Which statement is true about the Windows Backup and Restore

feature (formerly Windows Backup and Restore Center)?

The Windows backup utility helps data safety by creating a

duplicate copy of the files and folders on the hard disk and then
archives it to an external storage device.

The Windows backup utility encrypts the data to protect it from external
attacks and decrypts it only if certain procedures are followed.

The Windows backup utility allows data safety only for the files and
folders that have been modified recently.

The Windows backup utility destroys the original copies after a backup
of the data has been created.

Which of the following software helps to protect a child's privacy and

safety online?

Firewall software

Anti-spyware software

Anti-virus software

Parental control software

What does the term non-repudiation refer to in context of email

security?

Non-repudiation means a user can claim damages for an email

containing malware

Non-repudiation means a recipient can be sure that a message

was sent from a certain  computer

Non-repudiation means a sender cannot claim that he did not actually

send a particular message

Non-repudiation means a recipient can be sure that a message was

sent from a particular person
________________ is the strategy of sending critical data out of the
main location and storing it in various locations as part of a disaster
recovery plan.

Cloud storage
Data mining
Data base program
Offsite data storage

Which among the following is NOT true, considering the Antivirus

Security?

Users should be cautious while opening attachments or any links

mentioned in emails

Antivirus software need to be updated regularly

You should install only one antivirus for effective protection

Antivirus is a ‘install it and forget it’ type of program that doesn’t

need future attention

Which of the following Bluetooth device attacks allows hackers to

access address books, contact information, emails, and text messages
of another mobile phone user?

Bluejacking

Bluesniping

Bluesnarfing

War Nibbling
Some of the more common threats to wireless networks include
eavesdropping, data interception and modification, denial-of-service,
spoofing, etc. Identify the attack where an attacker gains access to the
wireless network by masquerading as a legitimate user.

Spoofing

Denial-of-service

SSID hijacking

Sniffing

Which of the following is the best option to update Windows operating

system?

Tell your friend to email you the latest patches

Download patches from peer to peer network

Use the auto-update feature in Windows

Search web for Windows updates

Considering mobile devices and applications, which of the following is

not a mobile operating system?

Symbian

Android

Research In Motion (RIM)

Windows
PCI DSS is a set of guidelines, measures, and controls that were
established to support merchants, implementing tough security
defences to ensure safe credit card usage and secure information
storage. Of the following, choose the one that does not belong to PCI
DSS objectives.

Reversing faulty transactions initiated by the cardholder

Protect cardholder data

Regularly Monitor and Test Networks

Build and maintain a secure network

Which of the following below options is not a type of Backup in a

Windows Operating System?

Functional Backup

Normal Backup

Incremental Backup

Differential Backup

Which is NOT a symptom of spyware affecting your computer?

Computer becomes very slow while opening programs

You are subjected to endless pop-ups

Computer suddenly starts making unusual sounds

If your browsers home page changes

Which of the following types of malware secretly gathers and
transmits system information, often for advertising purposes?

Worm

Trojan

Virus

Spyware

Which of the following terms describes a counterfeit source, seeming

to be a trustworthy one, and requesting personal information such as
credit card details, bank credentials, etc. from a user?

Phishing

Cyber Squatting

Identity Theft

Eavesdropping

Which of the following is the best option to secure your data even
when your mobile device is lost?

Using encryption

Regularly backing up important data

Patching mobile platforms and applications

Installing mobile phone antivirus

Which one of the below is not recommended, considering data
security in email clients?

Provide an alternate email address for mail recovery

Turn on the preview feature and change download settings in

email clients

Disable/Unselect Keep Me Signed In/Remember Me functions

Configure junk email filter in email clients

While shopping online you know the website is secure if:

URL starts with ftp://

URL starts with https://

URL starts with http://

URL ends with .com

Every mobile device has a unique IMEI (International Mobile

Equipment Identity) number to identify the device and help in tracing
lost or stolen mobiles. Which of the following codes is used to find out
the IMEI number of a mobile device?

*#06#

#*06*

*06*#

#06#*
Which of the following is one of the key features found in a worm but
not seen in a virus?

Worms are executed when a predefined condition is met

The payload is very small, usually below 800 bytes

It is self-replicating without the need for user intervention

It does not have the ability to propagate on its own

Lilly is working as a CRM associate with a large MNC. She has recently
joined the organization and was not aware of security issues. One day
she left her computer unattended and went for a coffee break. After
coming back to her system she discovered that someone has deleted
a very important file placed on the desktop she was working on. Which
of the following is the best option she should have used to protect her
computer when she left for the break?

Turning off the monitor

Enabling a password-protected screen saver and activate it

Remove the monitor power cable

Asking her friend to guard it

Which of the following is unique to every mobile phone and can be
used trace a stolen mobile device?

Tag Number

PIN Number

SIM Number

IMEI Number

_________is referred to as the act of copying and archiving computer

information so as to restore the original data in the event of a data loss
due to natural disasters, hardware malfunctions, accidental error,
system crash etc.

Data Storage

Data Encryption

Data Backup

Data Restoration

Which of the following acts is a proprietary information security

standard for organizations that handle cardholder information for the
major debit, credit, prepaid, e-purse, ATM, and POS cards, and applies
to all entities involved in payment card processing?

FERPA

PIPEDA
 HIPAA

PCI DSS

For the safety of you and your family, there is some information that
you should never post on Facebook.
Which of the following information IS safe to reveal on Facebook?

Your Current Location

Your Birth Date

Your alias names

Your Relationship Status

Jason, a network administrator with a small IT-based company,

announces that no emails can be sent to or received from the
university network due to technical problems.
What type of end-user action might have caused this?

Violation of copyright policy of a Web site

E-mail bombing on the mail server by hackers

Downloading legitimate software

Both a and b
While surfing a website, which of the following will you check to
ensure that the site is authentic?

Encrypted Password

Private Key Certificate

Public Key Certificate

Single Sign on Certificate

Which of the following technique authenticates individuals based on

their physical characteristics?

Biometrics

Tokens

Access cards

Passwords

If a person threatens a child in a chat room or makes his online

chatting experience uncomfortable, then the ideal action the child can
take is:

Request for their physical location address/phone number

Give them a befitting reply

Settle the matter in face to face meeting

Inform parents or a trusted adult

At which layer of information security do controls to protect the
software from external threats fall in to?

Physical Security

User Security

Application Security

Network Security

How do you protect your computer from unauthorized access at Wi-Fi

hotspots?

Use a firewall program and disable file sharing on your computer

If nobody is looking at your screen, it is safe enough.

Make sure to log off after accessing an Internet Banking account. This
is sufficient to protect  your  computer

None of the above

_____________is the fraudulent practice of stealing money repeatedly

in extremely small quantities, usually by taking advantage of rounding
to the nearest cent (or other monetary unit) in financial transactions.

Session splicing

Salami slicing

Bank account hacking

Credit card forger

Which of the following measure reduces the impact of a laptop theft
incident?

Backing up all the data on a separate drive in the laptop

Encrypting the laptop’s data

Remove the batteries when not in use and keeping them separately
from the laptop

Installing an antivirus

If a child receives an e-mail with an attachment from an unknown

person, what should the child do?

Delete the email permanently

Reply the sender after reading the mail

Archive the email for future reference

Open the attachment and forward to all his friends

You receive an email requesting you to send your email login details
so that the management can continue to serve your mailbox size
needs. How do you respond to this request?

Forward the email to IT manager to provide required information

You just ignore the email

You give requested information

 You request the email sender to verify the authenticity

_________________ is a built-in Windows utility that helps users to

view and manage specific logs, gather information about hardware and
software problems, and monitor Windows security events

Windows Event Logger

Windows Event Recorder

Windows Event Scanner

Windows Event Viewer

AES was designed based on a principle known as a substitution-

permutation network, i.e. combination of both substitution and
permutation. Examine the below statements and choose the correct
answer.
(i) Advanced Encryption Standard (AES) is a symmetric-key encryption
standard adopted by the U.S. government
(ii) It has a 128-bit block size, with key sizes of 128, 192 and 256 bits,
respectively, for AES-128, AES-192 and AES-256

Both statements are incorrect

Statement (i) is correct and the statement (ii) is incorrect

Both statements are correct

Statement (i) is incorrect and statement (ii) is correct

Which of the following cryptographic algorithm is used to ensure file
integrity?

Asymmetric Key Algorithms

Hash Functions

Stream Ciphers

Symmetric Key Algorithms

A reworked version of the cyber-attack tool called Ice IX is the culprit;

in its new configuration, the Web injection component of Ice IX hits
unsuspecting Facebook users with a pop-up window immediately after
they log in. The fake window, which looks exactly like a real Facebook
page, tells users they need to "verify" their identity by entering their
credit card number, expiration date, card identification number, name,
and address.
How can you identify such social networking threats?

Phishing

Password cracking

It is not a threat

Sniffing
A store employee during a customer’s payment transaction, swipes
the debit card in an unauthorized device (apart from the store’s
payment swiping machine) that copies and saves the card information.
A month later, the store employee makes a counterfeit card using the
stolen card information and withdraws all the cash linked to that
card’s account. Identify the type of card fraud discussed in this
scenario.

Card Skimming fraud

Cash machine fraud

Card Identity theft

Chargeback fraud

Sandra misses her friends on a social networking site

desperately. Her network administrator at her company has blocked
all these social networking sites. Which of the following options she
can use to reconnect with her friends on social networking site?

Try opening it on other systems

Use a webserver

Use a proxy server

It is not possible to access blocked sites

Which of the following protocols assists secure communication over a

computer network by providing authentication for the website and
associated web server?
 HTTP Protocol

HTTPS Protocol

POP3 Protocol

SMTP Protocol

NTFS file system provides better performance and security for data on
hard disks. What best describes the function of the following
command “drive_letter: /fs:ntfs”

Converts partitions from FAT file system to NTFS

Allows TCP Inbound traffic on all the ports

Closes any open programs running on an NTFS drive

Encrypt files and folders on an NTFS formatted disk drive

In public key infrastructure (PKI), a digital certificate is managed and

signed by a ______________________.

Corporate Authority

NSA Authority

Certificate Authority

ICANN Authority
You unknowingly responded to the email requesting for your login
credentials. What would be your next step?

You avoid thinking of the consequences

You approach an expert to solve the issue after you realize that
something had gone wrong

You will not reveal the truth as it may negatively impact your reputation

You will delete that mail

Henry’s system started behaving strangely after downloading the free

music from the Internet. He was flooded with pop-ups advertising
different items that were irrelevant to him. Which of the following
malware is most likely to cause this behaviour?

Rootkit

Adware

Virus

Trojan

Security researchers at xsecurity.com have discovered a deadly

computer virus that infect only MS Word documents and run
automatically when the document is opened. Identify the type of virus.

Trojan virus

Cavity virus
 Macro virus

Boot sector virus

Family Education Rights and Privacy Act (FERPA) gives certain rights
to parents with respect to their children’s educational records. These
rights transfer to the student when he/she attains age of 18 or an
education beyond the high-school level. Which one of the following
Rights is NOT granted under FERPA?

The right to amend educational records

The right to file complaints against the school for disclosing

educational records that violate FERPA

The right to access educational records kept by the school

The right to delete educational records

Steve receives an e-mail from his bank that mentions about updating
its customer databases and their personal information. As part of the
updating initiative, the bank requests personal information such as
Social Security numbers, credit card information, usernames, and
passwords from their customers through that email.
What should Steve do in this situation?

Steve should never share his credentials with anyone, including

via emails that seemed to be from a bank

Steve should visit web link given in the email to login to his account
and provide required information
 Steve should reply the email with the required information

Steve should check if the email is from the bank’s mail ID or not and
then decide to reply

Which of the following method renders data unusable to anyone who

is unauthorized?

Data Abstraction

Synchronization

Encryption

Authentication

Consider a scenario where a child visits a social networking website

and creates a user account. A stranger contacts the child through his
online account masquerading as an elderly person showering
compliments, offering gifts, etc. to this child. Gradually, the child
builds an emotional attachment with the intruder. This type of online
risk is called?

Stealth sites

Cyber bullyingore

Child pornography

Grooming
Which of the following data backup strategies will consume the
maximum disk space?

Full/Normal Data Backup

Differential Data Backup

Incremental Data Backups

Partial Data Backup

Search engines index web pages using certain variables that are
submitted during a web page design or the search engine optimization
process. When a user searches for webpages using his keywords, the
search engine displays resulting webpages (with those stuffed
variables) that match his keywords. Those variables are called
_______________

Categorical variables

Meta variables

Dependent variables

Discrete variables

Roger is a hardcore Facebook addict. He suspected that his girlfriend

is dating someone from the college where they are studying. He
wanted to check his girlfriend’s emails to confirm or clear his doubt
without letting her know about this. The only way left was to steal or
guess her email password. Roger collected all the information posted
by his girlfriend on her Facebook account. He was able to successfully
guess her email account password by combining her pet name and
favourite pop singer’s name. How can you categorize such password
attacks?
 Identity theft

Session hijacking

Social engineering

Facebook defacement

A 14-year-old Kenneth Weishuhn Jr. committed suicide in April of 2014

after he was teased by classmates who created a hate group on
Facebook against gays, then added Kenneth's friends as members.
How can you categorize such security incidents?

Social engineering

Impersonation

Blackmailing

Cyber bullying

What is a “backdoor”?

A malware that creates a port through which an attacker can

communicate with the infected computer remotely.

A malware that installs itself in the bootable section of the memory.

A malware that attacks only antivirus software.

An email-based malware that sends itself out through emailing

everyone on a computer's contact list.
Which of the following security features of social networking websites
allows user to hide personal details from being seen by other users?

General Account Settings

Privacy settings

Security settings

Notifications Settings

Billy loves to play car-racing games. He used to download free games

from various websites and install them on his system. Recently, he
downloaded a car racing game and installed on his system. Everything
was working fine and the game was fantastic, however, Billy realized
that his system was crashing daily at 11 AM since he installed the
game. He realized that his system was infected by some malware with
the game installation. From the above symptom, identify the type of
malware that infected the Billy’s computer?

Spyware

Trojan horse

Logic bomb

Worm

Which of the following encryption technique uses a common key for

both encryption and decryption?

Hash Function
 Symmetric Encryption

Priority Encryption

Asymmetric Encryption

Which of the following terms defines a weakness in the information

system design or an implementation error that can lead to an
unexpected network or computer system security event?

Attack

Token

Threat

Vulnerability

Which of the following statements is true considering Elements of

Information Security
I. Confidentiality is “ensuring that information is accessible only to
those authorized to have access”
II. Availability is “ensuring that the information is accurate, complete,
reliable, and is in its original form”

I is true and II is true

I is false and II is false

 I is true and II is false

I is false and II is true

Identify the Bluetooth attack where an attacker anonymously

sends an electronic business card or photo to another Bluetooth
user.

Bluesnipping

Bluetooth hacking

War nibbing

Bluejacking

In which of the following methods do attackers try every

combinations of usernames and passwords until they get access to
the email account.

Brute Forcing attack

Shoulder surfing

Eavesdropping

Dictionary Attack

Which of the following Windows utilities help protect a computer

against pop-ups, slow performance issues, and malware threats?

Windows Event Viewer

Windows Defender
 Windows Firewall

Windows BitLocker

Which of the following devices is used to convert digital data into

analog data and vice versa at both sending and receiving ends of a
network?

Modems

Transceiver

Hub/Switch

Network adapter/interface card

Which of the following protocols provides a simple, standardized

way for users to access mailboxes and download messages from
the mail server to their local computer?

SMTP Protocol

HTTP Protocol

ICMP Protocol

POP3 Protocol

SSL (Secure Sockets Layer) is a network security standard mainly

used for?

It is a software in a web server to assign IP addresses

Safeguarding a web server from DDoS attacks

 Establishing an encrypted link between a web server and a
browser

Protecting a web browser from SQL attacks

Windows Internet Explorer has categorized websites based on

security settings to a specific zone. How many predefined security
zones does Windows Internet Explorer have?

Below are the statements that mention how an online shopping

process occurs. Arrange the online shopping process statements
in proper order.
I. Users add the product/service to the shopping cart that shows
products purchased, number of units of product, price, taxes,
shipping costs etc.
II. Users visit the e-commerce site where they wish to buy
goods/products.
III. Users receive an on-screen confirmation or/and a
confirmation email about a successful transaction
IV. Users browse for the required product through the online
catalogue
V. Users Fill in the online order form with shipping address,
consumer name, billing details (credit card/debit card) etc.

II, IV, I, III, V

II, IV, I, V, III

I, III, IV, II, V

III, II, V, IV, I

Anthony’s father is very strict; he has prohibited Anthony from using
Facebook, Anthony wants to check his Facebook wall postings once
before starting his studies but is afraid his father will check his
computer. Which of the following browser setting can Anthony clear
so that his father will not know about his online activities?
o Restricted zone
o ActiveX controls
o Browsing History
o Internet zone

What is the technique used to establish connections with Bluetooth

enabled devices from more than half a mile away using a highly
directional antenna and laptop?
o Blue jacking
o War Nibbling
o Blue snipping
o Bluesnarfing

Which of the following network attacks involves capturing packets

from a network and reading their content in search of sensitive
information like passwords, session tokens, or any kind of
confidential information?
o Eavesdropping attack
o Social engineering
o Denial-of-service attack
o Compromised-key attack
Identify the attack where attackers forge an email header so that the
message appears to have originated from someone or somewhere
other than the actual source.
o Email phishing
o Email snoofing
o Email bombing
o Email spoofing

Smith, a computer lab operator, does not want the students to

browse some sites from the lab computer, which of the network
components can he configure to achieve this objective?
o Windows update
o Intrusion Detection System
o Network Switch
o Firewall

What key information security characteristic does a digital certificate

ensure?
o Data integrity
o Data availability
o Data authenticity
o Data confidential