Security in Computing - Practice MCQ Questions

Multiple Choice Questions 4 Pages

APJ Abdul Kalam Technological University

Bachelor of Science in Information Technology

HDM

Contributed by

Himanshu David Mody

sr no
Question
Option _a
Opton _b
Option _c
Option_d
1
Which attack doesn’t allow a person who is
legitimate or authenticated and authorized
to use a service?
Virus BUGS Trojan horse Denial of service attack(dos)
2 What is Portability?
Can be used on multiple
platforms or can be transmitted /
transferred across. Cannot be transmitted.
Cannot be used on multiple
platofrms
Is at a fixed place and it cannot be
transferred.
3 What is Deterrence?
The action of discouraging an
event or action by instilling fear
or doubt of the consequences. Having no opinions at all
The action that leads to no
consequences. The action of encouraging everything.
4
What are the laws that cover network
intrusions that results in theft,fraud or
damage are referred as?
Public laws Hacking laws Private laws Key laws
5
What is Assessment in building a security program ?
Assessing what needs to be
protected,why and how it leads
to a strategy for improving the
security posture.
Assessing the techniques.
Assessment is not required to
build a security program.
Assessment is only for documentational
purposes.
6 What is the formal Definition of Risk?
RISK= Probablity(Threat+Exploit of vulnerability) * Cost of the Asset damaged
RISK= Profit(Threat+theft) * Cost of the Asset
RISK= Loss(Threat+theft) * Cost of the Asset
RISK= Profit(vulnerabilityt+theft) * Asset
7 What is Confidentiality?
Restriction to access for all the
users. No Restriction of access.
Restriction of access to data only
to those who are authorised to
use it.
Restriction of access to data to those
who are not authorised to use it
8 What is a threat vector? No threats exists. Where a threat can't be found.
Where a threat originates and
the path it takes to reach a
target.
Where a Threat orginates and ends
there.
9 What are Preventive controls?
Preventive controls donot block
the vulnerability.
Preventive controls blocks the
security threats before they can
exploit a vulnerability.
Preventive controls block the
security threat after they have
exploited the vulnerability.
Preventive controls donot block the
security threats.
10 What are Trojans or Trojan horse pograms? Self replicating
Depends on another code to infect
poses as a legetimate program and are activated by an unsuspecting user.
like man-in-the-middle attack
11
In which process,the user makes a provable
claim about individual identity or an
entity's identity?
Authentication Encryption Availability Authorization
12
which is an open standard for Token-based
authentication and authorization on the
internet?
HTTP basic Open authorization API key one-time password
13
ARP Stands for…. Attacker resolution protocol Address Result protocol Attacker result protocol Address Resolution Protocol
14 How does ARP Poisoning work?
ARP Poisoining works by
responding to the ARP packets.
ARP Poisoining works by
responding to the ARP requests
with Attackers MAC address.
ARP Poisoining works by
responding to the ARP requests
with Attackers PORT NUMBER..
ARP Poisoining works by responding to
the ARP requests with systems port
number.
TYBScIT Sem VI Subject : Security in Computing
Sample Questions For Self Practice
Page 1
sr no
Question
Option _a
Opton _b
Option _c
Option_d
TYBScIT Sem VI Subject : Security in Computing
Sample Questions For Self Practice
15
which backup consists of copying all of the
data that has changed since the last full
backup?
Differential Full Transaction log Incremental
16
What is an Alternative term for Onion Model?
Defense in depth Dynamic defense Defense in Domain Domain in defense
17 What is perimeter security?
It involves building virtual or
physical wall around objects of
no importance.
It involves building virtual or
physical wall around no objects
It involves building virtual or
physical wall around objects of
value.
It involves building virtual or physical
wall around objects of no great value
18
Who signs the digital certificate by using its
private key?
Cryptographer Certification Authority Sender Receiver
19
Which range of networks uses DSSS? 802.11 802.15 803 both b & c
20
Which way is correct to control your wireless signal spread ?
Antenna positioning Order sequence transmitting power
21
A radio transceiver can only transmit or receive at a given time on a given frequency, all
full duplex simplex half duplex complex
22
To send a packet, the source should know the which of the following addresses ?
MAC Address IP address DNS Both IP address and MAC Address
23
Virtual terminal protocol supports which
layer?
Application Physical Data link Presentation
24
Controlling access to network by analyzing
incoming and outgoing packets is called as
IP Filtering Data Filtering Packet Filtering Firewall Filtering
25
Network layer firewall works as a which type
of filter ?
Frame filter Packet filter Content filter Virus filter
26
_______ checks the access list that the authenticated person has.
Service Authorization Authentication Management
27
_____ is the method by which plaintext is converted from a readable form to an encoded version.
Encryption Decryption Fabrication Integrity
28
_____ is a method of protecting Information and communications through the use of codes so that only those for whom the information is intended can read and process it.
Cryptography Confidentiality Availability Encoding
29
Data travels on the internet in small pieces;
these are called ?
metadata packets Protocols Virus filter
30
As such, Bluetooth is very resistant to which
interference unless the interfering signal
covers the whole middle ISM band?
microwave radio infrared media
31
Which range of networks uses DSSS?
802.11 802.15 803 both b & c
32
The infrastructure used to support certificates in an organization is called as ______.
Public Key Infrastructure Public Key architecture Public Key Interface Private Key Encryption
33
_____ is a certificate-based system that is used to provide authentication of secure web servers and clients and to share encryption keys between servers and clients.
Transport Layer Security Secure Socket Layer Digital certificate Kerberos
34
____ security mechanism used to authenticate and provide access to a facility or system based on the automatic and instant verification of an individual's physical characteristics.
Tansport layer Password Biometric Secure Socket layer
35
_____ management is security feature controlling which resources a user can access and what actions a user can perform on those resources.
Role-based Authorization User rights Data Storage Risk
36
____ is a table that tells a computer operating system which access rights each user has to a particular system object such as a file directory or individual file.
Access Control List Role based Authorization model Digital certificate Kerberos
37
____ authorization requires the development of rules that stipulate what a specific user can do on a system.
Role-based Password-based Rule-based Certificate-based
38
Data travels on the internet in small pieces; these are called ?
metadata packets Protocols Virus filter
Page 2
sr no
Question
Option _a
Opton _b
Option _c
Option_d
TYBScIT Sem VI Subject : Security in Computing
Sample Questions For Self Practice
39
Which firewalls do not just look at the metadata; they also look at the actual data transported?
Packet filtering Application-layer Stateful packet Network Layer
40
What WLAN device provides communications management services to wireless workstations?
Antenna Network adapter Repeater Access point
41
DSSS system spreads the baseband signal by performing what to the baseband pulses with a pseudo noise sequence.
Adding Subtracting Multiplying Dividing
42
IPSs are proactive, and a false positive means a legitimate service or ___________ is being denied
guest session host network
43
Central to the ____ field are the definitions of management console and agent
guest session host IDS
44
Many __________ systems are server-based and rely on common operating systems (mainly Windows and Linux) to run their hardware interface
pop VoIP smtp snmp
45
The ___________ element (the “brains” of the operation) of a VoIP system can be either a purposed appliance, a piece of software that runs on a common or specialized server operating system
host control network control call control communication control
46
____ is the mechanism an array uses to present its storage to a host operating system.
Serial Number Packet number Logical unit number certificate id
47
Which of these are the updates released by
the product vendor which should be applied
in a timely manner?
Patches Updates Instants Data
48
What is DoS stands for?
Defense of Service Denial of service Duty of service delay of service
49
which is the process of monitoring for and
identifying specific malicious traffic ?
traffic controller intrusion controller traffic detection Intrusion detection (ID)
50
which segment can be defined as a single
logical packet domain?
session data transport network
51
Which are the two sub categories of Network layer firewall ?
State full firewall and stateless
firewall
Bit oriented firewall and byte
oriented firewall Frame firewall and packet firewall
Network layer firewall and session layer
firewall
52
Which of the following is / are the types of firewall?
Packet Filtering Firewall Dual Homed Gateway Firewall Screen Host Firewall Dual Host Firewall
53
A proxy firewall filters at which layer ? Physical layer Data link layer Network layer Application layer
54
A packet filter firewall filters at which layer ? Physical layer Data link layer Network layer or Transport layer Application layer
55
What was proposed in 1985 by noted
security laureate Dr. Dorothy E. Denning,
and it works by establishing accepted
baselines and noting exceptional
differences?
Module Anomaly detection Model Anomaly detection modern anamoly detection memory anomaly detection
56
Central to which field are the definitions of
management console and agent ?
guest session host IDS
57
which systems are server-based and rely on
common operating systems (mainly
Windows and Linux) to run their hardware
interface ?
pop VoIP smtp snmp
58
A radio transceiver can only transmit or receive at a given time on a given frequency, all
full duplex simplex half duplex complex
59
To send a packet, the source should know the which of the following addresses ?
MAC Address IP address DNS Both IP address and MAC Address
60
The protocol used to find the IP address when Mac address is given is?
RARP ARP DNS IP
61
Which connection less protocol used in transport layer in OSI reference model ?
TCP UDP IP RARP
62
The dumb device used to provide solution to connectivity in network is which one ?
hub switch modem cables
63
which is the term for establishing a
connection with a forged sender address?
spoofing threat hacking bluffing
64
What is always prohibitive (i.e., all that is not
expressly permitted is forbidden) and not
permissive?
HTTP MAC FTP SMTP
65
________________ are the most popular type of IDS, and they work by using databases of known bad behaviors and patterns.
Signature-detection or misuse IDSs
login detection protocol detection id detection
66
___________-generation IDSs are being called intrusion-prevention systems (IPSs).
First Second Third Fourth
67
IPSs are proactive, and a false positive means a legitimate service or ___________ is being denied
guest session host network
68
NAS stands for Network-_________ Storage.
Area Attack Attached Administrative
69
SAN stands for ______ Area Networks. Secure Storage Symmetric Service
Page 3
sr no
Question
Option _a
Opton _b
Option _c
Option_d
TYBScIT Sem VI Subject : Security in Computing
Sample Questions For Self Practice
70
Which is a compute resource that uses software
instead of a physical computer to run programs
and deploy apps?
Virtual Machine Operating system commercial softwares router
71
_____________ is the term for establishing a connection with a forged sender address
spoofing threat hacking bluffing
72
Network Topology is which type of layout and connection of network hardware?
logical physical dependent connected
73
In networking firewall , which systems are used for controlling traffic movement around the network?
authorized authentication autogenerated automatic
74
Who provides an isolated tunnel across a public network for sending and receiving data privately as if the computing devices were directly connected to the private network.
Visual Private Network Virtual Protocol Network Virtual Protocol Networking Virtual Private Network
75
(DACLs) stands for ___________________ directory access control lists defend access control lists discretionary access control lists data access contol lists
76
___________ is always prohibitive (i.e., all that is not expressly permitted is forbidden) and not permissive.
HTTP MAC FTP SMTP
77
_______________ requires that access control policy decisions be beyond the control of the individual owners of an objec
Mandatory access control Memory access control matadata access control data access contol lists
78
__________ is often known as a reversed version of Bell-LaPadula, as it focuses on integrity labels
TCB TCSEC Biba Sun sparc
79
Which is computer software, firmware or
hardware that creates and runs virtual
machines ?
Vmware Hypervisor Hyper V Microsoft
80
(SRM) stands for _______________ Security Role Manager Security reference manager Security Reference Monitor Security Role monitor
81
A __________________ defines a standard set of security requirements for a specific type of product (for example, operating systems, databases, or firewalls).
public profile private profile people profile protection profile
82
(EALs) stand for _____________ Enhanced assurance levels evaluation assurance levels enquiry assurance level expert assurancce level
83
What is SaaS?
Software as a Service Software as a Security Security as a Service Service as a Security
84
Which of these companies is not a leader in
Cloud computing?
Google Catalina Amazon Microsoft
85
Which is not the feature of Cloud Computing?
High Cost Reliability Security Reduced Cost
86
When choosing a location for a data center
or office
site what is most important?
survivability cost buget risk
87
Which is not characteristic of SaaS?
Multi device support Web Access one to many offline access
88
What is the major drawback of anomaly
detection IDS?
These are very slow at detection It generates many false alarms It doesn’t detect novel attacks it does not generate any alarms
89
Which of the following is the best choice in choosing security guard for a physical access control mechanism?
When intrusion detection is needed
When discriminating judgment is required
When the allotted security budget is low
When access controls are in place
90
When choosing a location for a data center or office
survivability cost buget risk
91
_____________ of the site is typically the first consideration, and with good reason.
Cost Accessibility Location Buget
92
________________ can take your entire network and communications infrastructure down with one fell swoop of a backhoe’s bucket.
Construction excavation Construction and excavation construction activities
93
what is CCTV? Closed-circuit television Clear -circuit television Clean -circuit television Clone -circuit television
94
Which is not characteristic of SaaS? Multi device support Web Access one to many offline access
95
Which device is classified as any device that
uses distinctive personally identifiable
characteristics?
Biometric VMM Router Guards
96
A hypervisor, also known as a _______________________
VCM VMM VMC VVM
97
What is NAT? Network Address Transcoder Net Address Translation Network Address Translation Network Addition Translation
98
DNS stand for… Dynamic network system Data name system Dynamic name system Domain Name System
99
What is Encryption? Process of encoding information Process of analyzing information Process of decoding information Caligraphy
100
What is Decryption? Process of encoding information Process of analyzing information Process of decoding information Caligraphy
Page 4