CYBER SECURITY (SEC) - MCQ

UNIT 1 MCQ’s
1. What is cyberspace?
a) Physical space where computers are stored
b) Virtual environment where electronic communication occurs
c) Outer space beyond Earth's atmosphere
d) Underwater cables connecting continents

2. Which of the following is an example of web technology?

a) Email
b) Telephone
c) Television
d) Microwave

3. The architecture of cyberspace primarily involves:

a) Hardware components only
b) Software components only
c) Both hardware and software components
d) None of the above

4. The Internet is a:
a) Private network
b) Local network
c) Public network
d) Intranet

5. The World Wide Web is based on the use of:

a) Hypertext Transfer Protocol (HTTP)
b) Simple Mail Transfer Protocol (SMTP)
c) File Transfer Protocol (FTP)
d) Internet Protocol (IP)

6. When was the advent of the Internet?

a) 1960s
b) 1970s
c) 1980s
d) 1990s

7. What is the Internet infrastructure primarily used for?

a) Data storage
b) Data transfer
c) Voice communication
d) Power generation

8. Internet governance involves:

a) Control by a single government entity
b) Decentralized management by various organizations
c) No regulation at all
d) Control by a global corporation

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

9. What does the term "Internet society" refer to?

a) Group of people who use the Internet
b) Non-profit organization managing the Internet
c) Government agency overseeing the Internet
d) None of the above

10. Regulation of cyberspace involves:

a) Enforcing strict censorship
b) Promoting freedom of expression
c) Establishing laws and policies for online activities
d) Allowing unrestricted access to all online content

11. What is the concept of cybersecurity primarily concerned with?

a) Protecting physical security
b) Protecting information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction
c) Promoting online entertainment
d) Enhancing internet speed and connectivity

12. Which of the following is NOT an issue or challenge of cybersecurity?

a) Phishing attacks
b) Data breaches
c) Too much encryption
d) Malware infections

Answers:
1. b) Virtual environment where electronic communication occurs
2. a) Email
3. c) Both hardware and software components
4. c) Public network
5. a) Hypertext Transfer Protocol (HTTP)
6. d) 1990s
7. b) Data transfer
8. b) Decentralized management by various organizations
9. a) Group of people who use the Internet
10. c) Establishing laws and policies for online activities
11. b) Protecting information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction
12. c) Too much encryption

Sure, here are some multiple-choice questions (MCQs) on Introduction to Cybersecurity:

1. What is cybersecurity primarily concerned with?

a) Physical security measures
b) Protecting digital information and systems from unauthorized access, use, disclosure,
disruption, modification, or destruction
c) Protecting against natural disasters
d) None of the above

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

2. Which of the following is an example of a cyber threat?

a) Burglary
b) Fire
c) Phishing attack
d) Earthquake

3. What is the significance of encryption in cybersecurity?

a) It protects against malware
b) It secures data by encoding it in a way that only authorized parties can access it
c) It prevents physical theft
d) It ensures fast internet speed

4. What is a firewall used for in cybersecurity?

a) To protect against physical intruders
b) To filter network traffic and prevent unauthorized access
c) To provide electricity to devices
d) To cool down computer systems

5. Which of the following is NOT a common cybersecurity measure?

a) Regularly updating software and systems
b) Using strong, unique passwords
c) Ignoring security alerts
d) Implementing multi-factor authentication

6. What is social engineering in the context of cybersecurity?

a) A method of protecting social media accounts
b) A technique used to manipulate individuals into divulging confidential information
c) A form of entertainment on social media platforms
d) None of the above

7. What is the purpose of penetration testing in cybersecurity?

a) To test the strength of physical barriers
b) To test the effectiveness of cybersecurity measures by simulating cyberattacks
c) To test internet speed
d) To test the durability of computer hardware

8. What is the role of cybersecurity professionals?

a) To design and implement security measures
b) To perform risk assessments
c) To investigate security breaches
d) All of the above

9. Which of the following is NOT a cybersecurity best practice?

a) Sharing passwords with colleagues
b) Regularly backing up data
c) Educating employees about cybersecurity risks
d) Using antivirus software

10. What is the primary goal of cybersecurity?

a) To prevent all cyberattacks
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) To minimize risk and protect against potential threats

c) To maximize internet speed
d) To ensure complete privacy online

Answers:
1. b) Protecting digital information and systems from unauthorized access, use,
disclosure, disruption, modification, or destruction
2. c) Phishing attack
3. b) It secures data by encoding it in a way that only authorized parties can access it
4. b) To filter network traffic and prevent unauthorized access
5. c) Ignoring security alerts
6. b) A technique used to manipulate individuals into divulging confidential information
7. b) To test the effectiveness of cybersecurity measures by simulating cyberattacks
8. d) All of the above
9. a) Sharing passwords with colleagues
10. b) To minimize risk and protect against potential threats

Here are some multiple-choice questions (MCQs) on Defining Cyberspace and Overview of
Computer and Web Technology:

1. What is cyberspace?
a) Physical space where computers are stored
b) Virtual environment where electronic communication occurs
c) The deep ocean where underwater cables are laid
d) The Earth's atmosphere

2. Which of the following is an example of web technology?

a) Email
b) Microwave
c) Refrigerator
d) Television

3. What does the architecture of cyberspace primarily involve?

a) Only hardware components
b) Only software components
c) Both hardware and software components
d) None of the above

4. The Internet is primarily a:

a) Private network
b) Local network
c) Public network
d) Personal network

5. What protocol is primarily used by the World Wide Web?

a) FTP (File Transfer Protocol)
b) HTTP (Hypertext Transfer Protocol)
c) SMTP (Simple Mail Transfer Protocol)
d) TCP/IP (Transmission Control Protocol/Internet Protocol)

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

6. When did the advent of the Internet occur?

a) 1950s
b) 1960s
c) 1970s
d) 1980s

7. What is the primary purpose of the Internet infrastructure?

a) Storing data
b) Sharing data
c) Encrypting data
d) Deleting data

8. Who governs the Internet infrastructure for data transfer?

a) Individual countries
b) International organizations
c) Private corporations
d) All of the above

9. What does the term "Internet society" refer to?

a) Group of people who use the Internet
b) Government agency overseeing the Internet
c) Corporation managing the Internet
d) None of the above

10. What is the regulation of cyberspace primarily concerned with?

a) Promoting freedom of speech
b) Enforcing laws and policies for online activities
c) Encouraging cyberattacks
d) None of the above

Answers:
1. b) Virtual environment where electronic communication occurs
2. a) Email
3. c) Both hardware and software components
4. c) Public network
5. b) HTTP (Hypertext Transfer Protocol)
6. b) 1960s
7. b) Sharing data
8. b) International organizations
9. a) Group of people who use the Internet
10. b) Enforcing laws and policies for online activities

Here are some multiple-choice questions (MCQs) on Communication and Web Technology,
Internet, World Wide Web, Advent of Internet, Internet Infrastructure for Data Transfer and
Governance, and Internet Society:

1. What is the primary purpose of communication technology?

a) To provide entertainment
b) To facilitate the exchange of information and messages between individuals or systems
c) To create virtual reality environments
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

d) To control physical devices

2. What is the Internet primarily known for?

a) Local communication network
b) Global network of interconnected computers and devices
c) Private network accessible only to a few users
d) Communication network used exclusively by governments

3. What is the World Wide Web (WWW)?

a) A physical network of cables and routers
b) A system of interconnected hypertext documents accessed via the Internet
c) A virtual reality environment
d) A social media platform

4. When did the advent of the Internet occur?

a) 1950s
b) 1960s
c) 1970s
d) 1980s

5. What is the Internet infrastructure primarily used for?

a) Data storage
b) Data transfer
c) Voice communication
d) Power generation

6. Who governs the Internet infrastructure for data transfer?

a) Individual countries
b) International organizations
c) Private corporations
d) All of the above

7. What does the term "Internet society" refer to?

a) Group of people who use the Internet
b) Non-profit organization managing the Internet
c) Government agency overseeing the Internet
d) None of the above

8. Which organization is responsible for assigning IP addresses and managing domain names?
a) IEEE (Institute of Electrical and Electronics Engineers)
b) IETF (Internet Engineering Task Force)
c) ICANN (Internet Corporation for Assigned Names and Numbers)
d) ITU (International Telecommunication Union)

9. What is the purpose of Internet governance?

a) To control and censor online content
b) To ensure the stable and secure operation of the Internet
c) To limit access to the Internet
d) None of the above

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

10. What is one of the main challenges faced by the Internet society?
a) Limited availability of online content
b) Cybersecurity threats and privacy concerns
c) Slow internet speeds
d) Lack of international cooperation

Answers:
1. b) To facilitate the exchange of information and messages between individuals or
systems
2. b) Global network of interconnected computers and devices
3. b) A system of interconnected hypertext documents accessed via the Internet
4. b) 1960s
5. b) Data transfer
6. b) International organizations
7. a) Group of people who use the Internet
8. c) ICANN (Internet Corporation for Assigned Names and Numbers)
9. b) To ensure the stable and secure operation of the Internet
10. b) Cybersecurity threats and privacy concerns

Here are some multiple-choice questions (MCQs) on Regulation of Cyberspace, Concept of

Cybersecurity, and Issues and Challenges of Cybersecurity:

Regulation of Cyberspace:

1. What does regulation of cyberspace primarily involve?

a) Enforcing strict censorship
b) Promoting freedom of expression
c) Establishing laws and policies for online activities
d) Allowing unrestricted access to all online content

2. Which entity is primarily responsible for regulating cyberspace?

a) Global corporations
b) International organizations
c) Individual countries
d) Non-profit organizations

3. What is the purpose of cyber laws and regulations?

a) To limit access to the internet
b) To protect individuals and organizations from cybercrimes and threats
c) To promote cyberattacks
d) None of the above

Concept of Cybersecurity:

4. What is cybersecurity primarily concerned with?

a) Protecting physical security
b) Protecting information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction
c) Enhancing internet speed and connectivity
d) None of the above
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

5. What are some common cybersecurity measures?

a) Using weak passwords
b) Ignoring software updates
c) Implementing firewalls and antivirus software
d) Sharing sensitive information online

Issues and Challenges of Cybersecurity:

6. What is a major challenge in cybersecurity?

a) Lack of cyber threats
b) Inadequate cybersecurity measures
c) Excessive cybersecurity regulations
d) None of the above

7. Which of the following is a cybersecurity issue?

a) Strong password policies
b) Data breaches and cyberattacks
c) Regular software updates
d) Sharing information securely

8. What is the significance of cybersecurity awareness?

a) It increases cybersecurity risks
b) It reduces the likelihood of successful cyberattacks
c) It slows down internet speed
d) It increases software vulnerabilities

Answers:
1. c) Establishing laws and policies for online activities
2. c) Individual countries
3. b) To protect individuals and organizations from cybercrimes and threats
4. b) Protecting information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction
5. c) Implementing firewalls and antivirus software
6. b) Inadequate cybersecurity measures
7. b) Data breaches and cyberattacks
8. b) It reduces the likelihood of successful cyberattacks

Reference Links
1. https://www.sanfoundry.com/1000-cyber-security-questions-answers/
2. https://www.javatpoint.com/cyber-security-mcq
3. https://unacademy.com/content/gate/mcqs/cyber-security/
4. https://byjus.com/gate/cyber-security-mcqs/
5. https://www.theknowledgeacademy.com/blog/cyber-security-mcq-and-answers/

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

UNIT 2 MCQ’s

1. What is the classification of cybercrimes primarily based on?

a) Location of the crime
b) Type of device used
c) Intent of the perpetrator
d) Severity of the crime

2. Which of the following is an example of a common cybercrime targeting computers and

mobiles?
a) Phishing
b) Pickpocketing
c) Jaywalking
d) Vandalism

3. Cybercrime against women and children often involves:

a) Identity theft
b) Financial fraud
c) Online harassment and exploitation
d) Intellectual property theft

4. Financial frauds in cyberspace include activities such as:

a) Online shopping
b) Email communication
c) Online banking scams
d) Social media networking

5. Social engineering attacks primarily rely on:

a) Advanced encryption techniques
b) Manipulation of human psychology
c) Artificial intelligence algorithms
d) Network firewalls

6. Malware and ransomware attacks typically involve:

a) Encrypting data for ransom
b) Physical theft of hardware
c) Social media manipulation
d) Online gaming scams

7. What are zero-day and zero-click attacks?

a) Attacks that occur on holidays
b) Attacks that exploit previously unknown vulnerabilities
c) Attacks that require zero effort from the perpetrator
d) Attacks that target zero users

8. Cybercriminals' modus operandi refers to:

a) Their favorite movie
b) Their mode of transportation
c) Their method of operation or approach
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

d) Their musical preferences

9. Reporting of cybercrimes is essential to:

a) Increase the popularity of the crime
b) Prevent law enforcement from taking action
c) Enable investigation and prosecution
d) None of the above

10. What are some remedial and mitigation measures against cybercrimes?
a) Ignoring cybersecurity altogether
b) Implementing strong passwords and multi-factor authentication
c) Sharing personal information online freely
d) Disabling antivirus software

11. Which act governs cybercrimes and cyber law in India?

a) Cybersecurity Act
b) IT Act 2000
c) Cybercrime Prevention Act
d) Digital Security Act

12. Which organization deals with cybercrime and cybersecurity in India?

a) Indian Space Research Organisation (ISRO)
b) Central Bureau of Investigation (CBI)
c) Reserve Bank of India (RBI)
d) Computer Emergency Response Team-India (CERT-In)

Answers:
1. c) Intent of the perpetrator
2. a) Phishing
3. c) Online harassment and exploitation
4. c) Online banking scams
5. b) Manipulation of human psychology
6. a) Encrypting data for ransom
7. b) Attacks that exploit previously unknown vulnerabilities
8. c) Their method of operation or approach
9. c) Enable investigation and prosecution
10. b) Implementing strong passwords and multi-factor authentication
11. b) IT Act 2000
12. d) Computer Emergency Response Team-India (CERT-In)

Here are some multiple-choice questions (MCQs) on common cybercrimes targeting

computers and mobiles:

1. What is a common cybercrime targeting computers and mobiles?

a) Social media manipulation
b) Online banking scams
c) Physical theft of devices
d) Graffiti

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

2. Which of the following is an example of cybercrime targeting mobile devices?

a) Phishing emails
b) Identity theft
c) SIM card cloning
d) Vandalism

3. What is a common method used in cybercrimes targeting computers and mobiles?

a) Snail mail
b) Phone calls
c) Social engineering attacks
d) In-person meetings

4. What is the primary goal of cybercriminals targeting computers and mobiles?

a) Stealing physical objects
b) Obtaining sensitive information or financial gain
c) Exercising social influence
d) Promoting online safety

5. Which of the following is NOT a cybercrime targeting computers and mobiles?

a) Phishing attacks
b) Malware infections
c) Physical graffiti
d) Ransomware attacks

Answers:
1. b) Online banking scams
2. c) SIM card cloning
3. c) Social engineering attacks
4. b) Obtaining sensitive information or financial gain
5. c) Physical graffiti

Here are some multiple-choice questions (MCQs) on cybercrime against women and children:

1. What is a common form of cybercrime against women and children?

a) Hacking corporate databases
b) Social engineering attacks
c) Online harassment and exploitation
d) Financial fraud targeting businesses

2. Which of the following is an example of cybercrime against children?

a) Online shopping scams
b) Identity theft
c) Cyberbullying
d) Online gaming scams

3. What is the primary objective of cybercrime against women and children?

a) Financial gain
b) Gaining unauthorized access to computer systems
c) Causing emotional distress or harm
d) Promoting cybersecurity awareness
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

4. What is cyberbullying?
a) A form of online shopping fraud
b) An online attack targeting businesses
c) Harassment or intimidation using digital communication platforms
d) None of the above

5. How can cybercrime against women and children impact their well-being?
a) It can lead to financial losses
b) It can cause emotional trauma and psychological harm
c) It can improve their cybersecurity skills
d) It can enhance their social reputation

Answers:
1. c) Online harassment and exploitation
2. c) Cyberbullying
3. c) Causing emotional distress or harm
4. c) Harassment or intimidation using digital communication platforms
5. b) It can cause emotional trauma and psychological harm

Here are some multiple-choice questions (MCQs) on financial frauds and social engineering
attacks:

Financial Frauds:

1. What is a common example of financial fraud in cyberspace?

a) Phishing attacks
b) Social media manipulation
c) Physical theft of devices
d) Online gaming scams

2. How do cybercriminals typically execute financial frauds?

a) By using advanced encryption techniques
b) By impersonating legitimate entities to obtain financial information
c) By conducting physical break-ins
d) By engaging in social media activities

3. What is the primary objective of financial frauds?

a) Gaining unauthorized access to computer systems
b) Obtaining financial gain through fraudulent means
c) Enhancing cybersecurity awareness
d) Promoting online safety

Social Engineering Attacks:

4. What is a common social engineering tactic used by cybercriminals?

a) Phishing emails
b) Secure passwords
c) Regular software updates
d) Strong encryption protocols
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

5. What is the goal of social engineering attacks?

a) To improve network security
b) To manipulate individuals into divulging confidential information
c) To increase online privacy
d) To enhance internet speed

6. How do social engineering attacks typically exploit human psychology?

a) By providing accurate information
b) By instilling fear or urgency
c) By promoting trust and credibility
d) By encouraging skepticism and critical thinking

Answers:
Financial Frauds:
1. a) Phishing attacks
2. b) By impersonating legitimate entities to obtain financial information
3. b) Obtaining financial gain through fraudulent means

Social Engineering Attacks:

4. a) Phishing emails
5. b) To manipulate individuals into divulging confidential information
6. b) By instilling fear or urgency

Here are some multiple-choice questions (MCQs) on malware and ransomware attacks:

1. What is malware?
a) Software designed to protect computers
b) Software designed to damage, disrupt, or gain unauthorized access to a computer system
c) Software designed to enhance system performance
d) Software designed to improve network security

2. Which of the following is a characteristic of ransomware?

a) It steals sensitive information
b) It blocks access to a system or files until a ransom is paid
c) It spreads through physical media such as USB drives
d) It only affects mobile devices

3. How does malware typically infect a computer?

a) Through physical damage to the hardware
b) By exploiting vulnerabilities in software or operating systems
c) By using the computer's webcam
d) Through electromagnetic interference

4. Which of the following is NOT a common type of malware?

a) Trojan horse
b) Worm
c) Firewall
d) Virus

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

5. What is the primary purpose of ransomware?

a) To steal personal information
b) To encrypt files and demand payment for decryption
c) To slow down a computer's performance
d) To display annoying pop-up advertisements

6. Which of the following is a preventive measure against malware attacks?

a) Clicking on suspicious links and attachments in emails
b) Disabling antivirus software
c) Keeping software and operating systems up to date
d) Sharing passwords with coworkers

7. What is a common method used by ransomware to spread?

a) Through physical mail
b) By exploiting software vulnerabilities and security flaws
c) By infecting hardware components
d) Through voice commands

8. What action should you take if your computer is infected with ransomware?
a) Ignore it and continue using your computer
b) Pay the ransom immediately
c) Disconnect the infected computer from the network and seek professional help
d) Post about it on social media for assistance

9. Which of the following statements about ransomware attacks is true?

a) Ransomware attacks only target large corporations
b) Ransomware attacks are always preventable
c) Ransomware attacks encrypt files and demand payment for decryption
d) Ransomware attacks primarily target hardware components

10. What is a "zero-day" vulnerability?

a) A vulnerability that has been known and patched for zero days
b) A vulnerability that has existed for zero days
c) A vulnerability that has been exploited for zero days
d) A vulnerability that has not yet been discovered or patched by the software vendor

Answers:
1. b) Software designed to damage, disrupt, or gain unauthorized access to a computer
system
2. b) It blocks access to a system or files until a ransom is paid
3. b) By exploiting vulnerabilities in software or operating systems
4. c) Firewall
5. b) To encrypt files and demand payment for decryption
6. c) Keeping software and operating systems up to date
7. b) By exploiting software vulnerabilities and security flaws
8. c) Disconnect the infected computer from the network and seek professional help
9. c) Ransomware attacks encrypt files and demand payment for decryption
10. d) A vulnerability that has not yet been discovered or patched by the software vendor.
Here are some multiple-choice questions (MCQs) on zero-day and zero-click attacks:

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

1. What is a zero-day vulnerability?

a) A vulnerability that has been known and patched for zero days
b) A vulnerability that has existed for zero days
c) A vulnerability that has been exploited for zero days
d) A vulnerability that has not yet been discovered or patched by the software vendor

2. What is a zero-click attack?

a) An attack that requires zero effort from the attacker
b) An attack that targets zero devices
c) An attack that exploits zero vulnerabilities
d) An attack that happens zero times

3. Which of the following statements best describes a zero-day attack?

a) An attack that occurs on the day a software vulnerability is discovered
b) An attack that targets a system with no security measures in place
c) An attack that exploits a vulnerability that is unknown to the software vendor
d) An attack that occurs on the first day of a new year

4. How does a zero-click attack typically occur?

a) By tricking the user into clicking on a malicious link or attachment
b) By exploiting a vulnerability in the software without any interaction from the user
c) By gaining physical access to the device and installing malware manually
d) By intercepting network traffic and injecting malicious code into legitimate websites

5. Which of the following is a characteristic of zero-click attacks?

a) They require active participation from the user
b) They are easy to detect and prevent
c) They can occur without any interaction from the user
d) They only target outdated software

6. What is the primary goal of a zero-click attack?

a) To steal sensitive information from the user
b) To encrypt files and demand ransom
c) To gain unauthorized access to the user's device
d) To disrupt the functioning of the user's device

7. Which of the following is a preventive measure against zero-day attacks?

a) Keeping software and operating systems up to date
b) Clicking on suspicious links and attachments in emails
c) Disabling antivirus software
d) Sharing passwords with coworkers

8. How do zero-click attacks differ from traditional malware attacks?

a) Zero-click attacks are less sophisticated
b) Zero-click attacks do not require any interaction from the user
c) Zero-click attacks only target mobile devices
d) Zero-click attacks are easier to detect and prevent

9. What makes zero-day vulnerabilities particularly dangerous?

a) They are well-documented and widely known
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) They can be patched before they are exploited

c) They are unknown to the software vendor and have no available patch
d) They only affect outdated software

10. Which of the following is an example of a zero-click attack vector?

a) Phishing emails
b) Drive-by downloads
c) Man-in-the-middle attacks
d) Exploiting a vulnerability in the Bluetooth protocol

Answers:
1. d) A vulnerability that has not yet been discovered or patched by the software vendor
2. b) An attack that targets zero devices
3. c) An attack that exploits a vulnerability that is unknown to the software vendor
4. b) By exploiting a vulnerability in the software without any interaction from the user
5. c) They can occur without any interaction from the user
6. c) To gain unauthorized access to the user's device
7. a) Keeping software and operating systems up to date
8. b) Zero-click attacks do not require any interaction from the user
9. c) They are unknown to the software vendor and have no available patch
10. d) Exploiting a vulnerability in the Bluetooth protocol

Here are some multiple-choice questions (MCQs) on cybercriminals' modus operandi:

1. Which of the following is a common method used by cybercriminals to gain unauthorized

access to systems?
a) Sending unsolicited emails with attachments
b) Providing regular security updates
c) Encrypting sensitive data
d) Implementing strong firewall protections

2. What is phishing?
a) A technique used to encrypt files and demand ransom
b) A method of social engineering where attackers attempt to deceive individuals into
providing sensitive information
c) A type of denial-of-service attack
d) A form of encryption used to protect data during transmission

3. What is social engineering in the context of cybercrime?

a) Hacking into social media accounts
b) Using social media to spread malware
c) Manipulating individuals into divulging confidential information
d) Building social networks for cybercriminals

4. What is ransomware?
a) Malware that spreads through social media platforms
b) Malware designed to steal financial information
c) Malware that encrypts files and demands payment for decryption
d) Malware that targets specific individuals through personalized attacks

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

5. What is a common target of cybercriminals in a business environment?

a) Physical security systems
b) Employee training programs
c) Financial data
d) Public relations campaigns

6. What is a DDoS (Distributed Denial of Service) attack?

a) An attack that encrypts files and demands payment for decryption
b) An attack that floods a network or server with traffic to disrupt normal operations
c) An attack that targets individuals through email scams
d) An attack that bypasses firewalls to gain access to sensitive information

7. What is a keylogger?
a) A physical device used to record keystrokes on a keyboard
b) A software program that captures keystrokes on a computer or mobile device
c) A type of malware that encrypts files and demands payment for decryption
d) A form of encryption used to protect sensitive data

8. What is the purpose of a SQL injection attack?

a) To steal cookies from web browsers
b) To encrypt data stored in a database
c) To exploit vulnerabilities in web applications and gain unauthorized access to a database
d) To prevent unauthorized access to a network

9. What is a common method used by cybercriminals to distribute malware?

a) Hosting malware on legitimate websites
b) Providing regular software updates
c) Encrypting sensitive data
d) Implementing strong password policies

10. What is the term used to describe the practice of using multiple layers of security controls
to protect against cyber threats?
a) Single-factor authentication
b) Multi-factor authentication
c) Defense-in-depth
d) Endpoint security

Answers:
1. a) Sending unsolicited emails with attachments
2. b) A method of social engineering where attackers attempt to deceive individuals into
providing sensitive information
3. c) Manipulating individuals into divulging confidential information
4. c) Malware that encrypts files and demands payment for decryption
5. c) Financial data
6. b) An attack that floods a network or server with traffic to disrupt normal operations
7. b) A software program that captures keystrokes on a computer or mobile device
8. c) To exploit vulnerabilities in web applications and gain unauthorized access to a
database
9. a) Hosting malware on legitimate websites
10. c) Defense-in-depth
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

Here are some multiple-choice questions (MCQs) covering reporting of cybercrimes, remedial
and mitigation measures, and the legal perspective of cybercrime:

Reporting of Cybercrimes:

1. When should individuals or organizations report cybercrimes to the authorities?

a) Only if financial losses are significant
b) Immediately after detecting any suspicious activity
c) Only if personal data is compromised
d) Once a year during cybersecurity awareness month

2. Which organization is typically responsible for handling reports of cybercrimes?

a) International Cybercrime Enforcement Agency
b) Federal Bureau of Investigation (FBI)
c) Internet Service Providers (ISPs)
d) Social media platforms

3. What information should be included when reporting a cybercrime?

a) Only personal information of the victim
b) Detailed description of the incident, including any evidence
c) Bank account details of the victim
d) Information about the cybercriminal's motives

Remedial and Mitigation Measures:

4. What is a primary goal of remedial measures after a cyber attack?

a) To track down and punish the cybercriminals
b) To recover lost data and restore affected systems
c) To increase the cybercriminals' access to sensitive information
d) To shut down the affected organization permanently

5. What is a common mitigation measure to prevent malware infections?

a) Disabling firewalls
b) Ignoring software updates
c) Installing antivirus software and keeping it updated
d) Sharing passwords with colleagues

6. How can organizations improve their resilience against cyber attacks?

a) By storing all data on unprotected servers
b) By providing cybersecurity training to employees
c) By sharing sensitive information openly with competitors
d) By ignoring cybersecurity best practices

Legal Perspective of Cybercrime:

7. What is the purpose of cybercrime laws?

a) To encourage cybercriminal activities
b) To protect the rights and privacy of cybercriminals
c) To define and punish illegal activities conducted online
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

d) To grant immunity to cybercriminals

8. Which legal principle states that individuals are responsible for their actions online?
a) Digital anonymity
b) Cyber sovereignty
c) Cyber jurisdiction
d) Cyber attribution

9. What is the role of digital forensics in cybercrime investigations?

a) To provide legal representation to cybercriminals
b) To analyze digital evidence to identify and catch cybercriminals
c) To facilitate cyber attacks
d) To promote cybercrime prevention initiatives

Answers:
1. b) Immediately after detecting any suspicious activity
2. b) Federal Bureau of Investigation (FBI)
3. b) Detailed description of the incident, including any evidence
4. b) To recover lost data and restore affected systems
5. c) Installing antivirus software and keeping it updated
6. b) By providing cybersecurity training to employees
7. c) To define and punish illegal activities conducted online
8. d) Cyber attribution
9. b) To analyze digital evidence to identify and catch cybercriminals

Here are some multiple-choice questions (MCQs) on the Information Technology (IT) Act of
2000 and its amendments:

1. What is the primary objective of the Information Technology (IT) Act of 2000?
a) To promote the use of traditional communication methods
b) To regulate the use of electronic commerce
c) To establish guidelines for social media platforms
d) To discourage the use of information technology

2. Which body is responsible for implementing the provisions of the IT Act in India?
a) Ministry of Health and Family Welfare
b) Ministry of Electronics and Information Technology
c) Ministry of Agriculture and Farmers Welfare
d) Ministry of Housing and Urban Affairs

3. What aspect of cybersecurity does the IT Act of 2000 primarily address?

a) Protection of critical infrastructure
b) Protection of personal data and information
c) Regulation of online content
d) Regulation of cryptocurrency

4. Which amendment to the IT Act of 2000 introduced provisions related to electronic

signatures and digital signatures?
a) IT Amendment Act, 2006
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) IT Amendment Act, 2008

c) IT Amendment Act, 2011
d) IT Amendment Act, 2013

5. What is the significance of the IT Amendment Act, 2008?

a) It introduced provisions for the regulation of cyber cafes
b) It expanded the definition of "cyber terrorism"
c) It established the National Cyber Security Coordinator
d) It introduced provisions related to data protection and privacy

6. Which amendment to the IT Act of 2000 introduced the concept of "intermediaries" and their
liabilities?
a) IT Amendment Act, 2006
b) IT Amendment Act, 2008
c) IT Amendment Act, 2011
d) IT Amendment Act, 2013

7. What is the purpose of the provision regarding "intermediaries" in the IT Act?

a) To hold intermediaries liable for all content posted on their platforms
b) To grant immunity to intermediaries for content posted by users
c) To regulate the pricing policies of intermediaries
d) To require intermediaries to monitor user activities constantly

8. Which amendment to the IT Act of 2000 introduced provisions related to the punishment for
cyber terrorism?
a) IT Amendment Act, 2006
b) IT Amendment Act, 2008
c) IT Amendment Act, 2011
d) IT Amendment Act, 2013

9. What aspect of cybercrime does the IT Amendment Act, 2011 primarily address?
a) Protection of critical infrastructure
b) Punishment for cyber terrorism
c) Regulation of online content
d) Protection of personal data and information

10. What is the significance of the IT Amendment Act, 2013?

a) It introduced provisions related to the punishment for cyber terrorism
b) It expanded the definition of "sensitive personal data"
c) It established the National Cyber Security Coordinator
d) It introduced provisions for the regulation of cyber cafes

Answers:
1. b) To regulate the use of electronic commerce
2. b) Ministry of Electronics and Information Technology
3. b) Protection of personal data and information
4. a) IT Amendment Act, 2006
5. b) It expanded the definition of "cyber terrorism"
6. c) IT Amendment Act, 2011
7. b) To grant immunity to intermediaries for content posted by users
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

8. c) IT Amendment Act, 2011

9. a) Protection of critical infrastructure
10. b) It expanded the definition of "sensitive personal data"

Here are multiple-choice questions (MCQs) covering cyber-crime and offences, organizations
dealing with cybercrime and cybersecurity in India, and case studies:

Cyber-crime and Offences:

1. What is a common example of a cybercrime?

a) Selling physical products online
b) Posting updates on social media platforms
c) Phishing scams to steal personal information
d) Watching videos on streaming platforms

2. Which of the following is considered a cyber offence under Indian law?

a) Writing a blog post criticizing a government policy
b) Accessing someone's social media account without permission
c) Sharing memes with friends on a messaging app
d) Uploading vacation photos on a photo-sharing website

3. What does the term "phishing" refer to in the context of cybercrime?

a) A type of online gaming
b) Sending unsolicited emails to gather sensitive information
c) Hosting virtual events
d) Selling counterfeit products online

Organizations Dealing with Cybercrime and Cybersecurity in India:

4. Which organization in India is responsible for handling cybercrime investigations and

forensics?
a) Indian Cyber Crime Coordination Centre (I4C)
b) Ministry of Home Affairs
c) National Cyber Security Coordinator
d) Reserve Bank of India

5. What is the primary role of CERT-In (Indian Computer Emergency Response Team)?
a) To regulate social media platforms
b) To provide cybersecurity incident response and coordination
c) To conduct cybercrime investigations
d) To develop gaming software

6. Which organization is responsible for formulating policies and strategies for cybersecurity
in India?
a) National Technical Research Organisation (NTRO)
b) Indian Computer Emergency Response Team (CERT-In)
c) National Cyber Security Coordinator
d) Ministry of Electronics and Information Technology (MeitY)

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

Case Studies:

7. A company's financial data was stolen by hackers who infiltrated their network. What type
of cybercrime does this scenario represent?
a) Identity theft
b) Cyber espionage
c) Data breach
d) Phishing attack

8. An individual received an email claiming to be from their bank, requesting personal banking
information. Upon investigation, it was found to be a scam. What type of cybercrime does this
scenario represent?
a) Phishing
b) Ransomware attack
c) DDoS attack
d) Insider threat

9. A government organization's website was defaced by hackers who replaced the homepage
with unauthorized content. What type of cybercrime does this scenario represent?
a) Cyber terrorism
b) Insider threat
c) Website defacement
d) Malware attack

Answers:

1. c) Phishing scams to steal personal information

2. b) Accessing someone's social media account without permission
3. b) Sending unsolicited emails to gather sensitive information
4. a) Indian Cyber Crime Coordination Centre (I4C)
5. b) To provide cybersecurity incident response and coordination
6. d) Ministry of Electronics and Information Technology (MeitY)
7. c) Data breach
8. a) Phishing
9. c) Website defacement

Reference Links:
1. https://www.sanfoundry.com/cyber-security-questions-answers-cyber-laws-it-laws-1/
2. https://lawbhoomi.com/mcq-question-bank-on-cyber-law/
3. https://www.sanfoundry.com/1000-cyber-security-questions-answers/
4. https://www.studocu.com/in/document/rashtrasant-tukadoji-maharaj-nagpur-university/cyber-
security/multiple-choice-questions-of-cyber-law/12358015
5. https://gtu-mcq.com/BE/Electrical-Engineering/Semester-
6/3161925/5712/MCQs?q=9aZHDjblmRk=
6. https://letsfindcourse.com/cyber-security-mcq/malware-mcq-questions-and-answers

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

UNIT 3 MCQ’s
1. What is a social network primarily designed for?
a) Sharing physical addresses
b) Connecting individuals and groups online
c) Buying and selling products
d) Playing video games

2. Which of the following is NOT a type of social media platform?

a) Social networking sites
b) Video streaming platforms
c) Online marketplaces
d) Search engines

3. Social media monitoring involves:

a) Tracking individuals in real life
b) Monitoring online conversations and activities
c) Physical surveillance of social media offices
d) None of the above

4. What is a hashtag?
a) A type of social media profile
b) A symbol used to mark keywords or topics in a post
c) A measure of social media popularity
d) A type of viral content

5. Viral content on social media:

a) Spreads rapidly across multiple platforms
b) Is only seen by a small number of people
c) Is always true and accurate
d) Cannot be shared by users

6. Social media marketing involves:

a) Selling physical products only
b) Promoting brands and products through social media platforms
c) Banning users from accessing social media
d) Ignoring customer feedback

7. What is a key concern regarding social media privacy?

a) Excessive sharing of personal information
b) Lack of internet connection
c) Limited access to social media platforms
d) Government surveillance

8. What are some challenges of online social networks?

a) Ensuring inclusivity and diversity
b) Dealing with misinformation and fake news
c) Maintaining user engagement
d) All of the above

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

9. Security issues related to social media may include:

a) Identity theft
b) Password sharing
c) Accepting friend requests from unknown individuals
d) All of the above

10. What is the purpose of flagging and reporting inappropriate content on social media?
a) To increase the popularity of the content
b) To encourage others to post similar content
c) To notify platform administrators for removal or action
d) None of the above

11. What laws govern the posting of inappropriate content on social media?
a) Social Media Act
b) Digital Content Regulation Act
c) There are no specific laws
d) Internet Privacy Act

12. What are some best practices for the use of social media?
a) Sharing personal information freely
b) Engaging in online arguments
c) Verifying information before sharing
d) Ignoring privacy settings

Answers:
1. b) Connecting individuals and groups online
2. c) Online marketplaces
3. b) Monitoring online conversations and activities
4. b) A symbol used to mark keywords or topics in a post
5. a) Spreads rapidly across multiple platforms
6. b) Promoting brands and products through social media platforms
7. a) Excessive sharing of personal information
8. d) All of the above
9. d) All of the above
10. c) To notify platform administrators for removal or action
11. c) There are no specific laws
12. c) Verifying information before sharing

Reference Links:

1. https://testbook.com/objective-questions/mcq-on-social-media--
626bbbb81a305a657899de22
2. https://t4tutorials.com/social-networks-mcqs-solved-questions-answers/
3. https://www.includehelp.com/mcq/social-media-marketing-smm-mcqs.aspx
4. https://www.sanfoundry.com/cyber-security-questions-answers-social-networking-
security/

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

UNIT 4 MCQ’s
E-Commerce:

1. What is the definition of E-Commerce?

a) Electronic communication between businesses
b) Electronic commerce involving the buying and selling of goods and services over the
internet
c) Exclusive commerce limited to online transactions
d) Economic competition in the digital realm only

2. What are the main components of E-Commerce?

a) Electronic devices and software
b) Internet connection and web browsers
c) Buyers, sellers, products, and transactions
d) Payment gateways and shopping carts

3. Which of the following is NOT an element of E-Commerce security?

a) Encryption
b) Authentication
c) Firewalls
d) Unsecured connections

4. What are common threats to E-Commerce?

a) Customer satisfaction
b) Competitive pricing
c) Data breaches and cyberattacks
d) Marketing strategies

5. What are some best practices for E-Commerce security?

a) Using weak passwords
b) Ignoring software updates
c) Regular security audits and updates
d) Sharing sensitive information publicly

6. What is an advantage of E-Commerce?

a) Limited market reach
b) High operational costs
c) Global market access
d) Lack of customer convenience

7. Survey of popular E-Commerce sites helps in:

a) Increasing website traffic
b) Identifying market trends and competitors
c) Hiding product information
d) Decreasing customer engagement

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

Digital Payments:

8. What are the components of digital payments?

a) Cash and checks
b) Payment gateways and credit cards
c) Money transfer and authentication
d) Buyers and sellers

9. Which of the following is NOT a mode of digital payment?

a) Banking Cards
b) Unified Payment Interface (UPI)
c) Physical currency
d) e-Wallets

10. What is USSD used for in digital payments?

a) Transfer of funds via mobile phones
b) Online shopping
c) Secure messaging
d) None of the above

11. What are common frauds related to digital payments?

a) Sharing passwords securely
b) Phishing attacks and identity theft
c) Regularly updating payment apps
d) Using two-factor authentication

12. What guidelines does RBI provide regarding digital payments and customer protection?
a) Regularly share sensitive information online
b) Ensure encryption of payment data
c) Ignore suspicious transactions
d) None of the above

Answers:
1. b) Electronic commerce involving the buying and selling of goods and services over the
internet
2. c) Buyers, sellers, products, and transactions
3. d) Unsecured connections
4. c) Data breaches and cyberattacks
5. c) Regular security audits and updates
6. c) Global market access
7. b) Identifying market trends and competitors
8. c) Money transfer and authentication
9. c) Physical currency
10. a) Transfer of funds via mobile phones
11. b) Phishing attacks and identity theft
12. b) Ensure encryption of payment data

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

Here are some multiple-choice questions (MCQs) covering the definition of e-commerce and
its main components:

Definition of E-Commerce:

1. What is the most appropriate definition of e-commerce?

a) Traditional brick-and-mortar business operations
b) Buying and selling goods and services over the internet
c) Telephone sales transactions
d) In-person consultations with customers

2. Which of the following best describes e-commerce?

a) Offline transactions conducted through physical stores
b) Electronic transactions conducted over computer networks
c) Mail-order transactions
d) Television shopping channels

3. What distinguishes e-commerce from traditional commerce?

a) E-commerce requires physical presence
b) E-commerce transactions are conducted online
c) E-commerce relies solely on cash transactions
d) E-commerce is limited to local markets

Main Components of E-Commerce:

4. What is a key component of e-commerce infrastructure?

a) Physical store locations
b) Shopping malls
c) Internet connectivity and websites
d) Printed catalogs

5. What role does payment processing play in e-commerce?

a) It is not necessary for e-commerce transactions
b) It facilitates the transfer of funds between buyers and sellers
c) It only accepts cash payments
d) It provides customer support services

6. What is the purpose of an online marketplace in e-commerce?

a) To provide physical store locations
b) To sell products only in local markets
c) To connect buyers and sellers on a digital platform
d) To distribute printed catalogs

7. Which of the following is a component of e-commerce logistics?

a) Product pricing
b) Inventory management
c) Customer reviews
d) Website design

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

8. What is the function of customer support in e-commerce?

a) To sell products
b) To provide assistance to customers before, during, and after a purchase
c) To handle payment processing
d) To design the website interface

9. What is the significance of digital marketing in e-commerce?

a) It is not relevant to e-commerce businesses
b) It helps attract and retain customers through online channels
c) It is limited to traditional advertising methods
d) It focuses only on physical store promotions

Answers:

1. b) Buying and selling goods and services over the internet

2. b) Electronic transactions conducted over computer networks
3. b) E-commerce transactions are conducted online
4. c) Internet connectivity and websites
5. b) It facilitates the transfer of funds between buyers and sellers
6. c) To connect buyers and sellers on a digital platform
7. b) Inventory management
8. b) To provide assistance to customers before, during, and after a purchase
9. b) It helps attract and retain customers through online channels

Elements of E-Commerce Security:

1. Which of the following is an essential element of e-commerce security?

a) Offering products at discounted prices
b) Implementing SSL encryption for secure transactions
c) Sending promotional emails to customers
d) Providing free shipping options

2. What is the purpose of encryption in e-commerce security?

a) To slow down website loading times
b) To protect sensitive information during transmission
c) To display product images more clearly
d) To increase the number of website visitors

E-Commerce Threats:

3. What is a common threat to e-commerce security?

a) Providing excellent customer service
b) Implementing strong password policies
c) Phishing attacks to steal personal information
d) Offering secure payment options

4. What type of attack aims to overwhelm a website with excessive traffic, making it
unavailable to legitimate users?
a) Phishing attack
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) SQL injection attack

c) Distributed Denial of Service (DDoS) attack
d) Cross-site scripting (XSS) attack

E-Commerce Security Best Practices:

5. What is a recommended best practice to enhance e-commerce security?

a) Storing customer credit card information in plain text
b) Using weak, easily guessable passwords
c) Regularly updating security patches and software
d) Sharing login credentials with multiple employees

6. Why is multi-factor authentication considered a best practice for e-commerce security?

a) It complicates the login process for users
b) It requires users to change their passwords frequently
c) It provides an additional layer of security beyond passwords
d) It reduces the need for strong encryption

Advantages of E-Commerce:

7. What is a significant advantage of e-commerce for businesses?

a) Limited reach to local customers only
b) High overhead costs compared to traditional brick-and-mortar stores
c) Ability to reach a global audience
d) Dependence on physical store locations

8. How does e-commerce benefit consumers?

a) Limited product variety compared to physical stores
b) Limited payment options
c) Convenience of shopping from anywhere at any time
d) Lack of access to customer reviews and ratings

Survey of Popular E-Commerce Sites:

9. Which of the following is a popular e-commerce site known for selling a wide range of
products and offering fast shipping options?
a) Amazon
b) LinkedIn
c) Twitter
d) Netflix

10. Which e-commerce site specializes in handmade or vintage items and craft supplies?
a) Etsy
b) Alibaba
c) eBay
d) Walmart

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

Answers:

1. b) Implementing SSL encryption for secure transactions

2. b) To protect sensitive information during transmission
3. c) Phishing attacks to steal personal information
4. c) Distributed Denial of Service (DDoS) attack
5. c) Regularly updating security patches and software
6. c) It provides an additional layer of security beyond passwords
7. c) Ability to reach a global audience
8. c) Convenience of shopping from anywhere at any time
9. a) Amazon
10. a) Etsy

Here are multiple-choice questions (MCQs) on the introduction to digital payments,

components of digital payment and stakeholders, and modes of digital payments:

Introduction to Digital Payments:

1. What is the primary purpose of digital payments?

a) To reduce the use of cash
b) To increase the complexity of transactions
c) To limit financial inclusion
d) To discourage online shopping

2. Which of the following best defines digital payments?

a) Traditional paper-based transactions
b) Cash transactions only
c) Electronic transactions conducted through digital channels
d) Barter system

Components of Digital Payment and Stakeholders:

3. Who are the primary stakeholders involved in digital payments?

a) Only banks
b) Only consumers
c) Banks, merchants, consumers, and payment service providers
d) Government agencies only

4. What role do payment service providers play in digital payments?

a) They are not involved in digital payments
b) They facilitate transactions between consumers and banks
c) They provide software and infrastructure for processing payments
d) They regulate digital payments

Modes of Digital Payments:

5. Which mode of digital payment involves using a plastic card issued by a bank to make
transactions?
a) Unified Payment Interface (UPI)
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) e-Wallets
c) Banking Cards
d) Unstructured Supplementary Service Data (USSD)

6. What is the primary advantage of Unified Payment Interface (UPI)?

a) It requires physical presence for transactions
b) It provides high-level security for transactions
c) It has limited acceptance among merchants
d) It is not supported by mobile devices

7. Which mode of digital payment allows users to store multiple payment methods, such as
credit cards, debit cards, and bank accounts, in a single digital platform?
a) Unified Payment Interface (UPI)
b) e-Wallets
c) Banking Cards
d) Unstructured Supplementary Service Data (USSD)

8. What technology does Unstructured Supplementary Service Data (USSD) use for
transactions?
a) Internet connectivity
b) SMS or text messaging
c) Near Field Communication (NFC)
d) Bluetooth connectivity

Answers:

1. c) To limit financial inclusion

2. c) Electronic transactions conducted through digital channels
3. c) Banks, merchants, consumers, and payment service providers
4. c) They provide software and infrastructure for processing payments
5. c) Banking Cards
6. b) It provides high-level security for transactions
7. b) e-Wallets
8. b) SMS or text messaging

Aadhaar Enabled Payments:

1. What is Aadhaar-enabled payment?

a) A payment method where the Aadhaar card is used as a credit card
b) A payment system that uses the Aadhaar number and biometric authentication
c) A payment method where only cash transactions are allowed
d) A payment method exclusive to government transactions

2. Which of the following is a benefit of Aadhaar-enabled payments?

a) Limited acceptance among merchants
b) Reduced risk of fraud due to biometric authentication
c) Requirement of physical presence for transactions
d) Incompatibility with mobile devices

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

Digital Payments Related Common Frauds and Preventive Measures:

3. What is a common type of fraud in digital payments where a fake website or email is used
to deceive users into providing personal or financial information?
a) Identity theft
b) Phishing
c) Insider fraud
d) Data breach

4. How can users prevent falling victim to phishing attacks in digital payments?
a) Click on links provided in unsolicited emails
b) Share personal and financial information freely
c) Verify the authenticity of websites and emails before providing any information
d) Ignore security warnings from browsers

RBI Guidelines on Digital Payments and Customer Protection in Unauthorized Banking

Transactions:

5. What do RBI guidelines on digital payments aim to ensure?

a) To limit the use of digital payment methods
b) To encourage the use of cash transactions
c) To promote customer protection and safety in digital transactions
d) To discourage financial inclusion

6. What is the purpose of RBI guidelines on customer protection in unauthorized banking

transactions?
a) To hold customers liable for all unauthorized transactions
b) To limit customer access to digital payment methods
c) To provide recourse and compensation to customers in case of unauthorized transactions
d) To encourage fraudulent activities in digital payments

Answers:
1. b) A payment system that uses the Aadhaar number and biometric authentication
2. b) Reduced risk of fraud due to biometric authentication
3. b) Phishing
4. c) Verify the authenticity of websites and emails before providing any information
5. c) To promote customer protection and safety in digital transactions
6. c) To provide recourse and compensation to customers in case of unauthorized
transactions

Here are some multiple-choice questions (MCQs) on relevant provisions of the Payment and
Settlement Systems Act, 2007:

1. The Payment and Settlement Systems Act, 2007, in India, primarily aims to regulate which
of the following?
a) Banking transactions
b) Stock market transactions
c) Payment and settlement systems
d) Real estate transactions
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

2. Which regulatory body is responsible for overseeing and regulating payment and settlement
systems in India under the Payment and Settlement Systems Act, 2007?
a) Securities and Exchange Board of India (SEBI)
b) Reserve Bank of India (RBI)
c) Insurance Regulatory and Development Authority of India (IRDAI)
d) Ministry of Finance

3. Under the Payment and Settlement Systems Act, 2007, who is required to obtain
authorization from the Reserve Bank of India to operate a payment system?
a) Only government-owned entities
b) Only private companies
c) All entities operating payment systems
d) Entities operating small-scale payment systems

4. Which of the following is NOT a key objective of the Payment and Settlement Systems Act,
2007?
a) Ensuring the stability and efficiency of payment systems
b) Protecting the interests of consumers in payment transactions
c) Facilitating competition and innovation in payment systems
d) Promoting cash transactions over digital payments

5. The Payment and Settlement Systems Act, 2007, empowers the Reserve Bank of India to
issue regulations related to which of the following aspects?
a) Only technical standards for payment systems
b) Licensing and operation of payment systems
c) Only consumer protection in payment transactions
d) None of the above

6. Under the Payment and Settlement Systems Act, 2007, what are the consequences for
operating a payment system without obtaining authorization from the Reserve Bank of India?
a) No consequences
b) A warning letter from the Reserve Bank of India
c) Penalties, including fines and imprisonment
d) Suspension of banking license

Answers:
1. c) Payment and settlement systems
2. b) Reserve Bank of India (RBI)
3. c) All entities operating payment systems
4. d) Promoting cash transactions over digital payments
5. b) Licensing and operation of payment systems
6. c) Penalties, including fines and imprisonment

Reference Links:
1. https://unacademy.com/content/gate/mcqs/e-commerce-mcqs/
2. https://testbook.com/objective-questions/mcq-on-e-commerce--
5eea6a1439140f30f369f2c2
3. https://www.examveda.com/commerce/practice-mcq-question-on-ecommerce/
4. https://byjus.com/gate/e-commerce-mcqs/
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

UNIT 5 MCQ’s
1. What is an endpoint device?
a) A device at the beginning of a network
b) A device at the end of a network
c) A device used for gaming only
d) A device without any internet connection

2. What is the significance of mobile phone security?

a) To protect against physical damage
b) To prevent unauthorized access to data and applications
c) To enhance battery life
d) To increase screen brightness

3. Which of the following is a recommended password policy?

a) Using the same password for all accounts
b) Using complex passwords with a combination of letters, numbers, and special characters
c) Sharing passwords with friends and family
d) Writing down passwords on sticky notes attached to the device

4. What is security patch management?

a) Managing patches of fabric on a device
b) Managing updates to software to address security vulnerabilities
c) Managing physical security guards
d) None of the above

5. Why is data backup important for device security?

a) To free up storage space
b) To increase device performance
c) To protect against data loss due to hardware failure, theft, or malware
d) To improve internet speed

6. What should be considered when downloading third-party software?

a) Trustworthiness and reliability of the source
b) Popularity of the software
c) Color scheme of the software interface
d) Price of the software

7. What is a device security policy?

a) A policy that allows unrestricted access to all devices
b) A policy that restricts access to devices based on user roles and responsibilities
c) A policy that encourages sharing of devices among users
d) A policy that mandates the use of outdated software

8. Which of the following are cyber security best practices?

a) Ignoring software updates
b) Using weak passwords
c) Regularly updating software and antivirus programs
d) Sharing sensitive information online

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

9. What is the significance of a host firewall and antivirus?

a) To slow down device performance
b) To enhance device aesthetics
c) To protect against unauthorized network access and malware
d) To increase device storage capacity

10. How should a host firewall and antivirus be managed?

a) By disabling them when not in use
b) By updating them regularly and configuring them for optimal protection
c) By uninstalling them to free up device space
d) By using multiple firewalls and antivirus programs simultaneously

11. What is Wi-Fi security primarily concerned with?

a) Signal strength
b) Device aesthetics
c) Protecting the wireless network from unauthorized access and data interception
d) Encryption methods

12. What should be configured in a basic security policy and permissions?

a) Unrestricted access to all resources
b) Limited access based on user roles and responsibilities
c) No security measures
d) Sharing of sensitive information

Answers:
1. b) A device at the end of a network
2. b) To prevent unauthorized access to data and applications
3. b) Using complex passwords with a combination of letters, numbers, and special
characters
4. b) Managing updates to software to address security vulnerabilities
5. c) To protect against data loss due to hardware failure, theft, or malware
6. a) Trustworthiness and reliability of the source
7. b) A policy that restricts access to devices based on user roles and responsibilities
8. c) Regularly updating software and antivirus programs
9. c) To protect against unauthorized network access and malware
10. b) By updating them regularly and configuring them for optimal protection
11. c) Protecting the wireless network from unauthorized access and data interception
12. b) Limited access based on user roles and responsibilities

Here are some multiple-choice questions (MCQs) on end-point device and mobile phone
security, as well as password policy:

End-Point Device and Mobile Phone Security:

1. What is an endpoint device in the context of cybersecurity?

a) A device located at the center of a network
b) A device used to access the internet
c) A device connected to a network, such as a computer or smartphone
d) A device used for physical security purposes

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

2. Which of the following is a common security threat to mobile phones?

a) Only physical damage
b) Malware infections
c) Battery drainage
d) Overheating

3. What is the purpose of mobile device management (MDM) software?

a) To improve battery life
b) To remotely monitor and manage mobile devices within an organization
c) To increase processing speed
d) To enhance camera quality

**Password Policy:**

4. Why is it essential to have a strong password policy?

a) To make it easier for users to remember passwords
b) To discourage users from changing passwords frequently
c) To enhance security by preventing unauthorized access
d) To reduce the complexity of passwords

5. What is the recommended length for a strong password?

a) 4 characters
b) 8 characters
c) 12 characters or more
d) 16 characters

6. What is the purpose of password complexity requirements?

a) To make it easier for users to remember passwords
b) To discourage users from using common or easily guessable passwords
c) To limit the number of characters allowed in passwords
d) To increase the likelihood of forgetting passwords

Answers:

1. c) A device connected to a network, such as a computer or smartphone

2. b) Malware infections
3. b) To remotely monitor and manage mobile devices within an organization
4. c) To enhance security by preventing unauthorized access
5. c) 12 characters or more
6. b) To discourage users from using common or easily guessable passwords

Here are some multiple-choice questions (MCQs) on password policy, security patch
management, and data backup:

Password Policy:

1. What is the purpose of a password policy?

a) To make it easier for users to remember passwords
b) To discourage users from changing passwords frequently
c) To enhance security by establishing guidelines for creating and managing passwords
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

d) To limit access to certain websites

2. Which of the following is a characteristic of a strong password?

a) Short in length
b) Contains only letters
c) Includes a combination of uppercase and lowercase letters, numbers, and special characters
d) Easily guessable, such as "password123"

3. Why is it essential to enforce password expiration in a password policy?

a) To encourage users to change passwords only when they want
b) To prevent users from changing passwords
c) To mitigate the risk of compromised passwords due to exposure over time
d) To reduce security measures

Security Patch Management:

4. What is the purpose of security patch management?

a) To remove all security measures
b) To ensure that software and systems are up to date with the latest security patches and
updates
c) To prevent users from updating their devices
d) To increase the risk of security breaches

5. Why is it important to install security patches promptly?

a) To delay the installation process
b) To reduce system performance
c) To address known vulnerabilities and protect against potential cyber threats
d) To make systems more vulnerable to attacks

Data Backup:

6. What is the primary purpose of data backup?

a) To permanently delete data
b) To make data inaccessible
c) To restore data in case of data loss or corruption
d) To increase the risk of data loss

7. Which of the following is a recommended best practice for data backup?

a) Storing backups on the same device as the original data
b) Storing backups in an off-site location
c) Performing backups irregularly
d) Ignoring backup verification processes

Answers:

1. c) To enhance security by establishing guidelines for creating and managing passwords

2. c) Includes a combination of uppercase and lowercase letters, numbers, and special
characters
3. c) To mitigate the risk of compromised passwords due to exposure over time

CYBER SECURITY (SEC) - MCQ

 CYBER SECURITY (SEC) - MCQ

4. b) To ensure that software and systems are up to date with the latest security patches
and updates
5. c) To address known vulnerabilities and protect against potential cyber threats
6. c) To restore data in case of data loss or corruption
7. b) Storing backups in an off-site location

Here are some multiple-choice questions (MCQs) on downloading and management of third-
party software, device security policy, cybersecurity best practices, and the significance of host
firewall and antivirus:

Downloading and Management of Third-Party Software:

1. What is an essential consideration when downloading third-party software?

a) Ignoring user reviews and ratings
b) Downloading from untrusted sources
c) Verifying the authenticity and integrity of the software
d) Downloading without checking system requirements

2. Why is it important to keep third-party software up to date?

a) To increase system performance
b) To reduce the risk of security vulnerabilities
c) To limit the functionality of the software
d) To make the software incompatible with other programs

Device Security Policy:

3. What is the purpose of a device security policy?

a) To increase the risk of security breaches
b) To discourage users from changing default settings
c) To establish guidelines for securing devices and protecting sensitive information
d) To limit access to certain websites

4. Which of the following is a common component of a device security policy?

a) Ignoring software updates
b) Allowing unlimited access to devices
c) Enforcing strong password requirements
d) Disabling encryption on devices

Cybersecurity Best Practices:

5. What is a recommended cybersecurity best practice for users?

a) Sharing passwords with colleagues
b) Clicking on suspicious links and attachments in emails
c) Using unique and complex passwords for different accounts
d) Disabling security features on devices

6. Why is cybersecurity awareness training essential for employees?

a) To increase the risk of security breaches
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) To improve employee productivity

c) To educate employees about cybersecurity threats and best practices
d) To discourage employees from reporting security incidents

Significance of Host Firewall and Antivirus:

7. What is the purpose of a host firewall?

a) To increase the risk of security breaches
b) To monitor and control incoming and outgoing network traffic on a device
c) To disable network connectivity
d) To prevent the installation of security updates

8. Why is antivirus software important for cybersecurity?

a) To increase system performance
b) To detect, prevent, and remove malware infections
c) To make devices more vulnerable to attacks
d) To limit access to certain websites

Answers:

1. c) Verifying the authenticity and integrity of the software

2. b) To reduce the risk of security vulnerabilities
3. c) To establish guidelines for securing devices and protecting sensitive information
4. c) Enforcing strong password requirements
5. c) Using unique and complex passwords for different accounts
6. c) To educate employees about cybersecurity threats and best practices
7. b) To monitor and control incoming and outgoing network traffic on a device
8. b) To detect, prevent, and remove malware infections

Here are some multiple-choice questions (MCQs) on the management of host firewall and
antivirus, Wi-Fi security, and configuration of basic security policy and permissions:

Management of Host Firewall and Anti-virus:

1. What is the primary purpose of managing a host firewall?

a) To increase system performance
b) To monitor and control incoming and outgoing network traffic on a device
c) To disable network connectivity
d) To prevent the installation of security updates

2. Why is it important to regularly update antivirus software?

a) To decrease system performance
b) To increase the risk of security breaches
c) To detect and protect against the latest malware threats
d) To make devices more vulnerable to attacks

Wi-Fi Security:

3. What is a common security risk associated with using open or unsecured Wi-Fi networks?
a) Increased network speed
CYBER SECURITY (SEC) - MCQ
 CYBER SECURITY (SEC) - MCQ

b) Decreased risk of data interception

c) Unauthorized access to sensitive information
d) Limited connectivity

4. How can users enhance Wi-Fi security?

a) By sharing Wi-Fi passwords with strangers
b) By disabling encryption on Wi-Fi networks
c) By using strong encryption protocols, such as WPA2 or WPA3
d) By broadcasting Wi-Fi network names (SSIDs) publicly

Configuration of Basic Security Policy and Permissions:

5. What is the purpose of configuring basic security policies and permissions?

a) To increase system performance
b) To limit access to certain resources and functionalities based on user roles and permissions
c) To disable security features
d) To encourage users to share sensitive information

6. Which of the following is an example of a security policy that can be configured on a device?
a) Allowing unrestricted access to all users
b) Requiring multi-factor authentication for accessing sensitive data
c) Ignoring software updates
d) Disabling password protection

Answers:

1. b) To monitor and control incoming and outgoing network traffic on a device

2. c) To detect and protect against the latest malware threats
3. c) Unauthorized access to sensitive information
4. c) By using strong encryption protocols, such as WPA2 or WPA3
5. b) To limit access to certain resources and functionalities based on user roles and
permissions
6. b) Requiring multi-factor authentication for accessing sensitive data
Reference Links:

1. https://www.sanfoundry.com/cyber-security-questions-answers-mobile-phone-
security/
2. https://priyadogra.com/endpoint-quiz-answers-nse-2-information-security-awareness-
fortinet/
3. https://letsfindcourse.com/cyber-security-mcq/mobile-security-mcq-questions-and-
answers
4. https://www.sanfoundry.com/cyber-security-questions-answers-windows-security/
5. https://www.engineeringmcq.com/computer-science/information-security/19.php
6. https://www.sanfoundry.com/cyber-security-questions-answers-firewalls-1/

CYBER SECURITY (SEC) - MCQ