Cybersecurity Solved MCQs

Cybersecurity Solved MCQs 1–10: Cybersecurity Fundamentals 1. What is cybersecurity? A) Securing physical assets B) Security guard training ...

Cybersecurity Solved MCQs

1–10: Cybersecurity Fundamentals

1. What is cybersecurity?

A) Securing physical assets

B) Security guard training

C) Protection of internet-connected systems

D) Antivirus installation

✔️ Answer: C

Explanation: Cybersecurity is about protecting computer systems, networks, and data from digital attacks.

---

2. Which of the following is NOT a type of cyberattack?

A) Phishing

B) DDoS

C) Firewall

D) Malware

✔️ Answer: C

Explanation: A firewall is a defense mechanism, not an attack.

---

3. The full form of DDoS is:

A) Distributed Denial of Server

B) Distributed Denial of Service

C) Direct Denial of System

D) Dual Domain of System

✔️ Answer: B

Explanation: DDoS attacks flood a system with traffic to disrupt services.

---

4. Which of the following is a social engineering attack?

A) Brute-force

B) Phishing

C) SQL Injection

D) Man-in-the-Middle

✔️ Answer: B

Explanation: Phishing tricks users into revealing confidential info using fake emails/websites.

---

5. Which tool is commonly used for password cracking?

A) Metasploit

B) Wireshark

C) John the Ripper

D) Nmap

✔️ Answer: C

---

6. Which of these is NOT malware?

A) Worm

B) Trojan

C) Firewall

D) Ransomware

✔️ Answer: C

---

7. Which of the following is an example of two-factor authentication?

A) Password only

B) Face recognition

C) ATM card + PIN

D) Username

✔️ Answer: C

---

8. Firewalls are used to:

A) Attack computers

B) Speed up browsing

C) Block unauthorized access

D) Hack routers

✔️ Answer: C

---

9. Which virus replicates itself to spread across networks?

A) Trojan

B) Worm

C) Rootkit

D) Spyware

✔️ Answer: B

---

10. Cybersecurity primarily protects:

A) Hardware

B) Software

C) Data and networks

D) Airflow

✔️ Answer: C

---

11–20: Attacks, Malware & Threats

11. Which malware locks files and demands payment?

A) Rootkit

B) Ransomware

C) Worm

D) Adware

✔️ Answer: B

---

12. A keylogger is used to:

A) Track IP addresses

B) Record keystrokes

C) Run antivirus

D) Backup data

✔️ Answer: B

---

13. Which is the safest file extension to open in emails?

A) .exe

B) .pdf

C) .js

D) .bat

✔️ Answer: B

---

14. Which of these attacks intercepts communication between two parties?

A) Brute-force

B) Man-in-the-Middle

C) Keylogger

D) Phishing

✔️ Answer: B

---

15. Which malware appears legitimate but performs malicious actions?

A) Ransomware

B) Trojan

C) Worm

D) Rootkit

✔️ Answer: B

---

16. Botnets are used to:

A) Secure systems

B) Perform DDoS attacks

C) Clean malware

D) Increase RAM

✔️ Answer: B

---

17. A zero-day vulnerability is one that:

A) Has a patch

B) Is already fixed

C) Is newly discovered and unpatched

D) Is from the dark web

✔️ Answer: C

---

18. The main objective of cyber attackers is to:

A) Design hardware

B) Protect privacy

C) Exploit vulnerabilities

D) Optimize networks

✔️ Answer: C

---

19. Which attack targets the DNS system?

A) DDoS

B) DNS Spoofing

C) Sniffing

D) Ping of Death

✔️ Answer: B

---

20. A logic bomb is:

A) Firewall tool

B) Malware triggered by specific conditions

C) Antivirus

D) AI tool

✔️ Answer: B

---

21–30: Tools, Prevention & Policies

21. Which software monitors network traffic?

A) MS Word

B) Photoshop

C) Wireshark

D) Chrome

✔️ Answer: C

---

22. An antivirus software is used to:

A) Build apps

B) Test Wi-Fi

C) Detect and remove malware

D) Compress files

✔️ Answer: C

---

23. Which of these is a good cybersecurity practice?

A) Sharing passwords

B) Using weak passwords

C) Regular software updates

D) Clicking unknown links

✔️ Answer: C

---

24. The principle of “least privilege” means:

A) Everyone is admin

B) Only needed access is given

C) No one has access

D) All users are same

✔️ Answer: B

---

25. Which port is used for HTTPS traffic?

A) 80

B) 443

C) 21

D) 25

✔️ Answer: B

---

26. Which organization handles cybersecurity in Pakistan?

A) PEMRA

B) PTA

C) NR3C (FIA Cyber Crime Wing)

D) NACTA

✔️ Answer: C

---

27. A strong password should include:

A) Just numbers

B) Only your name

C) Letters, numbers, symbols

D) Date of birth

✔️ Answer: C

---

28. The process of converting data into unreadable form is called:

A) Encoding

B) Decoding

C) Encryption

D) Compression

✔️ Answer: C

---

29. VPN stands for:

A) Virtual Private Network

B) Visual Protected Network

C) Very Powerful Network

D) Verified Protocol Network

✔️ Answer: A

---

30. What is the purpose of a cybersecurity audit?

A) To hack websites

B) To fix printers

C) To evaluate security controls

D) To install Wi-Fi

✔️ Answer: C

---

31–40: Advanced Concepts & Standards

31. What is the CIA triad in cybersecurity?

A) Confidentiality, Integrity, Availability

B) Code, Internet, Algorithm

C) Cyber, Internal, Authority

D) Compliance, Internet, Audit

✔️ Answer: A

---

32. A firewall filters traffic based on:

A) Internet speed

B) IP addresses and protocols

C) Website layout

D) Screen size

✔️ Answer: B

---

33. Which of the following is a phishing indicator?

A) Secure website

B) Grammar errors and suspicious links

C) Company logos

D) Known email addresses

✔️ Answer: B

---

34. Which is a data breach prevention technique?

A) Disable antivirus

B) Ignore software updates

C) Use encryption

D) Share files publicly

✔️ Answer: C

---

35. Which one is a standard for information security management?

A) ISO 9001

B) ISO 14001

C) ISO/IEC 27001

D) ISO 45001

✔️ Answer: C

---

36. Two-factor authentication adds:

A) More memory

B) A second layer of identity verification

C) More bugs

D) Malware

✔️ Answer: B

---

37. Penetration testing is used to:

A) Block websites

B) Send emails

C) Identify security vulnerabilities

D) Format drives

✔️ Answer: C

---

38. A honeypot is:

A) Real data backup

B) A decoy system to trap attackers

C) Antivirus

D) Encrypted email

✔️ Answer: B

---

39. Which of these is an example of biometric authentication?

A) OTP

B) Fingerprint

C) Password

D) Username

✔️ Answer: B

---

40. A cyberattack that threatens to publish data unless paid is:

A) Rootkit

B) Adware

C) Ransomware

D) Worm

✔️ Answer: C

---

41–50: Current Trends & Real-World Applications

41. Which type of cybersecurity attack was used in the WannaCry incident?

A) Keylogging

B) Trojan

C) Ransomware

D) DDoS

✔️ Answer: C

---

42. Which company was affected by the SolarWinds cyberattack?

A) Amazon

B) Microsoft

C) Facebook

D) Google

✔️ Answer: B

---

43. Cybersecurity mesh architecture is designed to:

A) Break networks

B) Increase data speed

C) Protect distributed IT environments

D) Hack passwords

✔️ Answer: C

---

44. What is cyber forensics?

A) Recovering deleted files only

B) Finding bugs

C) Investigating and analyzing cybercrimes

D) Internet speed testing

✔️ Answer: C

---

45. Which one is NOT a cybersecurity career?

A) Ethical hacker

B) SOC analyst

C) Penetration tester

D) Photo editor

✔️ Answer: D

---

46. Which of the following is a cloud security concern?

A) Typing speed

B) Data breach

C) File design

D) Mouse clicks

✔️ Answer: B

---

47. An attack that involves redirecting users to fake websites is called:

A) SQL injection

B) Pharming

C) Keylogging

D) Spamming

✔️ Answer: B

---

48. Which law in Pakistan deals with cybercrime?

A) PECA Act

B) PEMRA Act

C) Telecom Act

D) PTA Code

✔️ Answer: A

Explanation: PECA (Prevention of Electronic Crimes Act) governs digital crimes in Pakistan.

---

49. Who is responsible for managing organizational cybersecurity?

A) CEO

B) CMO

C) CISO

D) CFO

✔️ Answer: C

Explanation: CISO (Chief Information Security Officer) oversees cybersecurity strategy.

50. The biggest cybersecurity challenge today is:

A) Hardware cost

B) Lack of tools

C) Human error and phishing

D) Internet speed

✔️ Answer: C