1. Which of these is not a proper method of maintaining confidentiality?
a) Biometric verification
b) ID and password based verification
c) 2-factor authentication
d) switching off the phone
Explanation: Switching off the phone in the fear of preserving the confidentiality of data is not a proper solution for data confidentiality. Fingerprint detection, face recognition, password-based authentication, two-step verifications are some of these.
2. Data integrity gets compromised when _____ and _____ are taken control off.
a) Access control, file deletion
b) Network, file permission
c) Access control, file permission
d) Network, system
Explanation: The two key ingredients that need to be kept safe are: access control & file permission in order to preserve data integrity.
3. ______ is the latest technology that faces an extra challenge because of CIA paradigm.
a) Big data
b) Database systems
c) Cloud storages
d) Smart dust
Explanation: Big data has additional challenges that it has to face because of the tremendous volume of data that needs protection as well as other key elements of the CIA triad, which makes the entire process costly and time-consuming.
4. One common way to maintain data availability is __________
a) Data clustering
b) Data backup
c) Data recovery
d) Data Altering
Explanation: For preventing data from data-loss, or damage data backup can be done and stored in a different geographical location so that it can sustain its data from natural disasters & unpredictable events.
5. __________ is a special form of attack using which hackers’ exploit – human psychology.
a) Cross Site Scripting
b) Insecure network
c) Social Engineering
d) Reverse Engineering
Explanation: Using social engineering techniques, hackers try to exploit the victim’s mind to gain valuable information about that person such as his/her phone number, date of birth, pet name etc.
6. Which of the following do not comes under Social Engineering?
Explanation: Spamming is the attack technique where the same message is sent indiscriminately repeatedly in order to overload the inbox or harm the user.
7. _________ involves scams where an individual (usually an attacker) lie to a person (the target victim) to acquire privilege data.
Explanation: In the pretexting technique of social engineering, the attacker pretends in need of legitimate information from the victim for confirming his/her identity.
8. Which of the following is the technique used to look for information in trash or around dustbin container?
c) Quid Pro Quo
d) Dumpster diving
Explanation: In the technology world, where information about a person seems everywhere; dumpster diving is the name of the technique where the attacker looks for information in dustbins and trashes. For example, after withdrawing money from ATM, the user usually throw the receipt in which the total amount and account details are mentioned. These type of information becomes helpful to a hacker, for which they use dumpster diving.
9. Which of the following is not an example of social engineering?
a) Dumpster diving
b) Shoulder surfing
d) Spear phishing
Explanation: Carding is the method of trafficking of bank details, credit cards or other financial information over the internet. Hence it’s a fraudulent technique used by hackers and does not comes under social engineering.
10. In a phishing, attackers target the ________ technology to so social engineering.
b) WI-FI network
c) Operating systems
d) Surveillance camera
Explanation: In a phishing attack, the attacker fraudulently attempts to obtain sensitive data (such as username & passwords) of the target user and use emails to send fake links which redirect them to a fake webpage which looks legitimate.