Professional Documents
Culture Documents
MCQ 7
MCQ 7
MCQ 7
Unit I
1. Which of the following is not a layer of security?
a. Physical Security
b. Intermediate Security
c. Operations Security
d. Network Security
2. VPN stands for ______
a. Visual Private Network
b. Visual Private Networking
c. Virtual Private Network
d. Virtual Private Networking
3. Which of the following is not a benefit of Security Program?
a. Business Agility
b. Cost Reduction
c. Portability
d. Frees RAM
4. Firewalls, network access control, spam and malware filtering are ______ types of controls
a. Defensive
b. Detective
c. Deterrent
d. Managerial
5. Which of the following is not a type of detective control?
a. Surveillance camera
b. Web content filtering
c. Motion sensors
d. Car alarm systems
6. A ______ analysis compares the desired state of the security program with the current state and
identifies the differences
a. risk
b. security
c. remedy
d. gap
7. A ________ is a plan of action for how to implement the security remediation plans.
a. Incident plan
b. Response plan
c. Roadmap
d. Risk plan
8. The actions that should be taken when security event occurs are defined in the_________
a. Project Plan
b. Remedy Plan
c. Incident response plan
d. Policy plan
9. “The job of the attacker is difficult than the job of the defender”
a. False
b. True
10. What is transitive Security?
a. All security controls need not complement each other and each should be equally as strong as
the others
b. All security controls need not complement each other and should be unequal
c. All security controls should complement each other and each should be equally as strong as
the others
d. All security controls should complement each other and should be unequal
Unit II
11. ___________ is an attempt to trick the victim into disclosing personal information
a. Hijacking
b. Theft
c. Phishing
d. Packet sniffing
12. The HTTP cookies used to maintain a session on a website is stolen by attacker and now
attacker is using it to gain access to privileged information posing as a genuine user.
What type of attack is this?
a. Hijacking
b. Theft
c. Phishing
d. Packet sniffing
13. A _____ type of attack is an attempt to make a computer resource unavailable to its intended
users.
a. Application failure
b. Outage
c. Denial of Service
d. Backup failure
14. _____ is any unexpected downtime or unreachability of a computer system or network
a. Application failure
b. Outage
c. Denial of Service
d. Backup failure
15. __________improves security through control of the connections between hosts and storage
array
a. Server
b. Offsite Data Storage
c. Arrays
d. Post-based Zoning
Unit III
21. In DMZ configuration the____ layer consists web server that interacts with end users whereas
the _____ layer contains logic necessary for processing those queries and extracting the data
that is stored in DB.
a. Presentation, session
b. Session, presentation
c. Application, presentation
d. Presentation, application