Multiple Choice
Identify the
choice that best completes the statement or answers the question.
|
|
|
1.
|
(1 point) A school network uses one computer to automatically assign IP addresses to
student laptops. What type of computing device is this most likely acting as?
a. | Embedded
computer | c. | Handheld
computer | b. | Server computer | d. | Personal computer |
|
|
|
2.
|
(1 point) Which service is MOST likely provided by a server computer in an enterprise
network?
a. | DNS name resolution for
clients | b. | Heart-rate tracking on a smart watch | c. | Temperature control inside a coffee
maker | d. | Touchscreen input for a tablet |
|
|
|
3.
|
(1 point) A company moves its file storage to a machine with extra storage and
processing power so many employees can access shared files. Which device type best fits this
role?
a. | Gaming console
only | c. | Embedded
computer | b. | Server computer | d. | Handheld computer |
|
|
|
4.
|
(1 point) Which statement best describes why enterprise servers often differ from a
typical home computer?
a. | They usually have more processing
power and storage to support many users and services | b. | They always run on battery power to stay
portable | c. | They have minimal storage and run a single instruction
set | d. | They are designed for only one user at a
time |
|
|
|
5.
|
(1 point) A student writes: “Any computer can be a
server.†Which example best supports this statement?
a. | A smart thermostat controlling home
temperature | b. | A circuit breaker controller in a substation | c. | A desktop computer running a small web server for a club
website | d. | A smart watch counting steps |
|
|
|
6.
|
(1 point) Which device is the BEST example of a personal computer?
a. | IV pump delivering
medication | b. | Smart watch tracking heart rate | c. | Laptop used for word processing and web
browsing | d. | Smart thermostat controlling
HVAC |
|
|
|
7.
|
(1 point) A student edits videos and designs graphics on a desktop at home. Which type
of device is this?
a. | Server
computer | c. | Personal
computer | b. | Embedded computer | d. | Network switch |
|
|
|
8.
|
(1 point) Which task is MOST commonly associated with personal
computers?
a. | Operating circuit breakers at a
substation | b. | Media production and viewing | c. | Controlling insulin
delivery | d. | Running fixed instructions inside a washing
machine |
|
|
|
9.
|
(1 point) A company gives each employee a notebook computer for individual work tasks
like email and spreadsheets. These devices are best categorized as:
a. | Servers
only | c. | Personal
computers | b. | Embedded computers | d. | Programmable logic controllers |
|
|
|
10.
|
(1 point) In a risk log, you list “personal computer used by one
employee for web browsing.†Which description is MOST accurate for documenting the
device type?
a. | A battery-powered device with a
small form factor, like a phone | b. | A device whose main job is to provide services like DNS or
DHCP | c. | A device designed for one person for work or recreation, such as a desktop or
laptop | d. | A device with minimal storage that runs a single instruction
set |
|
|
|
11.
|
(1 point) Which device is the BEST example of a handheld computer?
a. | Water treatment pump
controller | c. | Rack-mounted DNS
server | b. | Smartphone | d. | Desktop workstation |
|
|
|
12.
|
(1 point) A device has a small form factor, runs on battery power, and has less storage
than a laptop. What type of computing device is it most likely?
a. | Server
computer | c. | Handheld
computer | b. | Firewall appliance | d. | Embedded computer |
|
|
|
13.
|
(1 point) Wearable technology like a smart watch is typically categorized as which
device type?
a. | Handheld
computer | c. | Embedded
computer | b. | Server computer | d. | Mainframe computer |
|
|
|
14.
|
(1 point) Why might handheld computers be at higher risk of loss or theft than desktop
computers?
a. | They are stored in locked server
racks | b. | They require three-phase power supplies | c. | They are portable and designed for
mobility | d. | They are fixed inside machines and hard to
remove |
|
|
|
15.
|
(1 point) A risk entry says: “Mobile device used offsite;
battery-powered; limited storage.†Which device category should you
document?
a. | Server
computer | b. | Handheld computer (mobile information
appliance) | c. | Embedded computer | d. | Personal computer only |
|
|
|
16.
|
(1 point) A smart thermostat has a micro-computer that controls temperature and connects
to Wi‑Fi. What type of computing device is it?
a. | Embedded computer (IoT
device) | c. | Server
computer | b. | Handheld computer | d. | Personal computer |
|
|
|
17.
|
(1 point) Which characteristic best distinguishes embedded computers from
general-purpose computers?
a. | They are primarily designed for
media production | b. | They always have more storage than laptops | c. | They use specific instruction sets to interface with
specialized machine components | d. | They must run desktop operating
systems |
|
|
|
18.
|
(1 point) A hospital uses an IV pump that contains a micro-computer to control
medication flow. This is an example of a(n):
a. | Embedded
computer | c. | Handheld
computer | b. | Network server | d. | Personal computer |
|
|
|
19.
|
(1 point) Why are embedded computers often slower and cheaper than other computing
devices?
a. | They require high-end graphics
processors | b. | They must support thousands of users at once | c. | They are built for specific tasks and typically have
minimal storage and simpler hardware | d. | They include large SSD arrays by
default |
|
|
|
20.
|
(1 point) A controller that operates circuit breakers at an electrical substation is
best categorized as:
a. | Personal computer used by one
user | b. | Server computer providing DHCP | c. | Handheld computer used for
mobility | d. | Embedded computer used in critical
infrastructure |
|
|
|
21.
|
(1 point) In a security report, you describe “coffee maker with a
micro-computer and Wi‑Fi.†Which wording most accurately
documents the device type?
a. | A server computer; provides services
like DNS | b. | A personal computer; designed for one person’s work
tasks | c. | A handheld computer; a portable information
appliance | d. | An embedded computer; an everyday IoT device with a specialized
function |
|
|
|
22.
|
(1 point) A device’s main job is to provide FTP file transfer
services to many clients. Which device category best matches?
a. | Handheld
computer | c. | Personal
computer | b. | Server computer | d. | Embedded computer |
|
|
|
23.
|
(1 point) Which pair of devices are BOTH typically handheld
computers?
a. | Desktop and DNS
server | b. | Smart thermostat and washing machine
controller | c. | Tablet and smartphone | d. | IV pump and circuit breaker
controller |
|
|
|
24.
|
(1 point) A notebook computer used by one employee to create documents is best described
as a:
a. | Server
computer | c. | Network
sensor | b. | Personal computer | d. | Embedded computer |
|
|
|
25.
|
(1 point) An employee downloads a "Quarterly_Bonus.xlsx.exe" file and
double-clicks it. Right after opening it, the computer starts deleting files and spreading copies of
the same file to shared folders. What type of malware is MOST likely involved?
a. | Logic
bomb | c. | Worm | b. | Rootkit | d. | Virus |
|
|
|
26.
|
(1 point) A student opens an email attachment labeled "ClassRoster.pdf". After
the file is opened, a malicious program begins running and modifies other files on the laptop. Which
type of malware best matches this behavior?
a. | Ransomware | c. | Spyware | b. | Fileless malware | d. | Virus |
|
|
|
27.
|
(1 point) A help desk report says the malware did not run until the user executed the
downloaded installer. Which malware type is most consistent with requiring user execution to
activate?
a. | Rootkit | c. | Worm | b. | Virus | d. | Hardware keylogger |
|
|
|
28.
|
(1 point) A company notices dozens of computers becoming infected within minutes, even
on machines where no one opened any suspicious files. The malware spreads automatically through the
network. What type of malware is MOST likely?
a. | Worm | c. | Virus | b. | Logic bomb | d. | Trojan |
|
|
|
29.
|
(1 point) A security analyst finds that the malware copied itself to other hosts using a
network vulnerability, without requiring a user to click anything. Which malware type best fits this
description?
a. | Spyware | c. | Ransomware | b. | Worm | d. | Keylogger |
|
|
|
30.
|
(1 point) Log note: "Infection spread to new computers with no user action."
What malware type should be documented?
a. | Rootkit | c. | Worm | b. | Trojan | d. | Virus |
|
|
|
31.
|
(1 point) A "free" game mod installs normally, but it secretly opens a
backdoor that lets an attacker control the computer from far away. What type of malware is MOST
likely?
a. | Ransomware | c. | Remote access trojan (RAT) | b. | Worm | d. | Logic bomb |
|
|
|
32.
|
(1 point) A fake antivirus program looks harmless and claims to speed up the PC, but it
was hiding malicious code inside the installer. What type of malware is MOST
likely?
a. | Trojan | c. | Rootkit | b. | Virus | d. | Worm |
|
|
|
33.
|
(1 point) A user installs a "printer driver" from an untrusted site. The
software works, but it also secretly sends commands to a remote attacker who can browse files and run
programs. Which malware type best matches this?
a. | Ransomware | c. | Remote access trojan (RAT) | b. | Spyware | d. | Hardware keylogger |
|
|
|
34.
|
(1 point) Incident summary: "Malware was hidden inside software that appeared
harmless." Which type should be recorded in the report?
a. | Trojan | c. | Logic bomb | b. | Fileless malware | d. | Worm |
|
|
|
35.
|
(1 point) A computer suddenly shows a message: "Your files have been encrypted. Pay
within 72 hours to get the decryption key." What type of malware is MOST likely
involved?
a. | Trojan | c. | Spyware | b. | Ransomware | d. | Rootkit |
|
|
|
36.
|
(1 point) A hospital workstation cannot open patient records, and file names now end in
".locked". The screen demands payment to restore access. What malware type best
fits?
a. | Logic
bomb | c. | Keylogger | b. | Ransomware | d. | Worm |
|
|
|
37.
|
(1 point) Which malware type is most strongly associated with encrypting files to deny
access until payment is made?
a. | Spyware | c. | Virus | b. | Ransomware | d. | Trojan |
|
|
|
38.
|
(1 point) A browser toolbar was installed without permission. After that, the computer
began tracking websites visited and sending the browsing history to an unknown server. What type of
malware is MOST likely?
a. | Spyware | c. | Worm | b. | Logic bomb | d. | Ransomware |
|
|
|
39.
|
(1 point) A student’s laptop starts showing targeted ads, and
security tools reveal a program collecting user activity and reporting it back to an attacker. Which
malware type best matches?
a. | Virus | c. | Spyware | b. | Hardware keylogger | d. | Rootkit |
|
|
|
40.
|
(1 point) Report entry: "Software monitored user actions and sent the information
to the adversary." Which malware type should be documented?
a. | Worm | c. | Trojan | b. | Spyware | d. | Ransomware |
|
|
|
41.
|
(1 point) After an incident, an organization finds stolen usernames and passwords.
Investigation shows a program recorded every keystroke and sent the logs to an attacker. What type of
malware is MOST likely?
a. | Rootkit | c. | Spyware | b. | Ransomware | d. | Keylogger |
|
|
|
42.
|
(1 point) A small device was discovered plugged between the keyboard cable and the
desktop computer. It captured typed data over time. What type of malware/tool is
this?
a. | Logic
bomb | c. | Virus | b. | Worm | d. | Hardware
keylogger |
|
|
|
43.
|
(1 point) Which type of malware is specifically designed to record what a user types to
capture credentials?
a. | Keylogger | c. | Ransomware | b. | Worm | d. | Trojan |
|
|
|
44.
|
(1 point) A contractor wrote code that deletes key files only on the first day after
they are fired. The damage occurs only when that condition is met. What type of malware is MOST
likely?
a. | Ransomware | c. | Worm | b. | Logic bomb | d. | Spyware |
|
|
|
45.
|
(1 point) A malicious program stays inactive for months and triggers when the system
date reaches July 1, causing services to stop. Which malware type best matches this
behavior?
a. | Trojan | c. | Logic bomb | b. | Rootkit | d. | Virus |
|
|
|
46.
|
(1 point) Documentation note: "Attack triggered only after specific conditions
(time/date) were met." Which malware type is this?
a. | Spyware | c. | Logic bomb | b. | Worm | d. | Ransomware |
|
|
|
47.
|
(1 point) An attacker gains deep control of a device’s operating
system and hides malicious processes so security tools cannot see them. Which malware type is MOST
likely?
a. | Virus | c. | Rootkit | b. | Ransomware | d. | Worm |
|
|
|
48.
|
(1 point) A security team notices system settings being changed, but scans keep coming
back clean. They later learn malware was designed to be invisible and control the OS. What type of
malware best fits?
a. | Logic
bomb | c. | Rootkit | b. | Spyware | d. | Trojan |
|
|
|
49.
|
(1 point) A school laptop has not installed operating system updates for a year. An
attacker finds a published exploit for that OS version and uses it to turn on the webcam without
permission. Which vulnerability is the attacker exploiting?
a. | Strong MFA on the user
account | b. | A locked BIOS/UEFI password | c. | Unpatched software with known
vulnerabilities | d. | A properly configured firewall blocking inbound
traffic |
|
|
|
50.
|
(1 point) A company’s file server crashes repeatedly after an
attacker sends a crafted request that targets a known bug in the server software. Which explanation
best fits how the attacker caused the disruption?
a. | They relied on anti-malware software
to delete the server’s files | b. | They used an exploit for an unpatched software
vulnerability to crash the system | c. | They used BIOS recovery mode to change user
profiles | d. | They guessed the administrator password using social
engineering |
|
|
|
51.
|
(1 point) A help desk report shows an attacker remotely executed commands on a
workstation after exploiting an older browser plugin vulnerability. What is the most likely impact of
leaving the plugin unpatched?
a. | The device becomes immune to malware
from external drives | b. | An attacker can take control and issue commands to steal or destroy
data | c. | The firewall updates itself even if
misconfigured | d. | Open ports automatically close on the
device |
|
|
|
52.
|
(1 point) A risk log notes: "Legacy OS not patched; published exploit could allow
remote command execution." Which impact should be documented as most
plausible?
a. | Automatic encryption of all device
files | b. | Loss of data confidentiality and potential device
control | c. | Guaranteed prevention of all social engineering
attacks | d. | Elimination of all open network
ports |
|
|
|
53.
|
(1 point) An employee uses the password "Welcome123" for multiple accounts. An
attacker tries common passwords and successfully logs in. Which vulnerability did the attacker
exploit?
a. | A patched operating
system | b. | Weak authentication requirements that allow password
guessing | c. | A BIOS password that blocks recovery mode | d. | A disabled autorun
setting |
|
|
|
54.
|
(1 point) A student gets a call from someone claiming to be IT support and asks for
their login to "fix Wi‑Fi." The student shares it, and the attacker logs
in. Which best explains how the attacker gained access?
a. | Social engineering to obtain a
password | b. | A firewall rule that allowed only HTTPS | c. | A rootkit installed through
autorun | d. | A BIOS password preventing boot
changes |
|
|
|
55.
|
(1 point) A small business has no MFA and allows short passwords. Which outcome best
explains the risk of this configuration?
a. | All open ports are automatically
blocked | b. | Attackers can guess or steal passwords and access the device or
data | c. | Attackers cannot exploit software bugs without physical
access | d. | Anti-malware will prevent any unauthorized
login |
|
|
|
56.
|
(1 point) A risk assessment states: "No MFA; simple passwords; users frequently
fall for phishing." Which impact is most likely if exploited?
a. | Unauthorized access that can lead to
data theft or service disruption | b. | Reduced need for software updates | c. | Guaranteed device encryption that stops all
attacks | d. | Automatic closing of all device
ports |
|
|
|
57.
|
(1 point) A laptop has no BIOS/UEFI password. An attacker steals it and boots into
recovery mode to reset the local admin password. Which vulnerability enabled
this?
a. | A stateful firewall blocking inbound
traffic | b. | Disabled USB ports preventing external
access | c. | Missing BIOS/UEFI protection allowing elevated access via recovery
mode | d. | Fully patched operating system |
|
|
|
58.
|
(1 point) A lab desktop has no BIOS password and allows booting from USB. An attacker
boots a custom OS from a flash drive and copies files from the internal drive. How did the attacker
bypass normal login protections?
a. | By enabling WPA3 on the wireless
network | b. | By using MAC address spoofing on the network | c. | By booting an external OS using unprotected BIOS/UEFI
settings | d. | By encrypting the files with
ransomware |
|
|
|
59.
|
(1 point) Which weakness best explains why a thief could load their own operating system
and create a new user account on a stolen device?
a. | The device had updated antivirus
signatures | b. | The firewall blocked all inbound traffic | c. | No BIOS/UEFI password and boot settings allow external
boot | d. | The device used strong wireless
encryption |
|
|
|
60.
|
(1 point) An organization documents: "Workstations can boot from external media;
BIOS password not set." Which impact should be recorded as most likely?
a. | Attackers cannot access the device
without knowing the Wi‑Fi SSID | b. | Attackers could alter user accounts or steal data by
booting into recovery/external OS | c. | Attackers can only cause jamming attacks | d. | Attackers are prevented from copying any
files |
|
|
|
61.
|
(1 point) A user plugs in a USB drive they found in a parking lot. Malware runs
automatically and installs a backdoor. Which setting made the device more
vulnerable?
a. | Firewall configured to block unused
ports | b. | Autorun enabled for external drives | c. | Operating system fully
patched | d. | BIOS/UEFI password set |
|
|
|
62.
|
(1 point) A company disables autorun on endpoints. Which risk does this control most
directly reduce?
a. | Malware executing automatically when
an external drive is inserted | b. | An access point advertising its SSID | c. | Password guessing through brute
force | d. | A firewall dropping outbound DNS
traffic |
|
|
|
63.
|
(1 point) An attacker leaves infected flash drives in a lobby hoping employees plug them
in. This works best when which vulnerability exists?
a. | Devices automatically run code from
inserted drives | b. | Devices require WPA3 for Wi‑Fi
connections | c. | Devices have strict BIOS boot restrictions | d. | Devices have anti-malware installed and
updated |
|
|
|
64.
|
(1 point) Risk note: "Autorun enabled; removable media frequently used." What
impact is most plausible?
a. | Elimination of open ports on the
device | b. | Automatic patching of all software | c. | Rapid malware installation leading to data theft or device
control | d. | Guaranteed prevention of social
engineering |
|
|
|
65.
|
(1 point) A home PC has Remote Desktop open to the internet. An attacker scans for that
port and tries to connect. Which device vulnerability is being exploited?
a. | A locked screen after
inactivity | b. | Open ports that allow external connections | c. | Disabled wireless beacon
frames | d. | A UPS providing backup power |
|
|
|
66.
|
(1 point) A security scan finds an unused service listening on port 21 (FTP) on a
workstation. Why is this a risk?
a. | Open ports prevent malware from
installing | b. | Open ports automatically encrypt data | c. | Attackers can leverage open ports to connect and attempt
compromise | d. | Open ports are only a risk on wireless
networks |
|
|
|
67.
|
(1 point) An attacker connects to a device through an exposed service and then attempts
to install malware. Which step made the initial access possible?
a. | A BIOS password preventing USB
boot | b. | Anti-malware signatures updated hourly | c. | A firewall blocking all inbound
traffic | d. | A reachable open port/service on the
device |
|
|
|
68.
|
(1 point) A risk log states: "Multiple unnecessary services listening; no port
hardening." Which impact should be documented?
a. | Higher likelihood of unauthorized
access through exposed services | b. | Guaranteed protection from exploits | c. | Elimination of device
vulnerabilities | d. | Lower likelihood of password theft by
phishing |
|
|
|
69.
|
(1 point) A small office disables the host firewall on all computers. Soon after, a
computer is compromised by malicious traffic from the internet. Why did disabling the firewall
increase risk?
a. | The device could not filter out
malicious inbound data | b. | The device automatically patched itself less
often | c. | The Wi‑Fi encryption changed to
WPA3 | d. | The device’s BIOS password was
removed |
|
|
|
70.
|
(1 point) A firewall rule accidentally allows all inbound traffic to a workstation. An
attacker sends crafted packets that disrupt services. Which best explains the role of the
misconfigured firewall?
a. | It forced the device to boot from
USB | b. | It failed to block malicious traffic that should have been
denied | c. | It prevented the device from receiving
updates | d. | It disabled anti-malware
scanning |
|
|
|
71.
|
(1 point) Which situation best shows how a firewall helps prevent device
disruption?
a. | Disabling BIOS/UEFI passwords for
easier repairs | b. | Blocking known-bad inbound traffic before it reaches the
device | c. | Enabling autorun for faster USB installs | d. | Making passwords shorter so users remember
them |
|
|
|
72.
|
(1 point) Assessment note: "Host firewall off; device exposed directly to
internet." What impact is most likely if exploited?
a. | Device disruption or compromise via
malicious network traffic | b. | Prevention of malware installation from USB
drives | c. | Automatic detection of all attacks without
logs | d. | Reduced likelihood of password
guessing |
|