1. Computer security is mainly concerned with ________.
A) Protecting software from errors
B) Protecting data and systems from unauthorized access
C) Improving hardware performance
D) Reducing power consumption
Answer: B
Explanation: Computer security ensures confidentiality, integrity, and availability of data and systems.
2. The term “cybersecurity” refers to _________.
A) Hardware repair
B) Protection of Internet-connected systems
C) Software installation
D) Data compression
Answer: B
Explanation: Cybersecurity protects networks, computers, programs, and data from digital attacks.
3. Which of the following is an example of malware?
A) Antivirus
B) Trojan horse
C) Firewall
D) Backup software
Answer: B
Explanation: Malware like Trojan horses can damage systems or steal data.
4. A program that hides inside another program and performs malicious actions is called _________.
A) Virus
B) Worm
C) Trojan horse
D) Spyware
Answer: C
Explanation: Trojan horse disguises itself as legitimate software to deceive users.
5. Which malware spreads automatically without human intervention?
A) Trojan horse
B) Worm
C) Virus
D) Spyware
Answer: B
Explanation: Worms self-replicate and spread across networks without needing to attach to files.
6. A program that infects other programs and spreads when the infected program is executed is called _________.
A) Virus
B) Worm
C) Trojan horse
D) Spyware
Answer: A
Explanation: Viruses attach to files and require execution to propagate.
7. Ransomware is malware that _________.
A) Deletes all files
B) Encrypts files and demands payment for decryption
C) Slows down computer performance
D) Displays pop-up ads
Answer: B
Explanation: Ransomware locks users out of their data until a ransom is paid.
8. Spyware is _________.
A) A protective software
B) Software that monitors user activities secretly
C) Cloud storage service
D) Internet browser
Answer: B
Explanation: Spyware tracks browsing habits, passwords, or keystrokes without user consent.
9. Adware primarily _________.
A) Deletes files
B) Displays unwanted advertisements
C) Encrypts data
D) Monitors network traffic
Answer: B
Explanation: Adware generates revenue by showing ads, often without user permission.
10. Which of the following is used to detect and remove malware?
A) Firewall
B) Antivirus software
C) Cloud storage
D) Proxy server
Answer: B
Explanation: Antivirus software scans, detects, and removes malicious programs.
11. A firewall is used to _________.
A) Protect a network from unauthorized access
B) Increase Internet speed
C) Encrypt files
D) Store data online
Answer: A
Explanation: Firewalls filter traffic and prevent malicious access to networks.
12. A strong password should include _________.
A) Only lowercase letters
B) Letters, numbers, and special characters
C) Only numbers
D) Only uppercase letters
Answer: B
Explanation: Strong passwords resist guessing and brute-force attacks.
13. Two-factor authentication (2FA) enhances security by _________.
A) Using two passwords
B) Requiring a password and a second factor like OTP
C) Encrypting emails
D) Blocking malware
Answer: B
Explanation: 2FA adds an extra layer of security to login processes.
14. Phishing attacks are primarily aimed at _________.
A) Damaging hardware
B) Stealing sensitive information like passwords
C) Increasing bandwidth
D) Slowing down computers
Answer: B
Explanation: Phishing uses deceptive emails or websites to obtain confidential data.
15. A fake website that mimics a legitimate one to steal data is called _________.
A) Worm
B) Phishing site
C) Trojan horse
D) Ransomware
Answer: B
Explanation: Phishing sites trick users into entering usernames, passwords, or financial info.
16. Man-in-the-middle (MITM) attack involves _________.
A) Encrypting files
B) Intercepting communication between two parties
C) Deleting files
D) Sending spam emails
Answer: B
Explanation: MITM attackers can steal or manipulate transmitted data.
17. Which of the following encrypts data for secure communication?
A) SSL/TLS
B) HTTP
C) FTP
D) SMTP
Answer: A
Explanation: Secure Socket Layer (SSL) and Transport Layer Security (TLS) encrypt web traffic.
18. VPN stands for _________.
A) Virtual Private Network
B) Very Private Network
C) Virtual Protected Node
D) Verified Protocol Network
Answer: A
Explanation: VPN encrypts data and provides secure Internet access over public networks.
19. RDP (Remote Desktop Protocol) is used for _________.
A) Local file storage
B) Remote access to computers
C) Email transfer
D) Cloud backup
Answer: B
Explanation: RDP allows users to control a remote computer over a network.
20. DDoS attacks aim to _________.
A) Steal passwords
B) Overwhelm a server with traffic, causing disruption
C) Encrypt files
D) Spy on users
Answer: B
Explanation: Distributed Denial of Service attacks use multiple systems to flood a target server.
21. Social engineering attacks exploit _________.
A) Software vulnerabilities
B) Human psychology
C) Network routers
D) Firewalls
Answer: B
Explanation: Social engineering tricks users into giving confidential information or access.
22. CAPTCHA is used to _________.
A) Encrypt files
B) Prevent automated bot submissions
C) Improve bandwidth
D) Protect hardware
Answer: B
Explanation: CAPTCHA ensures that online forms are submitted by humans, not bots.
23. A digital certificate ensures _________.
A) Identity verification and secure communication
B) Faster Internet
C) Malware removal
D) Cloud storage access
Answer: A
Explanation: Certificates use public key infrastructure (PKI) to authenticate websites and encrypt data.
24. Public key cryptography uses _________.
A) Single key for encryption and decryption
B) Two keys: public and private
C) Only passwords
D) Only symmetric keys
Answer: B
Explanation: Asymmetric cryptography uses a public key for encryption and a private key for decryption.
25. A honeypot in cybersecurity refers to _________.
A) A malware removal tool
B) A decoy system to attract attackers
C) Cloud storage solution
D) Firewall configuration
Answer: B
Explanation: Honeypots trap attackers and analyze their behavior to improve security.
26. Antivirus software primarily works by _________.
A) Encrypting data
B) Detecting, quarantining, and removing malware
C) Blocking network traffic
D) Storing data in the cloud
Answer: B
Explanation: Antivirus programs scan for malicious code and prevent infections.
27. Real-time protection in antivirus software means _________.
A) Scanning files only when executed
B) Continuous monitoring of the system for malware
C) Only updating virus definitions
D) Automatic backup
Answer: B
Explanation: Real-time scanning prevents malware from infecting the system as files are accessed.
28. Which of the following is a common antivirus software?
A) Microsoft Word
B) Norton
C) Photoshop
D) Google Drive
Answer: B
Explanation: Norton is a widely used antivirus program for detecting and removing threats.
29. A firewall can be _________.
A) Hardware only
B) Software only
C) Both hardware and software
D) Cloud service only
Answer: C
Explanation: Firewalls can be implemented as devices or software applications to monitor and filter traffic.
30. A packet filtering firewall works at which layer of the OSI model?
A) Application
B) Transport
C) Network
D) Data Link
Answer: C
Explanation: Packet filtering firewalls inspect IP packets at the network layer.
31. Stateful inspection firewalls track _________.
A) Only packet headers
B) The state of active connections
C) Malware signatures
D) Encrypted traffic
Answer: B
Explanation: Stateful firewalls monitor connection state to allow or block traffic based on context.
32. Which of the following is a common backup strategy?
A) Full backup
B) Incremental backup
C) Differential backup
D) All of the above
Answer: D
Explanation: Different backup types optimize storage, time, and recovery options.
33. A full backup _________.
A) Copies only changed files
B) Copies all selected files
C) Compresses data for storage
D) Encrypts files
Answer: B
Explanation: Full backup ensures a complete copy of all files for easy recovery.
34. Incremental backup saves _________.
A) All files every time
B) Only files changed since the last backup
C) Only system files
D) Only cloud files
Answer: B
Explanation: Incremental backups are faster and require less storage space.
35. Differential backup saves _________.
A) Only new files
B) All files changed since the last full backup
C) All system files
D) Cloud-based files only
Answer: B
Explanation: Differential backup includes all changes since the last full backup.
36. Data encryption ensures _________.
A) Faster Internet
B) Confidentiality of information
C) Removal of viruses
D) Backup efficiency
Answer: B
Explanation: Encryption converts data into unreadable form for unauthorized users.
37. Which encryption type uses the same key for encryption and decryption?
A) Asymmetric
B) Symmetric
C) Hashing
D) Blockchain
Answer: B
Explanation: Symmetric encryption uses a single secret key for both encryption and decryption.
38. Which encryption type uses a public key and a private key?
A) Symmetric
B) Asymmetric
C) Hashing
D) SSL only
Answer: B
Explanation: Asymmetric (public key) cryptography uses a pair of keys for secure communication.
39. Backup storage can be _________.
A) External hard drives
B) Cloud storage
C) Network-attached storage
D) All of the above
Answer: D
Explanation: Backups can be maintained locally, on networks, or in the cloud.
40. Which type of backup is fastest to restore?
A) Incremental
B) Full
C) Differential
D) Random
Answer: B
Explanation: Full backups contain all files, making restoration quicker than incremental or differential backups.
41. Two-step verification improves security by _________.
A) Using stronger passwords only
B) Requiring a password and a secondary factor
C) Encrypting files automatically
D) Blocking all emails
Answer: B
Explanation: This reduces the risk of unauthorized access even if a password is compromised.
42. Biometrics used for authentication include _________.
A) Fingerprints
B) Retina scan
C) Voice recognition
D) All of the above
Answer: D
Explanation: Biometric systems verify identity using unique physical traits.
43. A security policy is _________.
A) A set of rules to protect IT resources
B) Antivirus software
C) Firewall configuration only
D) Backup procedure
Answer: A
Explanation: Security policies guide users and IT staff on safe practices and access controls.
44. Patch management ensures _________.
A) Updating software to fix security vulnerabilities
B) Encrypting files
C) Creating backups
D) Increasing storage
Answer: A
Explanation: Regular patching reduces risk of exploitation through known vulnerabilities.
45. Two types of firewalls are _________.
A) Packet filtering and proxy
B) Antivirus and spyware
C) Full and incremental
D) Hardware only
Answer: A
Explanation: Firewalls can filter traffic at packet level or act as intermediaries (proxy).
46. Endpoint security focuses on _________.
A) Servers only
B) Client devices like laptops and mobile phones
C) Cloud infrastructure only
D) Routers only
Answer: B
Explanation: Endpoint security protects individual devices connecting to a network.
47. Intrusion Detection System (IDS) is used to _________.
A) Encrypt data
B) Monitor network for suspicious activities
C) Backup files
D) Block malware
Answer: B
Explanation: IDS alerts administrators about possible security breaches.
48. Intrusion Prevention System (IPS) differs from IDS by _________.
A) Not detecting attacks
B) Actively blocking attacks
C) Slowing network traffic
D) Encrypting communications
Answer: B
Explanation: IPS can prevent attacks in addition to detecting them.
49. Cloud backup provides _________.
A) On-site storage only
B) Remote storage accessible over Internet
C) Only incremental backup
D) Antivirus services
Answer: B
Explanation: Cloud backups store data off-site, ensuring recovery in case of local data loss.
50. Security awareness training helps _________.
A) Improve firewall settings
B) Educate users on safe computing practices
C) Encrypt emails
D) Create backups
Answer: B
Explanation: Training reduces risks from social engineering, phishing, and unsafe practices.
51. Advanced Persistent Threat (APT) refers to _________.
A) Temporary malware
B) Long-term, targeted cyberattack
C) Spam email attack
D) Denial-of-Service attack
Answer: B
Explanation: APTs are sophisticated, persistent attacks aimed at stealing sensitive data over extended periods.
52. Zero-day attack exploits _________.
A) Known vulnerabilities
B) Previously unknown vulnerabilities
C) Weak passwords
D) Network bandwidth
Answer: B
Explanation: Zero-day attacks exploit security flaws before developers release a patch.
53. Keylogger is used to _________.
A) Encrypt files
B) Record keystrokes secretly
C) Block malware
D) Backup data
Answer: B
Explanation: Keyloggers capture typed data such as passwords and credit card numbers.
54. Botnet refers to _________.
A) A single malware program
B) Network of compromised computers controlled remotely
C) Firewall software
D) Encryption tool
Answer: B
Explanation: Botnets can perform DDoS attacks, send spam, or mine cryptocurrency.
55. SQL Injection attacks target _________.
A) Network hardware
B) Databases
C) Emails
D) Firewalls
Answer: B
Explanation: SQL injection manipulates database queries to gain unauthorized access to data.
56. Cross-Site Scripting (XSS) attacks target _________.
A) Websites and users through malicious scripts
B) Email servers
C) Firewalls
D) Backup files
Answer: A
Explanation: XSS injects scripts into web pages to steal cookies or perform malicious actions.
57. Social engineering attacks primarily exploit _________.
A) Hardware flaws
B) Human behavior and trust
C) Encrypted communications
D) Cloud servers
Answer: B
Explanation: Attackers manipulate users into revealing confidential information.
58. Ethical hacking is _________.
A) Unauthorized hacking
B) Legal hacking to identify vulnerabilities
C) Malware development
D) Virus distribution
Answer: B
Explanation: Ethical hackers help organizations secure systems by finding and fixing weaknesses.
59. Penetration testing involves _________.
A) Encrypting files
B) Simulating attacks to test security
C) Blocking malware
D) Creating backups
Answer: B
Explanation: Pen testing identifies security gaps by mimicking real attack scenarios.
60. White-hat hackers are _________.
A) Malicious hackers
B) Ethical hackers who help improve security
C) Spyware developers
D) Script kiddies
Answer: B
Explanation: White-hat hackers test systems legally to enhance security.
61. Black-hat hackers are _________.
A) Ethical hackers
B) Malicious hackers breaking into systems illegally
C) Network administrators
D) Antivirus developers
Answer: B
Explanation: Black-hat hackers exploit vulnerabilities for personal gain or damage.
62. Gray-hat hackers are _________.
A) Always ethical
B) Hack without permission but without malicious intent
C) Cybersecurity professionals only
D) Botnet operators
Answer: B
Explanation: Gray-hat hackers may expose vulnerabilities publicly without causing harm.
63. Ransomware-as-a-Service (RaaS) refers to _________.
A) Free antivirus software
B) Subscription-based ransomware tools for attackers
C) Cloud storage service
D) Backup software
Answer: B
Explanation: RaaS allows non-technical criminals to launch ransomware attacks.
64. Phishing can be prevented by _________.
A) Using strong passwords
B) Verifying sender identity before clicking links
C) Updating antivirus
D) All of the above
Answer: D
Explanation: Awareness, secure passwords, and antivirus help prevent phishing attacks.
65. Spear phishing targets _________.
A) Random users
B) Specific individuals or organizations
C) Network routers
D) Firewalls
Answer: B
Explanation: Spear phishing is personalized, increasing the likelihood of success.
66. Denial-of-Service (DoS) attacks aim to _________.
A) Encrypt data
B) Overwhelm systems to make services unavailable
C) Steal passwords
D) Update software
Answer: B
Explanation: DoS attacks disrupt availability by exhausting resources.
67. Distributed Denial-of-Service (DDoS) attacks use _________.
A) A single computer
B) Multiple compromised systems
C) Only mobile devices
D) Only cloud servers
Answer: B
Explanation: DDoS floods targets with traffic from many devices simultaneously.
68. Malware analysis is done to _________.
A) Create malware
B) Understand and mitigate malware behavior
C) Encrypt data
D) Backup files
Answer: B
Explanation: Analyzing malware helps design detection and prevention strategies.
69. Security Information and Event Management (SIEM) is used for _________.
A) Real-time monitoring and analysis of security events
B) Encrypting files
C) Backup management
D) Email filtering only
Answer: A
Explanation: SIEM collects and analyzes security data to detect threats proactively.
70. Honeypots are _________.
A) Antivirus software
B) Decoy systems to lure attackers
C) Cloud storage
D) Network routers
Answer: B
Explanation: Honeypots help study attack methods and improve security defenses.
71. Key management in cryptography involves _________.
A) Storing passwords only
B) Generating, distributing, and managing encryption keys securely
C) Encrypting emails
D) Firewall configuration
Answer: B
Explanation: Proper key management ensures data confidentiality and integrity.
72. Patch management helps in _________.
A) Fixing software vulnerabilities
B) Creating backups
C) Encrypting data
D) Blocking spam
Answer: A
Explanation: Timely patching reduces exposure to cyberattacks.
73. Cybercrime includes _________.
A) Identity theft
B) Financial fraud
C) Malware attacks
D) All of the above
Answer: D
Explanation: Cybercrime encompasses illegal activities conducted using digital technology.
74. Ethical hackers use _________.
A) Unauthorized access techniques for malicious purposes
B) Hacking skills legally to secure systems
C) Malware development
D) Cloud storage
Answer: B
Explanation: Ethical hacking identifies and fixes security flaws with permission.
75. Bug bounty programs _________.
A) Offer rewards for finding software vulnerabilities
B) Provide antivirus services
C) Backup data online
D) Block phishing emails
Answer: A
Explanation: Organizations incentivize ethical hackers to detect and report security issues.
76. Cloud security ensures _________.
A) Data stored in the cloud is protected from unauthorized access
B) Faster Internet
C) Malware removal on local systems only
D) Backup of physical devices
Answer: A
Explanation: Cloud security includes measures like encryption, access control, and monitoring to safeguard cloud data.
77. End-to-end encryption ensures _________.
A) Data is readable by intermediaries
B) Only sender and receiver can read the data
C) Data is compressed
D) Data is backed up automatically
Answer: B
Explanation: End-to-end encryption prevents third parties, including service providers, from accessing the content.
78. Multi-factor authentication (MFA) requires _________.
A) Only a password
B) Multiple forms of verification
C) Only a security question
D) Only biometrics
Answer: B
Explanation: MFA improves security by requiring two or more verification methods, e.g., password + OTP + biometric.
79. Tokenization in security is used for _________.
A) Replacing sensitive data with non-sensitive tokens
B) Encrypting files with a password
C) Blocking malware
D) Storing files in cloud
Answer: A
Explanation: Tokenization reduces risk by replacing real data (like credit card numbers) with surrogate values.
80. Blockchain technology enhances security by _________.
A) Encrypting emails only
B) Providing immutable, decentralized records
C) Faster Internet
D) Data compression
Answer: B
Explanation: Blockchain ensures data integrity through a tamper-resistant, distributed ledger.
81. IoT security focuses on _________.
A) Securing devices connected to the Internet
B) Encrypting cloud files only
C) Firewall for laptops only
D) Antivirus installation
Answer: A
Explanation: IoT security protects smart devices like sensors, home appliances, and industrial equipment.
82. Common IoT security risks include _________.
A) Device hijacking
B) Data leaks
C) Botnet attacks
D) All of the above
Answer: D
Explanation: IoT devices are vulnerable to various threats, requiring encryption, authentication, and firmware updates.
83. Zero Trust Security model means _________.
A) Trust all devices inside a network
B) Never trust, always verify every access request
C) Encrypt only passwords
D) Only use cloud backup
Answer: B
Explanation: Zero Trust enforces strict identity verification and least-privilege access policies.
84. AI in cybersecurity helps to _________.
A) Predict and detect threats automatically
B) Encrypt files only
C) Backup data automatically
D) Install firewalls
Answer: A
Explanation: AI and machine learning analyze patterns and detect anomalies to prevent attacks.
85. Security Information and Event Management (SIEM) systems provide _________.
A) Real-time monitoring and analysis of security alerts
B) Only data encryption
C) Malware removal
D) Cloud storage
Answer: A
Explanation: SIEM systems collect logs, detect threats, and alert administrators proactively.
86. Cloud Access Security Broker (CASB) is used for _________.
A) Monitoring cloud usage and enforcing security policies
B) Encrypting emails only
C) Backup management
D) Blocking viruses locally
Answer: A
Explanation: CASBs provide visibility and control over data and threats in cloud services.
87. Role-based access control (RBAC) allows _________.
A) Everyone to access all resources
B) Assigning permissions based on user roles
C) Encrypting all files automatically
D) Firewall configuration only
Answer: B
Explanation: RBAC ensures users can access only the resources necessary for their role.
88. Security patches in cloud environments help to _________.
A) Reduce security vulnerabilities
B) Encrypt files
C) Backup data
D) Block phishing emails
Answer: A
Explanation: Applying patches fixes known flaws, protecting against exploits.
89. API security is important because _________.
A) APIs transfer data between services and can be exploited if insecure
B) Only encrypts emails
C) Provides backup
D) Blocks malware on servers
Answer: A
Explanation: Securing APIs prevents data breaches and unauthorized access.
90. Edge computing security ensures _________.
A) Data is processed and secured near the source
B) All data stored only in cloud
C) Local antivirus installation
D) Firewall configuration only
Answer: A
Explanation: Edge computing reduces latency and risk by securing data close to IoT devices.
91. Distributed Ledger Technology (DLT) ensures _________.
A) Centralized storage
B) Tamper-proof, decentralized record keeping
C) Data compression
D) Cloud backup
Answer: B
Explanation: DLT like blockchain enhances integrity and transparency of digital records.
92. Quantum cryptography provides _________.
A) Faster Internet
B) Encryption based on quantum mechanics principles
C) Cloud storage
D) Antivirus protection
Answer: B
Explanation: Quantum cryptography offers theoretically unbreakable encryption using quantum key distribution.
93. Cloud-native security integrates _________.
A) Security into cloud applications from development stage
B) Only firewalls
C) Antivirus software only
D) Backup services only
Answer: A
Explanation: Cloud-native security ensures security is part of design, deployment, and operation.
94. Security orchestration, automation, and response (SOAR) systems _________.
A) Automate threat detection and response
B) Only encrypt files
C) Provide cloud storage
D) Only perform backups
Answer: A
Explanation: SOAR integrates tools and processes to reduce response time to security incidents.
95. Multi-cloud security deals with _________.
A) Security across multiple cloud service providers
B) Only on-premise networks
C) Local antivirus updates
D) Firewall monitoring
Answer: A
Explanation: Multi-cloud environments require policies and tools to secure diverse platforms.
96. Firmware updates in IoT devices are important because _________.
A) They improve battery life only
B) They fix security vulnerabilities and bugs
C) Only increase device speed
D) Backup device data
Answer: B
Explanation: Regular firmware updates prevent exploitation of device vulnerabilities.
97. Secure coding practices help to _________.
A) Prevent vulnerabilities during software development
B) Backup cloud data
C) Encrypt emails only
D) Monitor network traffic
Answer: A
Explanation: Writing secure code reduces risks of SQL injection, XSS, and other exploits.
98. Cyber threat intelligence (CTI) provides _________.
A) Data about potential cyber threats for proactive defense
B) Antivirus scanning
C) Cloud backup
D) Network acceleration
Answer: A
Explanation: CTI helps organizations prepare for, detect, and respond to threats.
99. Mobile device management (MDM) ensures _________.
A) Security, configuration, and monitoring of mobile devices
B) Only cloud backups
C) Antivirus installation
D) Firewall configuration
Answer: A
Explanation: MDM protects corporate data on smartphones and tablets.
100. Zero Trust Network Access (ZTNA) differs from traditional VPN by _________.
A) Allowing unrestricted access
B) Granting access based on identity, device, and context
C) Encrypting only emails
D) Blocking all cloud access
Answer: B
Explanation: ZTNA enforces granular, context-aware access controls instead of trusting internal networks.