IAS MT

Question 1

It stands for “Malicious Software”

Answer 1

Malware

Question 2

it is designed to gain
access or installed into the computer without the consent of the user.

Answer 2

MALWARE

Question 3

They
perform unwanted tasks in the host computer for the benefit of a third party.

Answer 3

MALWARE

Question 4

simply written to distract/annoy the user, to the complex ones which
captures the sensitive data from the host machine and send it to remote
servers.

Answer 4

MALWARE

Question 5

It is a special type of malware which is used for forced advertising.

Answer 5

ADWARE

Question 6

They either redirect the page to some advertising page or pop-up an additional page which promotes some product or event.

Answer 6

ADWARE

Question 7

are financially supported by
the organizations whose products are advertised.

Answer 7

ADWARE

Question 8

There is some malicious software which are downloaded along with the free software offered over the internet and installed in the host computer without the
knowledge of the user.

Answer 8

Browser Hijacking software

Question 9

This software modifies the browsers setting and redirect
links to other unintentional sites.

Answer 9

Browser Hijacking software

Question 10

It is a special type malware of which is installed in the target computer with or without the user permission and is designed to steal sensitive information from the target machine.

Answer 10

SPYWARE

Question 11

Mostly it gathers the browsing habits of the user and the send it to the remote server without the knowledge of the owner of the computer. Most of the time they are downloaded in to the host computer while downloading freeware i.e. free application programs from the internet.

Answer 11

Spyware

Question 12

may be of various types; It can keeps track of the cookies
of the host computer, it can act as a keyloggers to sniff the banking
passwords and sensitive information, etc.

Answer 12

spyware

Question 13

is a malicious code written to damage/harm the host computer by deleting or appending a file, occupy memory space of the computer by replicating the copy of the code, slow down the performance of the computer, format the host machine, etc. It can be spread via email attachment, pen drives, digital images, e-greeting, audio or video clips,
etc.

Answer 13

Virus

Question 14

may be present in a computer but it cannot activate itself
without the human intervention. Until and unless the executable file(.exe)
is execute, cannot be activated in the host machine.

Answer 14

Virus

Question 15

They are a class of virus which can replicate themselves.

Answer 15

Worm

Question 16

They are different from the virus by the fact that they does not require human intervention to travel over the network and spread from the infected machine to the whole network.

Answer 16

Worms

Question 17

can spread either through network, using the loopholes of the Operating System or via email. The replication and spreading of the this over the network consumes the network resources like space and bandwidth and force the network to chok

Answer 17

Worms

Question 18

is a malicious code that is installed in the host machine
by pretending to be useful software.

Answer 18

Trojan Horse

Question 19

The user clicks on the link or download the file which pretends to be a useful file or software from legitimate source. It not only damages the host computer by manipulating the data but also it
creates a backdoor in the host computer so that it could be controlled by a remote computer.

Answer 19

Trojan Horse

Question 20

a network of computers which are infected by malicious code and controlled by central controller.

Answer 20

Botnet(robot network)

Question 21

The computers of this network which are infected by malicious
code are known as

Answer 21

Zombies

Question 22

are networks of hijacked computer devices used to
carry out various scams and cyberattacks.

Answer 22

Botnet

Question 23

The term “botnet” is
formed from the word’s

Answer 23

Robot and network

Question 24

serve as a tool to automate mass attacks, such as data theft,
server crashing, and malware distribution.

Answer 24

Bots

Question 25

It holds the host computer hostage until the
ransom is paid. The malicious code can neither be
uninstalled nor can the computer be used till the ransom is
paid.

Answer 25

Scareware

Question 26

When was the internet born?

Answer 26

Around 1960’s

Question 27

When was the the
trend changed from causing the physical damaging to computers to making a
computer malfunction using a malicious code

Answer 27

Around 1980’s

Question 28

This term is used to describe a unlawful activity in
which computer or computing devices such as smartphones, tablets,
Personal Digital Assistants(PDAs), etc. which are stand alone or a part
of a network are used as a tool or/and target of criminal activity.

Answer 28

Cyber Crime

Question 29

It is
often committed by the people of destructive and criminal mindset
either for revenge, greed or adventure.

Answer 29

Cyber Crime

Question 30

An attack to the network or the computer system by some person with authorized system access is known as?

Answer 30

Insider attack

Question 31

It is generally performed
by dissatisfied or unhappy inside employees or contractors.

Answer 31

Insider attack

Question 32

The
insider attack could be prevented by planning and installing an?

Answer 32

internal intrusion detection systems (IDS)

Question 33

When the attacker is either hired by an insider or an external entity
to the organization

Answer 33

External attacker

Question 34

These attacks are generally performed by amateurs who don’t have
any predefined motives to perform the cyber attack. Usually these
amateurs try to test a tool readily available over the internet on the network
of a random company.

Answer 34

Unstructured attack

Question 35

These types of attacks are performed by highly skilled and
experienced people and the motives of these attacks are clear in their
mind. They have access to sophisticated tools and technologies to gain
access to other networks without being noticed by their Intrusion Detection
Systems(IDSs).

Answer 35

Structure attack

Question 36

these attacker have the necessary expertise to develop or
modify the existing tools to satisfy their purpose.

Answer 36

Structured attacker

Question 37

These types of attacks are
usually performed by professional criminals, by a country on other rival
countries, politicians to damage the image of the rival person or the country,
terrorists, rival companies, etc.

Answer 37

Structured attacker

Question 38

In the hierarchical organizational structure, it is the head of the organization

Answer 38

Criminal boss

Question 39

In the hierarchical organizational structure, they are the trojan provider and manager

Answer 39

Under boss

Question 40

In the hierarchical organizational structure, they are the attackers crimeware toolkit owner

Answer 40

Campaign manager and stolen data reseller

Question 41

6 reasons for commission of cyber crimes

Answer 41

Money
Revenge
Fun
Recognition
Anonymity
Cyber Espionage

Question 42

One of the six reasons for commission of cyber crimes, It is considered to be pride if someone hack the highly secured
networks like defense sites or networks.

Answer 42

Recognition

Question 43

One of the six reasons for commission for cyber crime, At times the government itself is involved in cyber trespassing to
keep eye on other person/network/country. The reason could be politically, economically
socially motivated.

Answer 43

Cyber Espionage

Question 44

19 kinds of cyber crime

Answer 44

Cyber stalking
Child pornography
Forgery and counterfeiting
Software piracy and crime related to IPRs
Cyber Terrorism
Phishing
Computer vandalism
Computer hacking
Creating and distributing viruses over internet
Spamming
Cross site scripting
Online auction fraud
Cyber squatting
Logic bombs
Web jacking
Internet time thefts
Denial of service attack
Salami attack
Data diddling
Email spoofing

Question 45

It is a process of changing the header information of an e-mail so that its
original source is not identified and it appears to an individual at the receiving end that
the email has been originated from source other than the original source

Answer 45

Email spoofing

Question 46

It is a practice of changing the data before its entry into the computer system.
Often, the original data is retained after the execution on the data is done.

Answer 46

Data diddling

Question 47

It is an attack which proceeds with small increments and final add up to lead to
a major attack. The increments are so small that they remain unnoticed

Answer 47

Salami attack

Question 48

It is a cyber attack in which the network is chocked and often collapsed by
flooding it with useless traffic and thus preventing the legitimate network traffic

Answer 48

Denial of service attack

Question 49

Hacking the username and password of ISP of an individual and surfing the
internet at his cost is?

Answer 49

Internet time Theft

Question 50

The hacker gain access to a website of an organization and either blocks it or
modify it to serve political, economical or social interest.

Answer 50

Web jacking

Question 51

These are malicious code inserted into legitimate software. The
malicious action is triggered by some specific condition. If the conditions holds
true in future, the malicious action begins and based on the action defined in
the malicious code, they either destroy the information stored in the system or
make system unusable.

Answer 51

Logic bombs

Question 52

It is an act of reserving the domain names of someone else‟s trademark
with intent to sell it afterwards to the organization who is the owner of the
trademark at a higher price.

Answer 52

Cyber Squatting

Question 53

There are many genuine websites who offers online auction over internet. Taking
the advantage of the reputation of these websites, some of the cyber criminals lure the
customers to online auction fraud schemes which often lead to either overpayment of
the product or the item is never delivered once the payment is made.

Answer 53

Online auction fraud

Question 54

It is an activity which involves injecting a malicious client side script into a trusted
website. As soon as the browser executes the malicious script, the malicious script gets
access to the cookies and other sensitive information and sent to remote servers. Now
this information can be used to gain financial benefit or physical access to a system for
personal interes

Answer 54

Cross site scripting

Question 55

Sending of unsolicited and commercial bulk message over the internet
is known as

Answer 55

Spamming

Question 56

3 criterias that an email cab be classified as spam

Answer 56

Mass mailing
Anonymity
Unsolicited

Question 57

One of the criteria in spamming, the email is not targeted to one particular person but to a
large number of peoples.

Answer 57

Mass mailing

Question 58

One of the criteria in spamming, The real identify of the person not known

Answer 58

Anonymity

Question 59

One of the criteria in spamming, the email is neither expected nor requested for the recipient.

Answer 59

Unsolicited

Question 60

The spreading of a virus can cause business and financial loss to an organization. The loss
includes the cost of repairing the system, cost associated with the loss of business during
downtime and cost of loss of opportunity. The organization can sue the hacker, if found, for
the sum of more than or equivalent to the loss borne by the organization.

Answer 60

Creating and distributing viruses over internet

Question 61

One of the classification of hackers,someone outside computer security consulting firms who is used to
bug-test a system prior to its launch, looking for exploits so they can be closed.

Answer 61

Blue Hat

Question 62

One of the classification of hackers, find out the security vulnerabilities and report to the site administrators
and offer the fix of the security bug for a consultancy fee.

Answer 62

Grey Hat

Question 63

One if the classification of hackers, They may
hack the system for social, political or economically motivated intentions. They find the security
loopholes the system, and keep the information themselves and exploit the system for
personal or organizational benefits till organization whose system is compromised is aware of
this, and apply security patches.

Answer 63

Black hat

Question 64

One of the classification of hackers and also known as the crackers

Answer 64

Black hat

Question 65

One of the classification of hackerd, are the persons who hack the system to find the security vulnerabilities
of a system and notify to the organizations so that a preventive action can be taken to protect
the system from outside hackers

Answer 65

White hat

Question 66

They are also known as ethical hackers

Answer 66

White hat

Question 67

It is a practice of modifying computer hardware and software to
accomplish a goal outside the creator‟s original purpose.

Answer 67

Computer hacking

Question 68

t is an act of physical destroying computing resources using physical
force or malicious code.

Answer 68

Computer vandalism

Question 69

It is a process of acquiring personal and sensitive information of an
individual via email by disguising as a trustworthy entity in an electronic
communication.

Answer 69

Phishing

Question 70

The purpose of this is identity theft and the personal
information like username, password, and credit card number etc. may be used
to steal money from user accoun

Answer 70

Phishing

Question 71

It is defined as the use of computer resources to intimidate or coerce
government, the civilian population or any segment thereof in furtherance of
political or social objectives.

Answer 71

Cyber Terrorism

Question 72

is an illegal reproduction and distribution for personal
use or business. It comes under crime related to IPR infringement. Some of the
other crimes under IPR infringement are: download of songs, downloading
movies, etc.

Answer 72

Software piracy snd Crime related to IPRS

Question 73

It is an act of possessing image or video of a minor (under 18),
engaged in sexual conduct.

Answer 73

Child pornography

Question 74

It is an act of stalking, harassing or threatening someone using
Internet/computer as a medium. This is often done to defame a person and
use email, social network, instant messenger, web-posting, etc. as a using
Internet as a medium as it offers anonymity. The behaviour includes false
accusations, threats, sexual exploitation to minors, monitoring, etc.

Answer 74

Cyber stalking

Question 75

With
the advancement in the hardware and the software, it is possible to produce
counterfeit which matches the original document

Answer 75

Forgery and counterfeiting

Question 76

It is a process of identifying an individual and ensuring that the individual is
the same who he/she claims to be

Answer 76

Authenthication

Question 77

A typical method for authentication over
internet is via?

Answer 77

username and password

Question 78

It is the name suggest it is a password
which can be used one time only and is sent to the user as an SMS or
an email at the mobile number/email address that they have specified
during the registration process

Answer 78

One time password

Question 79

It is known as two-factor authentication
method and requires two type of evidence to authentication an individual
to provide an extra layer of security for authentication.

Answer 79

One Time password

Question 80

The process of giving access to an individual to certain resources
based on the credentials of an individual is known as?

Answer 80

Authorization

Question 81

Now, one can
easily understand the role of strong password for authorization to ensure
cyber security as an easy password can be a cause of security flaw and
can bring the whole organization at high risk. Therefore, the password
policy of an organization should be such that employees are forced to use
strong passwords(more than 12 characters and combination of lowercase
and uppercase alphabets along with numbers and special characters) and
prompt user to change their password frequently

Answer 81

no answer just read

Question 82

is used which combines
both the username and password along with hardware security measures
like biometric system,

Answer 82

Hybrid Authentication

Question 83

the method to provide secure
access via hybrid security authentication to the company network over
internet.

Answer 83

VPN (virtual private network

Question 84

It is a technique to convert the data in unreadable form before transmitting
it over the internet

Answer 84

Encryption

Question 85

defined
as a technique to lock the data by converting it to complex codes using
mathematical algorithms.

Answer 85

Encryption

Question 86

The decoding of the
complex code to original text using key is known as

Answer 86

Decryption

Question 87

If the same
key is used to lock and unlock the data, it is known as

Answer 87

Symmetric Key Encryption

Question 88

it is a complex task because the security of key
while transmission is itself an issue

Answer 88

Key Distribution

Question 89

it is also known as public key encryption

Answer 89

asymmetric key encryption

Question 90

A type of key that is known to everyone.

Answer 90

Public Key

Question 91

A key is known to the particular user, who owns the key

Answer 91

Private Key

Question 92

It is a technique for validation of data.

Answer 92

Digital Signatures

Question 93

a process of
certifying the content of a document.

Answer 93

Validation

Question 94

it is not only
validate the data but also used for authentication.

Answer 94

Digital signatures

Question 95

it is
created by encrypting the data with the private key of the sender.

Answer 95

Digital signatures

Question 96

A special program used which is designed to protect the system against virus.

Answer 96

Antivirus

Question 97

It is a hardware/software which acts as a shield between an organization’s network and
the internet and protects it from the threats like virus, malware, hackers, etc.

Answer 97

Firewall

Question 98

It can be used to
limit the persons who can have access to your network and send information to you.

Answer 98

Firewall

Question 99

Two types of traffic in an organization

Answer 99

Inbound traffic and outbound traffic

Question 100

using this it is possible to configure and monitor the
traffic of the ports

Answer 100

Firewall

Question 101

example of this firewall are routers through which
the network is connected to the network outside the organization i.e. Internet.

Answer 101

Hardware Firewall

Question 102

These firewalls are installed and installed on the server
and client machines and it acts as a gateway to the organizations‟ network

Answer 102

Software FIrewall

Question 103

all the outbound traffic is routed through proxies for monitoring and
controlling the packet that are routed out of the organization

Answer 103

proxy

Question 103

based on the rules defined in the policies each packet is
filtered by their type, port information, and source & destination information. The
example of such characteristics is IP address, Domain names, port numbers,
protocols etc. Basic packet filtering can be performed by routers.

Answer 103

Packet Filtering

Question 104

rather than going through all the field of a packet, key
features are defined. The outgoing/incoming packets are judged based on
those defined characteristics only.

Answer 104

Stateful Inspection

Question 105

it is an essential component of the organizations‟ network

Answer 105

Firewall

Question 106

They not only protect the organization against the virus and other malicious
code but also prevent the hackers to use your network infrastructure to launch
DOS attacks.

Answer 106

Firewall

Question 107

Only the sender and the receiver know about the existence of the secret message in the
image. The advantage of this technique is that these files are not easily suspected.

Answer 107

STeganography

Question 107

it acts as a
fundamental system in case of a mishap where data is inadvertently lost or corrupted
from original system

Answer 107

Backup System

Question 107

It is a technique of hiding secret messages in a document file, image file, and program or
protocol etc. such that the embedded message is invisible and can be retrieved using special
software.

Answer 107

Steganography

Question 108

where data is backed up on a full-scale and recovered back from the
same

Answer 108

full back up

Question 108

where only changed or newly added data is backed up
subsequently after the last full or incremental backup.

Answer 108

Incremental Backup

Question 109

where only changed or newly added data is backed up
subsequently after last full or differential backup but changes made in the previous
differential backup are updated in next differential backup

Answer 109

differential back up

Question 110

Methods in an enterprise can be improved based ono performance metrics, is measured in terms of cost for infrastructure,
operations and maintenance.

Answer 110

Total Cost of ownership

Question 111

AOB stands for?

Answer 111

Age of Backup

Question 112

RTO stands for?

Answer 112

Recovery time objective

Question 113

RPO stands for?

Answer 113

Recovery Point Objective