This set of Cyber Security Multiple Choice Questions & Answers (MCQs) focuses on “Cyber Attacks Types”.
1. The full form of Malware is ________
a) Malfunctioned Software
b) Multipurpose Software
c) Malicious Software
d) Malfunctioning of Security
View Answer
Explanation: Different types of harmful software and programs that can pose threats to a system, network or anything related to cyberspace are termed as Malware. Examples of some common malware are Virus, Trojans, Ransomware, spyware, worms, rootkits etc.
2. Who deploy Malwares to a system or network?
a) Criminal organizations, Black hat hackers, malware developers, cyber-terrorists
b) Criminal organizations, White hat hackers, malware developers, cyber-terrorists
c) Criminal organizations, Black hat hackers, software developers, cyber-terrorists
d) Criminal organizations, gray hat hackers, Malware developers, Penetration testers
View Answer
Explanation: Criminal-minded organizations, groups and individuals cyber-terrorist groups, Black hat hackers, malware developers etc are those who can deploy malwares to any target system or network in order to deface that system.
3. _____________ is a code injecting method used for attacking the database of a system / website.
a) HTML injection
b) SQL Injection
c) Malicious code injection
d) XML Injection
View Answer
Explanation: SQLi (Structured Query Language Injection) is a popular attack where SQL code is targeted or injected; for breaking the web application having SQL vulnerabilities. This allows the attacker to run malicious code and take access to the database of that server.
4. XSS is abbreviated as __________
a) Extreme Secure Scripting
b) Cross Site Security
c) X Site Scripting
d) Cross Site Scripting
View Answer
Explanation: Cross Site Scripting is another popular web application attack type that can hamper the reputation of any site.
5. This attack can be deployed by infusing a malicious code in a website’s comment section. What is “this” attack referred to here?
a) SQL injection
b) HTML Injection
c) Cross Site Scripting (XSS)
d) Cross Site Request Forgery (XSRF)
View Answer
Explanation: XSS attack can be infused by putting the malicious code (which gets automatically run) in any comment section or feedback section of any webpage (usually a blogging page). This can hamper the reputation of a site and the attacker may place any private data or personal credentials.
6. When there is an excessive amount of data flow, which the system cannot handle, _____ attack takes place.
a) Database crash attack
b) DoS (Denial of Service) attack
c) Data overflow Attack
d) Buffer Overflow attack
View Answer
Explanation: The Buffer overflow attack takes place when an excessive amount of data occurs in the buffer, which it cannot handle and lead to data being over-flow into its adjoined storage. This attack can cause a system or application crash and can lead to malicious entry-point.
7. Compromising a user’s session for exploiting the user’s data and do malicious activities or misuse user’s credentials is called ___________
a) Session Hijacking
b) Session Fixation
c) Cookie stuffing
d) Session Spying
View Answer
Explanation: Using session hijacking, which is popularly known as cookie hijacking is an exploitation method for compromising the user’s session for gaining unauthorized access to user’s information.
8. Which of this is an example of physical hacking?
a) Remote Unauthorised access
b) Inserting malware loaded USB to a system
c) SQL Injection on SQL vulnerable site
d) DDoS (Distributed Denial of Service) attack
View Answer
Explanation: If a suspicious gain access to server room or into any confidential area with a malicious pen-drive loaded with malware which will get triggered automatically once inserted to USB port of any employee’s PC; such attacks come under physical hacking, because that person in gaining unauthorized physical access to any room or organization first, then managed to get an employee’s PC also, all done physically – hence breaching physical security.
9. Which of them is not a wireless attack?
a) Eavesdropping
b) MAC Spoofing
c) Wireless Hijacking
d) Phishing
View Answer
Explanation: Wireless attacks are malicious attacks done in wireless systems, networks or devices.
In the cases of Eavesdropping, MAC Spoofing, and Wireless Hijacking, the attacker exploits vulnerabilities in wireless networks to gain unauthorized access or intercept data transmitted over the air. MAC Spoofing (ethernet layer) mostly happen over LAN be it wireless or wired network. Phishing is a high level (human user level) attack in which the user is tricked into revealing personal information by using means like email, sms, social media, etc. Here the attackers don’t rely on wireless vulnerabilities. So, out of the given choices, Phishing it the correct answer.
10. An attempt to harm, damage or cause threat to a system or network is broadly termed as ______
a) Cyber-crime
b) Cyber Attack
c) System hijacking
d) Digital crime
View Answer
Explanation: Cyber attack is an umbrella term used to classify different computer & network attacks or activities such as extortion, identity theft, email hacking, digital spying, stealing hardware, mobile hacking and physical security breaching.
11. Which method of hacking will record all your keystrokes?
a) Keyhijacking
b) Keyjacking
c) Keylogging
d) Keyboard monitoring
View Answer
Explanation: Keylogging is the method or procedure of recording all the key strokes/keyboard button pressed by the user of that system.
12. _________ are the special type of programs used for recording and tracking user’s keystroke.
a) Keylogger
b) Trojans
c) Virus
d) Worms
View Answer
Explanation: Keyloggers are surveillance programs developed for both security purpose as well as done for hacking passwords and other personal credentials and information. This type of programs actually saves the keystrokes done using a keyboard and then sends the recorded keystroke file to the creator of such programs.
13. These are a collective term for malicious spying programs used for secretly monitoring someone’s activity and actions over a digital medium.
a) Malware
b) Remote Access Trojans
c) Keyloggers
d) Spyware
View Answer
Explanation: Spyware is professional malicious spying software that is hard to detect by anti-malware or anti-virus programs because they are programmed in such a skillful way. These types of software keep on collecting personal information, surfing habits, surfing history as well as credit card details.
14. Stuxnet is a _________
a) Worm
b) Virus
c) Trojan
d) Antivirus
View Answer
Explanation: Stuxnet is a popular and powerful worm that came into existence in mid 2010, which was very powerful as it was accountable for the cause of huge damage to Iran’s Nuclear program. It mainly targets the PLCs (Programmable Logic Controllers) in a system.
15. ___________ is a violent act done using the Internet, which either threatens any technology user or leads to loss of life or otherwise harms anyone in order to accomplish political gain.
a) Cyber-warfare
b) Cyber campaign
c) Cyber-terrorism
d) Cyber attack
View Answer
Explanation: Cyber- terrorism is the term used to describe internet terrorism, where individuals and groups are anonymously misusing ethnicities, religions as well as threaten any technology user, which may lead to even loss of life.
Sanfoundry Global Education & Learning Series – Cyber Security.
To practice all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.
If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]
- Practice Cryptography & Network Security MCQ
- Check Programming Books
- Practice Programming MCQs
- Check Cyber Security Books
- Practice Computer Science MCQs
