Multiple-choice questions (MCQs) with answers on “Cybersecurity and Digital Threats: A Challenge for India” for Civil Services Examination preparation

1. What does the term “cybersecurity” primarily refer to?

• a) Protecting physical infrastructure
• b) Safeguarding digital data and systems
• c) Managing financial assets
• d) Regulating internet usage
  Answer: b) Safeguarding digital data and systems

2. Which of the following is a common type of cyber attack targeting personal information?

• a) Phishing
• b) Supply chain attack
• c) Denial of Service (DoS)
• d) Ransomware
  Answer: a) Phishing

3. The National Cyber Security Policy of India was launched in which year?

• a) 2008
• b) 2013
• c) 2017
• d) 2020
  Answer: b) 2013

4. Which organization is responsible for the implementation of cybersecurity measures in India?

• a) National Investigation Agency (NIA)
• b) National Security Council Secretariat (NSCS)
• c) Central Bureau of Investigation (CBI)
• d) Indian Computer Emergency Response Team (CERT-IN)
  Answer: d) Indian Computer Emergency Response Team (CERT-IN)

5. What is the primary purpose of a firewall in cybersecurity?

• a) To increase internet speed
• b) To block unauthorized access
• c) To enhance data encryption
• d) To improve software performance
  Answer: b) To block unauthorized access

6. What type of attack involves overwhelming a system with traffic to disrupt services?

• a) Phishing
• b) Denial of Service (DoS)
• c) Man-in-the-Middle (MitM)
• d) SQL Injection
  Answer: b) Denial of Service (DoS)

7. The term “ransomware” refers to:

• a) Malware that locks or encrypts data for ransom
• b) A type of phishing email
• c) Software that enhances security
• d) A system for data backup
  Answer: a) Malware that locks or encrypts data for ransom

8. Which Indian agency is tasked with handling cybercrime and cybersecurity incidents?

• a) National Investigation Agency (NIA)
• b) National Cyber Security Coordinator (NCSC)
• c) Central Bureau of Investigation (CBI)
• d) National Intelligence Grid (NATGRID)
  Answer: b) National Cyber Security Coordinator (NCSC)

9. The “Digital India” initiative aims to:

• a) Increase physical infrastructure
• b) Promote digital literacy and e-governance
• c) Restrict internet access
• d) Decrease cybersecurity investments
  Answer: b) Promote digital literacy and e-governance

10. Which of the following is a common method used to secure data during transmission?

• a) Data compression
• b) Encryption
• c) Data fragmentation
• d) Data recovery
  Answer: b) Encryption

11. What is a “zero-day exploit” in the context of cybersecurity?

• a) An attack on outdated software
• b) An attack exploiting a newly discovered vulnerability
• c) An attack on hardware devices
• d) An attack using known malware
  Answer: b) An attack exploiting a newly discovered vulnerability

12. Which of the following is NOT a commonly used cybersecurity tool?

• a) Antivirus software
• b) VPN (Virtual Private Network)
• c) Data backup software
• d) Spreadsheet applications
  Answer: d) Spreadsheet applications

13. The concept of “two-factor authentication” (2FA) involves:

• a) Using two separate passwords
• b) Providing two forms of identification
• c) Using one password and one security question
• d) Two separate email accounts
  Answer: b) Providing two forms of identification

14. Which cybersecurity practice involves regularly updating software to fix vulnerabilities?

• a) Patching
• b) Phishing
• c) Penetration testing
• d) Data mining
  Answer: a) Patching

15. What does the acronym “APT” stand for in cybersecurity?

• a) Advanced Persistent Threat
• b) Automated Protection Technology
• c) Application Programming Tool
• d) Access Permission Technology
  Answer: a) Advanced Persistent Threat

16. What is the role of the Information Technology Act, 2000 in India regarding cybersecurity?

• a) Regulates internet service providers
• b) Defines legal framework for cybercrimes and cybersecurity
• c) Provides guidelines for internet usage
• d) Controls international cyber treaties
  Answer: b) Defines legal framework for cybercrimes and cybersecurity

17. What is “social engineering” in the context of cybersecurity?

• a) Engineering secure software
• b) Manipulating individuals to disclose confidential information
• c) Designing robust network systems
• d) Engineering cybersecurity hardware
  Answer: b) Manipulating individuals to disclose confidential information

18. The “Cyber Swachhta Kendra” is an initiative aimed at:

• a) Cleaning physical spaces
• b) Developing new cyber technologies
• c) Promoting cybersecurity awareness and tools
• d) Increasing cyber surveillance
  Answer: c) Promoting cybersecurity awareness and tools

19. What does “DDoS” stand for in the context of cyber threats?

• a) Distributed Denial of Service
• b) Dynamic Domain of Security
• c) Dual Data Security
• d) Direct Denial of Service
  Answer: a) Distributed Denial of Service

20. Which type of attack exploits a vulnerability in a website’s database to access or manipulate data?

• a) Cross-Site Scripting (XSS)
• b) SQL Injection
• c) Phishing
• d) Man-in-the-Middle (MitM)
  Answer: b) SQL Injection

21. In cybersecurity, “patch management” involves:

• a) Fixing hardware issues
• b) Managing software updates and patches
• c) Controlling network traffic
• d) Securing physical devices
  Answer: b) Managing software updates and patches

22. What is the primary goal of a “penetration test”?

• a) To identify and fix vulnerabilities in a system
• b) To monitor network traffic
• c) To encrypt sensitive data
• d) To design software applications
  Answer: a) To identify and fix vulnerabilities in a system

23. Which of the following is an example of a cybersecurity framework?

• a) GDPR
• b) NIST Cybersecurity Framework
• c) ISO 9001
• d) ITIL
  Answer: b) NIST Cybersecurity Framework

24. What does “malware” stand for?

• a) Malicious software designed to damage or exploit systems
• b) Management software for networks
• c) Monitoring tools for cyber threats
• d) Malware is a type of secure coding
  Answer: a) Malicious software designed to damage or exploit systems

25. What is the function of a “VPN” in cybersecurity?

• a) Encrypts internet traffic and masks IP addresses
• b) Provides a firewall for network security
• c) Scans for malware
• d) Manages user permissions
  Answer: a) Encrypts internet traffic and masks IP addresses

26. Which type of cybersecurity threat involves impersonating a trusted entity to deceive individuals?

• a) Spoofing
• b) Ransomware
• c) Phishing
• d) Trojans
  Answer: a) Spoofing

27. The “Cyber Crime Reporting Portal” in India is used for:

• a) Reporting cybercrimes and incidents
• b) Enhancing cybersecurity policies
• c) Securing financial transactions
• d) Monitoring physical security threats
  Answer: a) Reporting cybercrimes and incidents

28. What does “endpoint security” refer to?

• a) Securing network routers
• b) Protecting end-user devices like computers and smartphones
• c) Securing internet servers
• d) Managing enterprise software
  Answer: b) Protecting end-user devices like computers and smartphones

29. Which Indian organization provides cybersecurity training and certification?

• a) National Institute of Electronics and Information Technology (NIELIT)
• b) Central Board of Secondary Education (CBSE)
• c) Indian Statistical Institute (ISI)
• d) All India Council for Technical Education (AICTE)
  Answer: a) National Institute of Electronics and Information Technology (NIELIT)

30. The term “cyber hygiene” refers to:

• a) Regular maintenance and management of cybersecurity practices
• b) Cleaning physical computers
• c) Enhancing software performance
• d) Reducing internet speed
  Answer: a) Regular maintenance and management of cybersecurity practices

These questions cover a broad range of topics related to cybersecurity and digital threats, including policies, practices, and challenges faced by India.