UNIT 02 - CYBER SECURITY MCQ TYPE AND EXPLANATION

1. What is the primary challenge posed by mobile and wireless devices in cybersecurity?

a) Lack of physical security

b) Increased vulnerability to malware
c) Limited battery life
d) High cost of devices

Answer: b) Increased vulnerability to malware

Explanation: Mobile and wireless devices often connect to multiple networks, making them susceptible
to malware attacks.

2. Which of the following best describes the proliferation of mobile and wireless devices?

a) A decline in the use of desktop systems

b) Increased use of devices like smartphones, tablets, and laptops
c) A shift towards wired networks
d) A reduction in internet usage

Answer: b) Increased use of devices like smartphones, tablets, and laptops

Explanation: The proliferation refers to the widespread adoption of portable and wireless technologies
in personal and organizational contexts.

3. What is a common type of credit card fraud in the mobile computing era?

a) Eavesdropping on phone calls

b) Skimming data using fake mobile apps
c) Physical theft of credit cards
d) Hacking into ATMs

Answer: b) Skimming data using fake mobile apps

Explanation: Fraudsters create fake apps or intercept data on unsecured networks to steal credit card
details.

4. What is the main security concern with mobile registry settings?

a) They can be physically accessed by anyone.

b) They store sensitive configuration data that can be altered by malware.
c) They are difficult to encrypt.
d) They are incompatible with modern operating systems.
Answer: b) They store sensitive configuration data that can be altered by malware.
Explanation: The registry contains critical settings for mobile devices, which can be exploited by
attackers to compromise the system.

5. Which technology enhances mobile device authentication?

a) Multi-factor authentication (MFA)

b) Static passwords
c) Open Wi-Fi networks
d) Single Sign-On (SSO) without encryption

Answer: a) Multi-factor authentication (MFA)

Explanation: MFA increases security by requiring multiple verification methods, such as passwords,
biometrics, or OTPs.

6. What is a common attack on mobile phones?

a) Phishing emails
b) Smishing (SMS phishing)
c) Brute-forcing encryption keys
d) Distributed Denial of Service (DDoS)

Answer: b) Smishing (SMS phishing)

Explanation: Smishing involves sending fraudulent text messages to trick users into revealing sensitive
information.

7. What is a major security implication of mobile devices for organizations?

a) Increased energy consumption

b) Difficulty in scaling business processes
c) Potential data breaches through lost or stolen devices
d) Reduction in employee productivity

Answer: c) Potential data breaches through lost or stolen devices

Explanation: Mobile devices can store sensitive organizational data, making them a risk if lost or stolen.

8. Which trend in mobility poses the greatest risk to enterprise security?

a) Cloud storage integration

b) Bring Your Own Device (BYOD) policies
c) Usage of proprietary operating systems
d) Limited Wi-Fi coverage
Answer: b) Bring Your Own Device (BYOD) policies
Explanation: BYOD increases the risk of unauthorized access, malware, and data leaks due to varied
device security standards.

9. What is a recommended organizational measure for handling mobile devices securely?

a) Allowing unregulated device use

b) Mandating regular software updates
c) Blocking all external device usage
d) Restricting internet access

Answer: b) Mandating regular software updates

Explanation: Regular updates ensure that devices have the latest security patches, reducing
vulnerabilities.

10. What is the role of security policies in mobile computing?

a) To restrict employee internet usage

b) To define acceptable usage and safeguard organizational data
c) To increase employee productivity
d) To eliminate all forms of mobility

Answer: b) To define acceptable usage and safeguard organizational data

Explanation: Security policies guide employees on secure usage practices and protect sensitive
information.

11. What does 'smishing' involve?

a) Sending malicious links via text messages

b) Infecting phones through app stores
c) Intercepting phone calls
d) Using insecure Bluetooth connections

Answer: a) Sending malicious links via text messages

Explanation: Smishing targets users through deceptive text messages to steal information or spread
malware.

12. How can organizations mitigate mobile security risks?

a) By disabling Wi-Fi connections

b) By implementing Mobile Device Management (MDM) solutions
c) By banning mobile devices in the workplace
d) By using outdated software
Answer: b) By implementing Mobile Device Management (MDM) solutions
Explanation: MDM tools allow organizations to manage and secure employee devices, ensuring
compliance with security policies.

13. What is an example of an authentication service for mobile devices?

a) Google Authenticator
b) Plain text passwords
c) Unsecured networks
d) Third-party VPNs

Answer: a) Google Authenticator

Explanation: Google Authenticator provides time-based one-time passwords for secure access.

14. Why are open Wi-Fi networks a security risk for mobile devices?

a) They are too slow for enterprise tasks.

b) They allow attackers to intercept unencrypted data.
c) They restrict access to cloud services.
d) They reduce the battery life of devices.

Answer: b) They allow attackers to intercept unencrypted data.

Explanation: Open networks are vulnerable to man-in-the-middle attacks, where attackers can
eavesdrop on communications.

15. Which of the following is a mobile device security challenge?

a) Limited processing power

b) Compatibility with legacy systems
c) Lack of centralized control over devices
d) Poor screen resolution

Answer: c) Lack of centralized control over devices

Explanation: Organizations struggle to secure mobile devices due to their portability and varied
configurations.

16. How can lost mobile devices compromise security?

a) By reducing hardware functionality

b) By exposing sensitive stored data to unauthorized access
c) By causing a drop in network speed
d) By limiting device charging
Answer: b) By exposing sensitive stored data to unauthorized access
Explanation: A lost device can be exploited to retrieve sensitive organizational or personal data.

17. What is a key advantage of using biometrics for mobile device authentication?

a) Faster internet speed

b) Unique and difficult-to-replicate access credentials
c) Reduced device cost
d) Compatibility with all legacy systems

Answer: b) Unique and difficult-to-replicate access credentials

Explanation: Biometrics provide highly secure and user-specific authentication compared to passwords.

18. Why are mobile devices prone to phishing attacks?

a) Limited storage capacity

b) Users' tendency to click on links in emails or messages
c) Poor hardware performance
d) Outdated operating systems

Answer: b) Users' tendency to click on links in emails or messages

Explanation: Mobile users often fall for phishing due to the smaller screen size and lack of vigilance.

19. What is a typical organizational security measure for mobile devices?

a) Encouraging app downloads from third-party stores

b) Enforcing strong password policies
c) Allowing unrestricted device access
d) Disabling all security features

Answer: b) Enforcing strong password policies

Explanation: Strong passwords enhance device security by preventing unauthorized access.

20. What is the main purpose of a VPN in mobile computing?

a) To monitor mobile device usage

b) To encrypt data transmitted over the network
c) To increase device speed
d) To restrict network access

Answer: b) To encrypt data transmitted over the network

Explanation: VPNs secure data by encrypting it, preventing interception during transmission.
21. What is the purpose of Mobile Device Management (MDM)?

a) To disable mobile devices remotely

b) To manage and secure organizational mobile devices
c) To limit data storage on mobile devices
d) To increase internet speed on mobile devices

Answer: b) To manage and secure organizational mobile devices

Explanation: MDM solutions allow organizations to enforce security policies, monitor device usage, and
ensure compliance.

22. What is one of the biggest security challenges posed by BYOD (Bring Your Own Device) policies?

a) Devices become too slow for work

b) Lack of consistent security measures across devices
c) Increased battery consumption
d) Employees cannot access the organization’s network

Answer: b) Lack of consistent security measures across devices

Explanation: BYOD policies introduce diverse devices, making it challenging to enforce consistent
security standards.

23. Which of the following is an example of a mobile device attack vector?

a) Secure Wi-Fi networks

b) Malicious apps downloaded from third-party stores
c) Strong encryption protocols
d) Time-based OTPs

Answer: b) Malicious apps downloaded from third-party stores

Explanation: Apps from untrusted sources can carry malware or spyware, compromising mobile security.

24. What is a registry setting in the context of mobile security?

a) A list of authorized users

b) A configuration file that stores critical settings for the device
c) A log of incoming and outgoing calls
d) A tool to increase mobile storage

Answer: b) A configuration file that stores critical settings for the device
Explanation: Registry settings contain crucial device configurations and can be targeted by malware if
not secured.
25. What is the goal of authentication services in mobile computing?

a) To encrypt files on mobile devices

b) To validate the identity of a user or device
c) To prevent app downloads
d) To reduce internet traffic

Answer: b) To validate the identity of a user or device

Explanation: Authentication services ensure that only authorized users or devices can access sensitive
resources.

26. Which of the following is a common organizational policy for mobile device security?

a) Allowing employees to use unapproved applications

b) Requiring device encryption
c) Using public Wi-Fi for official communication
d) Avoiding software updates

Answer: b) Requiring device encryption

Explanation: Encryption ensures that data on mobile devices remains secure even if the device is lost or
stolen.

27. What is the term for a fraudulent message designed to trick users into revealing personal
information?

a) Smishing
b) Encryption
c) VPN tunneling
d) Malware injection

Answer: a) Smishing
Explanation: Smishing is a phishing attack conducted via text messages to steal user information.

28. Why is mobile app security important for organizations?

a) To increase app download speed

b) To ensure apps do not compromise sensitive data
c) To limit the number of apps employees can install
d) To enforce regular app updates

Answer: b) To ensure apps do not compromise sensitive data

Explanation: Mobile apps can pose risks if they contain vulnerabilities or malware that could
compromise organizational data.
29. Which of the following is a common attack on mobile phones?

a) SIM swapping
b) Eavesdropping on fixed networks
c) Using static IP addresses
d) Blocking incoming calls

Answer: a) SIM swapping

Explanation: SIM swapping involves fraudulently transferring a victim's mobile number to another SIM
card to gain unauthorized access.

30. How can organizations enforce mobile device security policies?

a) By disabling internet access

b) By using Mobile Device Management (MDM) tools
c) By limiting device purchases
d) By allowing unrestricted app installations

Answer: b) By using Mobile Device Management (MDM) tools

Explanation: MDM tools help organizations monitor and enforce security policies across all connected
devices.

31. What is a significant risk of using unsecured public Wi-Fi networks?

a) Reduced battery performance

b) Limited data transfer
c) Man-in-the-middle attacks
d) Device overheating

Answer: c) Man-in-the-middle attacks

Explanation: Unsecured Wi-Fi networks can allow attackers to intercept and manipulate data exchanged
between users and websites.

32. Why is device encryption essential for mobile security?

a) It improves device performance.

b) It protects data in case of device theft.
c) It reduces device costs.
d) It limits app downloads.

Answer: b) It protects data in case of device theft.

Explanation: Encryption ensures that stolen devices cannot expose sensitive data without proper
decryption keys.
33. What is the primary purpose of security patches for mobile devices?

a) To enhance battery performance

b) To fix vulnerabilities and improve security
c) To improve camera quality
d) To restrict app installations

Answer: b) To fix vulnerabilities and improve security

Explanation: Security patches address bugs and vulnerabilities, reducing the risk of exploitation.

34. Which of the following is a measure to prevent credit card fraud on mobile devices?

a) Disabling mobile payments

b) Using only secure payment gateways
c) Avoiding credit card use entirely
d) Limiting internet usage

Answer: b) Using only secure payment gateways

Explanation: Secure payment gateways provide encryption and authentication, reducing the risk of
fraud.

35. Why are stolen mobile devices a security concern for organizations?

a) They reduce productivity.

b) They can contain sensitive organizational data.
c) They increase operational costs.
d) They lead to slower internet speeds.

Answer: b) They can contain sensitive organizational data.

Explanation: Stolen devices may provide access to confidential data, posing a risk to organizational
security.

36. What is the primary goal of organizational mobile security policies?

a) To limit employee device usage

b) To protect sensitive data and prevent unauthorized access
c) To improve hardware efficiency
d) To increase internet traffic

Answer: b) To protect sensitive data and prevent unauthorized access

Explanation: Security policies ensure that organizational and personal data remain protected.
37. Which of the following attacks targets mobile payment systems?

a) Phishing
b) SIM swapping
c) Malware injection in payment apps
d) Keylogging

Answer: c) Malware injection in payment apps

Explanation: Attackers inject malware into payment systems to steal financial information or manipulate
transactions.

38. How does a VPN improve mobile device security?

a) By encrypting data during transmission

b) By disabling internet access
c) By allowing multiple users to connect simultaneously
d) By restricting bandwidth usage

Answer: a) By encrypting data during transmission

Explanation: VPNs protect data from interception by encrypting it as it travels over the network.

39. What does "Bring Your Own Device (BYOD)" mean in a workplace?

a) Employees use company-provided devices only.

b) Employees use their personal devices for work-related tasks.
c) Employees use public devices in the workplace.
d) Employees share a single device for team tasks.

Answer: b) Employees use their personal devices for work-related tasks.

Explanation: BYOD policies allow employees to use personal devices, increasing flexibility but also posing
security risks.

40. Which of the following is a common mobile phishing technique?

a) Sending fraudulent SMS messages

b) Using encrypted connections
c) Requiring multi-factor authentication
d) Blocking pop-up advertisements

Answer: a) Sending fraudulent SMS messages

Explanation: Mobile phishing (smishing) involves deceptive text messages designed to steal user
information.