Cybersecurity MCQs set 2 for CDA Assistant / UDC Islamabad (BS-15/16) Computer Science — 20 solved questions.
Q1. Which type of malware encrypts files and demands payment for decryption?
Answer: Ransomware
Explanation: Ransomware is malicious software that encrypts a victim's files and demands a ransom payment, typically in cryptocurrency, in exchange for the decryption key.
Q2. Phishing attacks are primarily carried out through which medium?
Answer: Fraudulent emails or fake websites to steal credentials
Explanation: Phishing attacks are predominantly conducted through deceptive emails and counterfeit websites that mimic legitimate organizations to harvest usernames, passwords, and financial data.
Q3. Which type of malware encrypts a victim's files and demands payment for the decryption key?
Answer: Ransomware
Explanation: Ransomware encrypts a victim's files and demands payment (usually cryptocurrency) in exchange for the decryption key needed to restore access.
Q4. Which encryption method uses the same key for both encryption and decryption?
Answer: Symmetric encryption
Explanation: Symmetric encryption uses a single shared secret key for both encrypting and decrypting data, making it faster but requiring secure key exchange between parties.
Q5. RSA is an example of which type of encryption?
Answer: Asymmetric encryption
Explanation: RSA uses a mathematically linked public-private key pair - data encrypted with one key can only be decrypted with the other - which is the defining feature of asymmetric encryption.
Q6. AES (Advanced Encryption Standard) is an example of which type of encryption?
Answer: Symmetric encryption
Explanation: AES uses the same secret key for both encryption and decryption, which defines it as a symmetric (or secret-key) encryption algorithm.
Q7. AES is an example of which type of encryption?
Answer: Symmetric encryption
Explanation: AES (Advanced Encryption Standard) is symmetric encryption, meaning the same key is used for both encryption and decryption; it is widely used for securing data at rest and in transit.
Q8. What type of malware disguises itself as legitimate software to trick users into installing it?
Answer: Trojan horse
Explanation: A Trojan horse malware disguises itself as legitimate or useful software; once installed, it can open backdoors, steal data, or download additional malware without the user's knowledge.
Q9. RSA is an example of which type of encryption algorithm?
Answer: Asymmetric encryption
Explanation: RSA is an asymmetric encryption algorithm that uses a pair of keys - a public key for encryption and a private key for decryption - widely used for secure data transmission and digital signatures.
Q10. What does VPN stand for?
Answer: Virtual Private Network
Explanation: VPN stands for Virtual Private Network; it creates an encrypted tunnel over the internet, allowing users to securely access private networks and protect their online privacy.
Q11. Which type of malware self-replicates and spreads across networks without user interaction?
Answer: Worm
Explanation: A worm is self-replicating malware that spreads automatically across networks without needing to attach to a file or require user interaction, unlike a virus which requires a host file.
Q12. What is phishing?
Answer: A cyberattack using fake websites or emails to steal credentials
Explanation: Phishing is a social engineering attack where cybercriminals use fake websites or fraudulent emails impersonating legitimate entities to trick users into revealing passwords, credit card numbers, or other sensitive information.
Q13. A computer virus primarily spreads by:
Answer: Attaching itself to files and spreading when those files are shared
Explanation: A virus attaches to legitimate files (executables, documents) and spreads when users share those infected files; unlike worms, viruses require user action to propagate.
Q14. Which cybersecurity attack involves flooding a server with requests to make it unavailable to legitimate users?
Answer: Denial of Service (DoS) attack
Explanation: A DoS (Denial of Service) attack overwhelms a server with excessive requests, exhausting its resources and making it unavailable; a DDoS attack uses multiple systems to amplify this effect.
Q15. In public-key (asymmetric) encryption, which key is used to encrypt data that only the recipient can decrypt?
Answer: The recipient's public key
Explanation: In asymmetric encryption, the sender encrypts data using the recipient's public key; only the recipient's corresponding private key can decrypt it, ensuring only the intended recipient can read the data.
Q16. Which type of malware disguises itself as a legitimate program to trick users into installing it?
Answer: Trojan Horse
Explanation: A Trojan Horse is malware that disguises itself as legitimate software to deceive users into installing it, after which it executes malicious actions. Unlike worms, Trojans do not self-replicate.
Q17. What does a firewall primarily do in a network?
Answer: Filters incoming and outgoing traffic based on security rules
Explanation: A firewall filters network traffic by examining packets against a defined set of security rules, blocking unauthorized access while allowing legitimate communication. It acts as a barrier between trusted internal networks and untrusted external networks.
Q18. In asymmetric encryption, which key is used to encrypt data that only the recipient can decrypt?
Answer: The recipient's public key
Explanation: In asymmetric encryption, data is encrypted using the recipient's public key, and only the recipient's corresponding private key can decrypt it. This ensures confidentiality because the private key is never shared.
Q19. Which type of cyberattack involves tricking users into revealing sensitive information by impersonating a trustworthy entity?
Answer: Phishing
Explanation: Phishing is a social engineering attack where attackers impersonate legitimate organizations via email, websites, or messages to trick users into revealing passwords, credit card numbers, or other sensitive data. It is one of the most common cybersecurity threats.
Q20. What does VPN stand for in the context of network security?
Answer: Virtual Private Network
Explanation: VPN stands for Virtual Private Network, a technology that creates an encrypted tunnel over a public network (such as the internet) to securely connect remote users or sites. VPNs protect data confidentiality and mask the user's IP address.