CSCU

EXERCISE EXAM
Test Number: 1-50

QUESTION 1
Smith receives an email from his bank
informing him that it suspects an
unauthorized transaction on his account. To
protect his account, the email advises Smith
to click on a link to verify his identity and
provide any missing information in the form.
Smith is a victim of:
A. Website defacement and denial of service
B. Phishing attack.
C. Cyberterrorism
D. Web application attack

QUESTION 2
Stella needs to buy a gift for her friend on her
birthday. While shopping online, a message from the
Internet Service Provider (ISP) pops-up, which urges
Stella to click on the link to verify or update her
account information. Identify the type of social
engineering attack?

A.
B.
C.
D.

Computer-Based Social Engineering.

Human-Based Social Engineering
Social Engineering Using SMS
Spam Email

QUESTION 3
Cyber criminals can use your computer to steal personal
and other important information from you or do some
mischievous activities. John while surfing the Internet gets
a pop-up ad and it takes John to a website that offers a
free game for his computer. What is the best course action
for John?
A. Download the game now, and decide later whether to
install on his PC or give the game to his friend
B. Download the game, install it, as John can uninstall the
game anytime if there is any problem
C. Research about the game on the Internet and check
whether it is safe to download it or not.
D. Check whether the website is asking for any money. If it
is free, simply download the game

QUESTION 4
Social networking websites such as Facebook and Twitter allow
users to create their own personal webpages and connect with
their relatives and friends. Creating webpages on social networking
sites is fun and exciting. What if, while creating a website, the user
is not careful enough which can pave way for hackers and other
malicious users? Elisha also created her own webpage on
Facebook. She got a message on her wall saying "Hey Elisha, its
ur uncle Tom! Thanks for the invitation - Aunt Michel is f9 and we
both Love ur webpage. Wed love to join ur friend list!" What does
Elisha have to do now?
A. Accept the request
B. Deny the request.
C. Accept but give access to less information
D. Delete the webpage

QUESTION 5
It can be convenient to access email and surf the Internet using a
wireless computer. However, wireless networks can be vulnerable to
hackers unless the user takes necessary precautions. Ronald wants to
make an insurance policy and buy some stock online using his wireless
computer. While investing, the agency requires Ronald to prove his
identity and provide a security token. Using a security token when
investing online allows John to?
A. Log onto a public computer for a predetermined amount of

time
B. Carry his laptop safely overseas in a commercial airplane
C. Generate random pass-codes to access his online financial
accounts with added security.
D. Hedge his investment by moving a portion of his investment
into U.S. Securities

QUESTION 6
Pamela uses Internet to chat with her friends, work
on official documents, and bank online. She often
gets confused and could not trust the websites
that she is browsing when transferring money to
her daughter. How can she ensure that the data
sent between her computer and the banking
website is encrypted? (Select all that apply)
A. By checking the website link.
B. By reading the terms and conditions
C. By reading the privacy policies
D. Tiny padlock icon found at the bottom of a Web
site

QUESTION 7
Linda banks online to pay her utilities bills, shop,
etc. Which of the following are application-level
encryption protocols that Linda would most likely
use to bank online safely?
A. SSL and SET.
B. Verisign and SHA1
C. READY, SET, and GO
D. PGP, PEM, and SSL

QUESTION 8
Jeff wants to shop online but is concerned
about a company privacy policy. What
online purchase decision aid should he use?
A. Shopbot
B. Trust verification site.
C. Business rating site
D. Shopping portals

QUESTION 9
I want to request secure web pages using https://.
What port will I need to open on my firewall to
allow these SSL-encrypted packets to flow?
A. 22
B. 53
C. 80
D. 443.

QUESTION 10
Susan spends most of the time on computer working
and doing other things. Susan left her PC connected to
Internet idle for some time. An attacker, although was
not able to steal any information, remotely utilized her
PCs processor cycles for some of his computationally
intensive task. Classify the above breach of security?
A. Disclosure of information
B. Compromising integrity of the PC.
C. Denial of service attack
D. Buffer overflow attack

QUESTION 11
Anne suspects that her husband is cheating on her. He
spends most of his time on the Internet chatting with a woman.
When questioned, he says she is a good friend and a
colleague. On suspicion, Anne contacted her friend who
happened to be a network security administrator. Upon his
instructions, Anne installed a Keylogger when her husband
was away for work. How does a Keylogger can help Anne to
know whether her husband is cheating or not?
A. It captures the voice communication of her husband
B. Captures the control panel settings
C. Captures the .pdf (PDF-Printable Document Format) files
and sends them to her as attachments
D. Captures all the keystrokes that her husband types.

QUESTION 12
Company ABC has various departments that
have developed several private resources that
can be accessed using Internet protocols. The
company ABC now wants to link these resources
together. What type of network is being described
here?
A. Internet
B. Extranet
C. Intranet.
D. Virtual private network

QUESTION 13
Nancy wants to safeguard herself and
prevent her identity from being stolen. What
would you recommend her to do before
throwing away items with personal
information on them?

A. Write down the information for the records

B. Shred them or tear them up.
C. Not necessary to do anything
D. Contact the financial institution and verify

her transactions

QUESTION 14
Allen, a front office executive from Atlanta, has

never taken a backup of his system. He is

worried about security of the data in case his
system crashes. Which of the following type of
backup will you suggest to Allen if he wants to
take a complete backup of his system?

A. Normal Data Backup.

B. Incremental Data Backups
C. Differential Data Backup
D. Full Incremental Data Backups

QUESTION 15
Sharon recently purchased a new smart phone for

herself. While exploring her phone, she tried to set

her mobile phones Bluetooth security. Sharon
wants her phones Bluetooth to be in default
operation mode. Which among the following
options Sharon has to select to keep her mobile in
Bluetooths default security mode?
A. Non-secure mode.
B. Leaving security up to each application
C. Enforce link encryption for all traffic
D. Security settings default to a mobile policy server

QUESTION 16
Austin and Stuart are two brothers. Austin works for a reputed IT
firm and sometimes his job requires him to work from home
with his PC connected to the Internet. When Austin is away to
work, his brother Stuart uses his PC. Austin suspected that his
brother browses Internet frequently and watches porn on his
PC. Austin wants to quietly and automatically block all the porn
websites so that his brother does not visit them. What must
Austin do in order to block the porn websites automatically?
A. Install scanning tool to scan the system
B. Install a firewall that blocks all porn
C. Install an antivirus software and activate parental control.
D. Install a keylogger

QUESTION 17
Nick received an email promotion stating that

he has won a new car. The email asks him to

deposit $40 to the senders account and
provide some credentials. What will be the
best course of action for Nick in this situation?
A. Give only his social security number and

amount
B. Simply delete the email.
C. Scan the email
D. Forward the mail to FBI for investigation

QUESTION 18
Sandra spends most of the post-office hours chatting to her
friends on Facebook. Recently she came to know regarding
a group on Facebook - Babysitter Goes to Jail after she
Uploads This HORRIBLE Baby Photo Online. Due to
curiosity, she joined the group to know more about it. The
facilitator of this group has requested all its members to
raise funds for the innocent babies who are becoming the
victims of brutal harassment. What will you recommend
Sandra, whether to join the group or ignore it?
A. Quit the Facebook group, it may be a scam.
B. Raise funds for the babies
C. Just facilitate the group
D. Visit the group regularly

QUESTION 19
Emma purchased a new computer running Windows 7
operating system, with some relatively recent software
installed. Emma wants to disable some unwanted
services that are running on her computer. How does
she disable services so that she can disable the
unnecessary programs?
A. Start -> type "services.msc" in search box and press

ENTER to open the Services window.

B. Start -> All Programs -> Administrative Tools ->
Services
C. Start -> Control Panel -> Services
D. Start -> All Programs -> Services

QUESTION 20
Emerson works for a reputed finance corp. and has to
travel frequently to places. His laptop holds critical
financial information related to his clients and other
business deals. Laptop theft may lead to the disclosure
of information such as client names, confidential data,
and other financial details related to the corporate or
Internet environment. Which of the following is
recommended in order to protect his laptop from theft?
A. Encrypt all the data in laptop
B. Never leave the laptop unattended.
C. Enable GPS tracking in laptop
D. Password protect the login

QUESTION 21
Most of the students today spend their time on the Internet.
They share websites with each other using the chat rooms as
users. Some of the innocent kids may fall prey and visit
malicious links sent to them that might either be a kind of
trick to get their personal information or open a web page that
is not secure. Which of the following are the security tips you
need to follow to ensure that you dont fall trap for IM attacks?

A. Save and open any documents that you accept from your IM
contacts
B. Do not click on the links sent by unknown members in the
chat room.
C. You need to use your personal email ID to register to links
that are sent through IM
D. Do not open files with the extension etc.

QUESTION 22
Which among the following exploits

peoples tendency to select weak

passwords and uses a list of pre-defined
words to discover the correct passwords?
A. Guessing
B. Brute Forcing
C. Dictionary Attack.
D. Shoulder Surfing

QUESTION 23
Which of the following password will be the
strongest?
A. qwerty
B. administrator
C. Q!56ra@G.
D. mypassword

QUESTION 24
What is the process of encoding information
in a way so that only someone with a key
can decode it?
A. Compression
B. Steganography
C. Systemic variation
D. Encryption.

QUESTION 25
John used a tool to create an encrypted value

similar to
"b2638eeef37069d0e697f92ae7de46a7"
representing an important file. His network
administrator told him that this value will be
different every time there is a change in the file.
What is John generating in order to check the
integrity of the file?
A. Encryption algorithm
B. Hash value.
C. Encryption value
D. Decryption value

QUESTION 26
The screen below appears while you are browsing the Internet. What is the
most appropriate action you will take to keep your system secure?

A. You have an out of date browser, as indicated by the message. You

will click Protect PC Now button.
B. You have an out of date browser, as indicated by the message. You
will click Updates button in the left pane.
C. This is probably a malware attack. You will close the screen by
clicking Close (X) option at the right-top corner of the screen.
D. This screen doesnt give enough information. You will click Support
link, to receive more information

QUESTION 27
Bob wants to send a short confidential
message to Smith, using public key
cryptography. How should Bob achieve
that?
A. Bob should encrypt it with his private key
B. Bob should encrypt it with his public key
C. Bob should encrypt it with Smiths private
key
D. Bob should encrypt it with Smith's public
key.

QUESTION 28
Which of the following software programs
would enable an attacker to have a
complete control over a victims computer?
A. Virus
B. Worm
C. Trojan.
D. Keylogger

QUESTION 29
Nadal, the industrialist from Norway, was travelling
from his hometown to Zurich for business
purpose. On the way his phone was stolen by a
burglar. Which code Nadal may use to deactivate
his phone in order to save his personal as well as
confidential business information stored in his
phone?
A. IMEI code.
B. IEMI code
C. *#07*
D. #*07#

QUESTION 30
If you ever receive an unsolicited telephone
call from someone claiming to need your
password, what would you do?
A. Refuse and report immediately.
B. Write the password on a piece of paper,

put it in an envelope and send it by mail

C. Tell him/her the password and change it
the following day
D. Send him/her the password via email

QUESTION 31
Jason is skeptical of the security of his Internet connection. He suspects
that his system is infected with some Trojan which connects to a remote
attacker and sends sensitive data. On recommendation of one of his
friend who is a network administrator, Jason runs a Windows command
to find open ports, services, and applications associated with these
services. On running the command from the command prompt, Jason
gets following screen:

Which command is Jason running?

A. netstat a
B. netstat b.
C. netstat e
D. portstat b

QUESTION 32
Which of the following attack uses a highly
directional antenna and a laptop to
establish connections with Bluetoothenabled devices from over a half-mile
away?
A. Bluesniping.
B. Bluejacking
C. Fuzzing attack
D. Bluesnarfing

QUESTION 33
The North Carolina based healthcare company
stored medical data of customers without
implementing proper information security controls
which led to the disclosure of medical records of
hundreds of its customers. Which of the following
act can be invoked against the company?
A. HIPAA.
B. FERPA
C. PCI DSS
D. AAPIE

QUESTION 34
The following diagram shows a network device that is used for
connecting the modem to the network and determining the next network
point to which a packet should be forwarded. This device can access the
address of a network layer and can have incorporated software that
helps it identify the possible paths between the addresses and the
appropriate channels to transmit data.

Identify the device.

A. Hub
B. NICs
C. Modem
D. Router.

QUESTION 35
The advanced encryption standard (AES) is

an iterated symmetric block cipher defined in

FIPS, which means that it works by repeating
the same defined steps multiple times. What
key length does AES not support?
A. 128-bit
B. 512-bit.
C. 256-bit
D. 192-bit

QUESTION 36
Your IP address can link your Internet activities

directly to you; it can be used to find your name

and location. So protecting your Online Identity is a
must, thus Anonymous Web Surfing and the ability
to hide your IP address are mandatory in order to
ensure a high level of online protection. Which of
the following is an IP Address Hiding Tool?
A. TOR.
B. Hider IP
C. Anonymous Use
D. My IP

QUESTION 37
Which of the following will help prevent

unauthenticated access to the wireless

network?
A. HTTP and VPN
B. VPN and Ipsec.
C. HTTP and WEP
D. IPsec and HTTP

QUESTION 38
What does a user do if he does not want
everyone on the network to access his shared
disk or folder?
A. Create a hidden share by adding a percentage
sign (%) to the end of the share name
B. Create a hidden share by adding a dollar sign
($) to the start of the share name
C. Create a hidden share by adding a dollar sign
($) to the end of the share name.
D. Create a hidden share by adding a percentage
sign (%) to the start of the share name

QUESTION 39
Secure Sockets Layer (SSL) is the standard security
technology used to create a secure communication
channel between a server and a client. SSL insures
that:
A. All information transmitted between the web server

and the browser is sent via a third party service

provider
B. All information transmitted between the web server
and the browser is encrypted.
C. All information transmitted between the web server
and the browser is verified by a certificate authority
D. Both B & C

QUESTION 40
Jason calls a companys help desk and says he
has forgotten his password. He adds that if he
misses the deadline on a big advertising
project, his boss might fire him. What exactly
is Jason trying to do?

A. Make friends with the help desk executive

B. Using social engineering to extract
information from the help desk executive.
C. Trying to hack the password
D. Trying to create a social network

QUESTION 41

Identify the authorities represented by A, B, and C in a

digital certificate setup as depicted in following diagram:

A.
B.
C.
D.

A
A
A
A

Registration Authority (RA), B - Validation Authority (VA), C - Certificate Authority (CA)

Certificate Authority (CA), B - Registration Authority (RA), C - Validation Authority (VA)
Registration Authority (RA), B - Certificate Authority (CA), C - Validation Authority (VA).
Certificate Authority (CA), B - Validation Authority (VA), C - Registration Authority (RA)

QUESTION 42
The following diagram illustrates how a file or
folder can be encrypted in a Windows 7 system.

Which native encryption system Windows 7 uses to

secure files?
A. Advanced Encryption System (AES)
B. Encrypted File System (EFS).
C. Data Encryption System (DES)
D. Native Encryption System (NES)

QUESTION 43
John, while surfing the web for basic computer
security measures, learnt that all the disk drives
should be formatted with the NTFS file system. He
checked his system and discovered that his D:
drive is formatted with the FAT file system. Which
of the following command John can use to convert
the drive from FAT to NTFS in a Windows system?
A. convert D: /convert fat ntfs
B. convert D: /fs:ntfs.
C. convert D: /fs:fat ntfs
D. convert D: /fs:ntfs fat

QUESTION 44
Bob holds a credit card from a reputed bank. He
used the card to purchase goods at
https://amazon.com, but when the bank
statement was issued, he called the bank and
claimed that he never authorized the
transaction. Categorize this fraud?
A. Credit card mail order fraud
B. Skimming/counterfeit credit card
C. Chargeback fraud.
D. Card-not-present (CNP) fraud

QUESTION 45
Some of the common threats to wireless networks
include eavesdropping, data interception and
modification, denial-of-service, spoofing, etc. Which
one of the following sentences describes spoofing?
A. An attacker masquerading as a law enforcement
authority to gain access to the wireless network
B. An attacker using tools to find wireless access
points where they can pick up an SSID broadcast
C. It is an illegitimate technique of gaining access by
masquerading as a legitimate user.
D. D. An attacker shutting down the access points by
jamming the radio waves

QUESTION 46
Which of the following is true considering E-mail
threats?
A. Phishing mails lure victims to provide personal data.
B. In hoax mail, the user may receive spam mails that
contain malware, allowing attackers to take control
of the user's computer
C. In spamming, the user may receive threatening
emails that contain false information, insisting that
he or she forwards the email
D. Hoax mail contains attachments that may contain a
virus, trojan, worm, keyloggers, and more; opening
such attachments infects the computer

QUESTION 47
Robin frequently uses his credit cards to shop online.
He was shocked looking at his recent credit card
statement as he discovered some entries for items
that he never purchased. On checking with the online
shop, he was told that they have not done it and it
might have crept in due to some security problems in
credit card processing. Which of the following
standards will help Robin to resolve this issue?
A. HIPAA
B. FEMA
C. PCI DSS.
D. FERPA

QUESTION 48
Which of the following attack involves
anonymously sending an electronic
business card or photo to another
Bluetooth user?
A. Bluesniping
B. Bluejacking.
C. Fuzzing attack
D. Bluesnarfing

QUESTION 49
http://www.experian.com,
http://www.equifax.com, and
http://www.transunion.com are examples of
credit reporting agencies. You should contact
these agencies if suspect that your identity is
stolen. These agencies will help you in:
A. Investigating who has stolen the identity
B. Recovering your loss out of identity theft
C. Protecting from losses due to identity theft.
D. Creating a new identity for you

QUESTION 50
An attack that is intended to severely limit
access to network resources, Internet, or
other services is commonly referred to as:
A. Phishing
B. Spoofing
C. Denial of service.
D. Buffer overflow

GOOD LUCK