Security Technology Multiple Choice Question MCQ
Categories: App Security
1. _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction. a) Network Security b) Database Security c) Information Security d) Physical Security Answer: c 2. From the options below, which of them is not a threat to information security? a) Disaster b) Eavesdropping c) Information leakage d) Unchanged default password Answer: a 3. From the options below, which of them is not a vulnerability to information security? a) flood b) without deleting data, disposal of storage media c) unchanged default password d) latest patches and updates not done Answer: a 4. _____ platforms are used for safety and protection of information in the cloud. a) Cloud workload protection platforms b) Cloud security protocols c) AWS d) One Drive Answer: a 5. Which of the following information security technology is used for avoiding browser-based hacking? a) Anti-malware in browsers b) Remote browser access c) Adware remover in browsers d) Incognito mode in a browser Answer: b 6. The full form of EDR is _______ a) Endpoint Detection and recovery b) Early detection and response c) Endpoint Detection and response d) Endless Detection and Recovery Answer: c 7. _______ technology is used for analyzing and monitoring traffic in network and information flow. a) Cloud access security brokers (CASBs) b) Managed detection and response (MDR) c) Network Security Firewall d) Network traffic analysis (NTA) Answer: d 8. Compromising confidential information comes under _________ a) Bug b) Threat c) Vulnerability d) Attack Answer: b 9. Lack of access control policy is a ______ a) Bug b) Threat c) Vulnerability d) Attack Answer: c 10. Possible threat to any information cannot be ________________ a) reduced b) transferred c) protected d) ignored Answer: d 11. How many basic processes or steps are there in ethical hacking? a) 4 b) 5 c) 6 d) 7 Answer: c 12. _______ is the information gathering phase in ethical hacking from the target user. a) Reconnaissance b) Scanning c) Gaining access d) Maintaining access Answer: a 13. Which of the following is not a reconnaissance tool or technique for information gathering? a) Hping b) NMAP c) Google Dorks d) Nexpose Answer: d 14. There are ______ subtypes of reconnaissance. a) 2 b) 3 c) 4 d) 5 Answer: a 15. Which of the following is an example of active reconnaissance? a) Searching public records b) Telephone calls as a help desk or fake customer care person c) Looking for the target’s details in the database d) Searching the target’s details in paper files Answer: b 16. Which of the following is an example of passive reconnaissance? a) Telephonic calls to target victim b) Attacker as a fake person for Help Desk support c) Talk to the target user in person d) Search about target records in online people database Answer: d 17. ________ phase in ethical hacking is known as the pre-attack phase. a) Reconnaissance b) Scanning c) Gaining access d) Maintaining access Answer: b 18. While looking for a single entry point where penetration testers can test the vulnerability, they use ______ phase of ethical hacking. a) Reconnaissance b) Scanning c) Gaining access d) Maintaining access Answer: b 19. Which of them does not comes under scanning methodologies? a) Vulnerability scanning b) Sweeping c) Port Scanning d) Google Dorks Answer: d 20. Which of them is not a scanning tool? a) NMAP b) Nexpose c) Maltego d) Nessus Answer: c 21. Which of the following comes after scanning phase in ethical hacking? a) Scanning b) Maintaining access c) Reconnaissance d) Gaining access Answer: d 22. In __________ phase the hacker exploits the network or system vulnerabilities. a) Scanning b) Maintaining access c) Reconnaissance d) Gaining access Answer: d 23. Which of the following is not done in gaining access phase? a) Tunnelling b) Buffer overflow c) Session hijacking d) Password cracking Answer: a 24. Which of the below-mentioned penetration testing tool is popularly used in gaining access phase? a) Maltego b) NMAP c) Metasploit d) Nessus Answer: c