CSCU

EXERCISE EXAM
Test Number: 1-50
 QUESTION 1
Smith receives an email from his bank informing him
that it suspects an unauthorized transaction on his
account. To protect his account, the email advises Smith
to click on a link to verify his identity and provide any
missing information in the form. Smith is a victim of:

A. Website defacement and denial of service

B. Phishing attack.
C. Cyberterrorism
D. Web application attack
QUESTION 2
Stella needs to buy a gift for her friend on her birthday. While
shopping online, a message from the Internet Service
Provider (ISP) pops-up, which urges Stella to click on the link
to verify or update her account information. Identify the type
of social engineering attack?

A. Computer-Based Social Engineering. 

B. Human-Based Social Engineering
C. Social Engineering Using SMS
D. Spam Email
QUESTION 3
Cyber criminals can use your computer to steal personal and other
important information from you or do some mischievous activities.
John while surfing the Internet gets a pop-up ad and it takes John to
a website that offers a free game for his computer. What is the best
course action for John?
A. Download the game now, and decide later whether to install on
his PC or give the game to his friend
B. Download the game, install it, as John can uninstall the game
anytime if there is any problem
C. Research about the game on the Internet and check whether
it is safe to download it or not.
D. Check whether the website is asking for any money. If it is free,
simply download the game
QUESTION 4
Social networking websites such as Facebook and Twitter allow
users to create their own personal webpages and connect with
their relatives and friends. Creating webpages on social
networking sites is fun and exciting. What if, while creating a
website, the user is not careful enough which can pave way for
hackers and other malicious users? Elisha also created her own
webpage on Facebook. She got a message on her wall saying
"Hey Elisha, its ur uncle Tom! Thanks for the invitation - Aunt
Michel is f9 and we both Love ur webpage. Wed love to join ur
friend list!" What does Elisha have to do now?
A. Accept the request  
B. Deny the request.
C. Accept but give access to less information
D. Delete the webpage
QUESTION 5
It can be convenient to access email and surf the Internet using a
wireless computer. However, wireless networks can be vulnerable
to hackers unless the user takes necessary precautions. Ronald
wants to make an insurance policy and buy some stock online
using his wireless computer. While investing, the agency requires
Ronald to prove his identity and provide a security token. Using a
security token when investing online allows John to?

A. Log onto a public computer for a predetermined amount of time

B. Carry his laptop safely overseas in a commercial airplane
C. Generate random pass-codes to access his online financial accounts
with added security.
D. Hedge his investment by moving a portion of his investment into U.S.
Securities
QUESTION 6
Pamela uses Internet to chat with her friends, work on
official documents, and bank online. She often gets
confused and could not trust the websites that she is
browsing when transferring money to her daughter. How
can she ensure that the data sent between her computer
and the banking website is encrypted? (Select all that
apply)
A. By checking the website link.
B. By reading the terms and conditions
C. By reading the privacy policies
D. Tiny padlock icon found at the bottom of a Web site
QUESTION 7
Linda banks online to pay her utilities bills, shop,
etc. Which of the following are application-level
encryption protocols that Linda would most likely
use to bank online safely?

A. SSL and SET.

B. Verisign and SHA1
C. READY, SET, and GO
D. PGP, PEM, and SSL
QUESTION 8
Jeff wants to shop online but is concerned about a
company privacy policy. What online purchase
decision aid should he use?

A. Shopbot
B. Trust verification site.
C. Business rating site
D. Shopping portals
QUESTION 9
I want to request secure web pages using https://.
What port will I need to open on my firewall to
allow these SSL-encrypted packets to flow?
A. 22  
B. 53
C. 80
D. 443.
QUESTION 10
Susan spends most of the time on computer working
and doing other things. Susan left her PC connected to
Internet idle for some time. An attacker, although was
not able to steal any information, remotely utilized her
PC’s processor cycles for some of his computationally
intensive task. Classify the above breach of security?

A. Disclosure of information
B. Compromising integrity of the PC.
C. Denial of service attack
D. Buffer overflow attack
QUESTION 11
Anne suspects that her husband is cheating on her. He
spends most of his time on the Internet chatting with a
woman. When questioned, he says she is a good friend and a
colleague. On suspicion, Anne contacted her friend who
happened to be a network security administrator. Upon his
instructions, Anne installed a Keylogger when her husband
was away for work. How does a Keylogger can help Anne to
know whether her husband is cheating or not?
A. It captures the voice communication of her husband
B. Captures the control panel settings
C. Captures the .pdf (PDF-Printable Document Format) files
and sends them to her as attachments
D. Captures all the keystrokes that her husband types.
QUESTION 12
Company ABC has various departments that
have developed several private resources that
can be accessed using Internet protocols. The
company ABC now wants to link these resources
together. What type of network is being described
here? 
A. Internet
B. Extranet
C. Intranet.
D. Virtual private network
QUESTION 13
Nancy wants to safeguard herself and prevent her
identity from being stolen. What would you
recommend her to do before throwing away items with
personal information on them?
 
A. Write down the information for the records
B. Shred them or tear them up.
C. Not necessary to do anything
D. Contact the financial institution and verify her
transactions
QUESTION 14
Allen, a front office executive from Atlanta, has never
taken a backup of his system. He is worried about
security of the data in case his system crashes. Which of
the following type of backup will you suggest to Allen if
he wants to take a complete backup of his system?
 
A. Normal Data Backup.
B. Incremental Data Backups
C. Differential Data Backup
D. Full Incremental Data Backups
QUESTION 15
Sharon recently purchased a new smart phone for herself.
While exploring her phone, she tried to set her mobile
phone’s Bluetooth security. Sharon wants her phone’s
Bluetooth to be in default operation mode. Which among
the following options Sharon has to select to keep her
mobile in Bluetooth’s default security mode?

A. Non-secure mode.  
B. Leaving security up to each application
C. Enforce link encryption for all traffic
D. Security settings default to a mobile policy server
QUESTION 16
Austin and Stuart are two brothers. Austin works for a reputed IT
firm and sometimes his job requires him to work from home
with his PC connected to the Internet. When Austin is away to
work, his brother Stuart uses his PC. Austin suspected that his
brother browses Internet frequently and watches porn on his
PC. Austin wants to quietly and automatically block all the porn
websites so that his brother does not visit them. What must
Austin do in order to block the porn websites automatically?
A. Install scanning tool to scan the system
B. Install a firewall that blocks all porn
C. Install an antivirus software and activate parental control.
D. Install a keylogger
QUESTION 17
Nick received an email promotion stating that he has
won a new car. The email asks him to deposit $40 to
the sender’s account and provide some credentials.
What will be the best course of action for Nick in this
situation?

A. Give only his social security number and amount  

B. Simply delete the email.
C. Scan the email
D. Forward the mail to FBI for investigation
QUESTION 18
Sandra spends most of the post-office hours chatting to her friends on
Facebook. Recently she came to know regarding a group on
Facebook - Babysitter Goes to Jail after she Uploads This
HORRIBLE Baby Photo Online. Due to curiosity, she joined the
group to know more about it. The facilitator of this group has
requested all its members to raise funds for the innocent babies who
are becoming the victims of brutal harassment. What will you
recommend Sandra, whether to join the group or ignore it?

A. Quit the Facebook group, it may be a scam.  

B. Raise funds for the babies
C. Just facilitate the group
D. Visit the group regularly
QUESTION 19
Emma purchased a new computer running Windows 7
operating system, with some relatively recent software
installed. Emma wants to disable some unwanted services
that are running on her computer. How does she disable
services so that she can disable the unnecessary programs?

A. Start -> type "services.msc" in search box and press

ENTER to open the Services window.  
B. Start -> All Programs -> Administrative Tools -> Services
C. Start -> Control Panel -> Services
D. Start -> All Programs -> Services
QUESTION 20
Emerson works for a reputed finance corp. and has to travel
frequently to places. His laptop holds critical financial
information related to his clients and other business deals.
Laptop theft may lead to the disclosure of information such as
client names, confidential data, and other financial details related
to the corporate or Internet environment. Which of the following
is recommended in order to protect his laptop from theft?

A. Encrypt all the data in laptop

B. Never leave the laptop unattended.
C. Enable GPS tracking in laptop
D. Password protect the login
QUESTION 21
Most of the students today spend their time on the Internet. They share
websites with each other using the chat rooms as users. Some of the
innocent kids may fall prey and visit malicious links sent to them that
might either be a kind of trick to get their personal information or open a
web page that is not secure. Which of the following are the security tips
you need to follow to ensure that you don’t fall trap for IM attacks?
 
A. Save and open any documents that you accept from your IM contacts
B. Do not click on the links sent by unknown members in the chat room.
C. You need to use your personal email ID to register to links that are sent
through IM
D. Do not open files with the extension etc.
QUESTION 22
Which among the following exploits people’s
tendency to select weak passwords and uses a list of
pre-defined words to discover the correct passwords? 
A. Guessing
B. Brute Forcing
C. Dictionary Attack.
D. Shoulder Surfing
QUESTION 23
Which of the following password will be the strongest?

A. qwerty
B. administrator
C. Q!56ra@G.
D. mypassword
QUESTION 24
What is the process of encoding information in a way so
that only someone with a key can decode it?

A. Compression  
B. Steganography
C. Systemic variation
D. Encryption.
QUESTION 25
John used a tool to create an encrypted value similar to
"b2638eeef37069d0e697f92ae7de46a7" representing
an important file. His network administrator told him
that this value will be different every time there is a
change in the file. What is John generating in order to
check the integrity of the file?
A. Encryption algorithm
B. Hash value.
C. Encryption value
D. Decryption value
 QUESTION 26
The screen below appears while you are browsing the Internet. What is the
most appropriate action you will take to keep your system secure?

A. You have an out of date browser, as indicated by the message. You

will click Protect PC Now button.
B.  You have an out of date browser, as indicated by the message. You
will click Updates button in the left pane.
C. This is probably a malware attack. You will close the screen by
clicking Close (X) option at the right-top corner of the screen.
D. This screen doesnt give enough information. You will click “Support”
link, to receive more information
QUESTION 27
Bob wants to send a short confidential message to Smith,
using public key cryptography. How should Bob
achieve that?
A. Bob should encrypt it with his private key
B. Bob should encrypt it with his public key
C. Bob should encrypt it with Smith’s private key
D. Bob should encrypt it with Smith's public key.
QUESTION 28
Which of the following software programs would enable
an attacker to have a complete control over a victim’s
computer?

A. Virus  
B. Worm
C. Trojan.
D. Keylogger
QUESTION 29
Nadal, the industrialist from Norway, was travelling from
his hometown to Zurich for business purpose. On the way
his phone was stolen by a burglar. Which code Nadal may
use to deactivate his phone in order to save his personal as
well as confidential business information stored in his
phone?

A. IMEI code.  
B. IEMI code
C. *#07*
D. #*07#
QUESTION 30
If you ever receive an unsolicited telephone call from
someone claiming to need your password, what would
you do?

A. Refuse and report immediately.  

B. Write the password on a piece of paper, put it in an
envelope and send it by mail
C. Tell him/her the password and change it the
following day
D. Send him/her the password via email
 QUESTION 31
Jason is skeptical of the security of his Internet connection. He suspects that his system is
infected with some Trojan which connects to a remote attacker and sends sensitive data.
On recommendation of one of his friend who is a network administrator, Jason runs a
Windows command to find open ports, services, and applications associated with these
services. On running the command from the command prompt, Jason gets following
screen:

Which command is Jason running? 

A. netstat –a
B. netstat –b.
C. netstat –e
D. portstat –b
QUESTION 32
Which of the following attack uses a highly directional
antenna and a laptop to establish connections with
Bluetooth-enabled devices from over a half-mile
away?
A. Bluesniping.
B. Bluejacking
C. Fuzzing attack
D. Bluesnarfing
QUESTION 33
The North Carolina based healthcare company stored
medical data of customers without implementing proper
information security controls which led to the disclosure
of medical records of hundreds of its customers. Which
of the following act can be invoked against the company?

A. HIPAA.
B. FERPA
C. PCI DSS
D. AAPIE
 QUESTION 34
The following diagram shows a network device that is used for
connecting the modem to the network and determining the next network
point to which a packet should be forwarded. This device can access the
address of a network layer and can have incorporated software that
helps it identify the possible paths between the addresses and the
appropriate channels to transmit data.

Identify the device.

 
A. Hub  
B. NICs
C. Modem
D. Router.
QUESTION 35
The advanced encryption standard (AES) is an iterated
symmetric block cipher defined in FIPS, which means
that it works by repeating the same defined steps
multiple times. What key length does AES not
support?

A. 128-bit  
B. 512-bit.
C. 256-bit
D. 192-bit
QUESTION 36
Your IP address can link your Internet activities directly to
you; it can be used to find your name and location. So
protecting your Online Identity is a must, thus Anonymous
Web Surfing and the ability to hide your IP address are
mandatory in order to ensure a high level of online protection.
Which of the following is an IP Address Hiding Tool?

A. TOR.  
B. Hider IP
C. Anonymous Use
D. My IP
QUESTION 37
Which of the following will help prevent
unauthenticated access to the wireless network?

A. HTTP and VPN

B. VPN and Ipsec.
C. HTTP and WEP
D. IPsec and HTTP
QUESTION 38
What does a user do if he does not want everyone on the
network to access his shared disk or folder?
A. Create a hidden share by adding a percentage sign
(%) to the end of the share name
B. Create a hidden share by adding a dollar sign ($) to
the start of the share name
C. Create a hidden share by adding a dollar sign ($) to
the end of the share name.
D. Create a hidden share by adding a percentage sign
(%) to the start of the share name
QUESTION 39
Secure Sockets Layer (SSL) is the standard security
technology used to create a secure communication channel
between a server and a client. SSL insures that:

A. All information transmitted between the web server and

the browser is sent via a third party service provider
B. All information transmitted between the web server and
the browser is encrypted.
C. All information transmitted between the web server and
the browser is verified by a certificate authority
D. Both B & C
QUESTION 40
Jason calls a company’s help desk and says he has
forgotten his password. He adds that if he misses the
deadline on a big advertising project, his boss might
fire him. What exactly is Jason trying to do?
 
A. Make friends with the help desk executive  
B. Using social engineering to extract information from
the help desk executive.
C. Trying to hack the password
D. Trying to create a social network
 QUESTION 41
Identify the authorities represented by A, B, and C in a
digital certificate setup as depicted in following diagram:

A. A - Registration Authority (RA), B - Validation Authority (VA), C - Certificate Authority (CA)

B. A - Certificate Authority (CA), B - Registration Authority (RA), C - Validation Authority (VA)
C. A - Registration Authority (RA), B - Certificate Authority (CA), C - Validation Authority (VA).
D. A - Certificate Authority (CA), B - Validation Authority (VA), C - Registration Authority (RA)
 QUESTION 42
The following diagram illustrates how a file or folder can
be encrypted in a Windows 7 system.

Which native encryption system Windows 7 uses to secure files?

A. Advanced Encryption System (AES)  
B. Encrypted File System (EFS).
C. Data Encryption System (DES)
D. Native Encryption System (NES)
QUESTION 43
John, while surfing the web for basic computer security
measures, learnt that all the disk drives should be formatted
with the NTFS file system. He checked his system and
discovered that his D: drive is formatted with the FAT file
system. Which of the following command John can use to
convert the drive from FAT to NTFS in a Windows system?

A. convert D: /convert fat ntfs  

B. convert D: /fs:ntfs.
C. convert D: /fs:fat ntfs
D. convert D: /fs:ntfs fat
QUESTION 44
Bob holds a credit card from a reputed bank. He used the
card to purchase goods at https://amazon.com, but
when the bank statement was issued, he called the
bank and claimed that he never authorized the
transaction. Categorize this fraud?

A. Credit card mail order fraud  

B. Skimming/counterfeit credit card
C. Chargeback fraud.
D. Card-not-present (CNP) fraud
QUESTION 45
Some of the common threats to wireless networks include
eavesdropping, data interception and modification, denial-of-
service, spoofing, etc. Which one of the following sentences
describes spoofing?
A. An attacker masquerading as a law enforcement authority to
gain access to the wireless network
B. An attacker using tools to find wireless access points where
they can pick up an SSID broadcast
C. It is an illegitimate technique of gaining access by
masquerading as a legitimate user.
D. D. An attacker shutting down the access points by jamming
the radio waves
QUESTION 46
Which of the following is true considering E-mail threats?
A. Phishing mails lure victims to provide personal data.
B. In hoax mail, the user may receive spam mails that
contain malware, allowing attackers to take control of
the user's computer
C. In spamming, the user may receive threatening emails
that contain false information, insisting that he or she
forwards the email
D. Hoax mail contains attachments that may contain a
virus, trojan, worm, keyloggers, and more; opening
such attachments infects the computer
QUESTION 47
Robin frequently uses his credit cards to shop online. He was
shocked looking at his recent credit card statement as he
discovered some entries for items that he never purchased.
On checking with the online shop, he was told that they
have not done it and it might have crept in due to some
security problems in credit card processing. Which of the
following standards will help Robin to resolve this issue? 
A. HIPAA
B. FEMA
C. PCI DSS.
D. FERPA
QUESTION 48
Which of the following attack involves anonymously
sending an electronic business card or photo to another
Bluetooth user?

A. Bluesniping  
B. Bluejacking.
C. Fuzzing attack
D. Bluesnarfing
QUESTION 49
http://www.experian.com, http://www.equifax.com, and
http://www.transunion.com are examples of credit
reporting agencies. You should contact these agencies
if suspect that your identity is stolen. These agencies
will help you in:

A. Investigating who has stolen the identity

B. Recovering your loss out of identity theft
C. Protecting from losses due to identity theft.
D. Creating a new identity for you
QUESTION 50
An attack that is intended to severely limit access to
network resources, Internet, or other services is
commonly referred to as:
A. Phishing
B. Spoofing
C. Denial of service.
D. Buffer overflow
GOOD LUCK