Computer System Security MCQ with answers -01

Posted by

The "Answers" given with the Question is "not verified". To view Verified answers click on the button below.

COMPUTER SYSTEM SECURITY MCQ with all answers (100% free pdf download)

Computer System Security Introduction: Introduction, What is computer security and what to
learn? , Sample Attacks, The Marketplace for vulnerabilities, Error 404 Hacking digital India
part 1 chase.
Hijacking & Defense: Control Hijacking ,More Control Hijacking attacks integer overflow
,More Control Hijacking attacks format string vulnerabilities, Defense against Control Hijacking – Platform Defenses, Defense against Control Hijacking – Run-time Defenses, Advanced
Control Hijacking attacks.

1. What was the percentage increase in Zero Day Vulnerabilities in the year 2015?
a. 4%
b. 50%
c. 100%
d. 125%
Answer: (d)

2. What hacking attacks were mentioned in the lesson?
a. Hacking in French Election
b. ATM Hacking in India
c. Denial of Service attack in Turkish Bank
d. All of the above
Answer: (d)

3. Identify the software whose vulnerability is exploited the most?
a. Android
b. Browser
c. Adobe Flash Player
d. Microsoft Office
Answer: (b) Browser

4. The computer vulnerabilities and exploits databases are maintained by _________.
a. Kaspersky Lab
b. Symantec Corporation
c. MITRE Corporation
d. None of the above
Answer: (c)

5. Which of the following is/are correct with respect to Ransomware?
a. It is a form of Malware
b. It encrypts the whole hard drive of the computer, essentially locking the user out of the entire system.
c. It locks the system’s screen or locks the users’ files unless a ransom is paid.
d. All of the above
Answer: (d)

6. Which of the following is considered legal?
a. Hacking a social media account and sending a private message
b. Hacking a bank account and siphoning funds
c. Hacking a company’s security system with permission from the management
d. All of the above
Answer: (c)

7. What is the cost of launching Denial of Service attack on a website?
a. $20/hr
b. $100/day
c. $300/mont
d. Both A and B
Answer: (d)

8. Which of the following is not an advantage of studying Cyber Security?
a. It gives you the ability to hack a computer system
b. It allows you to know the ways through which cyberspace can be breached
c. Both A and B
d. None of the above
Answer: (d)

9. Which of the following is correct for silent banker?
a. It is a trojan horse
b. It records keystrokes, captures screens and steals confidential banking credentials and sends them to a remote attacker
c. Both A and B
d. None of the above
Answer: (c) Both A and B

10. Which of the following is not a part of Security System Centric Design?
a. Policy
b. Agreement
c. Mechanisms
d. Threat Models
Answer: (b)

11. Which of the following is not a goal in the security system design?
a. Vulnerability
b. Confidentiality
c. Integrity
d. Availability
Answer: (a)

12. Which of the following is most important in design of secure system?
a. Assessing vulnerability
b. Changing or Updating System according to vulnerability
c. Both A and B
d. None of the above
Answer: (c)

13. Which of the following is correct with respect to Penetration testing?
a. It is an internal inspection of Applications and Operating systems for security flaws.
b. It is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system
c. It is hacking a security system of an organization.
d. All of the above
Answer: (b)

14. Which of the following is to be done to avoid limitations in threat models?
a. Making more explicit and formalized threat models to understand possible weaknesses
b. Making simpler and more general threat models
c. Making less assumptions to design a better threat model
d. All of the above
Answer: (d)

15. The storm botnet was used for ______.
a. Phishing
b. Spamming
c. Hacking
d. None of the above
Answer(b)

16. What is a typical cost of launching Denial of Service attack on a website?
a. $20/hr
b. $100/day
c. $300/month
d. Both A and B
Answer (d)

17. Which of the following is correct for silent banker?
a. It is a trojan horse
b. It records keystrokes, captures screens and steals confidential banking credentials and sends them to a remote attacker
c. Both A and B
d. None of the above
Answer(c)

18. What is Stuxnet?
a. A trojan horse
b. A malicious computer worm
c. A botnet
d. A ransomware
Answer (b)

19. Which of the following it was incorrect for Target company attack?
a. It is an example of server-side attack
b. More than 140 million credit card information was stolen in the attack
c. The attack happened in 2011
d. None of the above
Answer (c)

20. What is meant by marketplace for vulnerability?
a. A market vulnerable to attacks
b. A market consisting of vulnerable consumers
c. A market to sell and purchase vulnerabilities
d. All of the above
Answer (c)

21. Identify the correct bug bounty program name.
a. Google Vulnerability Program
b. Microsoft Bug Bounty Program
c. Mozilla Bounty Program
d. Pwn2Own competition
Answer (d)

22. What is a typical reward amount for Pwn2Own competition?
a. $15000
b. $1500
c. $150
d. $15
Answer (a)

23. What is a price for selling windows OS vulnerability in the black market?
a. $60K – $100K
b. $60k – $120K
c. $6000 – $12000
d. None of the above
Answer (b)

24. _________ are attempts by individuals to obtain confidential information from you by falsifying their identity.
a. Computer viruses
b. Phishing scams
c. Phishing trips
d. Spyware scams
Answer (b)

25. Which of the following is correct for MITM?
a. It stands for Man-In-The-Middle attack
b. It happens when a communication between the two systems is intercepted by an outside entity
c. It can happen in any form of online communication, such as email, social media, web surfing, etc
d. All of the above
Answer (d)