CYBER CRIME QUESTIONS OF IIBF EXAM (MEmoRY BaSed previous Years
Q1.what is honey pot.
Q2. What are steps involved in a Ecommerce transactions.
Q3. Difference between durability and consistency.
Q4. What is firewell.
Q5 .what is wankworm and NASA.
Q6. Eucp published in which year.
Q7.OLA is not a popular app store.
Q8.what is circumstantial evidences.
Q9.BOSS (Bharat operating system solution) was developed by which organizations -CDAC
Q10.what is malicious code writer's.
Q11.What is multilayered security
Q12. What is data.
Q13.blackmailing is an example of cyber extortion.
Q14 what is SCADA.
Q15.what is cryptolocker
Q16.smart card in metro railway stations are examples
Q17.packet filter firewall.
Q18. micro ATM.
Q19.cross site Scripting.
Q20. What is A hectivist...
Q21. Rupay card is issued in which year.
Q22. what is Trojan hourse.
Q23. What is malware.
Q.24. data backup is an example of which type of control.
Q25. what is Lebance loop modus oprendi in atm card frauds.
Q26.CCTV is an example of which control.
Q27.what is Cyber Smearing.
Q28.what is operating system Vulnerability
Q29.what is full form of CISA cyber security information sharing Act.
Q30 what is Zeus viruses.
Q31.what is hashh value and integrity.
Q32.what difference between Authorization and Authentication.
Q33. What is INFO stealer?
Q34.what is A back End Access.
Q35.what is meaning of phrase of "Ab initio Unlawfully or Unlegally.
Q36.what is security Administration and Quality Assurance.
Q37.what is CAPTCHA.
Q38.Intentionally misrepresentation of Data is called A Fraud.
Q39.What is definition of Control.
Q40.What is John Deo Order. ...
Q41.what is payment walked and digital wallet
Q42 what is Anonymous.
Q43. What is trapdoor access.
Q44.Total branch automation TMA.
Q45. .com and .org are TLD.
Q46. TCS fraud in Andhra Pradesh is an example of reasonable security practises and procedures.
Q47. The PVCL case in India refers to which Act of IT act Act_69 power to moniter, intercept or Block URL.
Q48.one question on CBS and TBA total branch Automations.
Q49. Sys admin sys user or teller all are examples of Spoofing.
Q50.what is A network Analysis.
Q51.what is vulnerability
Q52.what is DNS sinkholding.
Q53.e.Contactless smart card are example of which.
Q54 . Lebance Loop card fraud rubber band type material inside Atm Fraud.
Q55.what is Contigency planning.
Q56.what is Nigrean 419 Fraud.
Q57.Dumpster Diving.
Q58.what is difference between Steersman and script kiddle ,
Q59.Staganography.
Q60. What is SSL injections and Cross Site Scripting......
Q61. Preventive detective and compensating contol.
Q62. DRONES ARE developed by Drdo.
Q63.income tax.
Q64.Director of DRDO and it's powers.
Q65 .differencebetween Cert india and nasscom.
Q66.TSP/IP. Q67.DDos Attack.
Q68. CyberSmearing and Cyber Defamation.
Q69. Cyberwarfare and Cyber terrorism.
Q70. BECKDOOR access.
Q71.digital signature.
Q72.symmetric and AsymmetricEncryption
Q73.public and private keys.
Q74.command Injections and SQL injections.
Q75.details of Masquerding Attack.
Q76. Trapdoor access and BYOT device.
Q77.Sec.43 and Sec 46 of IT act.....
Q78.Sec. 69 B deals with......
Q79.Blue Hat hackers are a Part of testing team.
Q80.what is crypyolocker and INFO Stealer
Q81.WHAT IS zeus virus
Q82.What do you understand by Mean rea or destructive Mindset.
Q83.what is DDL DATA definition language
Q84.what is packet filteration Firewall
Q85.what do you understand by the word ANONMOUS
Q85.what is computer vandalism
Q86.WHAT IS FRONT END validation control
Q87.what is DATA
Q88.WHAT IS Locard Exchange PRINCIPLE
Q89.WHAT is penalty under SECTION 46 AND 47 of IT AMENDMENT ACT
Q90.What is xss cross site scripting
Q91.what is TCS fraud IN andhrapredseh is EXAMPLE OF
Q92.WHAT is cybersmearing
Q93.what is STEERSMAN
Q94.WHAT do you mean by ALITE HECKER
Q95.IDS is palced between internet and firewell
Q96.what is PCIDSS
Q97.WHAT is Matrix code barcoding
Q98.WHAT is software Piarcy
Q99.what is DNS SINKHOLDING
Q100.WHAT do you understand by traditional criminals
Q101.WHAT is beck end access
Q102.IN WHICH year ekyc published and its detail
Q103.BYOD DEVICE q Q104.WHAT is trapdoor
Q105.what is PURPOSE OF FIREWELL
Q106. BATCH processing is an example of oltp online transition
Precessing
Q107.WHAT IS UTM
Q108. Loss of reputation is a serous adverse effect of DDOS ATTACK
Q109.THE discussion paper held on payment and settlement system of RBI held on 2013 was main focus on ENHANCED USE OF ENTERNET BANKING AND E COMMERCE Q110.what is B2G business to government E COMMERCE TRANSCTION
Q111.boss was developed by cdac
Q112.WHAT IS STAGANOGRAPHY Q113. WHAT IS ALGORITHM
Q114.WHT IS PKI Q.115 WHAT IS HONEY POT q116. WHAT IS MICROATM
Q117.DETAILS ABOUT I4C AND CERTIN Q118.SATYAM AND SIFY CASE
Q119.PUCL CASE IS AN example of sec.69 Q120.WHAT IS VBV THESE ARE
RECOLLECTED QUESTION OF PAPER ON 15 SEPTEMBER 2018
20.10.2018 cyber crime question
1.cyber crime definition
2.3 factor pressure, opportunity, rationalisation
3.cybernetics,kybernetes,steersman,governor,cyberpunk----given 4 option
4.honey pot
5.1st worm
6.denial of service
7.buffer overflow
8.shoulder surfing
9.access control
10.script kiddles
11.john doe order
12.nigrria419
13cyber warfare
14 email spoofing
15 cyber stalking
16 domain name .in represent
17.Satyam infoway ltd vs siffynet supreme court
18 cyber warfare
19 phishing
20 zeus
21.non repudiation
22 tailgating
23.trapdoor
24.captcha.
25 .blue hat hacker
26.phreaking
27. Ethical hacking
28.anonymous
29.bar code matrix code
30.RFID
31.data manipulation and data definition language
32.symmetic encryption
33.Encryption and decryption
34.lo-card exchange principle
35.C-Dac
36.payment getway
37.payment and settlements system 2007
38 acquiring bank
39 brute force attack
40.man in the middle attack
41session hijacking
42.digital wallet
43OLTP
44 Ucpdc
45.EMV card
46.netra drdo
47CBI Specialized structure
48.electonic signature
49.DSCI set up byNASSCOM
50.US Initiative -cyber security information sharing act
51.it act andit amendment act.
52.Pki
53 .authenticity
54.maximum value that can be stored in a prepaid card 50000
55. SWIFT
By pritee Hardiha
Cyber fraud management exam recollected questions on 17.11.2018
The regulator of uav,
Netra developed by,
Script kiddies,
Ethical hacking,
Blue hat hacking,
Nigeria 419,
Social engineering,
When a NRI contacted u by phone to transfer 500000 lakh rupee to another account
in another branch. what action will be taken by you as a Branch manager.
.org,.com are Tld or Sld,
Cyber crime definition,
Cyber smearing,
Masquerading attack,
Email spoofing,
In a software application at end of page we use to see "I agree with term and
conditions". what do you mean by that.
A.p case vs Tcs case,
Eucp started in which year- Approved in 2001& effective from 2002
Steps involved in online transfer processing.
Where scada is used.
Anonymous definition,
Tail gating,
Tress passing,
Harrasing a lady over mail comes under which crime,
Cyber warfare,
Definition of Durability,
Odd man out of the given below which is not an app
1.ola 2.google store.3.black berry.4.apple
Locard principle,
Malicious code writers,
By rama
Cyber crime definition
3 factors induce to commit fraud
Internet of things
Wank worm first hacktivist attack
Stuxnet
Script kiddies
Spoofing
CcTLD
Ransomware
SCADA
Vishing
Authorisation authentication difference
BYOD
authentication tech for e mail
Digital signature
Internet addiction disorder
CAPTCHA
blue hat hacker
2D bar coding known as matrix code
DML
Prevention control
Detection control
Digital footprints
Brute force attack
Payment wallets
SWIFT
prepaid cards
Shoulder surfing
PCIDSS
TCS vs state of AP case
IPC forgery of electronic records
3 domain servers of security initiative
Compulsive disorders
Stylometry
Jilani working group
FSDC
to combat computer related crimes, CBI has following specialized
structure
CBI Interpol
Cyber crime and fraud management recollected on 28.12.2019
Recollected questions:
Cyber crimes are handled by which organization in india
Type 1 crime
Preventive control
Detective control
Deterrent control
Logical control
Sections and their fine with imprisonment in years
Committes of it security ,it governance, it controls
Netra by which organisation
Fast flux
Stux net
Phising
Shoulder surfing
Digital signature
Oldest agency in india
Few questions on cert in
Passive attack
Active attack
Direct attack
In direct attack
Logic bomb
Zeus
India own operating system boss in under whom
Confidentiality
Availability
Integrity
Conventional crime
Cyber crime
Same features of conv and cyber crime
Tailgating
imp topics are
1differences between viruses and worm
2 it act
3 different types of cyber crimes
4 various types of cards
5 gate way payment
6 prevention and detection control
7 pss act
8 2 tier authentication
9 passive and active attacks
mostly questions from 2 and 3 and 4...units
Cyber terrorism
1. Who Coordinates with Interpol in India ? - CBI
2. Which department was designated as Nodal Agency for Cyber Crime prevention -
CERT-IN
3. What is the difference between Virus and Worm - Virus need human intervention
to activate or multiply whereas worm automatically get multiplied
4. Worms are mainly used by hackers to - Occupy more space in the system/heavy
usage of bandwidth in the network
5. One of the employee carefully watching the password entered by the Manager.
What type of threat it is - Shoulder Surfing
6. Leaving a Logged in Computer by an employee - is human negligence
7. Hackers scans the computer pre attack to identify - Vulnerability in the system
8. Hackers inject worms/virus into the network to reach the target system and it -
exploits the Vulnerability
9. Non updation of antivirus is - one of the major vunerability
10. One customer recieved a call in his mobile phone and the person posing himself
as a bank manager collected the card credentials from him.This type is called -
Phising
11. Online Banking sites are borne to what risk - Phising/IP spoofing
12. Data transfer between systems vide Network can be secured by - PKI
13. Customers can make sure that they deal with the authenticated website - by
checking the Lock icon near the address bar
14.In https, S denotes - Secured/Security
15.This kind of worms directly attacks the root directory - Rootkits
16. This worms are really hard to detuct and delete - Rootkits
17. The compromised systems in the network are commonly termes as - Zombies
18. Customer security credentials were compromised by way of fraudulent SMS is
called - smishing
19. The employees who try to hack their own company's site/find the vulnerabilities
are called - White hat hackers
20.DDos - Distributed Denial of Service
21.Ransomware which blocks the access to the website demanding ransom for the
same is - Denial of Service attack
22. Using same method for both encryption and decryption is called - symmetric
encryption
23. Providing Last Login detail in Internet banking site is to - to detect any
unauthorised usage earlier
24.Limits for retrying the passwords is - to avoid the unauthorised access
25. To safeguard from the Key Loggers attack - Use Virtual Key board to enter
passwords
26.UTM stands for - Unified Threat Management
27.Setting up smoke detectors in the branch is - Detective Method
28.Placing Security guard in system room to avoid - Physical damage/attack on
systems
29. Following the authorised person to enter into system room and making entry into
the room is - Tailgatting
30.Dumbster Driving is a method - Searching for vulnerability in deleted files and
data
31.FIrewall is - Intrusion Detection System
32.Authentication of electronic data/document can be assertained by - Digital
Signature
33. When two or more persons illegally tries to enter into a critical room with single
id/same id - Masquerading
34.Detection is normally - Post incedent
35. Post incident study mainly for the purpose of - study the impact of the attack and
lessons for future prevention
36. Indian Agency working on Digital Forensics and Cyber security - C-DAC
37. OLTP refers to - On line Transaction Processing
38. OLTP is also termed as - Payment Gateway
39. Payment Gateway the Acquiring Bank to - Issuing bank through the Card Scheme
to complete the transaction
40.Security Concerns arise in Payment Gateways are - At the User Level, Bank level
and Merchant POS
41. Credit Card data theft through POS is falls under - Merchant PoS Security
42.Data encrypted using Private key can be decrypted by the public key available
with - the Receiver
43. Cross verifying the Signature on the Slip against the Signature in the back side of
the ATM card is doen by - the Merchant
44.Data should be secured in the following stages - Saved, Transit and Retrival
45.Intruder software in a network which attacks the data while in trnasit and thus
commits data theft - Man in the Middle Attack
46. Captures a widows sessio for the purpose of data theft before it reaches the
recipient is - Session Hijacking
47. Limits set for retrying of password is to avoid - Brute Force attack
48. ISSP stands for - Information System Security Policy
49.ICANN stands for - International Corporation for Assigned Names and Numbers
50.TLD stands for - Top Level Domain
51.Globally recognized set of rules defined for electronic records is - e-UCP
52.Technique used to redirect traffic from the infected device is called - Sinkholding
53. The technique which can intercept unencrypted data transit of mobile apps is
called - Wi FI Snifing
54. This is one type of malware which doesnot affect the system/network - Ad-ware
55. This usually comes as a Pop up/add on screen which carries link for dubious
websites - Ad-ware
56.EMV cards follow standard of - ISO/IEC No 7816
57. EMV cards follow this standard for Contactless card - ISO/IEC 14443
58. NFC is the technique used in contactless cards - Near Field Communication
59.PCI - DSS stands for - Plastic Card Industries - Data Security Standards
60. NFC cards works under - RFID Technology
61. Providing Access controls to employess based on roles/need is - Risk based
Authentication
62. Seeking PIN to complete a transaction in PoS is - 2FA
63.SSL - Secure Socket Layering
64.SSL ensures - Encrypted link between a web server and a browser
65. Sending annoying messages to a person causing irritation/nuisance - Cyber
Stalking
66. Black mailing a person using Computer/or network is - Cyber Extortion
67. Ransomware is type of - Cyber Extortion
68. Disputes on Domain names and protest are redressed globally by - UDRP
69. Phising/Vishing is type of - Cyber Cheating
70. Group of people attacks a Computer/ group of computers for propagating a
objective - Cyber Terrorists
71. Hackers with common interest attack rival government's department site and
database are - Cyber terrorists
72. ____ refers to the quality of secrecy associated with the data and the state of
keeping an information asset secret - Confidentiality
73.____ refers to the state of remaining in the same format and not allowing for any
tampering/manipulation - Integrity
74. ____ refers to the state o confirmation that the user has the authority to issue the
command to the system - Authorisation
75. Quality of non denial, the stake holders are not permitted to denythe particular act
of doing the act is - Non-repudiation
76. CAPTCHA refers to - Completely Automated Public Turing test to Tell
Computers and Humans Apart
77. Placing letters in different sizes and styles which is hard to read by systems/robots
is called - CAPTCHA
78. _______ is an important component for study and analysis to under the modus
operandi of a Cyber Attack - Threat Vector
79. In cyber Crime, Threat landscape is denoted as - Study of entire overview of the
network which was attacked
80. Conventional Crimes are - Physical crimes that involve thet of systems and
hardware devices
81.Cyber Crimes are - System Crimes that involves data theft or tampering
82.Insider Attack Threat is - attack on the system/network by own employee without
any permission/authentication
83.______ is the most dangerous attack in cyber crimes - Insider Attack
84. An employee copied and sold the sensitive information to a competitor concern is
an example of - Insider Attack
85. Hackers scan the port/system and develop worm or codes to attack the same based
on this - Vulnerability
86. ____ does not wait for any executable file to run for getting activated in the target
system - Worm
87.____ refers to small piece of programs injected into the target system to spy on the
activities - Spyware
88. Drones are classified as - Spying Devices
89. UAV stands for - Unmanned Aerial Vehicle
90. Most of the UAV used by the polic/defence authorities for - Survelliance
purposes
91.The persons who are hired by companies to hack their own website/to identify the
Vulnerability are - Blue Hat Hackers
92. System of effectively taking care of URL filterig, web-filtering, anti-virus, as all
in one solution is referred as - Unified Threat Management
93. Force Log out option in Internet banking after certain time of Idleness is to guard
the system against - Session Hijacking
94. Installing anti virus into the system is - Preventive Method
95.A statement used to create, alter, drop objects in a database is called - Data
Definition Language
96. Fault Detection, isolation and recovery are closely associated wiht - Detection
Control
97. Installing Bio Metric devices to check unauthorised entry is - Physical Control
98. Unless properly logged, straightaway accessing the database through a SQL is
termed as - Back end Access
99.IT Act 2008 describes the activity of hacking as a criminal activity in section no
66
100. IT Act 2000 came in force on - 17 October 2000
101. IT Amendment Act came into force on - 27 October 2009
101. IT Act consists of - 13 Chapters and 90 Sections
102. The Section which deals with cyber crimes as civil offence - Section 43
103. The Section deals with cyber crimes as Criminal Offences - Section 66
104. IT Amendment Act included the following which is not in the IT Act 2000 -
Electronic Signature
105. Electronic Signature has been dealt in - Section 15
106. Under Section 43A, if any body corporate handling any sensitive personal data is
negligent in implementing and maintaining reasonable security the compensation may go upto - five crore rupees
107. Under Section 43, if one found guilty on Data theft/alters/destroys the same the
penalty/compensation may go upto - One Crore rupees
108. Tampering with Computer Source Documents - Section 65
109. Punishment under Section 65 may go upto - Three years imprisonment and
extend upto Two Lakhs Fine
110. Computer Related offences which were dealt under section 43 can also be dealt
as criminal offence under section - 66
111. Punishment under Section 66 may go upto - two three years and/or fine upto five
lakhs rupees
112. Crime of Cyber Stalking ( sending electronic messages for the purpose of
causing annoyance/inconvenience/decieve/mislead the recipient) may lead to - two
three years imprisonment
113. Identity Theft is dealt under Section - 66c
114. Punishment of Identity Theft - may extend to three years term and/or fine upto
One lakhs rupees
115. Puishment for Cyber Cheating - may extend to three years term and/or fine upto
One lakhs rupees
116. Cyber Cheating is dealt under - Section 66D
117. Punishment for Cyber Terrorism may extend upto - Life time Imprisonment
118. Cyber Terrorism is dealt under - Section 66F
119. Publishing obscene material in electronic form dealt under - Section 67
120. Punishment under Section 67 may extend upto - two three years term and/or five lakhs fine
121. Punishment for Sudsequent conviction of the same crime under section 67 is - 5
years term and/or ten lakhs rupees fine
122. Sexually explicit content in electronic form dealt under - Section 67A
123. Punishment under Section 67A is - Five years term with fine
124.Punishment for Sudsequent conviction of the same crime under section 67A is – 7 years term and/or ten lakhs rupees fine
125. CERT-IN has been designated as Nodal agency for Critical Information
Infrastructure Protection under Section - 70B
126. Mispresentation/Suppression of material Fact dealt under - Section 71
127. Penalty under Section 71 - Two years term and/or fine upto One lakh rupees
128. Breach of confidentiality and Privacy dealt under Section - 72
129. Analysing the style of writing or the langauage style for the purpose of Crime
Investigation is - Stylometry
130. RBI issues licenses for Payment Banks in India based on approval from - BPSS
131. NTRO stands for - National Technical Research Organisation
132. Netra, the light weight UAV was developed by - DRDO
133.NCIIPC stands for - National Critical Information Infrastructure Protection
Centre
134. DSCI - Data Security Council of India, established by NASSCOM
135. Digital Forensic tools used by our Police Department were developed by - CDAC
136. C-DAC stands for - Centre for Development of Advanced Computing
137. NTRO works under - Prime Minister's Office
138. Two acts which are mainly handled by ED - FEMA and PMLA
139. Money laundering using banking systems/Internet banking is – Conventional Crime
140. Obtaining an IP address similar to some other and demanding a ransom for
forego the same is - Cyber Squatting
141. Data Protection while in transit using non repudiation techniques can be
achieved through - Public Key Infrastructure
142. Card Skimming is a technique mostly used th steal the card details and it mostly
placed on - ATM manchines
143. Card Skimming Data Theft can be avoided using - Contactless Cards/NFC Cards
144. To avoid the Card Credentials in Online sites these cards were introduced -
Virtual Cards durability and consistency.
145. Smart Cards which are loaded with Money prior to issue is called - Prepaid
Cards
146. Virtual Cards normally comes with a validity of - 24 hours to 48 hours
147. Maximum loading permitted in a Prepaid as per RBI instruction is - 50000/-
148. Hackers try to capture the login credentials by analysing the keys pressed in the
Key boards. the worms captures such data is called as - Key Loggers
149. By clicking unauthenticated link, customers may diverted to fake websites to
capture the sensitive personal. This is type of - Website spoofing/IP Spoofing
150. Ad wares are used not to harm the computers but to - make a catch by making
the user to click on the dubious link to fake websites
Q4. What is firewell.
Q5 .what is wankworm and NASA.
Q6. Eucp published in which year.
Q7.OLA is not a popularapp store.
Q8.what is circumstantial evidences
26-12-2021 Vishal
Mens Rea
FastFlux
Stuxnet
Wank Worm
ISO 27001
Digital Signature issued by
ITAA Sec 43
ITAA Sec 66
ITAA Sec 70
ITAA Sec 71
Masquarding
Tailgating
Blue Hat Hacker
White Hat Hacker
Script Kiddies
DDL
DML
Schema
