FIA Head Clerk (BS-10) Computer Science Cybersecurity — Set 3

Cybersecurity MCQs set 3 for FIA Head Clerk (BS-10) Computer Science — 20 solved questions.

FIA Head Clerk (BS-10) Computer Science Cybersecurity — Set 3

  1. Question 1

    Q1. Which type of malware encrypts the victim's files and demands payment for the decryption key?

    • A) Spyware
    • B) Ransomware
    • C) Worm
    • D) Adware

    Answer: Ransomware

    Explanation: Ransomware is malware that encrypts the victim's files or locks their system, then demands a ransom payment (usually in cryptocurrency) to restore access. Notable examples include WannaCry and CryptoLocker.

  2. Question 2

    Q2. What type of malware replicates itself and spreads across networks without requiring a host file?

    • A) Virus
    • B) Trojan
    • C) Worm
    • D) Rootkit

    Answer: Worm

    Explanation: A worm is self-replicating malware that spreads across networks independently without attaching itself to a host file, unlike viruses which require a host program. Worms can cause significant network congestion and damage.

  3. Question 3

    Q3. A computer virus differs from a worm primarily because a virus:

    • A) Spreads autonomously over a network without any user action
    • B) Encrypts files and demands ransom from the victim
    • C) Requires a host file or program to attach itself to and spread
    • D) Monitors user activity and sends data to a third party

    Answer: Requires a host file or program to attach itself to and spread

    Explanation: A virus requires a host file or executable program to attach to in order to spread, unlike a worm which is self-contained and propagates independently across networks. Both are malware but differ fundamentally in their propagation method.

  4. Question 4

    Q4. What does the term "phishing" specifically refer to in cybersecurity?

    • A) Installing malicious software through infected USB drives
    • B) Overloading a server with traffic to make it unavailable
    • C) Intercepting network traffic between two communicating parties
    • D) Deceptive attempts to obtain sensitive information by masquerading as a trusted entity

    Answer: Deceptive attempts to obtain sensitive information by masquerading as a trusted entity

    Explanation: Phishing specifically refers to fraudulent attempts to obtain sensitive information such as usernames, passwords, and credit card details by impersonating a trustworthy entity in electronic communication. It commonly occurs via email, SMS (smishing), or fake websites.

  5. Question 5

    Q5. Which layer of the OSI model does the SSL/TLS protocol primarily operate at?

    • A) Network Layer
    • B) Transport Layer
    • C) Session Layer
    • D) Presentation Layer

    Answer: Presentation Layer

    Explanation: SSL/TLS (Secure Sockets Layer/Transport Layer Security) primarily operates at the Presentation Layer (Layer 6) of the OSI model, handling encryption, decryption, and data format translation. Some models also map it to the Session Layer due to its session-handling aspects.

  6. Question 6

    Q6. What is spyware primarily designed to do?

    • A) Corrupt system files to render the computer unusable
    • B) Replicate itself across a network to other computers
    • C) Encrypt user data and demand payment for recovery
    • D) Secretly monitor user activity and collect personal information

    Answer: Secretly monitor user activity and collect personal information

    Explanation: Spyware is malware designed to secretly monitor a user's activities, collect personal information (keystrokes, browsing habits, credentials), and transmit it to a third party without the user's knowledge or consent. It differs from ransomware (encrypts data) and worms (self-replicating).

  7. Question 7

    Q7. A user gets a pop-up claiming their Windows PC is infected and demanding payment to unlock the scan. The computer otherwise runs but files are now encrypted with a strange extension. Which category best describes this attack?

    • A) A worm that only slows CPU usage
    • B) A ransomware attack that encrypts data for extortion
    • C) A benign cookie used for website logins
    • D) A VPN tunnel that reroutes traffic

    Answer: A ransomware attack that encrypts data for extortion

    Explanation: Ransomware encrypts the victim's files and demands payment (ransom) in exchange for the decryption key, combining extortion with file encryption as its primary attack mechanism.

  8. Question 8

    Q8. Which hardware device is most often placed at the network edge to enforce allow or deny rules between a home LAN and the internet?

    • A) RAM module for faster browsing
    • B) Mechanical hard disk for backups
    • C) A network firewall appliance or router firewall feature
    • D) A graphics card for video playback

    Answer: A network firewall appliance or router firewall feature

    Explanation: A network firewall (or a router with firewall features) is placed at the network edge to inspect traffic and enforce access-control rules between the internal LAN and the external internet.

  9. Question 9

    Q9. A Trojan horse differs from a true virus mainly because a Trojan is described as software that does what?

    • A) Spreads by infecting other files automatically like a biological virus
    • B) Replicates only inside the CPU cache without user action
    • C) Masquerades as useful software while hiding malicious actions
    • D) Encrypts Wi-Fi signals between two routers

    Answer: Masquerades as useful software while hiding malicious actions

    Explanation: A Trojan horse disguises itself as legitimate or useful software to trick users into installing it, then secretly performs malicious actions - unlike viruses it does not self-replicate.

  10. Question 10

    Q10. Which shortcut mindset matches two-factor authentication in everyday services?

    • A) Using the same password on every website for speed
    • B) Typing a password plus a second proof like a phone code or app token
    • C) Disabling lock screens to avoid delays
    • D) Saving passwords only inside email drafts

    Answer: Typing a password plus a second proof like a phone code or app token

    Explanation: Two-factor authentication requires a user to provide two separate proofs of identity - typically something they know (password) and something they have (a phone code or authentication app token).

  11. Question 11

    Q11. HTTPS in a browser address bar typically indicates what about the connection to that website?

    • A) The site cannot store cookies
    • B) The channel uses TLS encryption to protect data in transit
    • C) The site must be hosted only in Pakistan
    • D) The connection always blocks every advertisement

    Answer: The channel uses TLS encryption to protect data in transit

    Explanation: HTTPS indicates the connection uses TLS (Transport Layer Security) encryption, protecting all data exchanged between the browser and the web server from eavesdropping and tampering.

  12. Question 12

    Q12. Symmetric encryption uses one shared secret key while asymmetric encryption commonly uses which paired items?

    • A) A public key and a private key
    • B) Two identical RAM sticks
    • C) HTTP and FTP together
    • D) A printer and a scanner

    Answer: A public key and a private key

    Explanation: Asymmetric (public-key) encryption uses a mathematically linked key pair: the public key encrypts data or verifies signatures, while the private key decrypts data or creates signatures.

  13. Question 13

    Q13. A keylogger is malware that primarily tries to capture what?

    • A) GPU temperature readings only
    • B) Keystrokes typed by the user
    • C) Monitor refresh rate settings
    • D) Hard disk RPM speed

    Answer: Keystrokes typed by the user

    Explanation: A keylogger records every keystroke made on an infected device and transmits the captured data (passwords, credit card numbers, messages) to the attacker.

  14. Question 14

    Q14. Which practice best reduces risk from phishing emails pretending to be your bank?

    • A) Click every link to see where it goes
    • B) Verify sender and use official apps or type known URLs manually
    • C) Forward the email to all contacts for opinions
    • D) Disable antivirus to read attachments faster

    Answer: Verify sender and use official apps or type known URLs manually

    Explanation: Phishing relies on urgency and impersonation; the safest defense is to independently verify the sender and navigate to official sites directly rather than clicking embedded links.

  15. Question 15

    Q15. Antivirus software most often combines signature detection with what additional approach to catch new malware?

    • A) Heuristic or behavior-based analysis
    • B) Increasing screen brightness automatically
    • C) Translating documents to Urdu only
    • D) Formatting the monitor resolution weekly

    Answer: Heuristic or behavior-based analysis

    Explanation: Heuristic analysis examines code behavior and structure for suspicious patterns, allowing antivirus software to detect novel malware variants not yet in signature databases.

  16. Question 16

    Q16. Full-disk encryption on a stolen laptop mainly protects data when the device is in which state?

    • A) Powered off and the storage is encrypted with a strong key
    • B) Running with the user already logged in and the disk unlocked
    • C) Connected to public Wi-Fi only
    • D) Printing a spreadsheet in gray-scale

    Answer: Powered off and the storage is encrypted with a strong key

    Explanation: Full-disk encryption only protects data when the device is powered off and the encryption key is not present in memory; once the user is logged in the disk is decrypted and accessible.

  17. Question 17

    Q17. A worm is malware notable for spreading how?

    • A) By manually carving data into wood
    • B) Across networks or systems often without attaching to a host file in the classic virus sense
    • C) Only when the user upgrades RAM
    • D) Through printer ink levels

    Answer: Across networks or systems often without attaching to a host file in the classic virus sense

    Explanation: A worm is self-replicating malware that spreads across networks or systems by exploiting vulnerabilities, often without needing to attach itself to an existing file as traditional viruses do.

  18. Question 18

    Q18. A strong password policy should discourage which pattern that attackers guess easily?

    • A) Long random phrases or unique per-site passwords
    • B) Common substitutions like P@ssw0rd1
    • C) Use of a password manager
    • D) Enabling breach alerts when available

    Answer: Common substitutions like P@ssw0rd1

    Explanation: Common substitution patterns like replacing 'a' with '@' or 'o' with '0' (e.g., P@ssw0rd1) are well-known and appear early in attacker wordlists and rule-based cracking tools, making them nearly as weak as the original words.

  19. Question 19

    Q19. Which network attack intercepts communication between two parties who believe they are talking directly?

    • A) Man-in-the-middle attack
    • B) Router table overflow on purpose
    • C) DNS caching for faster lookups
    • D) Cable length mismatch only

    Answer: Man-in-the-middle attack

    Explanation: In a man-in-the-middle (MitM) attack, the attacker secretly intercepts and potentially alters the communication between two parties, each of whom believes they are communicating directly with the other.

  20. Question 20

    Q20. When software quietly shows ads or changes browser settings, it is often categorized as what?

    • A) Adware or PUA-type unwanted program
    • B) A RAID controller for disks
    • C) An SSD trim routine
    • D) A spreadsheet macro used for charts

    Answer: Adware or PUA-type unwanted program

    Explanation: Adware is a category of potentially unwanted application (PUA) that displays unsolicited advertisements or modifies browser settings without clear user consent, typically bundled with free software.

1/20
0
0
Level 1

Which type of malware encrypts the victim's files and demands payment for the decryption key?