Title | Sic all merged mcq - Security in computing mcq |
---|---|
Author | Warebi Karebi |
Course | business analytics |
Institution | Jadavpur University |
Pages | 94 |
File Size | 2.2 MB |
File Type | |
Total Downloads | 121 |
Total Views | 488 |
Sample MCQSr. No.Sample MCQ option1 option2 option3 option1 ___ means to include the right level of responsibility and authorization to be effective.Assessment Framework Planning Authority2 ___ are the day-today practices of the individuals and technologies assigned to the protection of assets.Strat...
Sample MCQ Sr. Sample MCQ No.
1 2
3 4 5 6 7 8
option1
___ means to include the right level of Assessment responsibility and authorization to be effective. ___ are the day-today practices of the Strategic planning individuals and technologies assigned to the protection of assets. FUD stands for ___________ fear,understanding,defe nse ____ typically arrive in documents, executable Threat files, and e-mail. If the virus stays in memory after it is executed, parasitic virus it is called a ____. viruses placing themselves at the end of a file overwriting virus are called ____. which of the following is an example of content Email attack attack? What does CIA stand for ___
option2
option3
Framework
Planning Security Tactics
option4
y Security
fact,uncertainity,defense None of the Above Trojen
worm
overwriting virus
stealth viruses
s
parasitic virus
stealth virus
packet Injector
buffer overfolw
Central Agency
Intelligence Cyber security Cyber security, ,Investigation Agency Internet, Accessibility 9 The attack surface of the operating system is Installing unnecessary Allowing access to Giving administrative reduced by _____________ software everyone privileges to everyone. 10 SSL stands for? Secured Shell Layer System Socket Layer System Secured Layer 11 What is Authentication ? Encryption Access Modification 12 Which list ACL is composed of ? Permission SID Access control rejection
13 The process of transforming plain text into Decryption unreadable text. 14 What is the name of the group that IBM have formed in 1970's to design a block cipher to protect customer data? 15 DES stands for? 16 What is full form of LUNs? 17 What is full form of NAS? New-attached storage 18 Using tools to capture network packets is called Packet spoofing ____ 19 ----- Command specifies that a particular user REVOKE or role will have access to perform specific action on database objects 20 Microsoft SQL Server database platform uses a 1527 default TCP port of ________ 21 The main layer of The Cisco Hierarchical Internetworking model. 22 TCP/IP previously used by______ DECNET 23 The protocol used to find the mac Address RARP when IP Address is given. 24 ____________ is a routing protocol. Internet protocol 25 ADCs stands for____ 26
Which of the following is the types of firewall?
l 27 Network layer firewall works as a __________ Frame filter 28 CSMA/CA is based on receiving a positive response ……………………. For every successfully transmitted frame
Stream Cipher Group
Network Security
Information Hiding
Block Cipher Group
Cipher Suites Group
Data Encryption Statistics Data Encryption System Data Encryption Sequence linear unit numbers linear uniary numbers linear uniion numbers New-available storage Neutral attached storage Packet relay Packet replay G
UPDATE
DENY
1
3306
8080 Performance
ISO-NET DNS
DECNET IP
Hyper text transfer protocol User datagram protocol Application Data Application Device Apply Delivery Composers Controllers Controllers Dual Homed Gateway Screen Host Firewall Dual Host Firewall Firewall r Content filter Virus filter reply request
29 One way to control your wireless signal spread Order is correct __________________ 30 There are ________ generic types of antennas, 4 which can be further divided into subtypes 31 Which is true of a signature-based IDS? It cannot work with an IPS. 32 Full Form of SIEM? Secure Internet and Environment Management.
sequence
transmitting power
2
5
It detects never-before- It works best in large seen anomalies. enterprises. System Interface and Serial interface and Event Management Event log Managements. Penetration identification. Profile based Machine based.
33 In which approach references a baseline pattern of normal system activity to identify active intrusion? 34 Which of the following is the most commonly SDP IMS used VoIP standard? 35 PBX stands for ______ public Branch Element Public Branch Exchange
36 Session Intiation Protocol(SIP) , has a Domain mechanism that finds the ___ 37 Bell-Lapadula model was revolutionary when it 1969 was published in 38 Which if the following is not the functionality of I a Discretionary access control. 39 Common criteria part _____ details the specific 1 security functional requirements and details a criterion for expressing the security functional requirements for target of evaluation 40 Which of these is not a major type of cloud computing usage?
MGCP Private Branch Element
System
Terminal 1987
1990
b) Work well in Not suited for the effective for private commercial and military web site. etc academic sector. 3 4
Platform Service
as
a Software Service
as
a Infrastucture Service
as
a
41 42 43
44
45 46
How many types of service model are mainly 1 present in Cloud? Which of the following is not cloud deployment Public model? A ___________ program must be conducted for development teams which includes technical security awareness training and role-specific training. Application security is mainly controlled by the ____________ of the application, as he/she requires extensive knowledge about various Server areas like GUI, network connectivity, OS interaction and sensitive data management for writing secure programs. One of the following is a disadvantage of custom web administration. SDL stands for ____________.
y
2
3
Private
Hybrid
Security coding
Security Testing
encryption Safe Lifecycle
47 which One of the following comes under the Air-conditioners Token category of Technical equipment. 48 Antitailgating mechanism is used to prevent All Authorized _________________ person from closely following an authorized person through an open door. 49 What is a critical part of physical security? Guard Dogs Fences 50 DNS Stands for ____
Domain Service
Name D
Documentation
Client
Company
specific OS
complex graphics
Design Significant Development Lifecycle Fax machine
Secure Lifecycle
Design
Credit-cards
Both Authorized Few Authorized and Unauthorized
Layered Access Control Data Name Service Data Name System
1. ___________are used to educate employees, business partners, and other stakeholders about what behaviours are expected of them, what actions they should take under various circumstances to comply with security policies a. b. Training Program c. Notes d. All of the above 2. You can never be _____________percent secure about security. a. 10% b. 20% c. 30% d. 3. Which is not a part of Building a Security Program a. Authority b. Framework c. Planning d.
4. The basic assumptions of security are as follows a. We want to protect our assets. b. There are threats to our assets. c. We want to mitigate those threats. d. 5. Advanced persistent threats (APTs) means a. An attacker connects to a web site with a SQL server back-end database b. Try to guess passwords c. Connect and intercept the victim’s network traffic d.
6. Which of the following is not a proper method for email security? a. Use Strong password b. Spam filters and malware scanners c. d. Use email encryption
7. Which among the following is a method that could be implemented to minimize the risk of a successful attack? a. b. By sharing passwords with unknown people c. By allowing mobile codes to be run without malware scanning d. By not using firewall 8. The attack surface of the operating system is reduced by _____________ a. Installing unnecessary software b. c. Allowing access to everyone d. Giving administrative privileges to everyone.
9. _____________ is a famous technological medium for the spread of malware. a. Pen drive b. Cloud c. Antivirus d. 10. SSL stands for? a. b. Secured Shell Layer c. System Socket Layer d. System Secured Layer 11. Adopting encryption techniques improve ______________ A. Performance B. C. Reliability D. Longevity 12. Which is the best practice in the firewall domain environment? a. Create two domain trusted and untrusted b. Create strong network c. d. Allow access to everyone 13. Encryption in databases can be done a. b. Through VPN c. Providing passwords d. Restricting Access
.
14. The most commonly used method of controlling data access is a. cursors b. c. trigger d. sequence 15. What is WIDS a. Wireless Internet Design Service b. Wide Internet Design System c. d. Wireless Intrusion Definition System 16. _______attempt to guess a password by trying all the character combinations listed in an accompanying dictionary. a. b. File-system transversals c. SQL injection attacks d. Permutation 17. Scrambling the data according to a secret key is known as? a. Caesar Cipher b. Decryption c. Code cracking d. 18. The process of making the encrypted text readable again is called ___________ a. b. Encryption c. Network Security d. Information Hiding 19. ____________ is the risk of loss of information, such as confidential data or intellectual property, through intentional or unintentional means a. b. Theft c. Exposure d. Forwarding 20. The _________________ is the original message before transformation. a. Cipher text b. c. Secret text d. Simple text
21. ______risks affect both the validity of information and the assurance that the information is correct. a. b. Avialability c. Confidentiality d. Authority 22. Switches and Firewall come under the category of _______________ assets a. Technical equipment b. Computer equipment c. Communication equipment d. 23. While entering or leaving the internal network, firewalls examine which of the following? a. emails users b. updates c. connections d. s 24. Which of the below defines the packet filtering firewall rules. a. t b. Protocols c. Policies d. Ports 25. What does IP mean? a. Instance protocol b. l c. Instant Protocol d. Intellectual property
Category: I
Marks: 1
1. Which of the following is independent malicious program that need not any host program? a. b. c. d. Answer:
Trap Doors Worm Trojan Horse Viruses Worm
2. Which of the following malicious program do not replicate automatically? a. b. c. d. Answer:
Trap Doors Worm Trojan Horse Viruses Trojan Horse
3. In computer security, ……………………. means that computer system assets can be modified only by authorized parities a. b. c. d. Answer:
Confidentiality Integrity Availability Authenticity Integrity
4. The three D’s of security a. b. c. d.
Defense, Detection ,Divide Defend ,Detect ,Dig Defense ,Deterrence ,Detection Divide ,Disguise ,Detect
Answer : Defense ,Deterrence ,Detection 5. You are never ____________ percent secure. a. 70 b. 80
c. 100 d. 90 Answer:
100
6. What is the function of a firewall? a. b. c. d. Answer:
protects the computer in case of fire Block or screen out spam Prevents the CPU from being overheated Helps to prevent outsiders from obtaining unauthorized access Helps to prevent outsiders from obtaining unauthorized access
7. __________ is the act of capturing packets of data flowing across a computer network a. b. c. d. Answer:
packet catching packet snipping packet sniffing packet pulling
packet sniffing
8. ___________condition exists when a program attempts to put more data in a buffer than it can hold a. b. c. d. Answer:
buffer overflow buffer fill buffer overrun buffer full
buffer overflow
9. ___________is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet a. b. c. d. Answer :
ARP Protocol ARP sniffing ARP poisoning ARP cracking
ARP poisoning
10. Authentication is the process by which people prove they are who they say they are a. b. Answer :
true false
True
11. ___________ a. b. c. d. Answer:
is a network authentication system based on the use of tickets.
Kerberos Railway SSL TLS Kerberos
12. Secure Sockets Layer (SSL) is a certificate-based system that is used to provide authentication of secure web servers and clients and to share encryption keys between servers and clients
a. b.
True False
Answer :
True
13. A _________algorithm simply replaces each character in a message with another character a. b. c. d.
substitution transposition. cipher decipher
Answer:
substitution
14. CIA triad focuses on three aspects of information protection. a. b. c. d.
Confidentiality, Interest, and Availability Confidentiality, Integrity, and Availability Confidence, Integrity, and Availability Confidentiality, Integrity, and Authentication
Answer :
Confidentiality, Integrity, and Availability
15. A better approach is the lollipop model of security. It is a layered strategy, often referred to as defense in depth a. b.
True False
Answer: False 16. In _________________cryptography the same secret key is used by the sender and the receiver. a. b. c. d. Answer:
symmetric-key asymmetric-key digital certificate digital signature symmetric-key
17. A ________________issues, catalogs, renews, and revokes certificates under the Management of a policy and administrative control. a. b. c. d.
Certification authority Registration authorithy Revocation Authority Digital authority
Answer:
Certification authority
18. _________________defines the protection against denial by one of the parties in a communication a. b. c. d.
authentication non repudiation confidentiality Integrity
Answer:
non repudiation
19. With one predefined command, the attacker can cause all the zombies tobegin to attack another remote system with a distributed denial of service (DDoS) attack a.
True
b. Answer:
False True
20. If the virus executes, does its damage, and terminates until the next time it is executed, it is known as a __________________ a. b. c. d.
nonresident virus stealth virus overwriting virus prepending virus
Answer :
nonresident virus
1. The ____________security program must include the right level of responsibility and authorization to be effective. a. b. Framework c. Planning d. Gap Analysis 2. ________________for the use of software, computer systems, and networks should be clearly documented for the sake of the people who use these technologies a. Rules b. c. Program d. Network 3. A _________________ is a plan of action for how to implement the security remediation plans. a. Planning b. Road c. d. Gap Analysis 4. ______________is concerned with protecting information in all its forms, whether written, spoken, electronic, graphical, or using other methods of communication. a. I b. Network Security c. Computer Security d. Graphics Security 5. ___________is an important asset. a. b. Algorithm c. Program d. All of the Above 6. FUD stands for ___________ a. fear,understanding,defense b. c. fact,uncertainity,defense d. None of the Above 7. The field of __________ is concerned with protecting assets in general a. Network b. Information c. d. Program 8. The basic assumptions of security are as follows a. We want to protect our assets. b. There are threats to our assets. c. We want to mitigate those threats. d. 9. __________Assessing what needs to be protected, why, and how leads to a strategy for improving the security posture. a. b. Planning
10.
11.
12.
c. Frame Work d. Roadmap A universal truth of security, regardless of the application, is that the job of the attacker is always ___________ than the job of the defender. a. Difficult b. c. Moderate d. None of the Above The three Ds of security are _____________ a. delete,desired,defect b. c. Defect,Deterrent,Dial d. None of the Above A ______________ compares the desired state of the security program with the actual current state and identifies the differences. risk analysis Remediation planning
a. b. c. d. Planning 13. ___________are used to educate employees, business partners, and other stakeholders about what behaviours are expected of them, what actions they should take under various circumstances to comply with security policies a. s b. Training Program c. Notes d. All of the above 14. You can never be _____________percent secure about security. a. 10% b. 20% c. 30% d. 15.Which is not a part of Building a Security Program a. Authority b. Framework c. Planning d.
Security in Computing Unit 1 Chapter 2 1.
A ________________is a term used to describe where a threat originates and the path it takes to reach a target. a. r b. Malicious mobile code
c. Advanced Persistent Threats
d. Manual attacks 2
_________Viruses infect the data running on top of an application by using the program’s macro or scripting language a. Boot sector b. c. Computer worm d. Trojans
3.
______ is a self-replicating program that uses other host files or code to replicate a. Malicious mobile code b. Content Attack c. d. DNS spoofing
4.
Which one of the following is not an Application layer attack a. Content Attack b. Buffer overflow c. d. Password cracking
5.
A ____ virus prove that a virus can steal private encryption keys
6.
a. b. Remote access Trojan c. Bugbear d. Nimda ____________is used in distributed denial of service (DDoS) attack a b. Bugbear c. Js.ExitW d. Remote access Trojans
7
Which one of the following is common content attack a. b. DHCP Poisoning c. ARP poisoning d. Packet Sniffing
8
The formal definition of risk is a. b. Risk = Probability (Threat + Cost of Asset Damage) * Exploit of Vulnerability c. Risk = Probability (Exploit of Vulnerability + Cost of Asset Damage) * Threat d. Risk = Probability (Exploit of Vulnerability + Cost of Asset Damage+ Threat )
9
_______attempt to guess a password by trying all the character combinations listed in an accompanying dictionary. a. b. c. d.
Brute-force tools File-system transversals SQL injection attacks Permutation
10 ____ is a type of man-in-the-middle attack in which server IP address that a user connects to is also applied to the attacker’s system a. b. c. d.
DNS spoofing attack I ICMP Poisoning Intrusion prevention system
11 Packet sniffing attack is also known as a. b. Spoofing attack c. Address flooding d. MAC flooding 12 _________ is an attack that is tailored to a specific individual rather than broadcast to everyone. a. MAC Phishing b. IP Phishing c. d. Injection attack 13 The process of manipulating a web application to run SQL commands sent by an attacker is referred as ____ a. b. MAC injection c. Phishing d. DNS Spoofing 14 Advanced persistent threats (APTs) means a. An attacker connects to a web site with a SQL server back-end database b. Try to guess passwords c. Connect and intercept the...