Which of the following are the two essential features of cybercrime D
A Hackers and Crackers B Computer technology as modus operandi and intangibility of the environment C Hardware and Software D Offender computer skills and victim ignorance of computer technology 002. Which of the following recognizes some special sequence of input or is triggered by A being run from a certain user ID of by unlikely sequence of events A Trap doors B Logic Bomb C Trojan horse D Virus 003. Which port number is used by HTTP B A 25.0 B 80.0 C 28.0 D 110.0 004. Illegal Interception, Illegal Access, ----------- and System Interference are all a part of A Cybercrime. A Data Interference B Data Interception C Data Access D System Access 005. What means that computer system assets can be modied only by authorized parities B A Condentiality B Integrity C Availability D Authenticity 006. Which of the following is independent malicious program that need not any host C program A Trojan horse B Trap doors C Worm D Virus 007. What type of threats does a computer faces i) Interruption ii) Interception iii) Modication C iv) Creation v) Fabrication A i, ii, iii and iv only B ii, iii, iv and v only C i, ii, iii and v only D All i, ii, iii, iv and v 008. Which of the following is an example of a cybercrime D A Online shopping scam B Nigerian Fraud schemes C Spam D Computer Hacking 009. To be considered a computer crime, what needs to be involved in the crime? B A Technology B Computers C Data D Networks 010. Code red is a(n) ----------- C A Antivirus B Word Processing Software C Virus D Photo Editing Software 011. What is a person called when they try to hurt a group of people with the use of a B computer? A Whitehat intruder B Cyber terrorist C Cracker D Social engineer 012. Which of the following has the attribute of self-replication A A Worm B Virus C Malware D Antivirus 013. What worm emailed people with the words "I LOVE YOU" in the year 2000? B A The Valentine Connection B The Love Bug C The Love Letter D The Darling Link 014. To protect yourself from computer hacker, you should turn on a D A Script B Antivirus C VLC D Firewall 015. -------------is the practice of modifying computer software and hardware to accomplish a B goal outside of the creator 's original purpose. A System Access B Computer Hacking C Ethical Hacking D Illegal access 016. What type of hacker was the 16 year-old individual who hacked into NASA networks A and downloaded temperature and humidity control software worth $1.7 billion? A Whitehat hacker B Thrillseeker hacker C Script kiddie D Blackhat hacker 017. ------ -- are attempts by individuals to obtain condential information from you to A falsifying their identity. A Phishing scams B Phishing trips C Spyware scams D Computer viruses 018. What does "whaling" refers to in online fraud C A Offering large prizes in a lottery scam B Sending out large quantities of phishing emails C Targeting high level executives of D Redirecting web browsers to fake companies websites 019. What is the name of the Act that governs internet usage in India? B A The Internet consumption Act, 1998 B The Information Technology Act, 2004 C The IT Gazette of India Act, 2004 D The Information Technology Act,1998 020. Which section of IT Act deals with the appointment of Controller of certifying authorities A A Section 17 B Section 15 C Section 10 D 021. What type of attack did Nimda worm performed C A Compiled Virus attack B Trojan horse attack C Blended attack D Interpreted Virus attack 022. What is Trinoo D A Worm B Compiled Virus C Interpreted Virus D DDoS agent 023. What part of the backdoor is stored on remote computer B A Server component B Client component C Depends upon the client defenses D Depends upon the operating system 024. Which technique is applied for identity theft if obtained going through items user have C thrown out A scavenger hunting B pretexting C dumpster diving D Stalking 025. What is the maximum penalty for damage to Computer, Computer systems, B unauthorized access, download of data, infecting with virus, denial of access etc as per Section 43 A Rs. 50 lakh B Rs.1 crore C Rs. 5 crore D Rs,75 lakh 026. Which section of IT Act deals with Cyber terrorism? C A Section 66C B Section 66B C Section 66F D Section 66A 027. What major update in IT Act 2008 was enacted as against IT Act 2000 A A Electronic signatures legal validity B Increasing prison terms for cybercrimes C Increasing penalty for cybercrimes D Recognisation to PKI 028. Which section of IT Act deals with the legal recognition of electronic records? D A Section 2 B Section 5 C Section 6 D Section 4 029. How many schedules are there in IT Act 2000? B A 3.0 B 4.0 C 6.0 D 2.0 030. Which is the Act which provides legal framework for e-Governance in India C A IT (amendment) Act 2008 B Indian Penal Code C IT Act 2000 D IT Act 2005 031. The date on which Supreme Court of India invalidated Section 66A of IT Act 2000: A A 24.03.2015 B 31.03.2015 C 01.01.2015 D 01.06.2015 032. How much duration is provided to digital signature subscriber before suspension as per A IT Act, 2000 A 15days B 30 days C 2 months D 3 months 033. Which of the following usually attacks the operating system les and alters them B A Worm B Rootkit C Compiled virus D Interpreted virus 034. What type of virus is an macro virus B A Compiled virus B Interpreted virus C Depends upon the client defenses D Depends upon the operating system 035. When planning for virtualization technologies in a cloud solution what impacts the A evaluation? A Network performance B Management complexity of Ethernet patch panels C Reduced link utilization D Lower operational risk 036. Which attribute of a private cloud is important for highly regulated workloads? C A Test systems development B 8 Batch processing throughput C Location awareness of data D Production systems monitoring 037. What does multipartite virus infects C A Files B Boot Sector C Both Files and Boot Sector D None as it is a malware hence, no infection 038. Which of the following is not a method to preserve the security and integrity of C information A Antivirus software B Firewall C Phishing D Disk Encryption 039. Which attack type is prevented by array bound checking D A DDOS B Phishing C Keyloggers D Buffer Overow 040. What type of attack technique is used, if user receive a phone call from an individual A identifying herself as an employee of bank requesting that user update personal information A pretexting B shoulder surng C skimming D blind calling 041. When cloud computing is used, control may NOT be lost over in D A Security B Storage C Privacy D Data 042. Within whom the community cloud is shared? D A Any individual B A single organization C Organization of a specic area D Various organizations with similar needs 043. Which change occur when cloud computing is utilized? D A The delivery strategy is transformed B The customer accesses the application via an internet connection C Responsibilities and accountabilities D Nothing will change changes 044. What does the different virtual machines correspond to? C A Same Server B Same Entity C Separate entities D Different Server 045. What happens to the virtual machines stored on it, if a server fails due to a hardware B fault? A They are always accessible B They can be migrated to another server C They are not able to be recovered D They are always NOT accessible 046. Which IT enterprise availability and redundancy components be focused to move to a A cloud operational model? A Application availability to workload B Workload availability to service availability availability C Server capacity to service capacity D Server mean time between failures (mtbf) to service mtbf 047. Which network and SAN administration approach will change in a cloud infrastructure? B A No change B Server, hypervisor, network and SAN architecture will converge and centrally managed C Server, hypervisor and SAN D Network and SAN architecture will architecture will converge and converge and centrally managed centrally managed 048. Which technical risks a cloud infrastructure should be designed for? D A Over owing network buffers resulting B x Termination of service by an in loss of data internet service provider C Fiber cable damage causing a D Unauthorized conguration changes to failover to copper channels storage network devices 049. What level of cyber terror capability has the capability to conduct basic hacks against A individual systems using tools created by someone else. The organization possesses little target analysis, command and control, or learning capability A Simple-Unstructured B Advanced-Structured C Complex-Coordinated D Semi-structured 050. What does Authentication Service facilitates D A Employee check B Employee attendance C Computer access schedule D Username and password check 051. Which of the following attack involves altering data before it is processed by the C computer so that incorrect results are obtained A DOS B Web Jacking C Data Diddling D The Salami Attack 052. What refers to stealing money or resources a bit at a time C A X Pigeon drop B Identity theft C Salami Attack D Pharming 053. Which is not the important characteristic of cyber terrorist organizations D A highly funded B technologically articulate C capable of inicting devastating D operational security damage to a wide range of targets 054. Which is not the social characteristic of an cyber terrorist D A Anti-establishment B Radical C Mass-destruction D securing data 055. Which of the following is an example of a economic cybercrime D A Cyberstalking B Cyberluring C Phishing D Cyberterrorism 056. What usually form NOT a part of information warfare D A operational security B Information attack on information processes C psychological operations D Loss of data 057. What types of commands are used by CDMA/GSM phones A A AT commands B AS commands C BT commands D BS commands 058. What is NOT the important function for forensic toolkit of cell phones D A Acquisition B Reporting C Examination D Deleting history 059. Which type of risk is of paramount importance for mobile devices B A Network security B Physical C Access to corporate information D x Ease of software download 060. Which technology is required by BYOD to work in corporate setups B A Controlled Access B Sandboxing C Signal strength D x Secured data transfer 061. What does the term MAC, in MAC address expands to D A Medium Access Control B Media Available Control C Media Access Condence D Media Access Control 062. What data can NOT be obtained on most cell phones with the forensic tool D A SMS History B Phonebook C Call Logs D Bank account information 063. What is the evidence used to validate a person 's identity is called C A An identier B A characterisation C A trusted token D A distinguisher 064. What is the attention-grabbing properties of a cue in an email is referred as A A Salience B Representative heuristic C Conrmation bias D Cognitive dissonance 065. Which of the following has the attribute of self-replication A A Worm B Virus C Malware D Cant be decided 066. To be considered a computer crime, what needs to be involved in the crime? B A Technology B Computers C Data D Networks 067. Where does ephemeral data is accessed during computer forensics examination D A Hard drive B Pen drive C RAM D Depends upon the criticality 068. Which of the following virus overtake computer system, when it boots and destroy A information? A Stealth virus B Trojan C Boot infectors D System infectors 069. What does QR refers to A A Quick Response B Quick Reply C Quick Replay D Quickly Realize 070. Which of the following is/are threats for electronic payment systems? B A Programs B Trojan horse C Applications D Software 071. Which mobile platform has been the major focus of attacks by hackers B A iOS B Android C S60 D Blackberry 072. What is ransomware D A A type of virus B A type of network scanner C A type of spamming software D A type of malware 073. Which is the major motive for cybercrimes till date C A Social Motivation B Political Agenda C Prot D Revenge 074. Which is the Act which provides legal framework for e-Governance in India B A IT (amendment) Act 2008 B IT Act 2000 C Indian Penal Code D IT act 2005 075. What is the le extension used by outlook express to store emails locally B A nsf B pst C doc D xls 076. What is a rootkit? C A A simple tool to gain access to the B A Trojan that sends information to an root of the Windows system SMB relay C An invasive program that affects the D A tool to perform a buffer overflow system files, including the kernel and libraries 077. Which section of IT Act was invalidated by Supreme Court of India D A Section 66F B Section 66B C Section 66D D Section 66A 078. What type of virus describes the awful consequences of not acting immediately? C A Android B Spoong C Misleading email D Phishing 079. Which of the following attack involves altering data before it is processed by the C computer so that incorrect results are obtained. A D08 B Web Jacking C The Salami Attack D Data Diddling 080. ------ -- software are programs that are installed onto your computer and can scan and A remove known viruses which you may have contracted. A Antivirus B Adware C Keylogger D Firmmware 081. When IT Act 2000 came into effect? A A v 2000 October 17 B 2001 October 17 C 2000 November 11 D 2001 November 11 082. Which is the best Trojan and backdoor countermeasure? A A Scan the hard drive on network B Implement a network firewall. connection, and educate users not to install unknown software. C Implement personal firewall software. D Educate systems administrators about the risks of using systems without firewalls. 083. What is the difference between a backdoor and a Trojan? A A A Trojan usually provides a backdoor B A backdoor must be installed first. for a hacker. C A Trojan is not a way to access a D A backdoor is provided only through a system. virus, not through a Trojan. 084. What is the recommended password-change interval? A A 30 days B 20 days C 1 day D 7 days 085. What type of password attack would be most successful against the password D T63k#s23A? A Dictionary B Hybrid C Password guessing D Brute force 086. Why is it necessary to clear the event log after using the auditpol command to turn off A logging? A The auditpol command places an B The auditpol command doesnt stop entry in the event log. logging until the event log has been cleared. C auditpol relies on the event log to D The event log doesnt need to be determine whether logging is taking cleared after running the auditpol place. command. 087. What is necessary in order to install a hardware keylogger on a target system? C A The IP address of the system B The Administrator username and password C Physical access to the system D Telnet access to the system 088. When a person is harassed repeatedly by being followed, called or be written to he / B she is a target of A Bullying B Stalking C Identity theft D Phishing 089. Which of the following is a class of computer threat B A Phishing B DoS attacks C Soliciting D Stalking 090. What type of offence does slandering is categorized as 1. X2. v 3. x4. X 8 B A Social Engineering B Cyberstalking C Botnets D Attack Vector 091. How do you remove a Trojan from a system? B A Search the Internet for freeware B Purchase commercially available removal tools. tools to remove the Trojan. C Reboot the system. D Uninstall and reinstall all applications. 092. What is the purpose of system-file verification? B A To find system files B To determine whether system files have been changed or modified C To find out if a backdoor has been D To remove a Trojan installed 093. What is the difference between a virus and a worm? C A A virus can infect the boot sector but B A worm spreads by itself but a virus a worm cannot. must attach to an e-mail. C A worm spreads by itself but a virus D A virus is written in C++ but a worm is must attach to another program. written in shell code. 094. What type of virus modifies itself to avoid detection? B A Stealth virus B Polymorphic virus C Multipartite virus D Armored virus 095. This is a computer system on the Internet that is expressively set up to attract and trap A intruders. A Honeypot B Demilitarized zone C Pitfall site D Exploit 096. What is the name given to a program used to detect unsolicited and unwanted e-mail D and prevents those messages from getting to a users inbox? A Anti-spammer B Email guard C Virus filter D Spam filter 097. This is a common type of denial-of-service attack that involves sending more traffic to a B network address than the temporary data storage area is intended to hold, thereby shutting down the service and possibly corrupting or overwriting valid data. A War dialing B Buffer overflow C Smurf attack D Bucket brigade 098. It is a program or hardware device that filters the information coming through an A internet connection to a network or computer system. A Firewall B Anti virus C Cookies D Cyber safety 099. Exploring appropriate and ethical behaviors related to online environments and digital A media A Cyber ethics B Cyber security C Cyber safety D Cyber law 100. What Security tradeoff occurs while using IDS? D A Change in permission B Login Failures C Change in privilege D Performance degradation 101. What is the term for an attempt to determine the valid e-mail addresses associated with B an e-mail server so that they can be added to a spam database? A E-mail harvest B Directory harvest attack C Spambot attack D E-mail validator 102. Which of the following is not a characteristic of computer viruses? C A They can lie dormant for a time B They can mutate which increases without doing damage. their ability to do damage. C They are easy to detect and destroy. D They can hinder system performance. 103. Which of the following is known as a zero-day attack? A A An attack between the time new B An attack on the first day a software software vulnerability is discovered program is released. and the time a patch for fixing the problem is released. C An attack on New Year 's Day D An attack on valentines day. since it is a holiday and most people are not at work. 104. Time bombs are most likely planted in an information system by: C A advertisers. B spammers. C disgruntled computer programmers. D customers who have read-only access. 105. A computer crime that involves attacking phone lines is C A data diddling. B phishing. C phreaking. D pharming. 106. Hackers use all of the techniques except: D A war driving. B war dialing. C war chalking. D war walking. 107. The computer crime of piggybacking A A involves the clandestine use of B usually results from spamming. another user 's WIFI. C requires the permission of another D Phishing user to gain access. 108. A network of computers used in a denial-of-service (DoS) attack is called a (an): B A Worm. B Botnet. C Rootkit. D Splog. 109. Which one is not a group of category of Cyber criminals. C A Not interested in recognition B Insiders C Spammers D Hungry for recognition 110. Email is one that appears to originate from one source but actually has been sent from B another source. A Forwarded Email B Spoofed Email C Bulk Email D Spam Email 111. Worldwide network of computer networks that uses the TCP/IP for communication to B facilitate transmission and exchange of data A Shared Database B Cyber Space C E mail D Internet 112. Which of the following is a method used to embezzle money a small amount at a time D from many different accounts? A Data diddling. B Pretexting. C Spoofing. D Salami technique. 113. Which of the following is NOT a method that is used for identity theft? D A Dumpster diving B Phishing C Shoulder surfing D Spamming 114. A computer fraud and abuse technique that steals information, trade secrets, and C intellectual property. A Cyber-extortion. B Data diddling. C Economic espionage. D Skimming. 115. A crime conducted in which a computer was directly and significantly instrumental A A Computer crime B Cyber Space C Cyber squatting D Cyber punk 116. ________________ involves gaining sensitive information or unauthorized access D privileges by building inappropriate trust relationships with insider A Scrutinizing B Social Stalking C Scanning D Social Engineering 117. Searching through object residue to acquire sensitive data without authorization is C known as A Binning B Scavenging C Stalking D Bulling 118. The attackers consume 10% time in A A Launching the attack B Scrutinizing C Executing the malicious commands D Scanning 119. Which IS NOT the cyber crime comes under Cybercrime against Society D A Forgery B Cyber terrorism C Web jacking D Industrial spying 120. When some once forcefully takes control of a website, it is known as C A Web controlling B Remote connection C Web jacking D Website Hacking 121. Gathering information about a target without his/her knowledge is known as D A Attack B Active Attack C Reconnaissance D Passive Attack 122. To examine intelligently while gathering information about the target is B A Investigation B Scanning C Tracing D Intelligent 123. A small piece of code used as a payload in the exploitation of software vulnerability, is B called A Assembly code B Shell code C C and C++ code D Malicious code 124. ____ is a code technique that exploits a security vulnerability occurring in the database B layer of and application A Shell code B SQL injection C PL/SQL block D Blind SQL injection 125. _____________ is an attack where fragmented packets are forged to overlap each D other when the receiving host tries to reassemble them A Smurf attack B SYN attack C Flood Attack D Teardrop Attack 126. When the internet, cell phones or other devices are used to send or post text or images A intended to hurt or embarrass another person is known as A Cyber stalking B Cyber bullying C Cyber squatting D Cyber Engineering 127. __________________ is network of computers infected with a malicious program that C allows cybercriminals to control the infected machines remotely without the user knowledge A Shared WiFi B World Wide Web C Botnet D Intranet 128. An attacker can gain access to computer or to a network server to deliver a payload or D malicious outcome is known as A Botnet renting B Active Vector C Botnet selling D Attack Vector 129. _______________is not a part of DoS attacks C A Bandwidth attacks B Logic attacks C International attacks D Protocol attacks 130. When a hacker attempts to attack a host via the Internet it is known as what type of A attack? A Remote attack B Physical access C Local access D Internal attack 131. What is the next step to be performed after footprinting? A A Scanning B Enumeration C System hacking D Active information gathering 132. Hacking for a cause is called __________________. B A Active hacking B Hacktivism C Activism D Black-hat hacking 133. Which of the following statements best describes a white-hat hacker? A A Security professional B Former black hat C Former grey hat D Malicious hacker 134. A security audit performed on the internal network of an organization by the network C administration is also known as ___________. A Grey-box testing B Black-box testing C White-box testing D Active testing 135. What is the first phase of hacking? C A Attack B Reconnaissance C Maintaining access D Scanning 136. Which type of hacker represents the highest risk to your network? A A Disgruntled employees B Black-hat hackers C Grey-hat hackers D Script kiddies 137. What does the TCP RST command do? D A Starts a TCP connection B Restores the connection to a previous state C Finishes a TCP connections D Resets the TCP connection 138. In order to prevent a hacker from using SMB session hijacking, which TCP and UDP C ports would you block at the firewall? A 167 and 137 B 80 and 23 C 139 and 445 D 1277 and 1270 139. What are the three types of scanning? A A Port, network, and vulnerability B Port, network, and services C Grey, black, and white hat D Server, client, and network 140. What is footprinting? B A Measuring the shoe size of an ethical B Accumulation of data by gathering hacker information on a target C Mapping the physical layout of a D Scanning a target network to detect targets network operating system types 141. Which of the following is a type of social engineering? A A Shoulder surfing B User identification C System monitoring D Face-to-face communication 142. What is the best way to prevent a social-engineering attack? D A Installing a firewall to prevent port B Configuring an IDS to detect intrusion scans attempts C Increasing the number of help-desk D Employee training and education personnel 143. What is it called when a hacker pretends to be a valid user on the system? A A Impersonation B Third-person authorization C Help desk D Valid user 144. What is war dialing used for? B A Testing firewall security B Testing remote access system security C Configuring a proxy filtering gateway D Configuring a firewall 145. What is a null session? D A Connecting to a system with the B Connecting to a system with the administrator username and admin username and password password C Connecting to a system with a D Connecting to a system with no random username and password username and password 146. Which of the following is the best example of reverse social engineering? A A A hacker pretends to be a person of B A help-desk employee pretends to be authority in order to get a user to give a person of authority. them information. C A hacker tries to get a user to change D A user changes their password. their password. 147. Why would an attacker want to perform a scan on port 137? D A To locate the FTP service on the B To check for file and print sharing on target host Windows systems C To discover proxy servers on a D To discover a target system with the network NetBIOS null session vulnerability 148. SNMP is a protocol used to manage network infrastructure devices. What is the SNMP B read/write community name used for? A Viewing the configuration information B Changing the configuration information C Monitoring the device for errors D Controlling the SNMP management station 149. Why would the network security team be concerned about ports 135139 being open on A a system? A SMB is enabled, and the system is B SMB is not enabled, and the system susceptible to null sessions. is susceptible to null sessions. C Windows RPC is enabled, and the D Windows RPC is not enabled, and the system is susceptible to Windows system is susceptible to Windows DCOM remote sessions. DCOM remote sessions. 150. Which federal law is most commonly used to prosecute hackers? B A Title 12 B Title 18 C Title 20 D Title 2