Cyber Security Questions and Answers Part-9

1. Tailgating is also termed as ___________
a) Piggybacking
b) Pretexting
c) Phishing
d) Baiting

Answer: a
Explanation: Piggybacking is the technique used for social engineering, as the attacker or unauthorized person/individual follows behind an authorized person/employee & gets into an authorized area to observe the system, gain confidential data or for a fraudulent purpose.

2. Physical hacking is not at all possible in hospitals, banks, private firms, and non-profit organizations.
a) True
b) False

Answer: b
Explanation: Physical hacking, like other types of hacking, is possible in any institutions, organizations, clinics, private firms, banks or any other financial institutions. Hence, the above statement is false.

3. Stealing pen drives and DVDs after tailgating is an example of lack of _______ security.
a) network security
b) physical security
c) database security
d) wireless security

Answer: b
Explanation: When cyber-criminal gain access to an authorized area and steal pen drives and DVDs which contain sensitive information about an employee or about the organization, then it can be said that the physical security of the organization is weak.

4. ________ is the ability of an individual to gain physical access to an authorized area.
a) Network accessing
b) Database accessing
c) Remote accessing
d) Physical accessing

Answer: d
Explanation: Physical accessing without prior security checking is the ability of a person to gain access to any authorized area. Physical accessing is done using piggybacking or any other suspicious means

5. Which of the following is not considering the adequate measure for physical security?
a) Lock the drawers
b) Keep strong passwords for corporate laptops and mobile phones
c) Keep confidential organization’s document file open in the desk
d) Hide your hand against camera while inserting the PIN code

Answer: c
Explanation: Keeping confidential files left open in the desk is not an adequate way of maintaining physical security; as anyone can pick these up and perform physical hacking.

6. Which of the following is not a physical security measure to protect against physical hacking?
a) Add front desk & restrict unknown access to the back room
b) Create a phishing policy
c) Analyze how employees maintain their physical data and data storage peripheral devices
d) Updating the patches in the software you’re working at your office laptop.

Answer: d
Explanation: Updating the patches in your working software does not come under security measures for physical hacking. Updating the patches will help your software get free from bugs and flaws in an application as they get a fix when patches are updated.

7. IT security department must periodically check for security logs and entries made during office hours
a) True
b) False

Answer: a
Explanation: Checking for security logs and entries made by employees and other outsiders who entered the office can help in identifying whether any suspicious person is getting in and out of the building or not.

8. Which of them is not an example of physical hacking?
a) Walk-in using piggybacking
b) Sneak-in
c) Break-in and steal
d) Phishing

Answer: d
Explanation: Phishing does not come under physical security. Walk-in without proper authorization, sneaking in through glass windows or other means and breaking in and stealing sensitive documents are examples of physical hacking.

9. Physical _________ is important to check & test for possible physical breaches.
a) penetration test
b) security check
c) hacking
d) access

Answer: a
Explanation: Physical penetration test is important in order to check for the possible physical security breaches. Usually corporate firms and organizations stay busy in securing the networks and data and penetration testers are hired for data and network pentesting, but physical security breach can also equally hamper.

10. ___________ ensures the integrity and security of data that are passing over a network.
a) Firewall
b) Antivirus
c) Pentesting Tools
d) Network-security protocols

Answer: d
Explanation: The methods and processes in securing network data from unauthorized content extraction are controlled by network-security protocols.