Professional Documents
Culture Documents
Security in Computing Questions
Security in Computing Questions
5. Define Roadmap?
Roadmap is a plan of action for how to implement the security remediation plans.
11. Define virus and its types. And define types in one word each
Virus : A virus is a self replicating program that uses other host file or code to replicate.
Types of Viruses:
1. Boot Sector Virus : It infects the master boot record
2. Direct Action Virus : It is non-resident virus, it gets installed or stays hidden in the computer
memory.
3. Resident Virus : It hides & stores itself within the computer's memory.
4. Multi partite Virus : It infects boot sector & executable files at the same time.
5. Overwrite Virus : It is use to destroy file or application data
6. Polymorphic Virus : It is difficult to identify with a additional anti-virus program.
7. File Infector Virus : It infect program files, such as applications, games or utilities.
8. Spacefiller Virus : It is a cavity virus.
9. Macro Virus : It particularly target macro language command.
12. Define worm and its types and what each type target on?
A Worm is a stand alone malware computer program that replicates itself in order to spread to
other computer.
Types of Worms:
1. Email Worm : Email Worms spread through malicious email as an attachment or a link.
2. Bot Worm : It attack to computer & turns them into Zombies.
3. IRC Worm : It spread by Internet Relay Chat (IRC) chat channels, sending infected files or links.
4. Internet Worm : It is self-replicated & distributes copies of itself to its network. It target low level
TCP/IP ports directly.
5. File Sharing Worm : File sharing Worms place a copy itself in a shared folder.
6. Instant Messaging Worm : It spreads via instant messaging applications by sending links.
44. COBIT
45. Encryption is originated from Greek word Kryptos (meaning hidden or secret).
46. Convert into ceaser shift cipher following message: shift with 3 alphabets
“Hello I am in TYIT A”
“KHOOR L DP LQ WBLW D”
Symmetric Asymmetric
It only requires a one key for both It requires two keys; one foe encryption &
encryption & decryption. other one to decryption.
62. Kerberos
74. Performance has 3 layers : 1. Core Layer 2. Distribution Layer 3. Access Layer
75. Network Availability means that system must be Robust & Available to the user as an when required.
76. Demilitarized Zone (DMZ) is made upo of one or more isolated LAN computer that contains shared
server resources. Eg : Email server & Proxy server
77. OSI model was introduced by ISO (International Oraganization for Stanadardization) it is a
concept of layering.
82. Firewall prevent unauthorized users accessing private netwok connected to the internet.
83.
84. Wirless Vulnerabilities & Mitigations
1) Wired Side Leakage
2) Rogue Access Point
3) MisConfigured Access Points
4) Wireless Phishing
85. An Intrusion Detection System monitors the traffic flowing across the network & every packet against
known issue for attack & create a alert baseed result.
86. An IP Telephony is an aspect of communication that uses the internet to exchange voice messages, fox
& other types of information over the IP- Based netwoks.
1. ______ means to include the right level of responsibility and authorization to be effective.
a) Assessment
b) Framework
c) Planning
d) Authority
2. _______ are the day-today practices of the individuals and technologies assigned to the protection of
assets.
a) Strategic planning
b) Security Strategy
c) Security Tactics
d) Security
13. What is the name of the group that IBM have formed in 1970's to design a block cipher to protect
customer data?
a) Crypto Group
b) Stream Cipher Group
c) Block Cipher Group
d) Cipher Suites Group
18. ________ Command specifies that a particular user or role will have access to perform specific action on
database objects
a) REVOKE
b) GRANT
c) UPDATE
d) DENY
lOMoARcPSD|13673010
UNIT 1
⚫ Defence
◯ Detection
◯ Detterence
⚫ Defence ,Detection,Deterrence
⚫ Onion
◯ Lolipop
◯ Both
4. _____ is a standalone computer program that replicate itself in order to spread itself. (1 point)
⚫ Worms
◯ Trojans
◯ Virus
◯ Data of security
⚫ Denial of service
◯ Denial on service
6. ________ means that the data has not been altered in an unauthorized way (1 point)
◯ Confidentiality
⚫ Integrity
◯ Availability
7. ________attack attempts to learn or make use of information from the system but does
(1 point)
◯ Active Attack
⚫ passive attack
◯ User
8. ___________ is a measure how easily data and software can be transferred from one
(1 point)
◯ Carriers
◯ Transport
⚫ Portability
concealed
(1 point)
⚫ Detection
◯ Detterence
◯ Defence
10. _______is a path or tool used by the hacker to attack the sysytem (1 point)
◯ Threat
⚫ Threat Vector
◯ User
11. ________ means that only the authorized individual or system can view sensitive
information
(1 point)
⚫ Confidentiality
◯ Integrity
◯ Availability
◯ Onion
⚫ Lolipop
◯ Both
13. ________refers to the ability of the organization that allows it to respond rapidly to the
(1 point)
⚫ Business Agility
◯ Portability
◯ Cost Reduction
◯ Security Methodology
14. _______is a malware that is disguised as legitimate software and which can be used to
(1 point)
◯ Worms
⚫ Trojan
◯ Virus
◯ Worms
◯ Trojans
⚫ Virus
16. ________attack attempts to modify the system resources or affect their operations (1 point)
⚫ Active Attack
◯ passive attack
◯ User
◯ 40
⚫ 32
◯ 48
(1 point)
◯ Detection
⚫ Detterence
◯ Defence
◯ Employees
⚫ Information
◯ Salary
UNIT 2
1. The process of converting encrypted form of text back to its original form is called (1 point)
◯ Encryption
⚫ Decryption
◯ Cryptosystem
(1 point)
◯ Authentication
⚫ Authorization
⚫ Authentication
◯ Authorization
◯ MFA
◯ SFA
⚫ Authentication
◯ Authorization
◯ Both the above
◯ Authentication
⚫ Authorization
8. ________ cryptography uses the same key for encryption and decryption (1 point)
◯ PKI
9. In ________cryptography system the key is shared to receiver before data transform (1 point)
◯ PKI
◯ Authentication
⚫ Authorization
◯ MFA
◯ SFA
12. ________ cryptography uses the different key for encryption and decryption (1 point)
◯ PKI
point) ◯ Conversion
⚫ Encryption
◯ Decryption
⚫ Authentication
◯ Authorization
◯ Encryption
◯ Decryption
⚫ Cipher text
point) ⚫ Authentication
◯ Authorization
⚫ Authentication
◯ Authorization
⚫ Public
◯ Both
point) ◯ Authentication
⚫ Authorization
⚫ Authentication
◯ Authorization
point) ⚫ Authentication
◯ Authorization
◯ Identification
◯ Authentication
⚫ Authorization
◯ MFA
⚫ SFA
27. System used for encryption and decryption is known as_______ (1 point)
◯ Transformation
⚫ Cryptosystem
21. ___________ comparers the desired state of security program with the actual current
(1 point)
◯ Risk Analysis
⚫ Gap Analysis
◯ Both
22. _________is an attack where an application inject a specially crafted packet on to the
network repeatedly
(1 point)
◯ ARP Posoning
⚫ MAC Flooding
◯ DHCP poisoning
23. The act of capturing data packets across the computer network by an unauthorized
third party destined for computers other than their own is called _________ (1 point)
◯ Attack
⚫ Packet sniffing
◯ Theft
◯ None of the above
◯ Government model
⚫ Academic model
25. ________ means that the dat a should be available as an when needed (1
point) ◯ Confidentiality
◯ Integrity
⚫ Availability
UNIT 3
1. _________device forward the packet received at one port to all other port without
storing
(1 point)
◯ Switch
◯ Router
⚫ Hub
⚫ Network
◯ Transport layer
3. _______ is also private network controlled by organization and can be used for providing
customers
(1 point)
◯ Internet
◯ Intranet
⚫ Extranet
4. It is possible to prevent direct connection between external and internal users via
______
(1 point)
◯ Firewall
⚫ Proxy services
◯ ACL
5. ______ is a hardware, software or combination of both that monitors and filters the
(1 point)
⚫ Firewall
◯ IPS
◯ ACL
◯ 48
⚫ 128
◯ 16
7. To send traffic ,sending device must have destination device _______ address (1 point)
◯ IP address
◯ MAC
8. ________layer is concern with the syntax and symantics of the information (1 point)
◯ Application layer
⚫ Presentation layer
◯ Session layer
⚫ Patches
◯ Protocol
◯ Standard
10. In Cisco H. Model _________layer aggregates traffic from all nodes and uplinks from
(1 point)
◯ Access layer
◯ Core layer
⚫ Distribution layer
11. ________layer is responsible for delivery of message from one process to other (1 point)
◯ Physical layer
⚫ Transport layer
12. _______ is a private network of an organization which is accessible only to the members
of the organization
(1 point)
◯ Internet
⚫ Intranet
◯ Extranet
13. _______ provide the mechanism to reporting TCP/IP communication problems (1 point)
◯ ARP
◯ RARP
⚫ ICMP
14. MAC addresses are ____ bit hexadecimal colon separated numbers assigned to NIC by
the manufacturer
(1 point)
⚫ 48
◯ 32
◯ 16
15. High availability ,security, quality of service and IP multicasting are the features of
________layer
(1 point)
⚫ Access layer
◯ Core layer
◯ Distribution layer
16. An acceptable level of information systems risk depends on the individual organization
(1 point)
⚫ True
◯ False
◯ Switch
⚫ Router
◯ Hub
18. ________device forward the received packet to only one port for its correct destination (1 point)
⚫ Switch
◯ Router
◯ Hub
19. In Cisco H. Model _________layer forms the network backbone and it is focused on
(1 point)
◯ Access layer
⚫ Core layer
◯ Distribution layer
20. ______ is a hardware, software or combination of both that monitors and filters the
(1 point)
⚫ Firewall
◯ IPS
◯ ACL
UNIT 4
◯ Voice Internet
◯ VIP
⚫ VoIP
(1 point)
◯ SIDS
◯ NIDS
⚫ HIDS
⚫ SIDS
◯ NIDS
◯ HIDS
(1 point)
⚫ Type A
◯ Type B
◯ Type C
6. ___________method of detection uses signatures ,which are attack patterns that are
preconfigured and predetermined
(1 point)
enterprise users on local lines while allowing all users to share certain no. of external
phone lines
(1 point)
⚫ PBX
(1 point)
◯ SIDS
⚫ NIDS
◯ HIDS
13. As per U.S Department of users trusted computer systems evaluation criteria there are
(1 point)
◯1
◯3
⚫4
strategy for software security that is tailored to the specific risk facing the organizations
(1 point)
⚫ SAMM
◯ PBX
◯ VOiP
18. ___________is a term used to define an approach to managing all telephone service
(1 point)
⚫ TEM
◯ PBX
◯ VOiP
20. _________attack is an attempt to make a system inaccessible to its legitimate users (1 point)
◯ passive attack
⚫ DDoS
◯ Active attack
UNIT 5
1. _______ virtual machine support the host computers physical resources between
multiple virtual machines,each running with its own copy of the operating system (1
point)
2. ______ phase if SDL consist of activities that occur prior to writing code (1
point) ◯ Requirment
⚫ Design
◯ Coding
the Internet
(1 point)
◯ virtual machine
⚫ Cloud computing
⚫ False
5. Two tier thick client application uses user computer and ________ (1 point)
◯ Local computer
⚫ Server
◯ Database
6. _______of the following service provides companies with computing resources including
(1 point)
⚫ IaaS
◯ SaaS
◯ PaaS
8. Three tier thick client application uses user computer ,application server and _______ (1 point)
◯ Local computer
◯ Remote Computer
⚫ Database
Software as a service
⚫ True
◯ False
11. Depending on use and level of dependencies virtual machines can be devided into
________ categories
(1 point)
◯1
⚫2
◯3
12. _______of the following service provides a cloud based environment with everything
required to support the complete life cycle of building and delivering cloud based
application without the cost and complexity of buying and managing the underlying
(1 point)
◯ IaaS
◯ SaaS
⚫ PaaS
that makes the information of the underlying hardware or OS and allows program
(1 point)
Platform as a service
◯ True
⚫ False
16. ________ clients are heavy applications which involve normally the installation of
(1 point)
⚫ thick client
◯ thin client
◯ None of the above
Infrastructure as a service
◯ Nested Computer
◯ Computer in Computer
19. _______ client applications are web based applications which can be accessed on the
(1 point)
◯ thick client
⚫ thin client
21. ________ is a computer file typically called an image,which behave like an actual
computer
(1 point)
⚫ Virtual Machine
◯ computer image
◯ Computer in Computer
⚫ True
◯ False
Security in Computing
Unit 1
a) Employees
b) Resources
c) Information
d) Money
Ans: Information
2. Confidential information is available to external audiences only for business-related purposes and
only after entering
3. Originally, the academic security model was and the government security model was .
4. A approach doesn’t work when you need to allow thousands or millions of people to have access to
a) closed-door
b) open-door
c) wide-door
d) locked-door
5. An approach doesn’t work when you need to protect the privacy of each individual who interacts with
a) closed-door
b) open-door
c) wide-door
d) locked-door
Ans: open-door
6. As more companies started doing business on the Internet, concepts such as were developed
a) Software-as-a-Service (SaaS)
7. What can result in service outages during which customers cannot make purchases and the company
cannot transact
business?
a) virus outbreak
8. means that software and data can be used on multiple platforms or can be transferred/transmitted
a) Portability
b) Accessibility
c) Authority
d) Sharing
Ans: Portability
9. is concerned with protecting information in all its forms, whether written, spoken, electronic,
a) Software Security
b) Information Security
c) Network Security
d) Storage Security
10. is concerned with protecting data, hardware, and software on a computer network.
a) Software Security
b) Information Security
c) Network Security
d) Storage Security
12. Without adequate a security breach may go unnoticed for hours, days, or even forever.
a) Detection
b) Deterrence
c) Defense
Ans: Detection
b) Security framework
c) Planning
d) Security initiatives
15. A security program defines the purpose, scope, and responsibilities of the security organization and
a) Charter
b) Memo
c) Document
d) File
Ans: Charter
a) Security program
b) Security framework
c) Security policy
d) Security initiatives
17. change with each version of software and hardware, as features are added and functionality
changes,
a) Standards
b) Rules
c) Application
d) Files
Ans: Standards
18. Guidelines for the use of software, computer systems, and networks should be clearly documented
for the sake of
b) Rules
c) Guidelines
d) Security
Ans: Guidelines
a) Risk Analysis
b) Planning
c) Guidelines
d) Security
20. compares the desired state of the security program with the actual current state and identifies the
differences.
a) Risk Analysis
b) Security Analysis
c) Comparison Analysis
d) Gap Analysis
21. is a plan of action for how to implement the security remediation plans.
a) Charter
b) Outline
c) Roadmap
d) Layout
Ans: Roadmap
22. The documents how security technologies are implemented, at a relatively high level.
a) Charter
b) Security architecture
c) Roadmap
d) Layout
Ans: security architecture
23. The actions that should be taken when a security event occurs are defined in? the incident response
plan.
a) Charter
b) Security architecture
c) Roadmap
24. is the process of defense, is the process of insurance, and is deciding that the risk
25. is a term used to describe where a threat originates and the path it takes to reach a target.
a) Threat vector
b) Origin vector
c) Target vector
d) Trojan vector
26. refers to a Trojan program planted by an unsuspecting employee who runs a program provided by a
trusted friend from a storage device like a disk or USB stick, that plants a back door inside the network.
a) Threat exploit
b) Friend exploit
c) Girlfriend exploit
d) Trusted exploit
27. Which are the generally recognized variants of malicious mobile code?
a) Viruses
b) Worms
c) Trojans
d) a and b
e) a, b and c
Ans: a, b and c
28. is a self-replicating program that uses other host files or code to replicate.
a) Virus
b) Worm
c) Trojan
Ans: Virus
29. If the virus executes, does its damage, and terminates until the next time it is executed, it is known
as?
a) Temporary virus
b) Resident virus
c) Nonresident virus
d) Stealth virus
a) Permanent virus
b) Memory-resident virus
31. Which viruses insert themselves as part of the operating system or application and can manipulate
any file that is
a) Permanent viruses
b) Memory-resident viruses
32. If the virus overwrites the host code with its own code, effectively destroying much of the original
contents, it is
called?
a) Overwriting virus
b) Stealth virus
c) Nonresident virus
d) Parasitic virus
33. If the virus inserts itself into the host code, moving the original code around so the host
programming still remains
a) Overwriting virus
b) Stealth virus
c) Prepending virus
d) Parasitic virus
34. Viruses that copy themselves to the beginning of the file are called? prepending viruses
a) Overwriting virus
b) Appending virus
c) Prepending virus
d) Parasitic virus
a) Overwriting virus
b) Appending virus
c) Prepending virus
d) Parasitic virus
36. Viruses appearing in the middle of a host file are labeled? mid-infecting viruses.
a) Mid-infecting viruses
b) Appending viruses
c) Prepending viruses
d) Parasitic viruses
37. Who works by posing as legitimate programs that are activated by an unsuspecting user?
a) Virus
b) Worm
c) Trojan
Ans: Trojan
38. Which type of Trojans infect a host and wait for their originating attacker’s commands telling them
b) Zombie Trojans
40. refers to the restriction of access to data only to those who are authorized to use it.
a) Confidentiality
b) Authority
c) Accessibility
Ans: Confidentiality
a) Perimeter Security
b) Defense in depth
1) What control can be used to help mitigate identified risks to acceptable levels?
a. Authentication b. Authorization c. Decryption d. Management
Ans: Authentication
3) Which technologies may be considered by the design team to prevent one application from
consuming too much of bandwidth?
b. Software-as-a-Service(SaaS)
d. Quality of Service(QoS)
Ans: Three
5) What is Core layer’s primary focus?
Access layer b. Core layer c. Distribution layer d. Firewall Ans: Access layer
7) Which architecturing approach offers higher performance and lower cost but also brings special
security considerations into play.
8) What helps us to understand how to use routers and switches to increase the security of the
network?
d. Firewalls
Ans: TCP/IP
10) MAC addresses are ____ bit hexadecimal numbers that are uniquely assigned to each
hardware network interface by the manufacturer.
a. 8 b. 24 c. 48 d. 64
Ans: 48
a. 8 b. 32 c. 64 d. 128
Ans: 32
a. 128 b. 32 c. 24 d. 64
Ans: 128
13) The host uses the ________ , which functions by sending a broadcast message to the network that
basically says, “ Who has 192.168.2.10, tell 192.168.2.15”.
Ans: seven
15) ______ an OSI-model layer is used to convert application data into acceptable and compatible
formats for transmission. At this layer, data is encrypted and encoded and encrypted.
Ans: Presentation
Ans: HTTP
17) Which layer provides mechanism for two host to maintain network connections . a.
Data-link layer b. Session layer c. Physical layer d. Transport layer Ans: Session layer
18) Which layer provides unique address to every host on the network . a.
Application layer b. Physical layer c. Transport layer d. Network layer Ans: Network
layer
19) _____ layer is composed of two sub layers : Media Access Control (MAC) and Logical Link
Control (LLC).
Ans: Data-link
20) As the size of the network increases, the distance and time a packet is in transmit over the
network also ________ , making collision more likely.
Increases
21) Routers and switches operate at layers ___ and ___ respectively.
a. Two and three b. Three and Two c. One and Two d. Three and Four. Ans: Three
and Two
22) In which two ways routers learn the locations of various networks ? a.
b. Network Modelling
d. Patching
Ans: Patching
25) What can be configured to permit or deny TCP, UDP, or other types of traffic based on the source or
the destination address.
c. Patching
26) Which one of the following comes under Disabling Unused Services?
b. Administrative Practises
c. Proxy ARP
d. Patching
Ans: Proxy ARP
27) _______ provides a mechanism for reporting TCP/IP communication problems, as well as utilities
for testing IP layer connectivity.
28) Whose function is to screen network traffic for the purpose of preventing unauthorized access
between computer networks?
a. Firewalls
b. Network Analysis
c. Documentation
Ans: Firewall
29) Different types of software administrators are concerned about that could violate security policies.
b. Web mail
c. Remote access
a. Remote Access
b. Application Awareness
c. a & b both
32) What is the mask for IP address 192.168.0.0 as per Private Addresses specified in RFC1918?
a. 255.0.0.0
b. 255.240.0.0
c. 255.255.0.0
Ans: 255.255.0.0
33) In which of the following way Modern Firewalls assist other areas of network quality and
performance?
c. a & b both
b. Firewall cannot enforce security policies that are absent or undefined. c. Firewalls
a. Network layer
b. Physical layer
d. Transport layer
a. Battery operated
b. War driving
c. Evil Twin
a. War chalking
b. WEP cracking
c. both a&b
40) Which of the following is/are fundamental component(s) of Wireless Intrusion Prevention System.
a. Sensors
b. Management Servers
c. Database server
Ans: NIDS
2) Which of the following is/are Intrusion Detection (ID) system when it checks files and disks for
known malware?
a. Firewalls b. Antivirus c. Both a & b d. None of the above
Ans: Patching
4) _____ is an independent platform that identifies intrusions by examining network traffic and
monitors multiple hosts.
a. Stack-Based Intrusion Detection System (SIDS)
b. Network Intrusion Decision System (NIDS)
c. Host-Based Intrusion Detection System (SIDS)
d. None of the above
5) ______ identifies intrusion by analyzing system calls, application logs, file-system modifications
and other host activities.
a. Host-Based Intrusion Detection System (HIDS)
b. Stack-Based Intrusion Detection System (SIDS)
c. Network Intrusion Decision System (NIDS)
d. All of the above
Ans: Host-Based Intrusion Detection System (HIDS)
10) Which of the following is true for Intrusion Detection System (IPS)?
a. They are placed in-line
b. They are able to actively block intrusions that are detected
c. Takes actions such as sending an alarm, dropping the malicious packets, etc.
d. All of the above
11) _____ is an approach to security management that combines SIM (Security Information
Management) and SEM (Security Event Management).
a. SIEM
b. SOAR
c. UEBA
d. None of the above
Ans: SIEM
12) Which of the following is the most important feature to review when evaluating SIEM products?
a. Testing
b. Threat Intelligence feeds
c. Aggregation
d. All of the above
16) _____ switches calls between enterprises users on local lines while allowing all users to share
certain number of external phone lines.
a. POT
b. PBX
c. TEM
d. All of the above
Ans: PBX
18) Which of the following defines Microsoft’s Trust worthy computing technique?
a. Memory curtaining
b. Remote attestation
c. Sealed storage
d. All of the above
Ans: BIOS
20) Which of the following does not define Jericho Security Model?
a. Integration
b. Simplifies use of public networks
c. It has a real open security framework
d. Aimed for open solution building blocks
Ans: It has a real open security framework
1) What security device combines IOS firewall with VPN and IPS services?
a. ASA
b. ISR
d. IPS
ANS: B.
a. Cisco ISE
b. PoE
c. 802.1X
d. CSM
ANS: C.
3) The Cisco ________ is an integrated solution led by Cisco that incorporates the network
infrastructure and third-party software to impose security policy on attached endpoints
a. ASA
b. CSM
c. ISR
d. ISE
ANS: D.
a. ISR
b. Cisco ISE
c. ASDM
d. IDM
ANS: C.
5) Cisco IOS Trust and Identity has a set of services that includes which of the following?
a. 802.1X
b. SSL
c. AAA
d. ASDM
ANS: A,B,and C.
6) IOS ______________ offers data encryption at the IP packet level using a set of
standards-based protocols.
a. IPS
b. IPsec
c. L2TP
d. L2F
ANS: B.
7) What provides hardware VPN encryption for terminating a large number of VPN tunnels
for ISRs?
a. ASA SM
d. High-Performance AIM
ANS: D.
8) What are two ways to enhance VPN performance on Cisco ISR G2s?
d. High-Performance AIM
ANS: C and D
9) Which Cisco security solution can prevent noncompliant devices from accessing the
network until they are compliant?
a. IPsec
c. ACS
d. Cisco ISE
ANS: D.
10) Which of the following service modules do Cisco Catalyst 6500 switches support? (Select
all that apply.)
a. ASA SM
c. High-Performance AIM
d. FirePOWER IPS
ANS: A and B
11) What provides packet capture capabilities and visibility into all layers of network data
flows?
ANS: A.
12) Which of the following are identity and access control protocols and mechanisms?
(Select all that apply.)
a. 802.1X
b. ACLs
c. CSM
d. NetFlow
ANS: A and B.
13) Which two of the following are Cisco security management tools?
a. CSM
b. IDS module
c. ACS
d. Cisco ISE
14) True or false: NetFlow is used for threat detection and mitigation?
ANS: True
15) True or false: Cisco ASAs, ASA SM, and IOS firewall are part of infection containment.
ANS: True
16) What IOS feature offers inline deep packet inspection to successfully diminish a wide
range of network attacks?
a. IOS SSH
c. IOS IPsec
d. IOS IPS
ANS: D.
17) What provides centralized control for administrative access to Cisco devices and
security applications?
a. CSM
b. ACS
c. NetFlow
d. ASDM
ANS: B.
18) Match each protocol, mechanism, or feature with its security grouping:
i. CSM
iii. NetFlow
c. Infrastructure protection
d. Security management
ANS: i = D, ii = C, iii = B, iv = A
ANS: C.
a. Host based
b. Network based
c. Application based
d. All of the above
ANS: A and B.
Ans :- A
a. Application layer
b. Network layer
c. Presentation layer
d. Transport layer
ANS: a.
a. Application layer
b. Network layer
c. Presentation layer
d. Transport layer
ANS: B.
a. Traffic of implementation
b. Traffic of interest
c. Traffic of detection
d. None of these
ANS: B
25) ….. Includes denial of services, virus,worm ,infection ,buffer overflow , malfunction ,
file corruption , unauthorised program
a. IDS
b. IPS
c. Attack
d. Both a and b
ANS: C.
a. True positive
b. False positive
c. True Negative
d. False Negative
e. A and B
f. C and D
a. Internal maliciousness
b. External attacks
c. Permanent maliciousness
d. Both a and b
Ans :- D
a. False positive
b. False negative
c. True negative
d. True positive
Ans :- B
a. True positive
b. False negative
c. False positive
d. True negative
Ans:-c
b. Backend option
c. Bountiful array
d. None of these
Ans :- a
second generation ids detect attacks more than short them, prevent them , attempt to add
value
Ans True
Ans :- true
33) two types of Hostbased IDS ?
a) File integrity
b) Behaviour monitoring
c) Static and dynamic
d) All of the above
Ans :- D
Ans:- A
Ans: B
a) Incoming request
b) Report maliciously
c) Html responses
d) Crossed side scripting attacks
e) Sql injection
f) A and D
g) C and E
h) All of the above
Ans: H
Network based ids they work By Capturing and analyzing network packet by on the wire
Ans:- True
38) network tabs dedicate appliances used to mirror a port or interface physically and swith
a) Hostbased
b) Network based
c) Both A and B
d) None of these
Ans:- B
a) Anomaly model
b) Signature detection model
c) Both A and B
d) All of these
Ans:- C
40) anomaly detection IDS looks only at ___________ ?\
a) Physical layer
b) Network packet
c) Network packet header
d) None of these
Ans :- C
41) anomaly detection IDS looks only at Network packet header is called protocol anomaly
detection
Ans :- True
Signature detection or misuse IDS are the most popular types of IDS
Ans :- True
a) Buffer overflow
b) Particular file
c) Particular directory
d) Both A and B
Ans:- D
44) The shortest possible sequence detect is related thread in signature detection model what
was needed ?
a) File
b) Directory
c) Bytes
d) None of these
Ans:- C
Ans:- D
Ans :- B
Ans:- G
Ans:- F
a) Appliance
b) Hardware component
c) Server operating system
d) Software component
Ans :- C
Ans:- A_B_C
a) AAA
b) IP PBX
c) Both A and B
d) None of these
Ans:- A
a) Mobile device
b) eavesdropping
c) Denial of service attack
d) All of the above
Ans:- D
Ans: True
a) Cost
b) Softclient
c) Both a and B
d) None of the
Ans:- C
Ans:- D
Ans :- A
a) Multiple extension
b) Voice mail
c) Remote control
d) Call forwarding
e) All of the above
Ans:-e
Ans:- D
Ans :- A
Ans:- B
61) the operating system security model also known as trusted computing base
Ans: True
a) Set of rules
b) Security functionality
c) Both A and B
d) None of these
Ans:- C
Ans:- A
Ans: D
a) Source address
b) Destination address
c) Ip address
d) Both A and B
Ans:- C
a) Attacker can take control of connection by the session key And Using it to insert is on
traffic
b) Establish TCP IP communication session
c) Combination with dos Attack
d) Man in Middle attack
e) All of the above
Ans:- E
Ans:- B
a) No authentication
b) No encryption
c) Both A and B
d) None of the above
Ans:- C
a) Bell-La-Padula
b) BiBa
c) Clark-wilson
d) All of the above
Ans:- D
Ans :- A_B_C
a) Read only
b) Append
c) Execute
d) Read-write
Ans :- A
72) The Subject can Only Write to The object but it can not be read
a) Execute
b) Read-write
c) Append
d) Read only
Ans:- C
73) Subject can execute the object but can neither read or write
a) Read -write
b) Read only
c) Execute
d) Append
ans :- C
74) subject has both read and write permission to the object
a) Append
b) Read only
c) Execute
d) Read and write
Ans:- D
a) Simple integrity ( no read down can not read the data from lower integrity level )
b) Star integrity ( no write cannot write data to a higher integrity level c) Invocation
property ( can not invoke a subject at a higher integrity level ) d) All of the above
Ans:- D
Ans:- a
Ans:- E
Ans:- A
Ans:- False
Ans:- False
. ..
4 VPN stands for? Virtual private network Visually paired network Vital prevention network Virtual public network Virtual private network
5 SaaS stands for? Software as a setup Software as a service Softnet as a service Signal as a service Software as a service
6 PaaS Stands for? Platform as a setup Project as a service Platform as a service Projection as a software Platform as a service
7 IaaS standd for? Infrastructure as a Service Infrastructure as a setup Input as a setup Infrastructure as a software Infrastructure as a Service
platforms or can be transmitted Cannot be used on Is at a fixed place and it cannot or can be transmitted / transferred
9 What is Portability? / transferred across. Cannot be transmitted. multiple platofrms be transferred. across.
10 Which field is concerned with protecting assests in general? Software Security Service Platform Security
event or action by instilling fear The action that leads to The action of encouraging event or action by instilling fear
13 What is Deterrence? or doubt of the consequences. Having no opinions at all no consequences. everything. ordoubt of the consequences.
everyone is denied all the where authorization is which must include the level of responsibilty is not include the right level of
14 What is Authority in building a security program? services. not need. right level of required. responsibilty and authorization to
provide a defensible required to build a defensible approach to build approach to build the security
15 What is a framework in building a security program? Framework is an attack approach to build a security program. the security program. program.
protected,why and how it leadsto required to build a Assessment is only for protected,why and how it leads to
16 What is Assessment in building a security program ? a strategy for improving the Assessing the techniques. security program. documentational purposes. a strategy for improving the
Planning doesn't provde producing priorities and Planning delays the provide in building a security priorities and timelines for
17 What does Planning provide in building a security program? priorities or timilines. timelines for security tasks to be completed. program securityinitiatives.
produce the desired results team donot produce the donot follow the palns No actions are taken in produce the desired results based
18 What is the role of Action in building a security program? based on the plans. desirable results laid out. building a security program. on the plans.
Miantanance of secuirty required by the security that have reached the maintenance structure laid out reached the end stage is now to
19 What is Maintenance in building a security program? program is optional program. end stage is now to for a security program. maintain them.
Which plan defines the actions to be taken when a security
20 event occurs? Theft plan Introduction plan induction plan Incident Response Plan Incident Response Plan
Where a threat can't be and the path it takes to Where a Threat orginates and Where a treat originates and the
22 What is threat vector? No threats exists. found. reach a target. ends there. path it takes to reach a target.
Preventive controls donot block blocks the security block the security threat Preventive controls donot security threats before they can
23 What are Preventive controls? the vulnerability. threats before they can after they have block the security threats. exploit a vulnerability.
Restores the availability of the Cannot use the servicesit Restores the availability of the
24 What are Recovery controls? service Denies the service. restores. Doesn't restore anything. service
Find, Exploit, Infect,
25 What is the life cycle of Malicious mobile code? find,lost,repeat fail, find,repeat Repeat lost,failed,exploit,repeat Find, Exploit, Infect, Repeat
It doesn't allow the attacker to Does not reveal the transmitted content and transmitted content and may
29 What does Packet Sniffing do? look at the transmitted content. passwords and content. Denial of service may reveal passwords and reveal passwords and confidential
The attacker floods the server the applications and then which application is application is running on a application is running on a
30 What are content attcks? with content. sniffs the information running on a particular particular server and then particular server and then
sends
program expecting input does when a program when a program Buffer overflows occur when a program expecting input does not
31 What is buffer Overflow? not do input validation. expecting an input expecting an output program is expecting nothing. do input validation.
32 ARP Stands for…. Attacker resolution protocol Address Result protocol Attacker result protocol Address Resolution Protocol Address Resolution Protocol
ARP Poisoining works by responding to the ARP responding to the ARP responding to the ARP responding to the ARP
33 How does ARP Poisoning work? responding to the ARP packets. requests with Attackers requests with Attackers requests with systems port requestswith Attackers MAC
address.
is the probablity of an event that the risk is the probablity the risk is the probablity risk is the probablity of an the probablity of an undesired
34 What is the formal Definition of RISK? occurs. of an undesired event to of an undesired event to desired event to cause an event to cause an undesired result
of vulnerability) * Cost of the Profit(Threat+theft) * RISK= Loss(Threat+theft) Profit(vulnerabilityt+theft) *Asset vulnerability) * Cost of the
35 What is the formal Definition of Risk? Asset damaged Cost of the Asset * Cost of the Asset Assetdamaged
Restriction to access for all the data only to those who those who are not authorisedto to those who are authorised to use
36 What is Confidentiality? users. No Restriction of access. are authorised to use it. use it it.
been altered in an unauthorized Assurance that the data modified and altered by been altered in an unauthorized
37 What is Integrity? way. has been altered. an unauthorized user. The data is not in use. way.
Assurance that the services are services will never be services will be not be will be available when it's Assurance that the services will
38 What is Availability? no longer in use. needed. available when it's needed. beavailable when it's needed.
39 FTP stands for….. file transmit protocol File Transfer Protocol folder transit protocol Folder transfer protcol File Transfer Protocol
43 DNS stand for… Dynamic network system Data name system Dynamic name system Domain Name System Domain Name System
Basic input/output
46 BIOS stands for… Basic input system Basic output System system Basic input Server Basic input/output system
47 What is an Alternative term for Onion Model? Defense in depth Dynamic defense Defense in Domain Domain in defense Defense in depth
physical wall around objects of or physical wall around virtual or physical wall physical wall around objects of physical wall around objects
48 What is perimeter security? no importance. no objects around objects of value. no great value ofvalue.
What are the laws that cover network intrusions that results in
49 theft,fraud or damage are referred as? Public laws Hacking laws Private laws Key laws Hacking Laws
The assurance that the service service will be available service will not be will be available when it's not The assurance that the service
50 What is Uptime? has expired. when it's needed. available. needed. willbe available when it's
needed.
Sr No Question Option 1 Option 2 Option 3 Option 4 Correct Answer
mechanism determines
the user's identitybefore
1 Authorization Authentication Encryption Availability Authentication
revealing the sensitive
Information.
In process,the user
makes a provable claim about
2 Authentication Encryption Availability Authorization Authentication
individual identity or an entity's
identity.
In ,The credentials or
3 claim could be a username, Encryption Authorization Authentication Encryption Authentication
password, finger etc.
The inefficient
mechanism could significantly
4 Availability Authentication Encryption Authorization Authentication
affect the availability of the
service.
An intruder may intercept,
modify and replay the document
in order trick or steal the
5 Intergrity Denial of Service Man-in-the middle Fabrication Fabrication
information this typeof attack is
called as
.
authentication requires
that a user provide asecond
10 Two-factor Three-factor Biometric Mobile Two-factor
authentication factor in
addition to the password.
is an automatically
generated numeric or
14 alphanumeric string of Security Token One-time password Security key Pin One-time password
characters that authenticates
a uset.
authentication is the
process of verifying user via
15 Two-factor Three-factor Mobile Continuous Mobile
their devices or verifying the
devices themselves.
In authentication, a
company's application
16 Two-factor Mobile Continuous Three-factor Continuous
continually computes an
authentication score.
In authentication, the
server requests
17 authentication Information API Key Mobile HTTP basic one-time password HTTP basic
i.e. a username and password
from the client.
In authentication
method, a first-time user is
18 assigned a unique generated HTTP basic API key OAuth Mobile API key
value that indicates thet the
user is known.
is an open standard
for Token-based
19 HTTP basic Open authorization API key one-time password Open authorization
authentication and
authorization on the internet.
technique is used to
determine the permissions
22 Authentication Authorization Availability Confidentiality Authorization
that are granted to an
authenticated user.
is a method of
protecting Information and
communications through the
26 use of codes so that only Cryptography Confidentiality Availability Encoding Cryptography
those for whom the
information is intended can
read and process it.
In encryption,
27 different keys are used for Symmetric key Digital signature Public key Digital certificate Public key
encryption and decryption.
consists of software
and hardware elements that a
Public key Public key
28 trusted third party can use to Digital signature Digital certificate Encryption
infrastructure infrastructue
establish the integrity and
ownership of a public key.
signs the digital
Certification Certification
29 certificate by using its private Cryptographer Sender Receiver
Authority Authority
key.
refers to limiting
Information access and
disclosure to only authorized
32 Confidentiality Integrity Availability Authenticity Confidentiality
users as well as preventing
access by or disclosure to
unauthorised ones.
is the risk of loss of
Information such as
confidential data and Inappropriate
33 Espionage Data leakage Fraud Data leakage
intellectual property through administrator access
intentional or unintentional
means.
refers to the
unauthorized interception of
34 network traffic for the Exposure Fraud Espionage Hijacking Espionage
purpose of gaining
Information intentionally
is an attempt to trick
38 a victim into disclosing Fraud Data leakage Phishing Hijacking Phishing
personal information.
attack is an attempt to
make a computer resource
42 Brute force Man-in-the middle Denial-of-service Data leakage Denial-of-service
unavailable to its intended
users.
is any unexpected
downtime or unreachability of
43 Data leakage Outage Fraud Espionage Outage
a computer system or
network.
backup consists of
47 making a complete copy of all Differential Full Transaction log Incremental Full
of the data in a database.
backup consists of
copying all of tje data that has
48 Differential Full Transaction log Incremental Differential
changed since the last full
backup.
is a protocol for
authenticating service
49 requests between trusted HTTP SSH Kerberos FTP Kerberos
hosts across an untrusted
network such as the internet.
is a certificate-based
system that is used to provide
authentication of secure web Transport Layer
51 Secure Socket Layer Digital certificate Kerberos Secure Socket Layer
servers and clients and to Security
share encryption keys
between servers and clients.
security mechanism
used to authenticate and
provide access to a facility or
52 system based on the Tansport layer Password Biometric Secure Socket layer Biometric
automatic and instant
verification of an individual's
physical characteristics.
management is
security feature controlling
which resources a user can Role-based
53 User rights Data Storage Risk User rights
access and what actions a Authorization
user can perform on those
resources.
authorization requires
the development of rules that
55 Role-based Password-based Rule-based Certificate-based Rule-based
stipulate what a specific user
can do on a system.
is the mechanism an
array uses to present its
56 Serial Number Packet number Logical unit number certificate id Logical unit number
storage to a host operating
system.
In zoning the
accessibility of the host to the
57 Port World Wide Name Array Secure Socket layer Port
LUNs is defined by the switch
port.
In network-level security,
which is the first step to
58 Analyze Implement Modify Test Implement
protect your network from
the attack?
State full firewall Bit oriented firewall Frame firewall Network layer
Which are the two sub andstateless and byte oriented andpacket firewall and session
categories of Network layer firewall firewall firewall layerfirewall
15 firewall ? A
Which of the following Packet Dual Homed
is / are the types offirewall? Filtering Gateway Screen Host Dual Host
16 Firewall Firewall Firewall Firewall A
A proxy firewall filters Data link Network Application
17 at which layer ? Physical layer layer layer layer D
Network
layer or
A packet filter firewallfilters at Data linklayer Transportlayer Applicationlayer
18 which layer ? Physical layer C
Firewalls are used to Home Corporate Public Both Home &
19 protect: Networks Networks networks Corporate D
Network
Network Address Address Network Access Network Access
What is the full form ofNAT ? Translation Transformation Translation Transformation
20 A
All memory units are
expressed as powersof ?
21 2 5 10 20 A
22 Firewall is a type of ? Virus Security Worm Trojan Horse B
How many types of
23 Firewalls are there ? 1 2 3 4C
Network layer firewall
works as a which typeof filter ?
24 Frame filter Packet filter Content filter Virus filter B
Which
server effectively hides the true
networkaddresses ? Application
25 proxy Packet filter Content filter Gateway A
13 (HIDS) stands for Home based Ids Hetero based Ids Host-based IDS Homo based Ids 3
A file-integrity HIDS also sometimes called as
14 protocol router firewall snapshot 4
- are the most popular IDSs, and NetProtocol-
they work by capturing and analyzing networkpackets Network-based Net-based IDSs based IDSs Network-by
15 speeding by on the wire IDSs (NIDSs) (NIDSs) (NIDSs) IDSs (NIDSs) 1
NetProtocol-
Net-based IDSs Network-based based IDSs Network-by
16 (NIDSs) stands for - (NIDSs) IDSs (NIDSs) IDSs (NIDSs) 2
For a NIDS to sniff packets, the packets have to
be given to the -level driver by the
17 network interface card page segment packet sequence 3
A segment can be defined as a
18 single logical packet domain session data transport network 4
is computer software,
2 firmware or hardware thatcreates and runs Vmware Hypervisor Hyper V Microsoft Hypervisor
virtual machines
8 Which is not in the Cloud Services? Saas PaaS laaS HaaS HaaS
Which of these companies is not aleader
9 Google Catalina Amazon Microsoft Catalina
in Cloud computing?
Web applications can be created quickly and Platform as a Infrastructureas Software as a Hardware as a Platform as a
14
easily via Service Service Service Service Service
is done by malicious
attackers through the useof free Wi-Fi Hotspot
16 Trojan Horse Wi-Fi hijacking DoS Wi-Fi hijacking
hotspots set up in public places . hijacking
A device is classifiedas any
device that uses distinctive personally
17 Biometric VMM Router Guards Biometric
identifiable characteristics.
is the
process of identifying physical assets and
Classificationof Classification of Classificationof Classificationof
18 assigning criticality andvalue to them in Classification
platforms services assets assets
order to develop concise controls and
procedures
A area A area
designed to allow A mechanismfor designed to allow
It is trusted
A device for fire only one logical accessing only one
security
19 What is a mantrap? suppression authorized control. authorized
domain
individual individual
Which of the following is the best choice in When When When the When
When access
choosing security guard fora physical access intrusion discriminating allotted security discriminating
20 controls are in
control mechanism? detection is judgment is budget is low judgment is
place
needed required required
Closed-
Clear -circuit Clean -circuit Clone -circuit Closed-circuit
24 what is CCTV? circuit
television television television television
television
Multi device
25 Which is not characteristic of SaaS? Web Access one to many offline access offline access
support
It models the
Most are It is Anything Most are
normal usage of
28 based onsimple programmed to distinct from the based on simple
What are the characteristics ofsignature network as a
pattern interpret a certain noise is assumed patternmatching
based IDS? noise
matching series of packets to beintrusion algorithms
characterizatio
What is the number one concernabout Too Too many Security Security
29 Accessability
cloud computing? expensive platforms concerns concerns