PYQ'S For Cyber Security Technique (SECCS-03)

on

 PYQ'S For Cyber Security  Technique (SECCS-03)

PAPER - DECEMBER 2025

1. Which policy defines secure behaviour rules inside any modern organization?

Answer: B) Security Policy

2. Which control is commonly used for strong physical security protection today?

Answer: B) CCTV Camera

3. Which device filters unwanted internet traffic using predefined network rules?

Answer: B) Network Firewall

4. Which technology is mainly used today for ensuring complete email security?

Answer: A) PGP

5. Which method ensures message integrity and authenticity during digital communication?

Answer: D) MAC

6. Which term refers to any unwanted program that slows down a computer without user permission?

Answer: A) Malware

7. Phishing attacks usually trick users using fraudulent emails to steal information?

Answer: B) Fake emails

8. How does a DoS attack try to overload targeted servers and stop important digital services?

Answer: A) Overloading servers

9. Which document lists step-by-step instructions for completing organizational technical activities?

Answer: B) Procedure

10. Which statement defines a software weakness that attackers can easily exploit?

Answer: A) Vulnerability

11. Which individuals inside organizations intentionally misuse authorized access privileges?

Answer: B) Insiders

12. Which of the following generally includes illegal activities performed using digital technologies?

Answer: D) Cyber-crime

13. Which threat arises when unknown individuals attempt unauthorized access from the internet?

Answer: A) External threat

14. Which technique ensures that users can access only the data required for their role?

Answer: B) Least privilege

15. Which Indian agency officially receives cyber-security incident related reports nationwide?

Answer: B) CERT-In

16. Which IDS feature stores security events to support later incident analysis?

Answer: A) Logging

17. Which security tool analyzes network packets to detect unusual connection patterns?

Answer: B) Packet Analyzer

18. Which intrusion detection system runs inside a single host to detect threats?

Answer: D) HIDS

19. Which system identifies attacks using signature comparison with known patterns?

Answer: A) Misuse IDS

20. Which policy guides organizations in responding to cybersecurity incidents effectively?

Answer: A) Incident Response Policy

21. Which step begins IT asset security by properly identifying valuable assets first?

Answer: B) Identify Asset

22. Which hardware module provides secure protection for encryption keys and signatures?

Answer: A) HSM

23. Which protocol provides wireless network security for modern Wi-Fi connections?

Answer: B) WPA

24. Which firewall category includes both software-based and hardware-based defence systems?

Answer: C) Both

25. Which communication technology uses radio waves for transmitting wireless internet signals?

Answer: B) Wi-Fi

26. Which cyber security model uses three dimensions for assessing information protection?

Answer: D) McCumber Cube

27. Which cyber security maturity model helps organizations measure their cyber readiness?

Answer: B) CMM Model

28. Which cyber exercises evaluate response effectiveness against simulated large cyber-attacks?

Answer: B) Cyber Exercises

29. Which malware attaches itself to executable software files in computers?

Answer: C) Virus

30. Which malicious program spreads automatically through networks without user action?

Answer: A) Worm

31. Which harmful program appears safe but secretly performs malicious activities?

Answer: B) Trojan

32. Which dangerous malware encrypts user data and demands ransom for decryption?

Answer: B) Ransomware

33. Which malware hides itself deeply inside systems to avoid detection completely?

Answer: A) Rootkit

34. Which web attack injects malicious scripts into vulnerable websites to harm users?

Answer: A) XSS (Cross-Site Scripting)

35. Which database attack manipulates SQL queries to gain unauthorized access?

Answer: B) SQL Injection

36. Which method protects applications by sanitizing user-submitted data before processing?

Answer: B) Data Sanitization

37. Which human-targeted cyber-attack manipulates trust to extract confidential information?

Answer: D) Social Engineering

38. Which voice-based attack tricks users using fraudulent phone calls and messages?

Answer: B) Vishing

39. Which social engineering technique uses free items to lure unsuspecting users?

Answer: C) Baiting

40. Which best defence prevents social engineering by continuous security awareness training?

Answer: B) Awareness Training

🔥MOST REPEATED TOPICS

IDS

  • HIDS
  • Misuse IDS
  • Logging

Malware

  • Virus
  • Worm
  • Trojan
  • Ransomware
  • Rootkit

Social Engineering

  • Phishing
  • Vishing
  • Baiting

Security

  • MAC
  • PGP
  • Firewall
  • Security Policy

Wireless Security

  • WPA
  • Wi-Fi

Web Security

  • XSS
  • SQL Injection

PAPER - JUNE 2025

1. MIME stands for

Answer: D. Multipurpose Internet Mail Extensions

2. Hackers who help in finding bugs and vulnerabilities and do not intend to crack a system are termed as

Answer: B. White Hat Hackers

3. Which is the legal form of hacking based on which jobs are provided in IT industries and firms?

Answer: C. Ethical Hacking

4. Which one of the following can be considered as the class of computer threats?

Answer: A. DoS Attack

5. A software that filters all data packets coming through the internet is known as

Answer: B. Firewall

6. In which of these a person is continually chased/followed by another person or a group?

Answer: B. Stalking

7. Which type of policy defines secure methods for remote connectivity?

Answer: C. Remote Access Policy

8. Which cryptographic technique ensures data integrity and authenticity?

Answer: B. MAC

9. What is an example of malicious software?

Answer: B. Virus

10. What is an example of physical security control?

Answer: A. Surveillance Cameras

11. What is the primary function of a security token?

Answer: B. Authenticating User Identity

12. What is the purpose of MIME?

Answer: B. To format multimedia content in emails

13. What is the primary goal of a cybercrime?

Answer: B. To cause financial, reputational, or data harm

14. Which of the following is an example of an insider attack?

Answer: B. A disgruntled employee leaking sensitive data

15. What is one way to prevent insider attacks?

Answer: A. Conducting regular employee background checks

16. Which of the following is an example of an outsider attack?

Answer: C. Ransomware spread by a hacker

17. What is one effective way to prevent outsider attacks?

Answer: B. Keeping software up-to-date with patches

18. What are the 3 P's of Cybercrime?

Answer: C. Protection, Phishing, Patches

19. What is the significant challenge of cybercrime?

Answer: B. Global jurisdiction issues

20. What is the effect of cybercrime on businesses?

Answer: B. Financial losses and reputational damage

21. What is the complexity of cybercrime investigations?

Answer: B. Multiple languages and technologies involved

22. What is the first step to reporting a cybercrime incident?

Answer: B. Inform the local cybercrime authority

23. What is an example of a property-related cybercrime?

Answer: A. Data theft or ransomware attack

24. Which type of attack involves using social engineering techniques?

Answer: D. Phishing

25. What is a botnet?

Answer: A. A network of infected devices controlled remotely by a hacker

26. What is the primary purpose of a botnet?

Answer: B. To perform large-scale cyberattacks

27. What is one common use of botnets in cybercrime?

Answer: A. Distributed Denial of Service (DDoS) attacks

28. A software program that masquerades as regular programs such as games and utilities.

Answer: A. Trojan Horse

29. A type of malware used as a digital mechanism for extortion.

Answer: B. Ransomware

30. A virus cannot perform its task of harming and replication unless it is allowed to

Answer: D. Execute

31. HTML stands for

Answer: A. Hypertext Markup Language

32. What is the primary purpose of an Intrusion Detection System (IDS)?

Answer: B. To detect and alert about potential security breaches

33. Which type of IDS analyzes network traffic to detect suspicious activities?

Answer: A. Network-Based IDS (NIDS)

34. How does a Signature-Based IDS identify threats?

Answer: A. By comparing network activity to predefined attack patterns

35. HTTP stands for

Answer: A. Hypertext Transfer Protocol

36. What is Cross-Site Scripting (XSS)?

Answer: B. An injection attack where malicious scripts are executed in a user's browser

37. How can Cross-Site Scripting (XSS) attacks be prevented?

Answer: B. By validating and sanitizing user inputs on the server and client sides

38. What is the primary function of NCIIPC?

Answer: B. To protect critical information infrastructure from cyber threats

39. What is a key objective of the National Cyber Security Policy of India?

Answer: B. To strengthen the resilience of India's cyberspace

40. Which organization is responsible for handling cybersecurity incidents in India?

Answer: C. Indian Computer Emergency Response Team (CERT-In)

🔥HIGH-PROBABILITY TOPICS

Very Important

  • White Hat Hackers
  • Ethical Hacking
  • Firewall
  • MAC
  • IDS / NIDS
  • XSS
  • CERT-In
  • NCIIPC
  • National Cyber Security Policy

Malware

  • Virus
  • Trojan Horse
  • Ransomware
  • Botnet

Cyber Crime

  • Insider Attack
  • Outsider Attack
  • Phishing
  • Stalking
  • DDoS

Web Security

  • HTML
  • HTTP
  • XSS

Email Security

  • MIME

PAPER - DECEMBER 2024

1. What is the primary purpose of an IT security policy?

Answer: (B) To define security protocols

2. Which of the following is an example of physical security?

Answer: (C) Security guards

3. What does “PGP” stand for in e-mail security?

Answer: (A) Pretty Good Privacy

4. Which of the following is a type of insider attack?

Answer: (C) Data theft by employees

5. Which type of IDS focuses on analysing network traffic?

Answer: (B) Network-based IDS

6. IDS is an abbreviation for:

Answer: (A) Intrusion Detection System

7. What does the McCumber Cube represent?

Answer: (B) Dimensions of Cybersecurity

8. Which wireless security protocol is considered outdated?

Answer: (C) WEP

9. What is the primary function of spyware?

Answer: (A) To collect user information without their knowledge

10. Which type of malware disguises itself as legitimate software?

Answer: (B) Trojan Horse

11. Which is an example of mobile malware?

Answer: (B) Android Ransomware

12. What is the primary aim of a rootkit?

Answer: (B) Gain unauthorized control

13. What is XSS?

Answer: (A) Cross-Site Scripting

14. Which protocol ensures secure communication on the web?

Answer: (C) HTTPS

15. What is “vishing”?

Answer: (B) Phishing via phone calls

16. Which tool is often used for social engineering attacks?

Answer: (B) Email Spoofing Tools

17. What does NCIIPC focus on?

Answer: (A) Critical Infrastructure Protection

18. Which country developed the “International Strategy for Cyberspace”?

Answer: (A) United States

19. Which cybersecurity principle ensures that data is not altered?

Answer: (B) Integrity

20. What does a “pharming” attack involve?

Answer: (A) Redirecting users to fraudulent websites

21. What is the primary feature of a “zero-day attack”?

Answer: (B) Exploits vulnerabilities before they are patched

22. What does a “DDoS” attack aim to do?

Answer: (B) Overwhelm a network with traffic

23. Which protocol is often used for secure remote login?

Answer: (B) SSH

24. What is the role of Multi-Factor Authentication (MFA)?

Answer: (B) To enhance user security

25. Which component is crucial in a secure email communication system?

Answer: (C) Encryption

26. What is “ransomware” primarily used for?

Answer: (B) Encrypt data for ransom

27. What is “keylogging”?

Answer: (B) Recording keystrokes to capture sensitive information

28. Which is a common risk assessment methodology?

Answer: (A) NIST SP 800-30

29. Which framework is commonly used in cybersecurity risk management?

Answer: (A) NIST Cybersecurity Framework

30. What does the “C” in COBRA methodology stand for?

Answer: (C) Comprehensive

31. Which tool is used for Threat Agent Risk Assessment?

Answer: (A) TARA

32. Which tool is commonly used to create a disk image?

Answer: (A) FTK Imager

33. Which organization oversees CERT-In?

Answer: (D) Ministry of Electronics and IT (MeitY)

34. Which type of malware is designed to secretly monitor user activity?

Answer: (B) Spyware

35. What is SQL Injection primarily used to exploit?

Answer: (A) Web Application Vulnerabilities

36. Which cryptographic method ensures secure key exchange over public networks?

Answer: (A) RSA

37. CERT stands for:

Answer: (A) Computer Emergency Response Team

38. The critical sectors include Defense, Finance, Energy, Transportation and:

Answer: (D) Telecommunications

39. WEP stands for:

Answer: (A) Wired Equivalent Privacy

40. EXITO stands for:

Answer: (A) Exercise Event Injection Toolkit

🔥MOST IMPORTANT QUESTIONS

Social Engineering

  • Vishing
  • Pharming
  • Email Spoofing

Malware

  • Spyware
  • Trojan Horse
  • Rootkit
  • Ransomware
  • Android Ransomware

Web Security

  • XSS
  • HTTPS
  • SQL Injection

Risk Management

  • NIST SP 800-30
  • NIST Cybersecurity Framework
  • COBRA
  • TARA

Government Initiatives

  • CERT
  • CERT-In
  • NCIIPC
  • MeitY

Wireless Security

  • WEP

🚨 Repeated Across Paper I, II & III

These have appeared multiple times:

✅ CERT-In
✅ NCIIPC
✅ IDS / NIDS
✅ PGP
✅ Firewall
✅ WEP / WPA
✅ Trojan Horse
✅ Ransomware
✅ Spyware
✅ XSS
✅ Social Engineering
✅ Vishing
✅ National Cyber Security Policy
✅ McCumber Cube

These are extremely likely to be asked again in exams.


PAPER IV (Q1–40)

1. SMTP stands for:

Answer: (A) Simple Mail Transfer Protocol

2. How many versions of IP are available?

Answer: (C) 2 Version (IPv4 and IPv6)

3. The term LAN stands for:

Answer: (B) Local Area Network

4. If systems use separate protocols, which device is used to link them?

Answer: (B) Gateway

5. The private key in asymmetric key cryptography is kept by:

Answer: (B) Receiver

6. In which switching method is the message divided into small packets?

Answer: (B) Packet Switching

7. DNS stands for:

Answer: (C) Domain Name System

8. What is a Firewall in Computer Network?

Answer: (C) A system designed to prevent unauthorized access

9. DHCP is the abbreviation of:

Answer: (B) Dynamic Host Configuration Protocol

10. What is the meaning of Bandwidth in Network?

Answer: (A) Transmission capacity of a communication channel

11. Each IP packet must contain:

Answer: (C) Source and Destination Address

12. _____ provides a connection-oriented reliable service for sending messages.

Answer: (A) TCP

13. What is the minimum header size of an IP packet?

Answer: (C) 20 Bytes

14. Which of the following can be Software?

Answer: (B) Firewalls

15. Computer Network is:

Answer: (D) All of the Above

16. A set of rules that govern all aspects of information communication is called:

Answer: (C) Protocol

17. Which set of protocols defines all transmission exchanges across the Internet?

Answer: (B) TCP/IP

18. What is Internet?

Answer: (B) A vast collection of different networks

19. How many layers are present in the Internet Protocol Stack (TCP/IP Model)?

Answer: (A) 5

20. A program used to view websites is called:

Answer: (A) Browser

21. A collection of hyperlinked documents on the Internet forms the:

Answer: (A) World Wide Web (WWW)

22. The location of a resource on the Internet is given by its:

Answer: (B) URL

23. HTTP stands for:

Answer: (C) Hypertext Transfer Protocol

24. Which software prevents external access to a system?

Answer: (A) Firewall

25. Which one of the following is the most common Internet protocol?

Answer: (C) TCP/IP

26. FTP stands for:

Answer: (C) File Transfer Protocol

27. Who deploys malware to a system or network?

Answer: (B) Criminal organizations, Black Hat Hackers, Malware Developers, Cyber-terrorists

28. The full form of Malware is:

Answer: (D) Malicious Software

29. Which option is used to protect data and passwords?

Answer: (A) Encryption

30. _____ is NOT a proper method for email security.

Answer: (A) Click on unknown links to explore

31. Authentication is:

Answer: (B) To assure identity of user on a remote system

32. A virus that migrates freely within a large population of unauthorized email users is called:

Answer: (D) Worm

33. Data _____ is used to ensure confidentiality.

Answer: (C) Encryption

34. Packet filtering firewalls are deployed on:

Answer: (C) Routers

35. Cybersecurity is also referred to as:

Answer: (C) Information Technology Security

36. Which of the following can be considered as elements of Cyber Security?

Answer: (D) All of the Above

37. Which type of text is transformed with the help of a cipher algorithm?

Answer: (A) Plain Text

38. In Digital Signature, there is _____ relationship between signature and message.

Answer: (A) One to One

39. _____ refers to sending email to thousands and thousands of users.

Answer: (C) Email Spamming

40. Mobile Security is also known as:

Answer: (B) Wireless Security

🎯 MOST REPEATED QUESTIONS FROM ALL 4 PAPERS

Internet & Networking

✅ TCP/IP
✅ DNS
✅ HTTP / HTTPS
✅ FTP
✅ SMTP
✅ DHCP
✅ URL
✅ LAN
✅ Browser
✅ WWW

Security Basics

✅ Security Policy
✅ Firewall
✅ Encryption
✅ Authentication
✅ Digital Signature
✅ MAC
✅ PGP

IDS

✅ IDS
✅ NIDS
✅ HIDS
✅ Misuse IDS

Malware

✅ Virus
✅ Worm
✅ Trojan Horse
✅ Spyware
✅ Rootkit
✅ Ransomware

Social Engineering

✅ Phishing
✅ Vishing
✅ Baiting
✅ Pharming

Web Security

✅ XSS
✅ SQL Injection

Government & National Security

✅ CERT-In
✅ CERT
✅ NCIIPC
✅ National Cyber Security Policy
✅ MeitY

Wireless Security

✅ WEP
✅ WPA
✅ Wi-Fi

Risk Management

✅ McCumber Cube
✅ NIST Framework
✅ TARA
✅ COBRA

🔥 TOP 25 QUESTIONS MOST LIKELY TO APPEAR

  1. CERT-In Full Form
  2. NCIIPC Full Form
  3. IDS Full Form
  4. Difference between HIDS and NIDS
  5. Firewall Function
  6. PGP Full Form
  7. MAC Purpose
  8. What is Malware?
  9. What is Ransomware?
  10. What is Spyware?
  11. What is Trojan Horse?
  12. What is Worm?
  13. What is Phishing?
  14. What is Vishing?
  15. What is Baiting?
  16. What is XSS?
  17. What is SQL Injection?
  18. What is McCumber Cube?
  19. What is WEP?
  20. What is WPA?
  21. What is HTTPS?
  22. What is TCP/IP?
  23. What is DNS?
  24. What is Encryption?
  25. National Cyber Security Policy (2013)

Comments

Post a Comment