Basics of computer security threats (viruses, malware, phishing) MCQs
Here are 25 multiple-choice questions (MCQs) on the basics of computer security threats, including viruses, malware, and phishing, along with their answers and explanations:
1. What is a computer virus?
- A type of malware that encrypts files
- A program that enhances computer performance
- A self-replicating program that can infect other files and programs
- A hardware component of a computer
A computer virus is a self-replicating program that can infect other files and programs.
2. What is the primary purpose of malware in the context of computer security?
- To enhance computer performance
- To protect data from unauthorized access
- To cause harm or steal information
- To provide software updates
The primary purpose of malware is to cause harm or steal information.
3. What is phishing in the context of computer security?
- A type of malware
- A technique used by hackers to guess passwords
- A social engineering attack that tricks individuals into revealing sensitive information
- A type of firewall
Phishing is a social engineering attack that tricks individuals into revealing sensitive information.
4. What is the term for a deceptive email or message that appears to be from a legitimate source but is designed to trick recipients into revealing sensitive information or taking malicious actions?
- Virus
- Malware
- Phishing email
- Firewall
A phishing email is a deceptive message designed to trick recipients.
5. What is the purpose of a firewall in computer security?
- To make computers run faster
- To block unwanted emails
- To restrict unauthorized access to a network
- To enhance web browsing speed
A firewall is used to restrict unauthorized access to a network.
6. What is ransomware in the context of computer security?
- A type of antivirus software
- A program that speeds up computer performance
- A type of malware that encrypts files and demands a ransom for decryption
- A hardware component of a computer
Ransomware is a type of malware that encrypts files and demands a ransom for decryption.
7. Which of the following is NOT a common method used by cybercriminals to distribute malware?
- Email attachments
- Software updates from official sources
- Malicious websites
- Infected USB drives
Cybercriminals do not typically use official software updates to distribute malware.
8. What is spyware in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A type of malware that monitors and collects information from a computer without the user's knowledge
- A hardware component of a computer
Spyware is a type of malware that monitors and collects information without the user's knowledge.
9. What is the term for a software program that provides real-time protection against various types of malware and other security threats?
- Firewall
- Antivirus
- Operating system
- Phishing
An antivirus program provides real-time protection against malware and security threats.
10. What is a keylogger in the context of computer security?
- A type of malware that encrypts files
- A program that enhances computer performance
- A type of malware that records keystrokes to capture sensitive information
- A hardware component of a computer
A keylogger is a type of malware that records keystrokes to capture sensitive information.
11. What is a denial-of-service (DoS) attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- An attack that overwhelms a target system or network to make it unavailable to users
- A hardware component of a computer
A denial-of-service (DoS) attack overwhelms a target system or network to make it unavailable.
12. What is the purpose of a strong and unique password in computer security?
- To make it easier to remember
- To share with friends and family
- To protect online accounts from unauthorized access
- To use the same password for multiple accounts
A strong and unique password helps protect online accounts from
13. Which of the following is NOT a common characteristic of a strong password?
- Long and complex
- Contains a mix of uppercase and lowercase letters, numbers, and symbols
- Easily guessable, such as "123456"
- Not a dictionary word or common phrase
A strong password is not easily guessable.
14. What is a brute force attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- An attack that attempts to guess passwords by trying all possible combinations
- A hardware component of a computer
A brute force attack attempts to guess passwords by trying all possible combinations.
15. What is social engineering in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A manipulation technique used to trick individuals into revealing sensitive information
- A hardware component of a computer
Social engineering is a manipulation technique used to trick individuals into revealing sensitive information.
16. What is the term for a security threat that involves a cybercriminal gaining unauthorized access to a network or system to steal, alter, or destroy data?
- Phishing
- Malware
- Hacking
- Firewall breach
Hacking involves gaining unauthorized access to steal, alter, or destroy data.
17. What is a botnet in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A network of compromised computers controlled by a cybercriminal for malicious purposes
- A hardware component of a computer
A botnet is a network of compromised computers controlled for malicious purposes.
18. What is the primary purpose of email filtering in computer security?
- To slow down email delivery
- To block all incoming emails
- To identify and filter out spam and malicious emails
- To disable email attachments
Email filtering identifies and filters out spam and malicious emails.
19. Which of the following is NOT a common method used by cybercriminals to initiate phishing attacks?
- Sending deceptive emails with malicious links
- Distributing fake antivirus software
- Creating fake login pages to steal credentials
- Hacking into secure websites
Hacking into secure websites is not a common method for initiating phishing attacks.
20. What is the term for a security threat that involves a cybercriminal pretending to be a trusted entity to trick individuals into revealing sensitive information?
- Malware
- Hacking
- Phishing
- Firewall breach
Phishing involves pretending to be a trusted entity to trick individuals.
21. What is the purpose of a data breach in computer security?
- To enhance computer performance
- To protect sensitive information
- To gain unauthorized access to confidential data
- To prevent malware infections
A data breach involves gaining unauthorized access to confidential data.
22. What is a zero-day vulnerability in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A security vulnerability that is not yet known to the software vendor or the public
- A hardware component of a computer
A zero-day vulnerability is a security flaw not yet known to the vendor or the public.
23. Which of the following actions can help protect your computer from malware and security threats?
- Downloading software from unverified sources
- Disabling antivirus software
- Regularly updating operating systems and software
- Using the same password for all accounts
Regularly updating operating systems and software helps protect against security threats.
24. What is the purpose of encryption in computer security?
- To slow down data transmission
- To display ads
- To protect data by encoding it into unreadable form
- To make data publicly available
Encryption protects data by encoding it into an unreadable form.
25. What is a phishing email typically designed to do?
- Speed up computer performance
- Steal sensitive information or credentials
- Block incoming emails
- Enhance web browsing speed
Phishing emails are typically designed to steal sensitive information or credentials.
26. What is a Trojan horse in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A type of malware that disguises itself as legitimate software to trick users
- A hardware component of a computer
A Trojan horse is a type of malware that disguises itself as legitimate software.
27. What is a worm in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A self-replicating type of malware that spreads over networks
- A hardware component of a computer
A worm is a self-replicating type of malware that spreads over networks.
28. What is a social engineering attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A manipulation technique used to deceive individuals into revealing confidential information
- A hardware component of a computer
A social engineering attack involves manipulating individuals into revealing confidential information.
29. What is a bot in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A software program that can perform automated tasks, often without the user's knowledge
- A hardware component of a computer
A bot is a software program that can perform automated tasks.
30. What is the term for a software program that is designed to protect a computer or network from security threats?
- Firewall
- Antivirus
- Operating system
- Phishing
A firewall is designed to protect a computer or network from security threats.
31. What is a rootkit in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A type of malware that provides unauthorized access to a computer's system functions
- A hardware component of a computer
A rootkit is a type of malware that provides unauthorized access to system functions.
32. Which of the following is NOT a common symptom of a malware infection on a computer?
- Slow computer performance
- Unexpected system crashes
- Increased antivirus protection
- Unwanted pop-up advertisements
A malware infection typically does not result in increased antivirus protection.
33. What is a phishing website typically designed to do?
- Speed up computer performance
- Steal sensitive information or credentials
- Block incoming emails
- Enhance web browsing speed
Phishing websites are typically designed to steal sensitive information or credentials.
34. What is the term for a security vulnerability that allows an attacker to gain unauthorized access to a computer system or network by exploiting a weakness in the system?
- Firewall breach
- Malware infection
- Exploit
- Data breach
An exploit is a security vulnerability that allows unauthorized access.
35. What is a DDoS attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A cyberattack that overwhelms a target with a flood of traffic, making it unavailable
- A hardware component of a computer
A DDoS (Distributed Denial of Service) attack overwhelms a target with traffic.
36. What is the term for a security threat that involves a cybercriminal demanding a ransom from a victim in exchange for not disclosing sensitive information or not carrying out a malicious action?
- Phishing
- Ransomware
- Hacking
- Firewall breach
Ransomware involves demanding a ransom to avoid malicious actions.
37. What is the purpose of multi-factor authentication (MFA) in computer security?
- To use the same password for multiple accounts
- To disable antivirus software
- To enhance computer performance
- To add an additional layer of security by requiring multiple forms of verification
MFA adds an additional layer of security by requiring multiple forms of verification.
38. What is the term for a security threat that involves a cybercriminal gaining unauthorized access to a computer system or network to steal, alter, or destroy data, often for financial gain?
- Malware
- Hacking
- Cybercrime
- Firewall breach
Cybercrime involves gaining unauthorized access for financial gain.
39. Which of the following is NOT a common method used to protect sensitive data from being stolen or compromised during transmission over the internet?
- Encryption
- HTTPS (Hypertext Transfer Protocol Secure)
- Sharing data openly on public networks
- VPN (Virtual Private Network)
Sharing data openly on public networks does not protect sensitive data.
40. What is a zero-day exploit in the context of computer security?
- A software program that enhances computer performance
- A security vulnerability that is known to the public
- A security vulnerability that is exploited before a patch or solution is available
- A hardware component of a computer
A zero-day exploit is a vulnerability exploited before a solution is available.
41. Which of the following is a common method used by cybercriminals to distribute ransomware?
- Sending friendly emails with helpful links
- Encouraging strong and unique passwords
- Distributing malicious email attachments
- Providing free antivirus software
Cybercriminals often distribute ransomware through malicious email attachments.
42. What is the term for a security threat that involves an attacker intercepting and eavesdropping on communications between two parties without their knowledge or consent?
- Malware
- Hacking
- Eavesdropping
- Firewall breach
Eavesdropping involves intercepting and listening to communications.
43. What is the term for a type of malware that spreads by attaching itself to other legitimate programs or files and executing when those programs or files are run by the user?
- Worm
- Spyware
- Rootkit
- Virus
A virus attaches to other programs and executes when they run.
44. Which of the following is NOT a common characteristic of a phishing email?
- Urgent language and requests for immediate action
- Generic or misspelled sender email addresses
- Clear identification as a phishing email in the subject line
- Embedded suspicious links
Phishing emails typically do not clearly identify themselves as phishing emails.
45. What is the term for a security vulnerability that allows an attacker to execute malicious code on a computer or system without the user's knowledge or consent?
- Data breach
- Exploit
- Firewall
- Phishing
An exploit allows the execution of malicious code without the user's consent.
46. What is the term for a type of malware that spreads by disguising itself as a legitimate file or program and can replicate independently?
- Worm
- Trojan horse
- Spyware
- Rootkit
Worms are malware that can replicate independently and often disguise themselves as legitimate files or programs.
47. What is a common method used by phishing attacks to trick recipients into clicking on malicious links or downloading malware?
- Providing clear and legitimate sender information
- Using generic email subject lines
- Employing urgency and fear tactics
- Sending only text-based emails
Phishing attacks often employ urgency and fear tactics to trick recipients into taking action.
48. What is a firewall rule in the context of computer security?
- A program that enhances computer performance
- A guideline that determines how traffic is allowed or blocked on a network
- A type of malware
- A hardware component of a computer
A firewall rule is a guideline that determines how network traffic is allowed or blocked.
49. Which of the following is NOT typically targeted by phishing attacks?
- Email accounts
- Social media profiles
- Mobile phone settings
- Financial information
While phishing attacks can target various accounts and information, mobile phone settings are not a common phishing target.
50. What is the term for a type of malware that disguises itself as legitimate software but can damage, disrupt, or compromise the computer or data?
- Worm
- Trojan horse
- Spyware
- Firewall
A Trojan horse is malware that disguises itself as legitimate software but can harm the system or data.