Cybersecurity MCQs set 3 for FIA Head Clerk (BS-10) Computer Science — 20 solved questions.
Q1. Which type of malware encrypts the victim's files and demands payment for the decryption key?
Answer: Ransomware
Explanation: Ransomware is malware that encrypts the victim's files or locks their system, then demands a ransom payment (usually in cryptocurrency) to restore access. Notable examples include WannaCry and CryptoLocker.
Q2. What type of malware replicates itself and spreads across networks without requiring a host file?
Answer: Worm
Explanation: A worm is self-replicating malware that spreads across networks independently without attaching itself to a host file, unlike viruses which require a host program. Worms can cause significant network congestion and damage.
Q3. A computer virus differs from a worm primarily because a virus:
Answer: Requires a host file or program to attach itself to and spread
Explanation: A virus requires a host file or executable program to attach to in order to spread, unlike a worm which is self-contained and propagates independently across networks. Both are malware but differ fundamentally in their propagation method.
Q4. What does the term "phishing" specifically refer to in cybersecurity?
Answer: Deceptive attempts to obtain sensitive information by masquerading as a trusted entity
Explanation: Phishing specifically refers to fraudulent attempts to obtain sensitive information such as usernames, passwords, and credit card details by impersonating a trustworthy entity in electronic communication. It commonly occurs via email, SMS (smishing), or fake websites.
Q5. Which layer of the OSI model does the SSL/TLS protocol primarily operate at?
Answer: Presentation Layer
Explanation: SSL/TLS (Secure Sockets Layer/Transport Layer Security) primarily operates at the Presentation Layer (Layer 6) of the OSI model, handling encryption, decryption, and data format translation. Some models also map it to the Session Layer due to its session-handling aspects.
Q6. What is spyware primarily designed to do?
Answer: Secretly monitor user activity and collect personal information
Explanation: Spyware is malware designed to secretly monitor a user's activities, collect personal information (keystrokes, browsing habits, credentials), and transmit it to a third party without the user's knowledge or consent. It differs from ransomware (encrypts data) and worms (self-replicating).
Q7. A user gets a pop-up claiming their Windows PC is infected and demanding payment to unlock the scan. The computer otherwise runs but files are now encrypted with a strange extension. Which category best describes this attack?
Answer: A ransomware attack that encrypts data for extortion
Explanation: Ransomware encrypts the victim's files and demands payment (ransom) in exchange for the decryption key, combining extortion with file encryption as its primary attack mechanism.
Q8. Which hardware device is most often placed at the network edge to enforce allow or deny rules between a home LAN and the internet?
Answer: A network firewall appliance or router firewall feature
Explanation: A network firewall (or a router with firewall features) is placed at the network edge to inspect traffic and enforce access-control rules between the internal LAN and the external internet.
Q9. A Trojan horse differs from a true virus mainly because a Trojan is described as software that does what?
Answer: Masquerades as useful software while hiding malicious actions
Explanation: A Trojan horse disguises itself as legitimate or useful software to trick users into installing it, then secretly performs malicious actions - unlike viruses it does not self-replicate.
Q10. Which shortcut mindset matches two-factor authentication in everyday services?
Answer: Typing a password plus a second proof like a phone code or app token
Explanation: Two-factor authentication requires a user to provide two separate proofs of identity - typically something they know (password) and something they have (a phone code or authentication app token).
Q11. HTTPS in a browser address bar typically indicates what about the connection to that website?
Answer: The channel uses TLS encryption to protect data in transit
Explanation: HTTPS indicates the connection uses TLS (Transport Layer Security) encryption, protecting all data exchanged between the browser and the web server from eavesdropping and tampering.
Q12. Symmetric encryption uses one shared secret key while asymmetric encryption commonly uses which paired items?
Answer: A public key and a private key
Explanation: Asymmetric (public-key) encryption uses a mathematically linked key pair: the public key encrypts data or verifies signatures, while the private key decrypts data or creates signatures.
Q13. A keylogger is malware that primarily tries to capture what?
Answer: Keystrokes typed by the user
Explanation: A keylogger records every keystroke made on an infected device and transmits the captured data (passwords, credit card numbers, messages) to the attacker.
Q14. Which practice best reduces risk from phishing emails pretending to be your bank?
Answer: Verify sender and use official apps or type known URLs manually
Explanation: Phishing relies on urgency and impersonation; the safest defense is to independently verify the sender and navigate to official sites directly rather than clicking embedded links.
Q15. Antivirus software most often combines signature detection with what additional approach to catch new malware?
Answer: Heuristic or behavior-based analysis
Explanation: Heuristic analysis examines code behavior and structure for suspicious patterns, allowing antivirus software to detect novel malware variants not yet in signature databases.
Q16. Full-disk encryption on a stolen laptop mainly protects data when the device is in which state?
Answer: Powered off and the storage is encrypted with a strong key
Explanation: Full-disk encryption only protects data when the device is powered off and the encryption key is not present in memory; once the user is logged in the disk is decrypted and accessible.
Q17. A worm is malware notable for spreading how?
Answer: Across networks or systems often without attaching to a host file in the classic virus sense
Explanation: A worm is self-replicating malware that spreads across networks or systems by exploiting vulnerabilities, often without needing to attach itself to an existing file as traditional viruses do.
Q18. A strong password policy should discourage which pattern that attackers guess easily?
Answer: Common substitutions like P@ssw0rd1
Explanation: Common substitution patterns like replacing 'a' with '@' or 'o' with '0' (e.g., P@ssw0rd1) are well-known and appear early in attacker wordlists and rule-based cracking tools, making them nearly as weak as the original words.
Q19. Which network attack intercepts communication between two parties who believe they are talking directly?
Answer: Man-in-the-middle attack
Explanation: In a man-in-the-middle (MitM) attack, the attacker secretly intercepts and potentially alters the communication between two parties, each of whom believes they are communicating directly with the other.
Q20. When software quietly shows ads or changes browser settings, it is often categorized as what?
Answer: Adware or PUA-type unwanted program
Explanation: Adware is a category of potentially unwanted application (PUA) that displays unsolicited advertisements or modifies browser settings without clear user consent, typically bundled with free software.