What is CyberSecurity?
Cyber Security is a process that’s designed to protect networks and devices from external threats. Businesses typically employ Cyber Security professionals to protect their confidential information, maintain employee productivity, and enhance customer confidence in products and services.
The world of Cyber Security revolves around the industry standard of confidentiality, integrity, and availability, or CIA. Privacy means data can be accessed only by authorized parties; integrity means information can be added, altered, or removed only by authorized users; and availability means systems, functions, and data must be available on-demand according to agreed-upon parameters.
The main element of Cyber Security is the use of authentication mechanisms. For example, a user name identifies an account that a user wants to access, while a password is a mechanism that proves the user is who he claims to be.
What are the types of Cyber Crimes?
Cybercriminals usually try to profit off of their crimes using a variety of tactics, including:
- Denial of Service, or DOSWhere a hacker consumes all of a server’s resources, so there’s nothing for legitimate users to access
- Malware Where victims are hit with a worm or virus that renders their devices useless
- Man in the Middle Where a hacker puts himself between a victim’s machine and a router to sniff data packets
- Phishing Where a hacker sends a seemingly legitimate-looking email asking users to disclose personal information
Other types of cyberattacks include cross-site scripting attacks, password attacks, eavesdropping attacks (which can also be physical), SQL-injection attacks, and birthday attacks based on algorithm functions.
Cybersecurity Prologue MCQs Solution
1. What is PUP?
Answer:- Potentially unwanted program
2. monitors user activity on internet and transmit that information in the background to someone else
3. Unsolicited commercial email is known as _
4. Internet can impose a number of Risks and hence Cybersecurity is required –
5. A ________ is like a Virus, having the ability to spread without any medium –
6. Which of these are Personally Identifiable Information?
7. Which of these is an anti-virus program
8.The sole purpose of ________ attack, is to fool the victim and to get all the confidential information
9. If there is a vulnerability but no threat, then there won’t be a risk
10. In Symmetric-key cryptography, the key used by the sender and the receiver is
11. Risk represents
Answer:- Threats times vulnerabilities
12. Cryptography, a word with Greek origins, means
Answer:- Secret Writing
13. The Cryptography can provide
14. Detection and Analysis is a continuous process of a cyber-attack for detecting Malware intrusion and their remote connections –
15. Which is a part of a response phase activities ?
Answer:- Take appropriate pre-approved or required actions
16. UML component diagram is used to identify how a module validate &processes the data before storing it
17. Incident Category can be defined according to business functional priorities
18. Incidents should be handled on a first come- first serve basis and must be prioritized based on the Business impact
19. Which is not part of a Incident Response Preparation phase ?
Answer:- Create appropriate control framework
20. Which is not a set of activity performed to prevent future incidents in Incident management ?
21. Deep packet inspection can be used to give more context to indicator only
22. A ________ is a credit card sized card with an embedded chip, containing information about the user
Answer:- Smart Card
23. Which of these are Threats related to Email Security?
24. Phishing emails include fake notifications from banks and e-payment systems
25. Which of these are examples biometrics?
26. Which of these is TRUE with respect to passwords?
Answer:- Passwords need to be atleast 8 chars of length
27. How do we define RADIUS?
Answer:- Remote Authentication Dial-In User Service.
28. As an email client, we should not use caution when opening emails and can download any attachments
29. At Operational level threat intelligence real time feed protocols are being used
30. Cyber security architecture is all about understanding one’s Business Scope and requirements only
31. Which of the following is not an antivirus software?
Answer:- Code Red
32. Network layer firewall works as a
Answer:- Packet filter
33. The Cryptography can provide
34. are attempts by individuals to obtain confidential information from you to falsifying their identity
Answer:- Spyware scams – wrong
35. Attack which happens due to neglected factors like compromising with security is a type of
Answer:- Non-Malicious threat
36. Which helps to determine the effective security controls and measurement techniques
Answer:- Threat Modelling
37. A Hacker or disgruntled employee who is interested in specific Asset or information is a type of
Answer:- Malicious threat
38. A TCS business operations team required to meet 98% SLA in FY 2017’18 to avoid non-compliance penalty which must be a part of
Answer:- Architecture Controls
39. Defining the security control parameter SLA at 98.5% for taking appropriate actions to avoid penalty risk if it goes below 98% must be a part of
Answer:- Architecture Risks
40. At Strategic level threat intelligence information can be exchanged within it’s operating community
41. The altering of data so that it is not usable unless the changes are undone is
42. It is a program or hardware device that filters the information coming through an internet connection to a network or computer system
43. An attempt to make a computer resource unavailable to its intended users is called
Answer:- Denial-of-service attack
44.At Tactical level threat intelligence research analysis and reports can be published after malware analysis
45. UEBA stands for
Answer:- User Entity and Behavior Analytics
46. ________ is the guarantee of data privacy and protection against unauthorized disclosure.
47. Which is a open source data loss prevention solution.
48. A ________ is an extension of an enterprise’s private intranet across a public Network such as the Internet across a public Network such as the Internet, creating a secure private connection.
49. Which helps to predict the cybersecurity potential risks effectively ?
Answer:- Threat Mitigation
50. The relationship between a character in the plaintext to a character is
Answer:- Many-to-one relationship
51. In asymmetric key cryptography, the private key is kept by
Answer:- Sender and Receiver
52. They Keys used in Cryptography are
Answer:- Single Round
53. Which of the following would most likely not be a symptom of a virus?
Answer:- Existing program files and icons disappear
54. In symmetric-key cryptography, the same key is used by
Answer:- Both Party
55. which can’t be used as a best practice for managing cyber threats ?
Answer:- Behavioral Modelling
56. WPA2 is used for security in ________
57. In cryptography, what is cipher?
58. In Asymmetric-Key Cryptography, although RSA can be used to encrypt and decrypt actual messages, it is very slow if the message is.
59. Which is not a characteristics of Advanced Persistent threats ?
Answer:- Full automated
60. Traffic in a VPN is not