A. Trial and error method
B. Altering DNS records
C. Stealing the cookies
D. Engaging IT resources

26. Which of the following is not a denial of service attack?

A. Volume-based attack
B. Protocol attack
C. Application layer attack
D. Brute force attack

27. A threat to an organization's security or data that comes from within is called ________.
A. Hacktivists
B. Cyber criminals
C. State-sponsored attackers
D. Insider threats
28. Grey hat hacking is Legal.
A. TRUE
B. FALSE

29. Crawler is an example for _____.

A. Trojan horse
B. Backdoors
C. Virus
D. Bots

30. Which of the following is odd man out?

A. Norton 360
B. McAfee
C. ESET NOD32
D. Stuxnet

31. In internet terminology, IP means _________________.

A. Internet Provider
B. Internet Processor
C. Internet Protocol
D. Internet Procedure

32. Which one of the following is self-replicating malware.

A. Virus
B. Worm
C. Trojan Horse
D. Sapmware

33. Which is a malicious code that is installed in the host machine by pretending to be useful
software?
A. Virus
B. Trojan Horse
C. Spam
D. Scareware

34. The process of converting plain text into cipher text is known as ______.
A. Decoding
B. Decryption
C. Encryption
D. Authentication

35. Cyber Terrorism is categorized under which of the following crimes?

A. Individual Cyber Crime
B. Organisation Cyber Crime
C. Property Cyber Crime
D. Society Cyber Crime

36. Protecting information and information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction is know as _________.
A. Physical Security
B. Border Security
C. Information Security
D. Organisation Security

37. Computer Virus is a __________.

A. Hardware Component
B. Bacteria
C. Set of computer instructions or code
D. Disease

38. _______________ is a malicious code that is installed in the host machine by pretending to be
useful software.
A. Virus
B. Trojan Horse
C. Spam
D. Scareware

39. Which of the following is used to read HTML Code and to render Webpage?
A. Web Server
B. Web matrix
C. Web Browser
D. None of these

40. URL stands for __________.

A. Unique Reference label
B. Uniform Reference label
C. Uniform Resource Locator
D. Unique Resoource Locator

41. _________ is an activity which involves injecting a malicious client side script into a trusted
website.
A. Web-Jacking
B. Computer Vandalism
C. Spamming
D. Cross Site Scripting

42. Special program which can detect and remove viruses from computer is called ___________.
A. Malware
B. Antivirus
C. Virus
D. Groupware

43. This is a technique where every possible combination of letters, numbers and symbols in an
attempt to guess the password.
A. DOS Attack
B. DDOS Attack
C. Brute-Force Attack
D. Dictionary Attack

44. __________ is a method of breaking into a password-protected computer, network or other IT

resource by quickly running through a list of commonly used words, phrases, and number
combinations.
A. DOS Attack
B. DDOS Attack
C. Brute-Force Attack
D. Dictionary Attack

45. Wi-Fi is short for _____________.

A. Wireless Finance
B. Wired Fidelity
C. Wireless firm
D. Wireless Fidelity
46. YouTube is a service, owned by _____________.
A. Facebook
B. Microsoft
C. Yahoo
D. Google

47. Which of the following is a database attack?

A. SQL Attack
B. Dictionary Attack
C. Brute Force Attack
D. Session Hijacking

48. __________ deals with the procedure for determining the level of access that each individual
has within an organization.
A. Operational Security
B. Identity Management
C. Netwrok Security
D. Application Security

49. Which one of the following ensures the originality of data and tamper-free?
A. Confidentiality
B. Integrity
C. Authenticity
D. Availability

50. ___________ is a software that secretly records information about user activities on their
system.
A. Ransomware
B. Scareware
C. Spyware
D. Trojan Horse

51. _________ is a collection of internet-connected malware-infected devices that allow

cybercriminals to control them.
A. ARPANET
B. BOTNET
C. TELNET
D. INTERNET

52. _____________ is a malicious attempt to disrupt normal traffic to a web property?

A. SQL Attack
B. Brute Force Attack
C. DNS Attack
D. DDoS Attack

53. Access social networking sites using ____________ protocol to safeguard your username,
password and other information you post.
A. HTTP
B. HTTPS
C. FTP
D. SNMP

54. __________ is a type of attack that allows an attacker to intercept the connection between
client and server.
A. Piggybacking
B. Cyber Hijacking
C. Eavesdropping
D. Phishing

55. Which group of hackers who carry out malicious activity to promote a political agenda, religious
belief, or social ideology?
A. Cyber Criminals
B. Hacktivists
C. State-sponsored attackers
D. Insider Threats

56. Who are ethical hackers?

A. Grey Hat Hackers
B. Black Hat Hackers
C. White Hat Hackers
D. None of these

57. Which is an odd-man-out?

A. Facebook
B. Twitter
C. Instagram
D. Wikipedia

58. Weakness in a host or system refers to __________.

A. Threat
B. Risk
C. Vulnerability
D. Attack

59. API stands for _________.

A. Android Programming Interface
B. Application Programming Interface
C. Application Program Interpreter
D. Android Program Interpreter

60. Which is the theft of credit card / Debit card information?

A. Pharming
B. Phishing
C. Vishing
D. Skimming

61. UPI stands for ___________.

A. Unified Payment Interface
B. Unidentified Payment Interchange
C. United Packet Interface
D. United Payment Intersection

62. In Netbanking fund transfer, IMPS stands for ____________.

A. Informal Money Pay Service
B. Intelligent Money Pay Service
C. Immediate Payment Service
D. Intelligent Mode Power Supply

63. Which of the following is NOT a valid mean of authentication for interoperable transactions?
A. Aadhaar + Biometric
B. Magnetic stripe card + Bank PIN
C. Magnetic stripe card + OTP
D. Aadhaar + Bank Pin

64. An ______________ attack is an attack in which an adversary successfully assumes the identity
of one of the legitimate parties in a system or in a communications protocol.
A. Phishing
B. Vishing
C. Pharming
D. Impersonation

65. Which of the following is NOT a Personally Identifiable Information?

A. Name
B. Country Code
C. Credit Card Number
D. Mobile Number

66. In this type of physical social engineering, the attacker acts like someone else to trap the victim.
A. Piggybacking
B. Eavesdropping
C. Dumpster Driving
D. Impersonation

67. In this types of physical social engineering, attacker can gain information by hearing a discussion
between two people, or by reading emails and listening to telephonic conversation.
A. Piggybacking
B. Eavesdropping
C. Dumpster Driving
D. Impersonation

68. It is not important to have your operating system up to date with the latest updates and security
patches.
A. True
B. False

69. The decoding of the complex code to original text using key is known as ___________.
A. Decryption
B. Encryption
C. Steganography
D. Digital signature

70. _____________ is a process of identifying an individual and ensuring that the individual is the
same who he/she claims to be.
A. Authorization
B. Authentication
C. Affiliation
D. Identification

71. OTP stands for

A. One-Token password
B. One-Time Password
C. One-Teller Password
D. One-Time Priority

72. The process of giving access to an individual to certain resources based on the credentials of an
individual is known as ______________.
A. Authorization
B. Authentication
C. Affiliation
D. Identification

73. Biometric data can be used in conjunction with username and password for two-way
authentication.
A. True
B. False

74. Digital Signature is a technique for validation of data.

A. True
B. False

75. ___________ is a process of certifying the content of a document.

A. Authentication
B. Digital Signature
C. Validation
D. Identification

76. It is a technique of hiding secret messages in a document file, image file, and program or
protocol etc. such that the embedded message is invisible and can be retrieved using special
software.
A. Digital Signature
B. Encryption
C. Validation
D. Steganography

77. _______ provides a digital interface that enables applications or components of applications to
communicate with each other over the internet or via a private network.
A. Firewall
B. API
C. Router
D. Switch

78. __________ refers to a security flaw that has been discovered by a threat actor but is unknown
to the enterprise and software vendor.
A. Misconfigured Software
B. Poor Password Management
C. Zero Day Vulnerability
D. Unauthorized Access Control

79. POLP stands for _________.

A. Policy of Least Protection
B. Policy of Least Previlege
C. Prinicple of Least Protection
D. Principle of Least Previlege

80. Which network adheres to the "Shared Resposibility Model ".

A. Private Network
B. Cloud Network
C. LAN
D. WAN

81. ____________ safeguards include the activities like guidelines, trainings, manual controls and
planning measures.
A. Physical
B. Administrative
C. Technical
D. Protective
82. Which of the following is not a part of Cyber Security?
A. Physical
B. Administrative
C. Technical
D. Protective

83. Which of the following safeguards categorized based on the perspective of time?
A. Physical
B. Administrative
C. Technical
D. Preventive

84. ___________ safeguards become effective while the event(Cyber Attack) occurs.
A. Detective
B. Preventive
C. Technical
D. Corrective

85. ___________ is a small electronic text file stored on your hard drive.
A. Cache
B. Cookie
C. Firewall
D. Antivirus

86. _________ involves tricking a victim into making a request that utilizes their authentication or
authorization.
A. Cross-site Scripting
B. Cross-site request forgery
C. Page Scrapping
D. Credential Stuffing

87. _____________ skims credit card data from payment processors.

A. Page Scrapping
B. Credential Stuffing
C. Magecart attack
D. Buffer Overflow

88. HTTP stand for __________.

A. Hypertransfer Text Protocol
B. Hypertext Transistion Protocol
C. Hypertext Transfer Protocol
D. Hypertext translate Protocol

89. DNS stands for ____________.

A. Domain Naming Security
B. Domain Name System
C. Diploma in Nautical Science
D. Diplomatic Nomenclature System

90. __________ alerts the system administrator in the case when someone tries to break in the
firewall security.
A. IDS
B. IPS
C. ANTIVIRUS
D. None of these
91. IPS stands for ________.
A. Inspector of Police Service
B. Indian Police Service
C. Intrusion Prevention System
D. Intrusion Policy Security

92. When IPS detects unusual network activity and assumes it is malicious, it may be a false positive,
resulting in a DoS attack on an innocent user.
A. True
B. False

93. Which of the following IPS works based on the pattern of the attack?
A. Signature based
B. Policy based
C. Anomaly based
D. Host based

94. _______ is a built-in software package that monitors a single host for suspicious behavior by
examining events that take place on that host.
A. NIPS
B. WIPS
C. NBA
D. HIPS

95. An IDS is designed to only provide an alert about a potential incident.

A. True
B. False

96. Cyber Laws are enacted not only to monitor and prevent any immoral or illegal activities of
humans, also to give legal recognition to the legitimate users.
A. True
B. False

97. The IT Act 2000 was amended in ______.

A. 2006
B. 2007
C. 2008
D. 2010

98. ___________ a type of intellectual property that protects original works of authorship.
A. Patent
B. Copyright
C. Trademark
D. Geographical Indication

99. __________ is the process of extracting data as proof for a crime, which involves electronic
media.
A. Cyber Forensics
B. Computer Forensics
C. Digital Forensics
D. All of these

100. How many steps to be followed in a Cyber Forensic Investigation?

A. 3
B. 4
C. 5
D. 6

101. __________ examines the malware like trojans to identify the hacker involved behind the crime.
A. Network Forensics
B. Email Forensics
C. Mobile Forensics
D. Malware Forensics

102. __________ extracts data from storage media by searching modified, active, or deleted files.
A. Network Forensics
B. Disk Forensics
C. Mobile Forensics
D. Malware Forensics

103. Reverse Stegnography is one of the techniques used by Cyber Forensic Investigators to analyze
the data and find a relation with the crime.
A. True
B. False

104. Cryptanalysis is not a reverse process of Cryptography.

A. True
B. False

105. Communication Skill is not mandatory for a good cyber forensic expert.
A. True
B. False

106. Firewall is a _______.

A. Software
B. Hardware
C. FAAS
D. All of these

107. _________ is a cybersecurity practice where you run code, observe and analyze and code in a
safe, isolated environment on a network that mimics end-user operating environments.
A. Skimming
B. Pharming
C. Sandboxing
D. Phishing

108. Which of the following is a limitation of Firewall?

A. Preventing misuse of passwords
B. Protecting if security rules are misconfigured
C. Securing the infected system
D. None of these

109. Which is known as Application-level Gateways?

A. Packet Filtering Firewall
B. Proxy Firewall
C. Stateful Inspection Firewall
D. NAT Firewall

110. The proper configuration of domain names and IP addresses can keep Firewall secure.
A. True
B. False
111. ___________ enables organizations to determine which traffic is allowed to flow in and out of
each zone.
A. Domain Names
B. IP Addresses
C. Access Control Lists
D. Firewall Zones

112. ___________ is a security exercise where a cyber-security expert attempts to find and exploit
vulnerabilities in a computer system.
A. Penetration testing
B. Vulnerability Scanning
C. Sandboxing
D. Piggybacking

113. Good password management refers to

A. Repated use of passwords
B. Use of simple passwords
C. Use of same passwords for long time
D. Combination of letters, numbers and special symbols

114. How to restrict unauthorized access to your personal computers/Mobile deveices?

A. Enabiling Passcode
B. Enabling Auto-lock
C. Keeping Multiple profile
D. All of these

115. Rules of conduct for respectful and appropriate communication on the internet are referred to
as ________.
A. Etiquette
B. Net Behaviour
C. Netiquette
D. Code of Conduct

116. Netiquette for children, while intercting online, is ___________.

A. Using Original Name
B. Revealing sensitive information
C. Excluding others in a group discussion
D. Do not trust chat participants

117. IMO Resolution MSC.428(98) came into effect from January ______.
A. 2019
B. 2020
C. 2021
D. 2022

118. Netiquette onboard refers to the practice of __________ by the crew members.
A. Using unique and distinct paswwords
B. Reporting to Captain when suspicious activity was found
C. Using Secure Wi-Fi connections
D. All of these

119. Cyber Crime Helpline is ________.

A. 1931
B. 1930
C. 2000
D. 112
120. Govt. of India has launched an exclusive online portal ___________ in 2019 to report cyber
crime incident.
A. CERT-in
B. CFCFRMS
C. NCRP
D. FBI