Security in Computing MCQs

Unit I
1. Which of the following is not a layer of security?
a. Physical Security
b. Intermediate Security
c. Operations Security
d. Network Security
2. VPN stands for ______
a. Visual Private Network
b. Visual Private Networking
c. Virtual Private Network
d. Virtual Private Networking
3. Which of the following is not a benefit of Security Program?
a. Business Agility
b. Cost Reduction
c. Portability
d. Frees RAM
4. Firewalls, network access control, spam and malware filtering are ______ types of controls
a. Defensive
b. Detective
c. Deterrent
d. Managerial
5. Which of the following is not a type of detective control?
a. Surveillance camera
b. Web content filtering
c. Motion sensors
d. Car alarm systems
6. A ______ analysis compares the desired state of the security program with the current state and
identifies the differences
a. risk
b. security
c. remedy
d. gap
7. A ________ is a plan of action for how to implement the security remediation plans.
a. Incident plan
b. Response plan
c. Roadmap
d. Risk plan
8. The actions that should be taken when security event occurs are defined in the_________
a. Project Plan
b. Remedy Plan
c. Incident response plan
d. Policy plan
9. “The job of the attacker is difficult than the job of the defender”
a. False
b. True
10. What is transitive Security?
a. All security controls need not complement each other and each should be equally as strong as
the others
b. All security controls need not complement each other and should be unequal
c. All security controls should complement each other and each should be equally as strong as
the others
d. All security controls should complement each other and should be unequal

Unit II

11. ___________ is an attempt to trick the victim into disclosing personal information
a. Hijacking
b. Theft
c. Phishing
d. Packet sniffing
12. The HTTP cookies used to maintain a session on a website is stolen by attacker and now
attacker is using it to gain access to privileged information posing as a genuine user.
What type of attack is this?
a. Hijacking
b. Theft
c. Phishing
d. Packet sniffing
13. A _____ type of attack is an attempt to make a computer resource unavailable to its intended
users.
a. Application failure
b. Outage
c. Denial of Service
d. Backup failure
14. _____ is any unexpected downtime or unreachability of a computer system or network
a. Application failure
b. Outage
c. Denial of Service
d. Backup failure
15. __________improves security through control of the connections between hosts and storage
array
a. Server
b. Offsite Data Storage
c. Arrays
d. Post-based Zoning

16. How many layers are there in Database Security?

a. 3
b. 7
c. 5
d. 8
17. Once a legitimate user has connected to the server, the user will be given only permissions that
are granted to that login.This process is generally known as ___________
a. Authentication
b. Protection
c. Authorization
d. None of the above
18. Which of the following are application level threats to Database?
a. XSS attack
b. Phishing
c. Cookie Poisoning
d. Theft
19. Which of the following are type of Database backups?
 a. Half Backup
b. Full Backup
c. Transaction log backup
d. Semi Backup
20. Which of the following are Database Monitoring software?
a. DB2
b. Oracle Database 12c
c. Windows performance toolkit
d. SolarWinds Database Performance Analyser

Unit III
21. In DMZ configuration the____ layer consists web server that interacts with end users whereas
the _____ layer contains logic necessary for processing those queries and extracting the data
that is stored in DB.
a. Presentation, session
b. Session, presentation
c. Application, presentation
d. Presentation, application

22. Media Access Control (MAC) is also known as _____, _______

a. Internet Address
b. Hardware Address
c. Physical Address
d. Network Address
23. _______________ is one of the most effective and hard-to-defend attack technique.
a. Hijacking
b. Packet Sniffing
c. ARP Poisoning
d. Data Theft
24. Select two protocols of Application layer
a. IMAP
b. POPS
c. UDP
d. TCP
25. Which of the following are routing Protocol?
a. ICMP
 b. RIP
c. OSPF
d. HTTP
26. Which 2 protocols are required by access devices to perform device-level AAA communication?
a. RADIUS
b. SNMP
c. TACACS
d. UDP

27. Echo request, replies are more commonly known as ____

a. Reiteration
b. Reverberation
c. Resounding
d. Ping
28. ____________ is a type of attack in which the attacker sends ICMP traffic to the broadcast
address of a number of large network, inserting the source address of the victim
a. Data Theft
b. Smurf
c. Broadcast Attack
d. MITM Attack
29. Firewall can be implemented as __________
a. Software only
b. Hardware only
c. Hardware and Software both
d. Combination of hardware and Software
30. ______ message occurs when a host sends a datagram to its(destination) gateway, which in turn
forwards the same datagram to the next gateway and this second gateway is on the same
network host
a. Fail
b. Redirect
c. Forwarded
d. Rejected
Unit IV
31. IDS stands for ________
a. Internet Detection System
b. Intrusion Detection System
 c. Information Detection System
d. Intrusion Detection Service
32. SIEM stands for _______
a. Security Information and Event Management
b. Service Information Exchange Management
c. Security Intrusion Event Management
d. Security Information Exchange Management

33. PSTN stands for _________

a. Private Switch Telecom Network
b. Public Switched Telephone Network
c. Public Service Telephone Network
d. Private System Telecom Network
34. VoIP stands for __________
a. Voice on Internet Protocol
b. Voice of Internal Protocol
c. Voice on Inter Protocol
d. Voice over Internet Protocol
35. TDM stands for _____
a. Time Division Multiplexing
b. Time Divide Management
c. Time Division Management
d. Time Depend Message
36. MAC stands for __________
a. Main Access Control
b. Mandatory Access Control
c. Management Access Control
d. Mandatory Appeal Contact

37. DACL stands for _________

a. Discretionary Access Control List
b. Discrete Access Complex List
c. Direct Access Complex List
d. Discrete Access Control List
38. RABC stands for ________
a. Right Bound Access Control
 b. Rule Bind Access Control
c. Rule-Based Access Control
d. Role Based Access Control
39. TCSEC stands for ________
a. Trusted Computer System Evolution Criteria
b. Time Complex System Evaluation Criteria
c. Time Correction System Evolution Criteria
d. Trusted Computer System Evaluation Criteria
40. PP stands for ______
a. Protection Profile
b. Probability Protection
c. Protection protocol
d. Private Profile
Unit V
41. A virtual machine is a ____________
a. Computer application
b. Computer file
c. Computer image
d. Physical computer
42. __________ is typically called an image
a. Virtual machine
b. Virtual hardware
c. Computer memory
d. Computer resources
43. For a server, the multiple OS run side-by-side with a piece of software called as____________
a. Supervisor
b. Biometric
c. Hypervisor
d. Thread

44. Virtual machine provides __________________

a. Virtual hardware
b. CPU
c. Memory
d. All of the above
45. A virtual machine usually known as_______________
 a. Operating system
b. Guest
c. File
d. Image
46. Virtual machine can be divided into _______________
a. Super VM, System VM
b. Super VM, Cloud computing
c. System VM, Process VM
d. Cloud computing, System VM
47. ______________ that support the sharing of the host computers physical resources between
multiple VM
a. System VM
b. Cloud computing
c. Process VM
d. Unsupervised VM
48. Following is not the advantage of virtual machine
a. Allow multiple OS
b. Widely available and are easy to manage and maintain
c. Multiple VM run on single physical machine
d. Offers application provisioning and disaster recovery option
a. Coding phase
b. Monitoring phase
c. Testing phase
49. Cloud computing resource are ______________
a. IaaS
b. PaaS
c. SaaS
d. All of the above
50. Web application sort into ______________ categories
a. 1
b. 2
c. 3
d. 4