security aspects mcq | security aspects class 12 mcq | mcq on security aspects

security aspects mcq,security aspects class 12 mcq,security aspects,mcq on security aspects,mcq on security aspects with answers pdf,mcq on security aspects with answers,mcq on security aspects pdf free download,mcq on security aspects pdf,mcq on security aspects pdf download,security aspects mcq with answers pdf,security aspects class 12 mcq with answers pdf

1. Which term describes software developed specifically to damage hardware, steal data, or cause other trouble?

A) Firmware
B) Malware
C) Middleware
D) Shareware

ANSWER= B) Malware

2. What is the ideal but impractical way to eliminate network security threats?

A) Use a VPN
B) Isolate the computer from all external links
C) Install a firewall
D) Enable encryption

ANSWER= B) Isolate the computer from all external links

3. In network security, a vulnerability is best defined as:

A) A defensive measure
B) A network policy
C) A weakness that can be exploited
D) A type of malware

ANSWER= C) A weakness that can be exploited

4. Which of the following is NOT a type of malware listed in the chapter?

A) Virus
B) Worm
C) Rootkit
D) Trojan

ANSWER= C) Rootkit

5. Who coined the term “computer virus” in 1985?

A) Bill Gates
B) Fred Cohen
C) Linus Torvalds
D) Alan Turing

ANSWER= B) Fred Cohen

6. What characteristic distinguishes a worm from a virus?

A) Requires user execution to spread
B) Self-replicates without a host program
C) Only infects email attachments
D) Uses encryption for payload delivery

ANSWER= B) Self-replicates without a host program

7. Which malware type encrypts user data and demands payment for decryption?

A) Worm
B) Trojan
C) Ransomware
D) Spyware

ANSWER= C) Ransomware

8. The WannaCry outbreak in May 2017 spread by:

A) Phishing emails
B) Encrypting data and demanding Bitcoin ransom
C) USB drives
D) Fake antivirus pop-ups

ANSWER= B) Encrypting data and demanding Bitcoin ransom

9. A Trojan spreads primarily by:

A) Network propagation
B) Copying into executable files
C) Tricking users into installing false software
D) Random key generation

ANSWER= C) Tricking users into installing false software

10. Spyware is designed to:

A) Encrypt files and demand payment
B) Record and send user information without consent
C) Display pop-up ads for revenue
D) Replicate itself across networks

ANSWER= B) Record and send user information without consent

11. Adware generates revenue by:

A) Selling user data on darknet
B) Encrypting files
C) Displaying advertisements and pay-per-click ads
D) Scanning for vulnerabilities

ANSWER= C) Displaying advertisements and pay-per-click ads

12. Which countermeasure thwarts software keyloggers by randomizing key layout?

A) On-screen keyboard
B) Biometric login
C) Online virtual keyboard
D) Password manager

ANSWER= C) Online virtual keyboard

13. A keylogger’s primary function is to:

A) Block malicious websites
B) Record every keystroke made by a user
C) Encrypt network traffic
D) Scan removable devices

ANSWER= B) Record every keystroke made by a user

14. Which of the following is a common malware distribution channel?

A) Secure websites
B) Spam email
C) Encrypted VPNs
D) Firewall logs

ANSWER= B) Spam email

15. What sign might indicate a malware infection?

A) Faster boot times
B) Frequent pop-ups prompting software downloads
C) Increased free disk space
D) Stable network connectivity

ANSWER= B) Frequent pop-ups prompting software downloads

16. Which preventive measure ensures malware definitions stay current?

A) Disabling updates
B) Regularly updating antivirus software
C) Using default passwords
D) Disabling firewalls

ANSWER= B) Regularly updating antivirus software

17. Signature-based detection relies on:

A) Behavioral patterns
B) Machine learning
C) Known virus signature database
D) User feedback

ANSWER= C) Known virus signature database

18. Sandbox detection identifies malware by:

A) Checking file size
B) Observing behavior in an isolated environment
C) Comparing digital signatures
D) User manual review

ANSWER= B) Observing behavior in an isolated environment

19. Heuristic analysis in antivirus software compares code against:

A) System registry entries
B) Known malware patterns in a heuristic database
C) Network traffic logs
D) User passwords

ANSWER= B) Known malware patterns in a heuristic database

20. Real-time protection monitors:

A) Hard drive health
B) Active memory for suspicious behavior
C) Antivirus definitions
D) User login times

ANSWER= B) Active memory for suspicious behavior

21. Spam is most commonly associated with:

A) Firewall rules
B) Unsolicited email messages
C) Secure shell connections
D) Encrypted protocols

ANSWER= B) Unsolicited email messages

22. Which protocol sends data without encryption?

A) HTTPS
B) FTP
C) HTTP
D) SSH

ANSWER= C) HTTP

23. Which protocol encrypts data in transit?

A) HTTP
B) SMTP
C) HTTPS
D) Telnet

ANSWER= C) HTTPS

24. HTTPS requires which of the following on the server?

A) SSL digital certificate
B) Open port 23
C) Trojan-free environment
D) Cookie consent

ANSWER= A) SSL digital certificate

25. A firewall placed between two networks is called a:

A) Host-based firewall
B) Network firewall
C) Application firewall
D) Proxy server

ANSWER= B) Network firewall

26. A firewall on an individual computer is known as:

A) Network firewall
B) DMZ firewall
C) Host-based firewall
D) Perimeter firewall

ANSWER= C) Host-based firewall

27. The original term “magic cookie” referred to:

A) Encrypted data packets
B) Malicious software
C) A data packet sent and returned unchanged
D) A secure session token

ANSWER= C) A data packet sent and returned unchanged

28. Session cookies are primarily used to:

A) Track browsing history indefinitely
B) Maintain a user’s session and expire on timeout
C) Deliver malware
D) Encrypt network traffic

ANSWER= B) Maintain a user’s session and expire on timeout

29. Zombie cookies are characterized by:

A) Encryption before storage
B) Recreation after deletion
C) Real-time monitoring
D) Automatic URL redirection

ANSWER= B) Recreation after deletion

30. Which cookie type may share data with third parties without consent?

A) Session cookies
B) Authentication cookies
C) First-party cookies
D) Third-party cookies

ANSWER= D) Third-party cookies

31. Ethical hackers hired to fix security flaws are known as:

A) Black hats
B) White hats
C) Grey hats
D) Red hats

ANSWER= B) White hats

32. Hackers who exploit flaws for illegal gain are:

A) White hats
B) Grey hats
C) Black hats
D) Blue hats

ANSWER= C) Black hats

33. Hackers who operate between ethical and malicious intent are:

A) White hats
B) Grey hats
C) Black hats
D) Script kiddies

ANSWER= B) Grey hats

34. A DoS attack aims to:

A) Encrypt user files
B) Make a service unavailable by flooding with requests
C) Steal passwords
D) Modify firewall rules

ANSWER= B) Make a service unavailable by flooding with requests

35. In a DDoS attack, traffic originates from:

A) A single IP address
B) Multiple compromised machines worldwide
C) The target server itself
D) Encrypted VPN tunnels

ANSWER= B) Multiple compromised machines worldwide

36. Asymmetric routing in intrusion involves:

A) Encrypting routing tables
B) Sending packets via multiple paths to bypass sensors
C) Using a single secure path
D) Flooding network switches

ANSWER= B) Sending packets via multiple paths to bypass sensors

37. A buffer overflow attack works by:

A) Flooding the network with packets
B) Overwriting memory with malicious code during an overflow
C) Installing fake certificates
D) Sending encrypted email

ANSWER= B) Overwriting memory with malicious code during an overflow

38. Traffic flooding against an intrusion detection system causes:

A) Reduced network latency
B) Inability to monitor packets properly
C) Automatic patch updates
D) Improved firewall performance

ANSWER= B) Inability to monitor packets properly

39. Snooping (sniffing) refers to:

A) Unauthorized real-time voice interception
B) Capturing and analyzing network traffic secretly
C) Encrypting data packets
D) Updating antivirus definitions

ANSWER= B) Capturing and analyzing network traffic secretly

40. Eavesdropping differs from snooping by being:

A) Real-time interception rather than stored traffic
B) Legal for administrators only
C) Encrypted by default
D) Packet filtering

ANSWER= A) Real-time interception rather than stored traffic

41. Which tool or feature may legitimately be used for snooping by administrators?

A) Bot-net
B) SPAN port on a switch
C) Ransomware
D) Zombie cookies

ANSWER= B) SPAN port on a switch

42. An example of network propagation of malware is:

A) Trojan via email attachment
B) Worm spreading across connected systems
C) Adware pop-ups
D) Keylogger hardware

ANSWER= B) Worm spreading across connected systems

43. One sign of malware infection is:

A) Increased battery life
B) Mass emails sent from your account without consent
C) Faster internet speed
D) Stable CPU usage

ANSWER= B) Mass emails sent from your account without consent

44. Which practice helps prevent malware via removable media?

A) Always click pop-up ads
B) Disable antivirus temporarily
C) Scan any removable device before transferring data
D) Use default administrator account

ANSWER= C) Scan any removable device before transferring data

45. A common preventive measure against ransomware is:

A) Using pirated software
B) Regularly backing up important data
C) Disabling firewalls
D) Ignoring software updates

ANSWER= B) Regularly backing up important data

46. Which method does NOT identify polymorphic malware effectively?

A) Sandbox detection
B) Signature-based detection
C) Heuristics
D) Real-time protection

ANSWER= B) Signature-based detection

47. Which method uses machine learning to classify files?

A) Signature-based detection
B) Data mining techniques
C) Sandbox detection
D) Heuristics

ANSWER= B) Data mining techniques

48. An authentication cookie is used to:

A) Track sessions and keep users logged in
B) Encrypt data in transit
C) Block malware
D) Randomize keyboard layout

ANSWER= A) Track sessions and keep users logged in

49. Which attack involves secretly listening via a hidden microphone?

A) Snooping
B) Eavesdropping
C) DoS
D) Phishing

ANSWER= B) Eavesdropping

50. The first barrier against network-based malware like worms is typically the:

A) Browser settings
B) Firewall
C) Cookie policy
D) On-screen keyboard

ANSWER= B) Firewall

51. Assertion (A): A worm does not require a host program to spread. Reason (R): Worms are standalone programs capable of self-replication across networks without user intervention.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

52. Assertion (A): A Trojan can self-replicate and infect other files. Reason (R): A Trojan disguises itself as legitimate software and spreads only when a user installs it.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

53. Assertion (A): Ransomware always encrypts data before demanding payment. Reason (R): Some ransomware simply blocks access to data without encryption.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

54. Assertion (A): Signature-based detection fails against polymorphic malware. Reason (R): Polymorphic malware changes its code signature with each infection.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

55. Assertion (A): Heuristic analysis can detect previously unknown malware. Reason (R): Heuristics compare suspect code against a database of known behavioural patterns.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

56. Assertion (A): An online virtual keyboard uses a fixed QWERTY layout. Reason (R): A fixed layout can be exploited by sophisticated keylogger software.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

57. Assertion (A): Session cookies expire when a browser session ends. Reason (R): Session cookies store user preferences permanently across visits.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= C) A is true, R is false

58. Assertion (A): HTTPS encrypts data before transmission. Reason (R): HTTPS requires an SSL digital certificate on the server for encryption and decryption.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

59. Assertion (A): A host-based firewall monitors traffic between networks. Reason (R): Host-based firewalls are installed on individual machines to filter their own traffic.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

60. Assertion (A): Grey hat hackers exploit vulnerabilities for political gains. Reason (R): Grey hats hack systems for challenge rather than monetary or political motives.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

61. Assertion (A): A DDoS attack is easier to mitigate than a DoS attack. Reason (R): DDoS uses multiple distributed sources, complicating traffic filtering.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

62. Assertion (A): Buffer overflow attacks overwrite memory with malicious code. Reason (R): Intrusion sensors detect buffer overflow by monitoring packet size only.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= C) A is true, R is false

63. Assertion (A): Snooping requires real-time interception of live communication. Reason (R): Snooping captures network traffic for later analysis rather than live monitoring.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

64. Assertion (A): Eavesdropping can occur via rootkit malware on devices. Reason (R): Rootkits enable unauthorized access to built-in microphones and cameras.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

65. Assertion (A): Spam filters learn from user-marked spam to block future messages. Reason (R): Marking spam trains the service’s automatic detection algorithm.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

66. Assertion (A): Supercookies resemble legitimate cookies and evade deletion. Reason (R): Zombie cookies are recreated after deletion by websites.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= B) Both A and R are true, but R is not the correct explanation of A

67. Assertion (A): Signature-based antivirus requires real-time monitoring to detect dormant malware. Reason (R): Signature-based detection only scans files at rest, not active memory behaviour.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

68. Assertion (A): Data mining techniques in antivirus use machine learning models. Reason (R): Machine learning can classify unknown files as benign or malicious based on features.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A

69. Assertion (A): An on-screen keyboard randomizes key placement each use. Reason (R): Randomization prevents recording of actual keys pressed by hardware keyloggers.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= D) A is false, R is true

70. Assertion (A): Regular backups are a preventive measure against ransomware. Reason (R): Backups allow recovery of data without paying ransom.

A) Both A and R are true, and R is the correct explanation of A
B) Both A and R are true, but R is not the correct explanation of A
C) A is true, R is false
D) A is false, R is true

ANSWER= A) Both A and R are true, and R is the correct explanation of A