In today’s digital world, understanding online threats and protection methods is very important. One of the easiest ways to test your knowledge is by practicing cyber security MCQ. These multiple-choice questions cover topics like malware, phishing, network security, encryption, and ethical hacking. Whether you are a student, a professional preparing for exams, or someone who wants to improve your cybersecurity skills, practising MCQs helps you learn quickly and remember important concepts. By answering these questions, you can identify your weak areas, stay updated with the latest security trends, and build confidence to face real-world challenges in cyber security.
Cyber Security MCQ With Answers
Q.Which of the following is the correct expansion of the CIA triad in information security?
A) Confidentiality, Integrity, Availability
B) Control, Integrity, Authentication
C) Confidentiality, Identity, Authentication
D) Control, Identity, Availability
Answer: A
Q.What does a firewall primarily do in a network?
A) Encrypts all outgoing data
B) Prevents unauthorized access to the network
C) Removes malware from user devices
D) Optimizes network performance
Answer: B
Q. Which type of attack is defined as overwhelming a service with excessive traffic to make it unavailable?
A) Phishing
B) Man‑in‑the‑Middle
C) DDoS (Distributed Denial of Service)
D) SQL Injection
Answer: C
Q.What is “phishing”?
A) A technique of guessing passwords by trial
B) A social engineering method to trick users into giving sensitive information
C) A way to encrypt data for secure transmission
D) A method to monitor network traffic
Answer: B
Q.Which of the following is NOT a type of malware?
A) Worm
B) Trojan horse
C) Firewall
D) Virus
Answer: C
Q.What is the purpose of encryption in cyber‑security?
A) To speed up network transmission
B) To convert data into a form unreadable by unauthorized users
C) To remove all system vulnerabilities
D) To monitor user activity
Answer: B
Q.A “zero‑day vulnerability” refers to:
A) A system with zero users
B) A vulnerability known to the vendor but not patched yet
C) A vulnerability unknown to the vendor and unpatched
D) A vulnerability that cannot be exploited
Answer: C
Q.Which of these is considered an element of cyber security?
A) Operational security
B) Network security
C) Application security
D) All of the above
Answer: D
Q.Multi‑Factor Authentication (MFA) requires:
A) Only a password
B) Two or more independent credentials
C) Only biometric verification
D) Only a smart‑card
Answer: B
Q.Which protocol is commonly used to secure web traffic with encryption?
A) HTTP
B) FTP
C) HTTPS
D) SMTP
Answer: C
Q.Which of the following is a symmetric key encryption algorithm?
A) RSA
B) AES
C) Diffie‑Hellman
D) ECC
Answer: B
Q.The primary goal of a honeypot in cyber‑security is to:
A) Steal user credentials
B) Serve as a decoy system to lure attackers
C) Encrypt all network traffic
D) Monitor user behavior only
Answer: B
Q.What does “least privilege” mean in access control?
A) Giving users full administrative access
B) Users get only the permissions they absolutely need
C) No user is allowed any privilege
D) Privileges are revoked daily
Answer: B
Q.Which of the following attacks intercepts and possibly alters communication between two parties without their knowledge?
A) Phishing
B) Man‑in‑the‑Middle (MITM)
C) Brute force
D) Ransomware
Answer: B
Q.What is the main purpose of a Security Information and Event Management (SIEM) system?
A) To encrypt data in transit
B) To monitor, detect and respond to security incidents
C) To optimize database performance
D) To replace firewalls
Answer: B
Q.In the OSI model, which layer is responsible for encryption and decryption?
A) Network layer
B) Data link layer
C) Presentation layer
D) Session layer
Answer: C
Q.Which of the following is a type of social engineering attack?
A) Worm propagation
B) SQL injection
C) Phishing email
D) Hardware failure
Answer: C
Q.What is the purpose of a security patch?
A) To add new features only
B) To fix vulnerabilities or bugs in the software
C) To remove the operating system
D) To block all network traffic
Answer: B
Q.Which of these is an example of endpoint security?
A) Network segmentation
B) Anti‑virus on user devices
C) SIEM system
D) Data backup solutions
Answer: B
Q.What does “non‑repudiation” ensure in cyber security?
A) User cannot deny their actions or transactions
B) System can’t refuse service
C) Data is not accessible
D) System downtime is minimal
Answer: A
Q.Which of the following describes “malware”?
A) Legitimate software for maintenance
B) Software intentionally designed to cause damage or exploit systems
C) A firewall program
D) A user’s browser extension
Answer: B
Q.What is the role of a certification authority (CA) in Public Key Infrastructure (PKI)?
A) To generate private keys for users
B) To authenticate and issue public key certificates
C) To monitor network traffic
D) To encrypt user files locally
Answer: B
Q.What is SQL Injection?
A) Injecting hardware into servers
B) A network layer attack
C) Exploiting vulnerabilities in web applications to execute SQL commands
D) A kind of firewall rule
Answer: C
Q.Which attack tries to guess a password by trying many possibilities until it finds the correct one?
A) Brute force attack
B) Phishing
C) Man‑in‑the‑Middle
D) Insider threat
Answer: A
Q.What does “vulnerability” mean in cyber‑security context?
A) A tool used to monitor users
B) A weakness in a system that can be exploited
C) A protective barrier
D) An encryption algorithm
Answer: B
Q.What is “information security”?
A) Protecting data only when in transit
B) Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction
C) Physical security of hardware only
D) User password reset process
Answer: B
Q.Which of the following is NOT an objective of cyber‑security?
A) Confidentiality
B) Integrity
C) Availability
D) Replace user passwords daily
Answer: D
Q.What is “social engineering”?
A) Engineering of social networks for marketing
B) Psychological manipulation of people to perform actions or divulge confidential information
C) A hardware design technique
D) Software patching process
Answer: B
Q.What is the difference between “threat” and “risk”?
A) Threat is a potential harmful event; risk is the likelihood of that event and its impact
B) Risk is a harmful event; threat is the chance of event happening
C) They are the same
D) Neither is relevant in cyber‑security
Answer: A
Q.Which of the following best describes “two‑factor authentication”?
A) A single password login
B) Password + something you know
C) Password + something you have or are (biometric)
D) Fingerprint only
Answer: C
Q.A “backdoor” in software is:
A) A tool to securely access system
B) An undocumented method to bypass normal authentication or encryption
C) A firewall rule
D) A network backup tool
Answer: B
Q.What is “spyware”?
A) Software that records computer activity and sends it to someone else without user consent
B) Software that protects you from viruses
C) A firewall
D) A backup utility
Answer: A
Q.Which of the following is a “brute‑force attack” defence measure?
A) Disable passwords
B) Use multi‑factor authentication
C) Use older encryption
D) Remove firewalls
Answer: B
Q.What is “cryptography”?
A) Study of hidden treasures
B) Practice of securing information by converting it into an unreadable format
C) Removing malware only
D) Monitoring user behaviour
Answer: B
Q.Which of the following is considered a physical security control?
A) Password policy
B) Door access card
C) Firewall rule
D) Encryption algorithm
Answer: B
Q.What does “availability” mean in the context of the CIA triad?
A) Data is kept secret
B) Data is accurate and complete
C) Data and systems are accessible when needed
D) Data is encrypted
Answer: C
Q.What is the purpose of network segmentation?
A) To enlarge network size
B) To isolate different parts of a network to limit exposure
C) To slow down network traffic
D) To bypass firewalls
Answer: B
Q.Which of these describes a “Trojan horse”?
A) A worm that replicates itself
B) A malicious program disguised as legitimate software
C) A firewall rule
D) A type of encryption
Answer: B
Q.What is “insider threat”?
A) External hacker attacks only
B) Threat posed by someone within the organization with access rights
C) Malware only
D) Hardware failure
Answer: B
Q.What is “penetration testing” (pen testing)?
A) Adding more users to a system
B) Simulating attacks to evaluate the security of a system
C) Encrypting all user data
D) Removing user accounts
Answer: B
Q.Which layer of the TCP/IP model corresponds to the OSI application layer?
A) Network interface
B) Internet
C) Transport
D) Application
Answer: D
Q.What is “social engineering baiting”?
A) Using legitimate software updates
B) Leaving malware‑infected USB drives in public to trick victims
C) Encrypting backups
D) Installing firewalls
Answer: B
Q.What is “hashing”?
A) Encrypting data for confidentiality
B) Generating a fixed‑size value from data to ensure integrity
C) Monitoring user behaviour
D) A password only method
Answer: B
Q.Which of these is a valid security principle: “Open design”?
A) Security through obscurity
B) Security mechanism should be open and transparent
C) System should be hidden entirely
D) No documentations allowed
Answer: B
Q.What is the correct expansion of “LDAP”?
A) Light Weight Directory Access Protocol
B) Light Data Access Program
C) Lightweight Directory Access Provider
D) Light Designated Access Protocol
Answer: A
Q.What does HTTPS use to secure communication?
A) Plain text
B) Symmetric key only
C) SSL/TLS protocols and encryption
D) Unsecured connection
Answer: C
Q.Which of the following is used to verify the identity of a sender and guarantee message integrity?
A) VPN
B) Digital signature
C) Firewall
D) Antivirus
Answer: B
Q.What best describes a “botnet”?
A) A single computer infected by virus
B) A network of compromised devices controlled by an attacker
C) A firewall cluster
D) A backup system
Answer: B
Q.Which security framework is often associated with risk management and controls (in organisations)?
A) ITIL
B) ISO/IEC 27001
C) PDF Document
D) DHCP
Answer: B
Q.Which of these describes “social engineering pretexting”?
A) The attacker pretends to be someone else and manipulates target into giving information
B) Direct malware installation
C) Physical theft of device
D) Firewall misconfiguration
Answer: A
Q.What is the primary goal of data classification?
A) To slow network traffic
B) To label data according to its sensitivity and apply appropriate protections
C) To remove encryption
D) To restrict backups
Answer: B
Q.Which of these is not a valid type of attack?
A) Replay attack
B) Buffer overflow
C) Quantum teleportation
D) Cross‑site scripting
Answer: C
Q.Which device sits at the boundary between an internal trusted network and an untrusted external network?
A) Switch
B) Router
C) Firewall
D) Hub
Answer: C
Q.What does “patch management” refer to?
A) Managing user accounts only
B) The process of distributing and applying updates to software to fix vulnerabilities
C) Monitoring network traffic only
D) Removing all old software
Answer: B
Q.Which of these is considered “defence in depth”?
A) Using a single firewall for all security
B) Layering multiple security controls to protect systems
C) No user training
D) Disabling access logs
Answer: B
Q.What is a “honeynet”?
A) A network of honeypots designed to attract attackers for analysis
B) A type of encryption
C) A malware signature database
D) A firewall rule set
Answer: A
Q.What best describes “data exfiltration”?
A) Backing up data to the cloud
B) Unauthorized transfer of data from a system
C) Encrypting data at rest
D) Deleting logs
Answer: B
Q.Which of these is a widely accepted wireless security protocol?
A) WEP
B) WPA2
C) FTP
D) HTTP
Answer: B
Q.What is the purpose of network intrusion detection system (NIDS)?
A) To grant network access
B) To detect potential malicious traffic or anomalies on the network
C) To encrypt user files
D) To serve user requests
Answer: B
Q. Which of the following best describes “zero trust” security model?
A) Trust everything inside the perimeter
B) Never trust and always verify every access request
C) Only rely on firewall rules
D) Ignore user identity
Answer: B
Conclusion
Cyber security is no longer optional; it’s a must-have skill in our digital world. Practicing cyber security MCQ is a smart and practical way to strengthen your knowledge while preparing for exams or job interviews. These questions not only test your understanding of key concepts like malware, encryption, and network security but also help you spot areas where you need improvement. By making MCQ practice a habit, you stay aware of the latest threats, sharpen your problem-solving skills, and build confidence in handling real-world cyber challenges. Keep learning, practicing, and evolving to become a skilled cyber security professional.
