Here are 25 multiple-choice questions (MCQs) on the basics of computer security threats, including viruses, malware, and phishing, along with their answers and explanations:
1. What is a computer virus?
- A type of malware that encrypts files
- A program that enhances computer performance
- A self-replicating program that can infect other files and programs
- A hardware component of a computer
A computer virus is a self-replicating program that can infect other files and programs.
2. What is the primary purpose of malware in the context of computer security?
- To enhance computer performance
- To protect data from unauthorized access
- To cause harm or steal information
- To provide software updates
The primary purpose of malware is to cause harm or steal information.
3. What is phishing in the context of computer security?
- A type of malware
- A technique used by hackers to guess passwords
- A social engineering attack that tricks individuals into revealing sensitive information
- A type of firewall
Phishing is a social engineering attack that tricks individuals into revealing sensitive information.
4. What is the term for a deceptive email or message that appears to be from a legitimate source but is designed to trick recipients into revealing sensitive information or taking malicious actions?
- Virus
- Malware
- Phishing email
- Firewall
A phishing email is a deceptive message designed to trick recipients.
5. What is the purpose of a firewall in computer security?
- To make computers run faster
- To block unwanted emails
- To restrict unauthorized access to a network
- To enhance web browsing speed
A firewall is used to restrict unauthorized access to a network.
6. What is ransomware in the context of computer security?
- A type of antivirus software
- A program that speeds up computer performance
- A type of malware that encrypts files and demands a ransom for decryption
- A hardware component of a computer
Ransomware is a type of malware that encrypts files and demands a ransom for decryption.
7. Which of the following is NOT a common method used by cybercriminals to distribute malware?
- Email attachments
- Software updates from official sources
- Malicious websites
- Infected USB drives
Cybercriminals do not typically use official software updates to distribute malware.
8. What is spyware in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A type of malware that monitors and collects information from a computer without the user's knowledge
- A hardware component of a computer
Spyware is a type of malware that monitors and collects information without the user's knowledge.
9. What is the term for a software program that provides real-time protection against various types of malware and other security threats?
- Firewall
- Antivirus
- Operating system
- Phishing
An antivirus program provides real-time protection against malware and security threats.
10. What is a keylogger in the context of computer security?
- A type of malware that encrypts files
- A program that enhances computer performance
- A type of malware that records keystrokes to capture sensitive information
- A hardware component of a computer
A keylogger is a type of malware that records keystrokes to capture sensitive information.
11. What is a denial-of-service (DoS) attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- An attack that overwhelms a target system or network to make it unavailable to users
- A hardware component of a computer
A denial-of-service (DoS) attack overwhelms a target system or network to make it unavailable.
12. What is the purpose of a strong and unique password in computer security?
- To make it easier to remember
- To share with friends and family
- To protect online accounts from unauthorized access
- To use the same password for multiple accounts
A strong and unique password helps protect online accounts from
13. Which of the following is NOT a common characteristic of a strong password?
- Long and complex
- Contains a mix of uppercase and lowercase letters, numbers, and symbols
- Easily guessable, such as "123456"
- Not a dictionary word or common phrase
A strong password is not easily guessable.
14. What is a brute force attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- An attack that attempts to guess passwords by trying all possible combinations
- A hardware component of a computer
A brute force attack attempts to guess passwords by trying all possible combinations.
- A type of antivirus software
- A program that enhances computer performance
- A manipulation technique used to trick individuals into revealing sensitive information
- A hardware component of a computer
Social engineering is a manipulation technique used to trick individuals into revealing sensitive information.
- Phishing
- Malware
- Hacking
- Firewall breach
Hacking involves gaining unauthorized access to steal, alter, or destroy data.
17. What is a botnet in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A network of compromised computers controlled by a cybercriminal for malicious purposes
- A hardware component of a computer
A botnet is a network of compromised computers controlled for malicious purposes.
18. What is the primary purpose of email filtering in computer security?
- To slow down email delivery
- To block all incoming emails
- To identify and filter out spam and malicious emails
- To disable email attachments
Email filtering identifies and filters out spam and malicious emails.
19. Which of the following is NOT a common method used by cybercriminals to initiate phishing attacks?
- Sending deceptive emails with malicious links
- Distributing fake antivirus software
- Creating fake login pages to steal credentials
- Hacking into secure websites
Hacking into secure websites is not a common method for initiating phishing attacks.
20. What is the term for a security threat that involves a cybercriminal pretending to be a trusted entity to trick individuals into revealing sensitive information?
- Malware
- Hacking
- Phishing
- Firewall breach
Phishing involves pretending to be a trusted entity to trick individuals.
21. What is the purpose of a data breach in computer security?
- To enhance computer performance
- To protect sensitive information
- To gain unauthorized access to confidential data
- To prevent malware infections
A data breach involves gaining unauthorized access to confidential data.
22. What is a zero-day vulnerability in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A security vulnerability that is not yet known to the software vendor or the public
- A hardware component of a computer
A zero-day vulnerability is a security flaw not yet known to the vendor or the public.
23. Which of the following actions can help protect your computer from malware and security threats?
- Downloading software from unverified sources
- Disabling antivirus software
- Regularly updating operating systems and software
- Using the same password for all accounts
Regularly updating operating systems and software helps protect against security threats.
24. What is the purpose of encryption in computer security?
- To slow down data transmission
- To display ads
- To protect data by encoding it into unreadable form
- To make data publicly available
Encryption protects data by encoding it into an unreadable form.
25. What is a phishing email typically designed to do?
- Speed up computer performance
- Steal sensitive information or credentials
- Block incoming emails
- Enhance web browsing speed
Phishing emails are typically designed to steal sensitive information or credentials.
26. What is a Trojan horse in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A type of malware that disguises itself as legitimate software to trick users
- A hardware component of a computer
A Trojan horse is a type of malware that disguises itself as legitimate software.
27. What is a worm in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A self-replicating type of malware that spreads over networks
- A hardware component of a computer
A worm is a self-replicating type of malware that spreads over networks.
- A type of antivirus software
- A program that enhances computer performance
- A manipulation technique used to deceive individuals into revealing confidential information
- A hardware component of a computer
A social engineering attack involves manipulating individuals into revealing confidential information.
29. What is a bot in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A software program that can perform automated tasks, often without the user's knowledge
- A hardware component of a computer
A bot is a software program that can perform automated tasks.
30. What is the term for a software program that is designed to protect a computer or network from security threats?
- Firewall
- Antivirus
- Operating system
- Phishing
A firewall is designed to protect a computer or network from security threats.
31. What is a rootkit in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A type of malware that provides unauthorized access to a computer's system functions
- A hardware component of a computer
A rootkit is a type of malware that provides unauthorized access to system functions.
32. Which of the following is NOT a common symptom of a malware infection on a computer?
- Slow computer performance
- Unexpected system crashes
- Increased antivirus protection
- Unwanted pop-up advertisements
A malware infection typically does not result in increased antivirus protection.
33. What is a phishing website typically designed to do?
- Speed up computer performance
- Steal sensitive information or credentials
- Block incoming emails
- Enhance web browsing speed
Phishing websites are typically designed to steal sensitive information or credentials.
- Firewall breach
- Malware infection
- Exploit
- Data breach
An exploit is a security vulnerability that allows unauthorized access.
35. What is a DDoS attack in the context of computer security?
- A type of antivirus software
- A program that enhances computer performance
- A cyberattack that overwhelms a target with a flood of traffic, making it unavailable
- A hardware component of a computer
A DDoS (Distributed Denial of Service) attack overwhelms a target with traffic.
36. What is the term for a security threat that involves a cybercriminal demanding a ransom from a victim in exchange for not disclosing sensitive information or not carrying out a malicious action?
- Phishing
- Ransomware
- Hacking
- Firewall breach
Ransomware involves demanding a ransom to avoid malicious actions.
37. What is the purpose of multi-factor authentication (MFA) in computer security?
- To use the same password for multiple accounts
- To disable antivirus software
- To enhance computer performance
- To add an additional layer of security by requiring multiple forms of verification
MFA adds an additional layer of security by requiring multiple forms of verification.
- Malware
- Hacking
- Cybercrime
- Firewall breach
Cybercrime involves gaining unauthorized access for financial gain.
39. Which of the following is NOT a common method used to protect sensitive data from being stolen or compromised during transmission over the internet?
- Encryption
- HTTPS (Hypertext Transfer Protocol Secure)
- Sharing data openly on public networks
- VPN (Virtual Private Network)
Sharing data openly on public networks does not protect sensitive data.
40. What is a zero-day exploit in the context of computer security?
- A software program that enhances computer performance
- A security vulnerability that is known to the public
- A security vulnerability that is exploited before a patch or solution is available
- A hardware component of a computer
A zero-day exploit is a vulnerability exploited before a solution is available.
41. Which of the following is a common method used by cybercriminals to distribute ransomware?
- Sending friendly emails with helpful links
- Encouraging strong and unique passwords
- Distributing malicious email attachments
- Providing free antivirus software
Cybercriminals often distribute ransomware through malicious email attachments.
42. What is the term for a security threat that involves an attacker intercepting and eavesdropping on communications between two parties without their knowledge or consent?
- Malware
- Hacking
- Eavesdropping
- Firewall breach
Eavesdropping involves intercepting and listening to communications.
43. What is the term for a type of malware that spreads by attaching itself to other legitimate programs or files and executing when those programs or files are run by the user?
- Worm
- Spyware
- Rootkit
- Virus
A virus attaches to other programs and executes when they run.
44. Which of the following is NOT a common characteristic of a phishing email?
- Urgent language and requests for immediate action
- Generic or misspelled sender email addresses
- Clear identification as a phishing email in the subject line
- Embedded suspicious links
Phishing emails typically do not clearly identify themselves as phishing emails.
45. What is the term for a security vulnerability that allows an attacker to execute malicious code on a computer or system without the user's knowledge or consent?
- Data breach
- Exploit
- Firewall
- Phishing
An exploit allows the execution of malicious code without the user's consent.
46. What is the term for a type of malware that spreads by disguising itself as a legitimate file or program and can replicate independently?
- Worm
- Trojan horse
- Spyware
- Rootkit
Worms are malware that can replicate independently and often disguise themselves as legitimate files or programs.
47. What is a common method used by phishing attacks to trick recipients into clicking on malicious links or downloading malware?
- Providing clear and legitimate sender information
- Using generic email subject lines
- Employing urgency and fear tactics
- Sending only text-based emails
Phishing attacks often employ urgency and fear tactics to trick recipients into taking action.
48. What is a firewall rule in the context of computer security?
- A program that enhances computer performance
- A guideline that determines how traffic is allowed or blocked on a network
- A type of malware
- A hardware component of a computer
A firewall rule is a guideline that determines how network traffic is allowed or blocked.
49. Which of the following is NOT typically targeted by phishing attacks?
- Email accounts
- Social media profiles
- Mobile phone settings
- Financial information
While phishing attacks can target various accounts and information, mobile phone settings are not a common phishing target.
50. What is the term for a type of malware that disguises itself as legitimate software but can damage, disrupt, or compromise the computer or data?
- Worm
- Trojan horse
- Spyware
- Firewall
A Trojan horse is malware that disguises itself as legitimate software but can harm the system or data.