001.

Which of the following are the two essential features of cybercrime D

A Hackers and Crackers B Computer technology as modus
operandi and intangibility of the
environment
C Hardware and Software D Offender computer skills and victim
ignorance of computer technology
002. Which of the following recognizes some special sequence of input or is triggered by A
being run from a certain user ID of by unlikely sequence of events
A Trap doors B Logic Bomb
C Trojan horse D Virus
003. Which port number is used by HTTP B
A 25.0 B 80.0
C 28.0 D 110.0
004. Illegal Interception, Illegal Access, ----------- and System Interference are all a part of A
Cybercrime.
A Data Interference B Data Interception
C Data Access D System Access
005. What means that computer system assets can be modied only by authorized parities B
A Condentiality B Integrity
C Availability D Authenticity
006. Which of the following is independent malicious program that need not any host C
program
A Trojan horse B Trap doors
C Worm D Virus
007. What type of threats does a computer faces i) Interruption ii) Interception iii) Modication C
iv) Creation v) Fabrication
A i, ii, iii and iv only B ii, iii, iv and v only
C i, ii, iii and v only D All i, ii, iii, iv and v
008. Which of the following is an example of a cybercrime D
A Online shopping scam B Nigerian Fraud schemes
C Spam D Computer Hacking
009. To be considered a computer crime, what needs to be involved in the crime? B
A Technology B Computers
C Data D Networks
010. Code red is a(n) ----------- C
A Antivirus B Word Processing Software
C Virus D Photo Editing Software
011. What is a person called when they try to hurt a group of people with the use of a B
computer?
A Whitehat intruder B Cyber terrorist
C Cracker D Social engineer
012. Which of the following has the attribute of self-replication A
A Worm B Virus
C Malware D Antivirus
013. What worm emailed people with the words "I LOVE YOU" in the year 2000? B
A The Valentine Connection B The Love Bug
C The Love Letter D The Darling Link
014. To protect yourself from computer hacker, you should turn on a D
A Script B Antivirus
C VLC D Firewall
015. -------------is the practice of modifying computer software and hardware to accomplish a B
goal outside of the creator &#39s original purpose.
A System Access B Computer Hacking
C Ethical Hacking D Illegal access
016. What type of hacker was the 16 year-old individual who hacked into NASA networks A
and downloaded temperature and humidity control software worth $1.7 billion?
A Whitehat hacker B Thrillseeker hacker
C Script kiddie D Blackhat hacker
017. ------ -- are attempts by individuals to obtain condential information from you to A
falsifying their identity.
A Phishing scams B Phishing trips
C Spyware scams D Computer viruses
018. What does "whaling" refers to in online fraud C
A Offering large prizes in a lottery scam B Sending out large quantities of
phishing emails
C Targeting high level executives of D Redirecting web browsers to fake
companies websites
019. What is the name of the Act that governs internet usage in India? B
A The Internet consumption Act, 1998 B The Information Technology Act,
2004
C The IT Gazette of India Act, 2004 D The Information Technology Act,1998
020. Which section of IT Act deals with the appointment of Controller of certifying authorities A
A Section 17 B Section 15
C Section 10 D
021. What type of attack did Nimda worm performed C
A Compiled Virus attack B Trojan horse attack
C Blended attack D Interpreted Virus attack
022. What is Trinoo D
A Worm B Compiled Virus
C Interpreted Virus D DDoS agent
023. What part of the backdoor is stored on remote computer B
A Server component B Client component
C Depends upon the client defenses D Depends upon the operating system
024. Which technique is applied for identity theft if obtained going through items user have C
thrown out
A scavenger hunting B pretexting
C dumpster diving D Stalking
025. What is the maximum penalty for damage to Computer, Computer systems, B
unauthorized access, download of data, infecting with virus, denial of access etc as per
Section 43
A Rs. 50 lakh B Rs.1 crore
C Rs. 5 crore D Rs,75 lakh
026. Which section of IT Act deals with Cyber terrorism? C
A Section 66C B Section 66B
C Section 66F D Section 66A
027. What major update in IT Act 2008 was enacted as against IT Act 2000 A
A Electronic signatures legal validity B Increasing prison terms for
cybercrimes
C Increasing penalty for cybercrimes D Recognisation to PKI
028. Which section of IT Act deals with the legal recognition of electronic records? D
A Section 2 B Section 5
C Section 6 D Section 4
029. How many schedules are there in IT Act 2000? B
A 3.0 B 4.0
C 6.0 D 2.0
030. Which is the Act which provides legal framework for e-Governance in India C
A IT (amendment) Act 2008 B Indian Penal Code
C IT Act 2000 D IT Act 2005
031. The date on which Supreme Court of India invalidated Section 66A of IT Act 2000: A
A 24.03.2015 B 31.03.2015
C 01.01.2015 D 01.06.2015
032. How much duration is provided to digital signature subscriber before suspension as per A
IT Act, 2000
A 15days B 30 days
C 2 months D 3 months
033. Which of the following usually attacks the operating system les and alters them B
A Worm B Rootkit
C Compiled virus D Interpreted virus
034. What type of virus is an macro virus B
A Compiled virus B Interpreted virus
C Depends upon the client defenses D Depends upon the operating system
035. When planning for virtualization technologies in a cloud solution what impacts the A
evaluation?
A Network performance B Management complexity of Ethernet
patch panels
C Reduced link utilization D Lower operational risk
036. Which attribute of a private cloud is important for highly regulated workloads? C
A Test systems development B 8 Batch processing throughput
C Location awareness of data D Production systems monitoring
037. What does multipartite virus infects C
A Files B Boot Sector
C Both Files and Boot Sector D None as it is a malware hence, no
infection
038. Which of the following is not a method to preserve the security and integrity of C
information
A Antivirus software B Firewall
C Phishing D Disk Encryption
039. Which attack type is prevented by array bound checking D
A DDOS B Phishing
C Keyloggers D Buffer Overow
040. What type of attack technique is used, if user receive a phone call from an individual A
identifying herself as an employee of bank requesting that user update personal
information
A pretexting B shoulder surng
C skimming D blind calling
041. When cloud computing is used, control may NOT be lost over in D
A Security B Storage
C Privacy D Data
042. Within whom the community cloud is shared? D
A Any individual B A single organization
C Organization of a specic area D Various organizations with similar
needs
043. Which change occur when cloud computing is utilized? D
A The delivery strategy is transformed B The customer accesses the
application via an internet connection
C Responsibilities and accountabilities D Nothing will change
changes
044. What does the different virtual machines correspond to? C
A Same Server B Same Entity
C Separate entities D Different Server
045. What happens to the virtual machines stored on it, if a server fails due to a hardware B
fault?
 A They are always accessible B They can be migrated to another
server
C They are not able to be recovered D They are always NOT accessible
046. Which IT enterprise availability and redundancy components be focused to move to a A
cloud operational model?
A Application availability to workload B Workload availability to service
availability availability
C Server capacity to service capacity D Server mean time between failures
(mtbf) to service mtbf
047. Which network and SAN administration approach will change in a cloud infrastructure? B
A No change B Server, hypervisor, network and SAN
architecture will converge and
centrally managed
C Server, hypervisor and SAN D Network and SAN architecture will
architecture will converge and converge and centrally managed
centrally managed
048. Which technical risks a cloud infrastructure should be designed for? D
A Over owing network buffers resulting B x Termination of service by an
in loss of data internet service provider
C Fiber cable damage causing a D Unauthorized conguration changes to
failover to copper channels storage network devices
049. What level of cyber terror capability has the capability to conduct basic hacks against A
individual systems using tools created by someone else. The organization possesses
little target analysis, command and control, or learning capability
A Simple-Unstructured B Advanced-Structured
C Complex-Coordinated D Semi-structured
050. What does Authentication Service facilitates D
A Employee check B Employee attendance
C Computer access schedule D Username and password check
051. Which of the following attack involves altering data before it is processed by the C
computer so that incorrect results are obtained
A DOS B Web Jacking
C Data Diddling D The Salami Attack
052. What refers to stealing money or resources a bit at a time C
A X Pigeon drop B Identity theft
C Salami Attack D Pharming
053. Which is not the important characteristic of cyber terrorist organizations D
A highly funded B technologically articulate
C capable of inicting devastating D operational security
damage to a wide range of targets
054. Which is not the social characteristic of an cyber terrorist D
A Anti-establishment B Radical
C Mass-destruction D securing data
055. Which of the following is an example of a economic cybercrime D
A Cyberstalking B Cyberluring
C Phishing D Cyberterrorism
056. What usually form NOT a part of information warfare D
A operational security B Information attack on information
processes
C psychological operations D Loss of data
057. What types of commands are used by CDMA/GSM phones A
A AT commands B AS commands
C BT commands D BS commands
058. What is NOT the important function for forensic toolkit of cell phones D
 A Acquisition B Reporting
C Examination D Deleting history
059. Which type of risk is of paramount importance for mobile devices B
A Network security B Physical
C Access to corporate information D x Ease of software download
060. Which technology is required by BYOD to work in corporate setups B
A Controlled Access B Sandboxing
C Signal strength D x Secured data transfer
061. What does the term MAC, in MAC address expands to D
A Medium Access Control B Media Available Control
C Media Access Condence D Media Access Control
062. What data can NOT be obtained on most cell phones with the forensic tool D
A SMS History B Phonebook
C Call Logs D Bank account information
063. What is the evidence used to validate a person &#39s identity is called C
A An identier B A characterisation
C A trusted token D A distinguisher
064. What is the attention-grabbing properties of a cue in an email is referred as A
A Salience B Representative heuristic
C Conrmation bias D Cognitive dissonance
065. Which of the following has the attribute of self-replication A
A Worm B Virus
C Malware D Cant be decided
066. To be considered a computer crime, what needs to be involved in the crime? B
A Technology B Computers
C Data D Networks
067. Where does ephemeral data is accessed during computer forensics examination D
A Hard drive B Pen drive
C RAM D Depends upon the criticality
068. Which of the following virus overtake computer system, when it boots and destroy A
information?
A Stealth virus B Trojan
C Boot infectors D System infectors
069. What does QR refers to A
A Quick Response B Quick Reply
C Quick Replay D Quickly Realize
070. Which of the following is/are threats for electronic payment systems? B
A Programs B Trojan horse
C Applications D Software
071. Which mobile platform has been the major focus of attacks by hackers B
A iOS B Android
C S60 D Blackberry
072. What is ransomware D
A A type of virus B A type of network scanner
C A type of spamming software D A type of malware
073. Which is the major motive for cybercrimes till date C
A Social Motivation B Political Agenda
C Prot D Revenge
074. Which is the Act which provides legal framework for e-Governance in India B
A IT (amendment) Act 2008 B IT Act 2000
C Indian Penal Code D IT act 2005
075. What is the le extension used by outlook express to store emails locally B
A nsf B pst
C doc D xls
076. What is a rootkit? C
A A simple tool to gain access to the B A Trojan that sends information to an
root of the Windows system SMB relay
C An invasive program that affects the D A tool to perform a buffer overflow
system files, including the kernel and
libraries
077. Which section of IT Act was invalidated by Supreme Court of India D
A Section 66F B Section 66B
C Section 66D D Section 66A
078. What type of virus describes the awful consequences of not acting immediately? C
A Android B Spoong
C Misleading email D Phishing
079. Which of the following attack involves altering data before it is processed by the C
computer so that incorrect results are obtained.
A D08 B Web Jacking
C The Salami Attack D Data Diddling
080. ------ -- software are programs that are installed onto your computer and can scan and A
remove known viruses which you may have contracted.
A Antivirus B Adware
C Keylogger D Firmmware
081. When IT Act 2000 came into effect? A
A v 2000 October 17 B 2001 October 17
C 2000 November 11 D 2001 November 11
082. Which is the best Trojan and backdoor countermeasure? A
A Scan the hard drive on network B Implement a network firewall.
connection, and educate users not to
install unknown software.
C Implement personal firewall software. D Educate systems administrators
about the risks of using systems
without firewalls.
083. What is the difference between a backdoor and a Trojan? A
A A Trojan usually provides a backdoor B A backdoor must be installed first.
for a hacker.
C A Trojan is not a way to access a D A backdoor is provided only through a
system. virus, not through a Trojan.
084. What is the recommended password-change interval? A
A 30 days B 20 days
C 1 day D 7 days
085. What type of password attack would be most successful against the password D
T63k#s23A?
A Dictionary B Hybrid
C Password guessing D Brute force
086. Why is it necessary to clear the event log after using the auditpol command to turn off A
logging?
A The auditpol command places an B The auditpol command doesnt stop
entry in the event log. logging until the event log has been
cleared.
C auditpol relies on the event log to D The event log doesnt need to be
determine whether logging is taking cleared after running the auditpol
place. command.
087. What is necessary in order to install a hardware keylogger on a target system? C
A The IP address of the system B The Administrator username and
password
C Physical access to the system D Telnet access to the system
088. When a person is harassed repeatedly by being followed, called or be written to he / B
she is a target of
A Bullying B Stalking
C Identity theft D Phishing
089. Which of the following is a class of computer threat B
A Phishing B DoS attacks
C Soliciting D Stalking
090. What type of offence does slandering is categorized as 1. X2. v 3. x4. X 8 B
A Social Engineering B Cyberstalking
C Botnets D Attack Vector
091. How do you remove a Trojan from a system? B
A Search the Internet for freeware B Purchase commercially available
removal tools. tools to remove the Trojan.
C Reboot the system. D Uninstall and reinstall all applications.
092. What is the purpose of system-file verification? B
A To find system files B To determine whether system files
have been changed or modified
C To find out if a backdoor has been D To remove a Trojan
installed
093. What is the difference between a virus and a worm? C
A A virus can infect the boot sector but B A worm spreads by itself but a virus
a worm cannot. must attach to an e-mail.
C A worm spreads by itself but a virus D A virus is written in C++ but a worm is
must attach to another program. written in shell code.
094. What type of virus modifies itself to avoid detection? B
A Stealth virus B Polymorphic virus
C Multipartite virus D Armored virus
095. This is a computer system on the Internet that is expressively set up to attract and trap A
intruders.
A Honeypot B Demilitarized zone
C Pitfall site D Exploit
096. What is the name given to a program used to detect unsolicited and unwanted e-mail D
and prevents those messages from getting to a users inbox?
A Anti-spammer B Email guard
C Virus filter D Spam filter
097. This is a common type of denial-of-service attack that involves sending more traffic to a B
network address than the temporary data storage area is intended to hold, thereby
shutting down the service and possibly corrupting or overwriting valid data.
A War dialing B Buffer overflow
C Smurf attack D Bucket brigade
098. It is a program or hardware device that filters the information coming through an A
internet connection to a network or computer system.
A Firewall B Anti virus
C Cookies D Cyber safety
099. Exploring appropriate and ethical behaviors related to online environments and digital A
media
A Cyber ethics B Cyber security
C Cyber safety D Cyber law
100. What Security tradeoff occurs while using IDS? D
A Change in permission B Login Failures
C Change in privilege D Performance degradation
101. What is the term for an attempt to determine the valid e-mail addresses associated with B
an e-mail server so that they can be added to a spam database?
A E-mail harvest B Directory harvest attack
 C Spambot attack D E-mail validator
102. Which of the following is not a characteristic of computer viruses? C
A They can lie dormant for a time B They can mutate which increases
without doing damage. their ability to do damage.
C They are easy to detect and destroy. D They can hinder system performance.
103. Which of the following is known as a zero-day attack? A
A An attack between the time new B An attack on the first day a software
software vulnerability is discovered program is released.
and the time a patch for fixing the
problem is released.
C An attack on New Year &#39s Day D An attack on valentines day.
since it is a holiday and most people
are not at work.
104. Time bombs are most likely planted in an information system by: C
A advertisers. B spammers.
C disgruntled computer programmers. D customers who have read-only
access.
105. A computer crime that involves attacking phone lines is C
A data diddling. B phishing.
C phreaking. D pharming.
106. Hackers use all of the techniques except: D
A war driving. B war dialing.
C war chalking. D war walking.
107. The computer crime of piggybacking A
A involves the clandestine use of B usually results from spamming.
another user &#39s WIFI.
C requires the permission of another D Phishing
user to gain access.
108. A network of computers used in a denial-of-service (DoS) attack is called a (an): B
A Worm. B Botnet.
C Rootkit. D Splog.
109. Which one is not a group of category of Cyber criminals. C
A Not interested in recognition B Insiders
C Spammers D Hungry for recognition
110. Email is one that appears to originate from one source but actually has been sent from B
another source.
A Forwarded Email B Spoofed Email
C Bulk Email D Spam Email
111. Worldwide network of computer networks that uses the TCP/IP for communication to B
facilitate transmission and exchange of data
A Shared Database B Cyber Space
C E mail D Internet
112. Which of the following is a method used to embezzle money a small amount at a time D
from many different accounts?
A Data diddling. B Pretexting.
C Spoofing. D Salami technique.
113. Which of the following is NOT a method that is used for identity theft? D
A Dumpster diving B Phishing
C Shoulder surfing D Spamming
114. A computer fraud and abuse technique that steals information, trade secrets, and C
intellectual property.
A Cyber-extortion. B Data diddling.
C Economic espionage. D Skimming.
115. A crime conducted in which a computer was directly and significantly instrumental A
 A Computer crime B Cyber Space
C Cyber squatting D Cyber punk
116. ________________ involves gaining sensitive information or unauthorized access D
privileges by building inappropriate trust relationships with insider
A Scrutinizing B Social Stalking
C Scanning D Social Engineering
117. Searching through object residue to acquire sensitive data without authorization is C
known as
A Binning B Scavenging
C Stalking D Bulling
118. The attackers consume 10% time in A
A Launching the attack B Scrutinizing
C Executing the malicious commands D Scanning
119. Which IS NOT the cyber crime comes under Cybercrime against Society D
A Forgery B Cyber terrorism
C Web jacking D Industrial spying
120. When some once forcefully takes control of a website, it is known as C
A Web controlling B Remote connection
C Web jacking D Website Hacking
121. Gathering information about a target without his/her knowledge is known as D
A Attack B Active Attack
C Reconnaissance D Passive Attack
122. To examine intelligently while gathering information about the target is B
A Investigation B Scanning
C Tracing D Intelligent
123. A small piece of code used as a payload in the exploitation of software vulnerability, is B
called
A Assembly code B Shell code
C C and C++ code D Malicious code
124. ____ is a code technique that exploits a security vulnerability occurring in the database B
layer of and application
A Shell code B SQL injection
C PL/SQL block D Blind SQL injection
125. _____________ is an attack where fragmented packets are forged to overlap each D
other when the receiving host tries to reassemble them
A Smurf attack B SYN attack
C Flood Attack D Teardrop Attack
126. When the internet, cell phones or other devices are used to send or post text or images A
intended to hurt or embarrass another person is known as
A Cyber stalking B Cyber bullying
C Cyber squatting D Cyber Engineering
127. __________________ is network of computers infected with a malicious program that C
allows cybercriminals to control the infected machines remotely without the user
knowledge
A Shared WiFi B World Wide Web
C Botnet D Intranet
128. An attacker can gain access to computer or to a network server to deliver a payload or D
malicious outcome is known as
A Botnet renting B Active Vector
C Botnet selling D Attack Vector
129. _______________is not a part of DoS attacks C
A Bandwidth attacks B Logic attacks
C International attacks D Protocol attacks
130. When a hacker attempts to attack a host via the Internet it is known as what type of A
 attack?
A Remote attack B Physical access
C Local access D Internal attack
131. What is the next step to be performed after footprinting? A
A Scanning B Enumeration
C System hacking D Active information gathering
132. Hacking for a cause is called __________________. B
A Active hacking B Hacktivism
C Activism D Black-hat hacking
133. Which of the following statements best describes a white-hat hacker? A
A Security professional B Former black hat
C Former grey hat D Malicious hacker
134. A security audit performed on the internal network of an organization by the network C
administration is also known as ___________.
A Grey-box testing B Black-box testing
C White-box testing D Active testing
135. What is the first phase of hacking? C
A Attack B Reconnaissance
C Maintaining access D Scanning
136. Which type of hacker represents the highest risk to your network? A
A Disgruntled employees B Black-hat hackers
C Grey-hat hackers D Script kiddies
137. What does the TCP RST command do? D
A Starts a TCP connection B Restores the connection to a previous
state
C Finishes a TCP connections D Resets the TCP connection
138. In order to prevent a hacker from using SMB session hijacking, which TCP and UDP C
ports would you block at the firewall?
A 167 and 137 B 80 and 23
C 139 and 445 D 1277 and 1270
139. What are the three types of scanning? A
A Port, network, and vulnerability B Port, network, and services
C Grey, black, and white hat D Server, client, and network
140. What is footprinting? B
A Measuring the shoe size of an ethical B Accumulation of data by gathering
hacker information on a target
C Mapping the physical layout of a D Scanning a target network to detect
targets network operating system types
141. Which of the following is a type of social engineering? A
A Shoulder surfing B User identification
C System monitoring D Face-to-face communication
142. What is the best way to prevent a social-engineering attack? D
A Installing a firewall to prevent port B Configuring an IDS to detect intrusion
scans attempts
C Increasing the number of help-desk D Employee training and education
personnel
143. What is it called when a hacker pretends to be a valid user on the system? A
A Impersonation B Third-person authorization
C Help desk D Valid user
144. What is war dialing used for? B
A Testing firewall security B Testing remote access system
security
C Configuring a proxy filtering gateway D Configuring a firewall
145. What is a null session? D
 A Connecting to a system with the B Connecting to a system with the
administrator username and admin username and password
password
C Connecting to a system with a D Connecting to a system with no
random username and password username and password
146. Which of the following is the best example of reverse social engineering? A
A A hacker pretends to be a person of B A help-desk employee pretends to be
authority in order to get a user to give a person of authority.
them information.
C A hacker tries to get a user to change D A user changes their password.
their password.
147. Why would an attacker want to perform a scan on port 137? D
A To locate the FTP service on the B To check for file and print sharing on
target host Windows systems
C To discover proxy servers on a D To discover a target system with the
network NetBIOS null session vulnerability
148. SNMP is a protocol used to manage network infrastructure devices. What is the SNMP B
read/write community name used for?
A Viewing the configuration information B Changing the configuration
information
C Monitoring the device for errors D Controlling the SNMP management
station
149. Why would the network security team be concerned about ports 135139 being open on A
a system?
A SMB is enabled, and the system is B SMB is not enabled, and the system
susceptible to null sessions. is susceptible to null sessions.
C Windows RPC is enabled, and the D Windows RPC is not enabled, and the
system is susceptible to Windows system is susceptible to Windows
DCOM remote sessions. DCOM remote sessions.
150. Which federal law is most commonly used to prosecute hackers? B
A Title 12 B Title 18
C Title 20 D Title 2