Here are 100 multiple choice questions with answers based on Lecture 1: Basics of Information

Security from your uploaded PDF. Each question is followed immediately by its correct answer.

1. What is the primary goal of information security?

A. Protect software updates
B. Protect information and its critical elements
C. Limit internet access
D. Increase data traffic
Answer: B

2. What term describes a weakness that can be exploited by a threat?

A. Malware
B. Risk
C. Vulnerability
D. Authentication
Answer: C

3. Which of the following refers to a possible danger that might exploit a vulnerability?
A. Patch
B. Attack
C. Threat
D. Breach
Answer: C

4. What is a security service?

A. A free antivirus
B. A backup server
C. A service that enhances data security
D. A password reset tool
Answer: C

5. What is a security mechanism?

A. Tool to monitor disk space
B. Process or device to detect/prevent/recover from attacks
C. Network printer
D. File compressor
Answer: B
 6. Which one of these is NOT a security service category?
A. Confidentiality
B. Authentication
C. Encryption
D. Integrity
Answer: C

7. Which service ensures information is only accessible to authorized users?

A. Availability
B. Authentication
C. Confidentiality
D. Integrity
Answer: C

8. Traffic analysis attacks affect which security service?

A. Authentication
B. Confidentiality
C. Availability
D. Non-repudiation
Answer: B

9. Which service assures that communication is genuine?

A. Confidentiality
B. Authentication
C. Availability
D. Integrity
Answer: B

10. Access control involves:

A. Encrypting data
B. Limiting network access based on ID
C. Increasing storage
D. Replacing hardware
Answer: B

11–20: Security Services Categories

11. Integrity ensures that information is:

A. Readable
B. Unchanged and accurate
 C. Compressed
D. Available
Answer: B

12. Non-repudiation prevents:

A. Data backups
B. Repetition of emails
C. Denial of sending/receiving messages
D. System updates
Answer: C

13. What does availability guarantee?

A. Data remains confidential
B. System is accessible when needed
C. All users are authenticated
D. Data is compressed
Answer: B

14. Denial of Service (DoS) attacks affect:

A. Integrity
B. Availability
C. Authentication
D. Confidentiality
Answer: B

15. Which of the following is an example of integrity protection?

A. Encrypting messages
B. Blocking unauthorized users
C. Ensuring no message alteration
D. Allowing all users access
Answer: C

16. Authentication in ongoing interactions ensures:

A. No one modifies the system
B. Only one party is legitimate
C. Both entities are genuine
D. Data is archived
Answer: C

17. Which of the following involves verifying access rights based on identity?
A. Cryptography
 B. Access control
C. Repudiation
D. Firewall
Answer: B

18. Message integrity protection prevents:

A. Unauthorized use
B. Reading messages
C. Message duplication or tampering
D. Logging out
Answer: C

19. Which service ensures the system meets performance specifications when accessed?
A. Confidentiality
B. Integrity
C. Non-repudiation
D. Availability
Answer: D

20. Which service is targeted in traffic analysis attacks?

A. Integrity
B. Confidentiality
C. Access control
D. Availability
Answer: B

21–40: Types of Security Attacks

21. An attack that destroys or disables system assets is called:

A. Interception
B. Fabrication
C. Interruption
D. Modification
Answer: C

22. Jamming wireless signals is an example of:

A. Fabrication
B. Interruption
C. Repudiation
 D. Modification
Answer: B

23. Unauthorized reading of messages is known as:

A. Fabrication
B. Modification
C. Interception
D. Repudiation
Answer: C

24. Eavesdropping on a communication is an example of:

A. Interception
B. Interruption
C. Integrity
D. Availability
Answer: A

25. Changing stored information without authorization is called:

A. Modification
B. Interception
C. Fabrication
D. Repudiation
Answer: A

26. Altering program contents is a type of attack on:

A. Availability
B. Authentication
C. Integrity
D. Non-repudiation
Answer: C

27. Inserting a fake message into a system is an example of:

A. Interruption
B. Fabrication
C. Interception
D. Modification
Answer: B

28. Sending a fake email from someone’s account is a form of:

A. Interception
B. Fabrication
 C. Unauthorized access
D. Modification
Answer: B

29. Repudiation means a user:

A. Modifies data
B. Denies sending or receiving data
C. Creates a virus
D. Encrypts data
Answer: B

30. Unauthorized access attacks target:

A. Confidentiality
B. Authentication
C. Access Control
D. Non-repudiation
Answer: C

Multiple Choice Questions: Basics of Information Security (1-100)

...(Questions 1–30 already included)...

31. Which attack involves unauthorized data alteration?

A. Fabrication
B. Modification
C. Interruption
D. Interception
Answer: B

32. A hacker inserts fake records into a database. This is an example of:
A. Modification
B. Repudiation
C. Fabrication
D. Interception
Answer: C

33. Denying receipt of an email by a user is an example of:

A. Repudiation
B. Fabrication
C. Modification
D. Interception
Answer: A

34. Gaining illegal access to systems is termed:

A. Authentication
B. Unauthorized Access
C. Fabrication
D. Repudiation
Answer: B

35. The attack type that targets availability is:

A. Interruption
B. Modification
C. Interception
D. Fabrication
Answer: A

36. Interception targets which service?

A. Integrity
B. Confidentiality
C. Non-repudiation
D. Availability
Answer: B

37. Which mechanism ensures only legitimate entities can access data?
A. Intrusion detection
B. Access control
C. Auditing
D. Traffic analysis
Answer: B

38. Which method ensures authenticity and non-repudiation?

A. Firewall
B. Encryption
C. Digital signature
D. Cryptography
Answer: C

39. What is the goal of intrusion detection?

A. Control access
B. Prevent attacks
C. Detect attacks
D. Recover data
Answer: C

40. What is used to document security-related events?

A. Firewall
B. Cryptography
C. Access matrix
D. Auditing
Answer: D

41. What converts plaintext into ciphertext?

A. Auditing
B. Firewall
C. Cryptography
D. Integrity
Answer: C

42. What restricts the flow of information in a network?

A. Access control
B. Information flow control
C. Encryption
D. Repudiation
Answer: B

43. Access Control Matrix is used in:

A. Networks only
B. Applications only
C. Operating systems and databases
D. Email systems
Answer: C

44. Firewalls are used to:

A. Encrypt files
B. Authenticate users
C. Control traffic between networks
D. Detect malware
Answer: C
45. Cybersecurity strategy starts with:
A. Protection
B. Detection
C. Response
D. Identification
Answer: D

46. The final step in handling risks is:

A. Detect
B. Identify
C. Recover
D. Protect
Answer: C

47. Which phase comes immediately after an attack is detected?

A. Recover
B. Protect
C. Respond
D. Identify
Answer: C

48. Which attack attempts to deny services to users?

A. Fabrication
B. DoS
C. Interception
D. Repudiation
Answer: B

49. Security mechanisms are used to:

A. Record data
B. Replace systems
C. Implement security services
D. Disable firewalls
Answer: C

50. The main aim of confidentiality is to:

A. Authenticate users
B. Protect from traffic analysis
C. Ensure authorized access only
D. Encrypt all files
Answer: C
51. What ensures that messages are received without duplication or reordering?
A. Confidentiality
B. Connection-oriented integrity
C. Authentication
D. Availability
Answer: B

52. A fake message in a network is an example of:

A. Modification
B. Fabrication
C. Interruption
D. Interception
Answer: B

53. The ability to prove message origin is ensured by:

A. Integrity
B. Authentication
C. Non-repudiation
D. Availability
Answer: C

54. What is the unreadable form of a message called in cryptography?

A. Plaintext
B. Ciphertext
C. Encryption
D. Traffic
Answer: B

55. What mechanism ensures documents are genuine?

A. Cryptography
B. Digital signature
C. Firewall
D. Auditing
Answer: B

56. What is the first step in cyber risk management?

A. Detect
B. Identify
C. Respond
D. Recover
Answer: B
57. Which step involves deploying protection mechanisms?
A. Respond
B. Identify
C. Protect
D. Detect
Answer: C

58. After an attack, the goal is to:

A. Deny access
B. Reduce damage
C. Detect threats
D. Archive data
Answer: B

59. The function of intrusion detection is to:

A. Prevent access
B. Log data
C. Detect attacks
D. Encrypt data
Answer: C

60. What does confidentiality prevent?

A. Modification
B. Loss of access
C. Unauthorized disclosure
D. Malware
Answer: C

61. A firewall is most useful for:

A. Authentication
B. Preventing unauthorized traffic
C. Recovering data
D. Modifying passwords
Answer: B

62. What ensures data isn’t altered during transmission?

A. Confidentiality
B. Non-repudiation
C. Integrity
D. Access Control
Answer: C
63. Which of the following services help track who did what in the system?
A. Repudiation
B. Authentication
C. Auditing
D. Cryptography
Answer: C

64. What makes sure information is accessible when needed?

A. Integrity
B. Confidentiality
C. Authentication
D. Availability
Answer: D

65. Which service makes sure both parties are legitimate in communication?
A. Integrity
B. Authentication
C. Confidentiality
D. Fabrication
Answer: B

66. Which attack type alters the order of messages?

A. Interruption
B. Interception
C. Modification
D. Fabrication
Answer: C

67. What category does inserting fake database records fall under?
A. Modification
B. Fabrication
C. Interception
D. Interruption
Answer: B

68. Unauthorized use of someone else's password is:

A. Authentication
B. Interception
C. Unauthorized access
D. Auditing
Answer: C
69. Which of the following is not part of the cybersecurity framework?
A. Identify
B. Encrypt
C. Protect
D. Recover
Answer: B

70. What is used to analyze the frequency and length of messages?

A. Firewall
B. Traffic analysis
C. Encryption
D. Cryptography
Answer: B

71. Which security principle makes sure messages aren’t replayed?

A. Confidentiality
B. Integrity
C. Authentication
D. Repudiation
Answer: B

72. What term describes message alteration prevention in a stream of communication?

A. Authentication
B. Connection-oriented integrity
C. Digital signing
D. Availability
Answer: B

73. What ensures the receiver of a message cannot deny receipt?

A. Non-repudiation
B. Confidentiality
C. Authentication
D. Integrity
Answer: A

74. The term for ensuring information is accurate and complete is:
A. Availability
B. Confidentiality
C. Integrity
D. Authentication
Answer: C
75. Which of the following security attacks involves listening to communication?
A. Modification
B. Fabrication
C. Interception
D. Interruption
Answer: C

76. What does the Access Control Matrix define?

A. Password rules
B. Allowed user access levels
C. Firewall rules
D. Encryption methods
Answer: B

77. Which component blocks unauthorized access from the internet?

A. Antivirus
B. Firewall
C. Encryption
D. Cryptography
Answer: B

78. Which mechanism can prove that a document was sent by a legitimate user?
A. Intrusion detection
B. Digital signature
C. Authentication token
D. Access control
Answer: B

79. What makes a message unreadable during transfer?

A. Firewalls
B. Cryptography
C. Auditing
D. Intrusion detection
Answer: B

80. What ensures only verified users can access a resource?

A. Auditing
B. Authentication
C. Repudiation
D. Non-repudiation
Answer: B
81. What kind of attack inserts a fake object into the system?
A. Modification
B. Fabrication
C. Interception
D. Integrity
Answer: B

82. Who is responsible for logging all security-related events?

A. Firewall
B. Cryptography tool
C. Auditing system
D. Antivirus
Answer: C

83. What controls communication between the Internet and an intranet?

A. Encryption
B. Firewall
C. Integrity checker
D. IDS
Answer: B

84. If someone denies a transaction they actually made, it's a case of:
A. Modification
B. Interception
C. Repudiation
D. Interruption
Answer: C

85. The role of encryption in information security is to:

A. Detect attacks
B. Make messages unreadable to unauthorized users
C. Replace passwords
D. Block websites
Answer: B

86. Security services are implemented by:

A. Authentication only
B. Security mechanisms
C. Antivirus software
D. Firewalls only
Answer: B
87. The attack that involves listening and recording communication is called:
A. Eavesdropping
B. Modification
C. Repudiation
D. Fabrication
Answer: A

88. Which mechanism is responsible for detecting intrusions?

A. Firewall
B. Access control
C. IDS (Intrusion Detection System)
D. Digital signature
Answer: C

89. What does an interruption attack affect?

A. Integrity
B. Confidentiality
C. Availability
D. Authentication
Answer: C

90. The ability to trace back user actions is supported by:

A. Authentication
B. Availability
C. Auditing
D. Encryption
Answer: C

91. What is a common example of an interception attack?

A. File deletion
B. Packet sniffing
C. System crash
D. Network reset
Answer: B

92. The purpose of a digital signature is to:

A. Encrypt emails
B. Detect malware
C. Prove origin and integrity
D. Compress files
Answer: C
93. Ensuring a sender cannot deny sending a message is:
A. Confidentiality
B. Non-repudiation
C. Integrity
D. Auditing
Answer: B

94. Which of these provides assurance about the origin of a message?

A. Authentication
B. Encryption
C. Interception
D. Availability
Answer: A

95. Which mechanism works after an attack has happened?

A. Protection
B. Recovery
C. Prevention
D. Availability
Answer: B

96. Cryptography converts:

A. Authentication to password
B. Plaintext to ciphertext
C. Network to domain
D. User ID to access level
Answer: B

97. Repudiation affects which service?

A. Integrity
B. Availability
C. Non-repudiation
D. Authentication
Answer: C

98. Data that is readable is referred to as:

A. Ciphertext
B. Traffic data
C. Plaintext
D. Metadata
Answer: C
99. Recovering normal operations after an incident is:
A. Protection
B. Response
C. Recovery
D. Identification
Answer: C

100. Which tool controls access based on rules and policies?

A. IDS
B. Firewall
C. Antivirus
D. Encryption key
Answer: B