Mcqs for Midterm of network security

1) What is network?
a) Connection + hardware
b) Hardware + software
c) data sharing + connection
d) communication + protection

2) security refers to

a) Protection from harms or unauthorized access

b) Protection from hijacking
c) protection from threats
d) prevent attacks and vulnerability

3) Different categories have ___ different security needs.

a) Businesses & organizations

b) Institutes & companies
c) States, companies & individuals
d) Military, organizations & healthcare centers

4) Software security is the study to prevent

a) Unauthorized access
b) Risks
c) Bugs in code
d) Vulnerability & risks

5) privacy refers
a) protection from unauthorized access
b) being apart from others information
c) prevent attacks and vulnerability
d) protection from accidently exploded

6) network security is the study to prevent

a) unauthorized access to data

b) connection problems
c) threats
d) from hacker’s attack

7) computer security is also known as

 a) cyber security
b) technical security
c) IT security
d) Both a & c

8) ___ needs high security.

a) Defense centers & secret services
b) Healthcare centers
c) Banks
d) Companies

9) Within the security context the central aspects are

a) Vulnerability & risk
b) Risk & threat
c) Risk & risk analysis
d) Attack & threat

10) Risk =

a) Threat * vulnerability * asset

b) Chances of attack * vulnerability
c) Threat * vulnerability
d) Attack * Threat * vulnerability

Lec#2
1) Which of the following threat means that some unauthorized party has gained access
to an asset

a) Modification
b) interruption
c) interception
d) fabrication

2) A threat can be

a) intentional
b) accidental
c) both a and b
d) none

3) If an unauthorized party not only accesses but alters with an asset, the threat is a
 a) Modification
b) interruption
c) interception
d) fabrication

4) Any action that compromise the security of information owned by organization is

a) Security attack
b) Security mechanism
c) Security service
d) None

5) Passive attack is

a) Easy to stop
b) Easy to detect
c) Hard to stop
d) None of these

6) which of the following is not the type of threat?

a) Modification
b) interruption
c) interception
d) disconnection

7) OSI security architecture designed by

a) IT mangers
b) ITU-T
c) IEEE
d) ANSI

8) In which attack an opponent(someone) deploys a sniffer tool and waits for sensitive information
to be captured

a) Active attack
b) Passive attack
c) Black hat attack
d) White hat attack

9) Passive attack focus on

 a) Recovery
b) Detection
c) Fabrication
d) Protection

10) Active Attack focus on

a) Recovery
b) Detection
c) Both a and b
d) Protection

11) Which is not belong to “interception” (threat)

a) Unauthorized access
b) Disable file management
c) Wiretapping
d) None of these

12) OSI security Architecture is

13) In Message Confidentiality, transmitted message must make sense to only intended

a) Receiver
b) Sender
c) Third Party
d) Translator

14) Output message in cryptography is called

a) plain text
b) Cipher text
c) Key
d) None of these

15) input message in cryptography is called

a) plain text
b) Cipher text
c) Key
 d) None of these

16) In cryptography

a) Information transmitted from sender to receiver

b) No information is transmitted
c) Information is damaged
d) None of the above

17) Cryptography means

a) Secret writing
b) Word processing
c) Parallel processing
d) All of the above

18) Encryption and decryption provide secrecy, or confidentiality, but not

a) Authentication
b) Integrity
c) Keys
d) Frames

19) Message confidentiality is using

a) Cipher Text
b) Cipher
c) Symmetric-Key
d) Asymmetric-Key

20) The Message is decrypted at

a) Receiver end
b) Sender end
c) Blocker device
d) May b any of these
Lec#3

21) In cryptography data is encrypted while

a) Sending
b) Receiving
c) Communicating
d) All of the above

22) Threat is

a) Risk of attack
b) Negative event that can cause attack
c) Chance of getting attack
d) All

23) The attacker pretends to somebody else is known as

a) Repudiation
b) Denial-of-service
c) Spoofing
d) Tampering with data

24) Security settings are changed to give an attacker more privileges

a) Repudiation
b) Denial-of-service
c) Spoofing
d) Tampering with data

25) When data must arrive at receiver exactly as they were sent, its called

a) Message Confidentiality
b) Message Integrity
c) Message Splashing
d) Message Sending

26) Designing a secure cipher is called

a) Cryptanalysis
b) Cryptography
c) Cryptology
d) None

27) Cryptology is called

a) Designing a secure cipher

b) Breaking the above cipher
c) Study of cryptography and cryptanalysis
d) Method of encrypting text

28) Common treat in computer setting includes

a) Repudiation
b) Denial-of-service
c) Spoofing
d) All

29) Which of the following is not Specific Security Mechanisms?

a) Encipherment
b) digital signatures
c) event detection
d) access controls

30) Pervasive Security Mechanisms includes

a) trusted functionality
b) security label
c) security audit trails
d) all
31) which is not type of threats on the security of a computer system or network

a) Interruption
b) Interception
c) Modification
 d) Creation
e) Fabrication

32) A process that is design to detect, prevent, or recover from security attack is called

a) Security service
b) Security mechanism
c) Security technique
d) Spoofing

33) Security engineering deals with

a) All aspect of security

b) Partial aspect of security
c) Tempering with data
d) All

34) Denial-of-service

a) Dos attack can make for instance website deleted

b) Dos attack can make for instance website available
c) Dos attack can make for instance website not found
d) Dos attack can make for instance website temporarily available

35) Which is wrong about Risk Analysis

a) Identify assets to protect
b) Find threat for each asset
c) Prioritize big risks only
d) Implement control for each risk

36) is a weakness which allows an attacker to reduce a system's information assurance

a) Reliability
b) Spoofing
c) Vulnerability
d) All

37) In which cipher we use 4*5 block

a) caster
b) Play fair
c) Block
d) None
 38) OSI Security Architecture Proposed by ITU-T in recommendations
a) X.800
b) X.900
c) X.100
d) X.200

Lec#4
1: Same key used for encryption and decryption in
a. Symmetric
b. Asymmetric
c. Both
d. None
2: Converting plaintext to cipher text is
a. Encipher
b. Decipher
c. Both
d. None
3: Field of both cryptography and cryptanalysis
a. Encipher
b. Decipher
c. Cryptology
d. Encryption
4: Type of encryption operations used in cryptography
a. Substitution
b. Transposition
c. Product
d. All
5: Single key also known as
a. Public
b. Private
c. Both
d. None
6: The cipher cannot be broken since the ciphertext provide insufficient information to uniquely
determine the plaintext
a. Conditional security
b. Unconditional security
c. Computational security
d. None
7: Given limited computing resources, cipher cannot be broken in
a. Conditional security
b. Unconditional security
c. Computational security
d. None
8: ROT 13 is
a. Caesar cipher
b. Polyalphabetic cipher
c. Playfair cipher
d. None
9: Playfair cipher was invented by:
a. Baron playfair
b. Charles wheatstone
c. Albert
d. David
10: Vigenere is best known example of
a. Caesar cipher
b. Polyalphabetic cipher
c. Playfair cipher
d. None
11: A cipher that encrypts data on the fly, usually one byte at at time
a. Block
b. DES
c. Stream
d. Caesar
12: cryptanalysis means
a. Breaking the code
b. Breaking the unit
c. Breaking the blocks
d. All
13. in classical cryptography, the same secret key is used for
a. Encryption
b. Decryption.
c. Both
d. None
14. Any single scheme for encryption and decryption
a. cryptographic system.
b. cryptanalysis
c. both
d. none
15. trying every possible key on a piece of ciphertext until an intelligible translation into
plaintext is obtained.
a. brute force attack
b. DES
c. stream
d. block
16. replacing an element of the plaintext with an element of ciphertext
a. Substitution
b. Transposition
c. Product
d. All
17. rearranging the order of appearance of the elements of the plaintext
a. Substitution
b. Transposition
c. Product
d. All
18. in which cipher each character of a message is replaced by a character three position down in
the alphabet.
a. Caesar cipher
b. Polyalphabetic cipher
c. Playfair cipher
d. None
19. In asymmetric key cryptography, the private key is kept by
a. sender
b. receiver
c. sender and receiver
d. all the connected devices to the network
20. Which one of the following algorithm is not used in asymmetric-key cryptography?
a) RSA algorithm
b) diffie-hellman algorithm
c) electronic code book algorithm
d) none of the mentioned

Lec#5
M.C.Q lec#5 Steganography
1. Steganography means
a. Convert writing
b. Information hiding
c. Concealing
d. All above
2. Most frequently Steganography is applied to
a. Images
b. Audio
c. Text
d. Executable Programs
3. The steganography used in past by?
a. Cryptography
b. In the form of invisible ink
c. Hide the message in head
d. Both b, c
4. The data which will have a stego-message embedded in it
a. Covertext
b. Cover-Image
c. Target file
d. All above
5. Watermarking is designed to protect
a. Intellectual property rights
b. Data
c. Key
d. Steganography
6. Steganalysis is
a. Deleting key
b. Detection of data is to hidden
c. Removing inconsistencies
d. Updating existing data
7. Steganography is used in
a. Medical
b. Miltery communication
c. Police communication
d. All above
8. Ensuring a data file has not been changed is known as
a. Verification
b. Authentication
c. Temper proofing
d. Atomicity
9. Which of the following is a steganography tool?
 a. Keylogger
b. Anubis
c. Open puff
d. Both b, c
10. Which Type attack that creates a capability to transfer information objects between
processes that are not supposed to be allowed to communicate by the computer
security policy.
a. Passive Attack
b. Active Attack
c. Both a, b
d. Covert channel