HomeSubjectsUniversityBlogAbout

Cyber Security

Concepts-heavy section with high retention if you memorize the core pairs.

3,360+ MCQs16 topicsWeightage: 5%3 difficulty levels
Start Practice QuizBrowse 16 topics

Overview

Cyber Security on NSCT is primarily a vocabulary and scenario-recognition section. Expect questions on symmetric vs asymmetric encryption, hashing vs encryption, common attacks (SQL injection, XSS, CSRF, MITM, phishing), the OWASP Top 10 at a recognition level, firewall and VPN basics, and a light touch on incident response and digital forensics. The NSCT does not expect you to write exploits — it expects you to name the attack you are looking at.

Why This Subject Matters

Cyber security is the fastest-growing hiring category in Pakistan's IT sector, and even non-security roles now expect a working vocabulary. A strong NSCT score signals you can read a security review without needing every term defined.

Topics in Cyber Security

Foundations

The CIA triad, threat models, symmetric/asymmetric encryption, hashing, and digital signatures.

Introduction to Cyber SecuritySecurity FundamentalsCryptography

Domain-specific security

Network defences, OS hardening, web application security (OWASP), wireless/mobile threats, and cloud shared-responsibility models.

Network SecurityOS SecurityWeb SecurityWireless & Mobile SecurityCloud Security

Attacks, response, and governance

Attack recognition, incident response stages, forensics basics, monitoring (SIEM vocabulary), and the legal/ethical layer.

Malware & AttacksAuthentication & Access ControlSecure Software DevelopmentDigital ForensicsIncident ResponseSecurity MonitoringCyber Laws & EthicsEmerging Trends

How to Study This Subject

Make a 20-pair flashcard set of must-know concept pairs (symmetric/asymmetric, confidentiality/integrity, authentication/authorization, vulnerability/threat/risk, encryption/hashing/encoding). Memorize it cold. Then walk through the OWASP Top 10 with one real-world example each. This combination covers 80% of the section.

Suggested time budget

5–6 hours. The flashcard drill is the highest-leverage activity.

Common Mistakes to Avoid

  • 1Confusing encryption, hashing, and encoding. Encoding is reversible and not secret; encryption is reversible with a key; hashing is (practically) one-way.
  • 2Mixing up authentication (who you are) and authorization (what you can do).
  • 3Assuming HTTPS protects against every attack. It protects transport confidentiality — it does nothing for XSS or SQL injection.
  • 4Memorizing OWASP entries without understanding the attack pattern. NSCT scenarios describe symptoms; you need to name the cause.

Sample Questions

Two example MCQs from the Cyber Security question bank, with full explanations. The live quiz draws from 3,360+ verified questions across three difficulty levels.

Web SecurityMedium

Q1. Which attack exploits user trust in a website to execute unintended actions using the user's authenticated session?

  1. A.SQL Injection
  2. B.Cross-Site Scripting (XSS)
  3. C.Cross-Site Request Forgery (CSRF)✓ Correct
  4. D.Man-in-the-Middle

Explanation

CSRF tricks an authenticated user's browser into sending a request the user did not intend (e.g., transfer money while logged into a bank site). XSS runs attacker code in the user's browser. SQLi attacks the database via crafted input. MITM intercepts traffic in transit. The defining CSRF trait is 'uses the existing session without the user's knowledge'.

CryptographyMedium

Q2. What is the primary reason passwords should be stored as salted hashes rather than as encrypted values?

  1. A.Hashes are faster to compute than encryption.
  2. B.Hashing is one-way — even the server cannot recover the original password.
  3. C.Encryption keys must be stored somewhere and can be stolen; hashing has no key.
  4. D.Both B and C are correct.✓ Correct

Explanation

Both reasons matter. One-way hashing means a database leak does not expose plaintext passwords, and the absence of a shared key means there is no secondary secret whose compromise would unlock everything. Salting additionally defeats rainbow tables by making each hash unique even for identical passwords.

Related NSCT Subjects

Computer Networks & Cloud Computing

2,100+ MCQs

Web Development

3,570+ MCQs

Operating Systems

2,520+ MCQs

Ready to practice Cyber Security?

Choose your topic, pick a difficulty, and start answering. No signup required — your progress is saved in your browser.

Start Cyber Security Quiz