Cybersecurity Prologue | Fresco Play

Question 1: In Symmetric-key cryptography, the key used by the sender and the receiver is

Answer: Shared

Question 2: UML component diagram is used to identify how a module validate and processes the data before storing it.

Answer: False

Question 3: How do we define RADIUS?

Answer: Remote Authentication Dial-In User Service.

Question 4: Which helps to determine the effective security controls and measurement techniques

Answer: Threat Modelling

Question 5: The altering of data so that it is not usable unless the changes are undone is

Answer: Encryption

Question 6: It is a program or hardware device that filters the information coming through an internet connection to a network or computer system

Answer: Firewall

Question 7: At Tactical level threat intelligence research analysis and reports can be published after malware analysis

Answer: False

Question 8: A ________ is an extension of an enterprise’s private intranet across a public Network such as the Internet across a public Network such as the Internet, creating a secure private connection.

Answer: VPN

Question 9: Which helps to predict the cybersecurity potential risks effectively ?

Answer: Threat Mitigation

Question 10: The relationship between a character in the plaintext to a character is

Answer: Many-to-one relationship

Question 11: In asymmetric key cryptography, the private key is kept by

Answer: Sender and Receiver

Question 12: Which of the following would most likely not be a symptom of a virus?

Answer: Existing program files and icons disappear

Question 13: WPA2 is used for security in ________

Answer: Wifi

Question 14: Traffic in a VPN is not

Answer: Logically separated from other traffic

Question 15: ________ are often delivered to a PC through an email attachment and are often designed to do harm.

Answer: Virus

Question 16: A type of malware that demands a ransom if the victim wants his or her files back is called ________

Answer: Ransomware

Question 17: Exploring appropriate and ethical behaviors related to online environments and digital media

Answer: Cyber Ethics

Question 18: Which of these groups exploits cyber vulnerabilities?

Answer: All the options

Question 19: Which is not part of a response follow-up activities?

Answer: Take appropriate pre-approved or required actions

Question 20: Which is not part of a threat Modelling process ?

Answer: Compose Applications

Question 21: What is PUP?

Answer: Potentially unwanted program

Question 22:  monitors user activity on internet and transmit that information in the background to someone else

Answer: Spyware

Question 23: Unsolicited commercial email is known as _

Answer: Spam

Question 24: Internet can impose a number of Risks and hence Cybersecurity is required -

Answer: True

Question 25: A ________ is like a Virus, having the ability to spread without any medium -

Answer: Worm

Question 26: Which of these are Personally Identifiable Information?

Answer: All the options

Question 27: Which of these is an anti-virus program

Answer: All the options

Question 28:  The sole purpose of ________ attack, is to fool the victim and to get all the confidential information

Answer: Phishing

Question 29: If there is a vulnerability but no threat, then there won't be a risk

Answer: True

Question 30: Risk represents

Answer: Threats times vulnerabilities

Question 31: Cryptography, a word with Greek origins, means

Answer: Secret Writing

Question 32: The Cryptography can provide

Answer: All them

Question 33: Detection and Analysis is a continuous process of a cyber-attack for detecting Malware intrusion and their remote connections -

Answer: True

Question 34: Which is a part of a response phase activities ?

Answer: Take appropriate pre-approved or required actions

Question 35: Incident Category can be defined according to business functional priorities

Answer: True

Question 36: Incidents should be handled on a first come- first serve basis and must be prioritized based on the Business impact.

Answer: False

Question 37: Which is not part of a Incident Response Preparation phase ?

Answer: Create appropriate control framework

Question 38: Which is not a set of activity performed to prevent future incidents in Incident management ?

Answer: Mitigate

Question 39: Deep packet inspection can be used to give more context to indicator only

Answer: False

Question 40: A ________ is a credit card sized card with an embedded chip, containing information about the user

Answer: Smart Card

Question 41: Which of these are Threats related to Email Security?

Answer: all

Question 42: Phishing emails include fake notifications from banks and e-payment systems

Answer: True

Question 43: Which of these are examples biometrics?

Answer: All the options

Question 44: Which of these is TRUE with respect to passwords?

Answer: Passwords need to be atleast 8 chars of length

Question 45: As an email client, we should not use caution when opening emails and can download any attachments

Answer: False

Question 46: At Operational level threat intelligence real time feed protocols are being used

Answer: True

Question 47: Cyber security architecture is all about understanding one's Business Scope and requirements only

Answer: False

Question 48: Which of the following is not an antivirus software?

Answer: Code Red

Question 49: Network layer firewall works as a

Answer: Packet filter

Question 50: The Cryptography can provide

Answer: all

Question 51: are attempts by individuals to obtain confidential information from you to falsifying their identity

Answer: Phishing scams

Question 52: Attack which happens due to neglected factors like compromising with security is a type of

Answer: Non-Malicious threat

Question 53: A Hacker or disgruntled employee who is interested in specific Asset or information is a type of

Answer: Malicious threat

Question 54: A TCS business operations team required to meet 98% SLA in FY 2017'18 to avoid non-compliance penalty which must be a part of

Answer: Architecture Controls

Question 55: Defining the security control parameter SLA at 98.5% for taking appropriate actions to avoid penalty risk if it goes below 98% must be a part of

Answer: Architecture Risks

Question 56: At Strategic level threat intelligence information can be exchanged within it's operating community

Answer: TRUE

Question 57: An attempt to make a computer resource unavailable to its intended users is called

Answer: Denial-of-service attack

Question 58: UEBA stands for

Answer: User Entity and Behavior Analytics

Question 59: ________ is the guarantee of data privacy and protection against unauthorized disclosure.

Answer: Confidentiality

Question 60: Which is a open source data loss prevention solution.

Answer: MyDLP

Question 61: They Keys used in Cryptography are

Answer: Single Round

Question 62: In symmetric-key cryptography, the same key is used by

Answer: Both Party

Question 63: which can't be used as a best practice for managing cyber threats ?

Answer: Behavioral modeling

Question 64: In cryptography, what is cipher?

Answer: All the options

Question 65: In Asymmetric-Key Cryptography, although RSA can be used to encrypt and decrypt actual messages, it is very slow if the message is.

Answer: Long

Question 66: Which is not a characteristics of Advanced Persistent threats ?

Answer: Full automated

Question 67: Cybersecurity threat is a scenario which will try to exploit possible vulnerabilities to enhance security

Answer: False

Question 68: Which helps to prevent the cyber-attacks using various security related tools, policies, best practices and guidelines ?

Answer: Threat Assessment

Question 69: A Botmaster can attack and take control of vulnerable one like

Answer: All the options

Question 70: Which observes the behavior of the malware in a sandbox-virtual environment to prevent the malware from actually infecting production systems.

Answer: Dynamic Analysis

Question 71: Defining five levels of SLA security controls each from 98.9 to 98.5 respectively to control penalty risk must be a part of

Answer: Architecture Controls

Question 72: Which one will not be considered in Cybersecurity threat Intrusion Phases ?

Answer: Alliance

Question 73: Which of the following is an independent malicious program that does not need any host program?

Answer: Worm