Cybersecurity Prologue Fresco Play MCQs Answers

Time to Evaluate Your Understanding!

1.Malware cannot inflict physical damage to systems.

  1. True
  2. False

Answer: 2)False

2.The type of malware that restricts access to the computer either by encrypting files on the hard drive or by displaying messages demanding a ransom is called __________.

  1. Trojans
  2. Scareware
  3. Ransomware
  4. Spyware

Answer: 3)Ransomware

3._________ is commonly known for providing backdoor access to the system for malicious users.

  1. Rootkits
  2. Botnets
  3. Trojans
  4. Worms

Answer: 3)Trojans

4.The type of malware that tricks users by making them believe that their computer has been infected with a virus is called __________.

  1. Ransomware
  2. Spyware
  3. Rootkits
  4. Scareware

Answer: 4)Scareware

5._________ is a standalone software that does not need human help/host program to spread.

  1. Ransomware
  2. Trojan
  3. Virus
  4. Worm

Answer: 4)Worm

6.An error message displayed on the system symbolizes virus infection.

  1. False
  2. True

Answer: 1)False

7.Which of the following malware is designed for advertising, such as pop-up screens?

  1. Adware
  2. Viruses
  3. Spyware
  4. Ransomware

Answer: 1)Adware

8.Which of the following is used to draw in users and infect them and deploy fast changing infrastructures?

  1. Honeynet
  2. Botnet
  3. Trojans
  4. Malnet

Answer: 1)Malnet

9._________________ is a device infected by malware, which becomes part of a network of infected devices administered by a single attacker or attack group.

  1. Bot
  2. Honeynet
  3. Rootkit
  4. Honeypot
  5. Time to Evaluate Your Understanding!

Answer: 1)Bot

10.The common term for a software that is considered as nonessential, whose implementation can compromise privacy or weaken the computer’s security is called ___________.

  1. Spam
  2. Malware
  3. Malicious Program
  4. Potentially Unwanted Program

Answer: 4)Potentially Unwanted Program

11.________ is designed to extract data from its host computer for marketing purposes.

  1. Spyware
  2. Trojans
  3. Adware
  4. Ransomware

Answer: 1)Spyware

12.What is PUP?

  1. Practially Unwanted Program
  2. Potentially Unwanted Procss
  3. Potentially Unwanted Program
  4. Practically Unrelated Program

Answer: 3)Potentially Unwanted Program

13.The method of protecting programs, networks, and systems from digital attacks is commonly known as __________.

  1. Cryptography
  2. Cryptanalysis
  3. Cryptology
  4. Cybersecurity

Answer: 4)Cybersecurity

14.Programs that are specifically designed to disrupt the performance of computers/networks are commonly known as __________.

  1. Ransomware
  2. Trojans
  3. Malware
  4. Virus

Answer: 1)Ransomware

Time to Evaluate Your Understanding!

1.The security posture of an organization is defined by the ______ link in the chain.

  1. Weakest
  2. Strongest
  3. Average

Answer: 1)Weakest

2.Which of the following attributes is not a PII?

  1. Date of Birth
  2. Credit Card Information
  3. IP Address
  4. Account Numbers
  5. Social Security Number

Answer: 3)IP Address

3.The security attribute that aims to achieve data privacy and protection against unauthorized disclosure is called ____________.

  1. Integrity
  2. Authentication
  3. Availability
  4. Confidentiality

Answer: 4)Confidentiality

4.As an application of cryptography, digital Signatures and MACs can be used for _____________.

  1. Authentication
  2. Confidentiality
  3. Availability
  4. Integrity

Answer: 1)Authentication

5.Threats can exploit assets if assets are not vulnerable.

  1. False
  2. True

Answer: 1)False

6.Which of the following is an attack against confidentiality?

  1. Password Attack
  2. DoS Attack
  3. Cross Site Scripting Attack
  4. Man in the Middle Attack

Answer: 4)Man in the Middle Attack

7.Which of the following is an intangible asset?

  1. Trade Secrets
  2. Inventory and Machinery
  3. Business Premises
  4. Hardware components

Answer: 1)Trade Secrets

8.If a student gains unauthorized access to the student database and modifies his/her marks, what type of violation would it be?

  1. Integrity
  2. Both the options
  3. Confidentiality

Answer: 2)Both the options

9.Which of the following is an attack against availability?

  1. Birthday Attack
  2. DoS Attack
  3. Man in the Middle Attack
  4. Zero Day Attack

Answer: 2)DoS Attack

10.Choose the correct option.

  1. Risk=Threat/Vulnerability
  2. Risk=Threat*Vulnerability
  3. Threat=Risk*Vulnerability
  4. Vulnerability=Threat/Risk

Answer: 3)Threat=Risk*Vulnerability

11.The type of attack in which the attacker intercepts the information in transit without altering it.

  1. Active Attack
  2. Invasive Attack
  3. Passive Attack

Answer: 3)Passive Attack

12.The process of converting a message to an unintelligible form with the help of an algorithm and a key is known as _______.

  1. Cryptography
  2. Encryption
  3. Cryptology
  4. Cryptanalysis

Answer: 2)Encryption

13.What is the practice and study of techniques for secure communication in the presence of third parties, commonly called?

  1. Cryptography
  2. Encryption
  3. Cryptanalysis
  4. Cybersecurity

Answer: 1)Cryptography

14.Which of the following security attribute is compromised when data or information is changed or tampered, either accidentally or maliciously?

  1. Availability
  2. Integrity
  3. Confidentiality
  4. Repudiation

Answer: 2)Integrity

15.Which of the following encryption methods is more suited for key exchange, non-repudiation, and authentication?

  1. Assymmetric Key Encryption
  2. Symmetric Key Encryption

Answer: 1)Assymmetric Key Encryption

16.Passive attacks are considered a threat to _______.

  1. Authenticity
  2. Availability
  3. Confidentiality
  4. Integrity

Answer: 3)Confidentiality

17.Which of the following attack method aims to gather confidential information by deceiving the victim?

  1. Phishing
  2. Spoofing
  3. Drive-by Download
  4. Spamming

Answer: 1)Phishing

18.Which encryption method is more suitable for quickly encrypting large amounts of data?

  1. Assymmetric Key Encryption
  2. Symmetric Key Encryption

Answer: 2)Symmetric Key Encryption

Time to Evaluate Your Understanding!

1.A type of assessment that is often performed in a sandbox-virtual environment to prevent malware from actually infecting production systems is known as _________.

  1. Black Box Testing
  2. Dynamic Analysis
  3. Static Analysis
  4. Penetration Testing

Answer: 2)Dynamic Analysis

2.A proactive process to predict potential risks efficiently.

  1. Threat Modeling
  2. Threat Analysis
  3. Threat Hunting
  4. Threat Landscaping

Answer: 2)Threat Hunting

3.SABSA Framework is commonly represented as _______ SABSA matrix.

  1. 4×4
  2. 8×8
  3. 5×5
  4. 6×6

Answer: 4)6×6

4.A kind of a network attack, where an unauthorized person gains access to a network and remains there undetected for a long duration is called _________.

  1. Invisible Threats
  2. Hidden Threats
  3. Advanced Persistent Threats
  4. Malicious threats

Answer: 3)Advanced Persistent Threats

5.A process by which potential vulnerabilities and threats can be recognized, enumerated, and prioritized from a hypothetical attacker’s pov is called ___________.

  1. Threat Landscaping
  2. Threat Modeling
  3. Threat Analysis
  4. Threat Hunting

Answer: 2)Threat Modeling

6.Which of the following are the three phases of Incident response maturity assessment?

  1. Prepare, Response, and Follow-up
  2. Prepare, Identify, and analyze
  3. Reconnaissance, Installation, Command, and control
  4. Identify, Decompose, and Mitigate

Answer: 1)Prepare, Response, and Follow-up

Time to Evaluate Your Understanding!

1.Phishing emails include fake notifications from banks and e-payment systems.

  1. False
  2. True

Answer: 2)True

2.Which of these is true with respect to passwords?

  1. None of the options
  2. Passwords need to be easy
  3. Passwords can be kept openly
  4. Passwords need to be atleast 8 chars of length

Answer: 4)Passwords need to be atleast 8 chars of length

3.Which of these are Threats related to Email Security?

  1. All the options
  2. Spoofing
  3. Pharming
  4. Phishing
  5. Spam

Answer: 1)All the options

4.How do we define RADIUS?

  1. Remote Authorization Dial-In User Service.
  2. Remote Authentication Dial-In User Service.
  3. Remote Authentication Service.
  4. Remote Authentication Dial-In Unified Service.

Answer: 2)Remote Authentication Dial-In User Service.

Final Assessment

1.________ is designed to extract data from its host computer for marketing purposes.

  1. Ransomware
  2. Trojans
  3. Adware
  4. Spyware

Answer: 4)Spyware

2.The telephone version of phishing that exploits social engineering techniques is known as __________.

  1. Pharming
  2. Smishing
  3. Vishing

Answer: 3)Vishing

3.A type of assessment that is often performed in a sandbox-virtual environment to prevent malware from actually infecting production systems is called ________.

  1. Static Analysis
  2. Black Box Testing
  3. Dynamic Analysis
  4. Penetration Testing

Answer: 3)Dynamic Analysis

4.The three chains of RADIUS Security are ___________________.

  1. Authentication, Availability, Accounting
  2. Authorization, Availability, Accounting
  3. Authentication, Authorization, Accounting

Answer: 3)Authentication, Authorization, Accounting

5.An error message displayed on the system, symbolizes virus infection.

  1. False
  2. True

Answer: 1)False

6.A kind of a network attack, where an unauthorized person gains access to a network and remains there undetected for a long duration is known as ______________.

  1. Malicious threats
  2. Advanced Persistent Threats
  3. Hidden Threats
  4. Invisible Threats

Answer: 2)Advanced Persistent Threats

7.As an application of cryptography, digital Signatures and MACs can be used for _____________.

  1. Confidentiality
  2. Integrity
  3. Availability
  4. Authentication

Answer: 4)Authentication

8.The process of converting a message to an unintelligible form with the help of an algorithm and a key is known as _______.

  1. Encryption
  2. Cryptography
  3. Cryptanalysis
  4. Cryptology

Answer: 1)Encryption

9._________ is a standalone software that does not need human help/host program to spread.

Ransomware

  1. Worm
  2. Trojan
  3. Virus

Answer: 2)Worm

10.What is PUP?

  1. Potentially Unwanted Program
  2. Practially Unwanted Program
  3. Potentially Unwanted Procss
  4. Practically Unrelated Program

Answer: 1)Potentially Unwanted Program

11._________ is commonly known for providing backdoor access to the system for malicious users.

  1. Trojans
  2. Worms
  3. Rootkits
  4. Botnets

Answer: 1)Trojans

12.Which of the following is a physiological biometric that could be used for authentication?

  1. Signature
  2. Voice Recognition
  3. Facial Recognition
  4. Gait
  5. All the options

Answer: 3)Facial Recognition

13.Which of the following encryption methods is more suited for key exchange, non-repudiation, and authentication?

  1. Symmetric Key Encryption
  2. Assymmetric Key Encryption

Answer: 2)Assymmetric Key Encryption

14.What is the type of malware that restricts access to the computer either by encrypting files on the hard drive or by displaying messages demanding a ransom?

  1. Ransomware
  2. Spyware
  3. Trojans
  4. Scareware

Answer: 1)Ransomware

15.A pharming tactic in which the DNS table in a server is modified to deceive users by redirecting to fraudulent websites.

  1. DNS Phishing
  2. Smishing
  3. Vishing
  4. DNS Poisoning

Answer: 4)DNS Poisoning

16.Threats can exploit assets if assets are not vulnerable.

  1. False
  2. True

Answer: 1)False

17.Which of the following security attribute is compromised when data or information is changed or tampered, either accidentally or maliciously?

  1. Availability
  2. Confidentiality
  3. Integrity
  4. Repudiation
  5. Confidentiality and Integrity

Answer: 5)Confidentiality and Integrity

18.Which of the following is an effective solution to ensure confidentiality?

  1. Logging and Auditing
  2. Encryption
  3. Network Monitoring
  4. Data Hiding

Answer: 2)Encryption

19.A process by which potential vulnerabilities and threats can be recognized, enumerated, and prioritized from a hypothetical attacker’s pov is called _______________.

  1. Threat Modeling
  2. Threat Landscaping
  3. Threat Analysis
  4. Threat Hunting

Answer: 1)Threat Modeling

20.__________ is a proactive process to predict potential risks efficiently.

  1. Threat Hunting
  2. Threat Modeling
  3. Threat Analysin
  4. Threat Landscaping

Answer: 1)Threat Hunting

Categories: Fresco Play

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *