cwipedia.

in

Network and Information Security

MCQ Question Bank
1. Message_____ means that the data must arrive at the receiver exactly as sent.

A) confidentiality

B) integrity

C) authentication

D) none of the above

Answer: Option B

2. Message _______ means that the receiver is ensured that the message is coming
from the intended sender, not an imposter.

A) confidentiality

B) integrity

C) authentication

D) none of the above

Answer: Option C

3. A(n) ________function creates a message digest out of a message.

A) encryption

B) decryption

C) hash

D) none of the above

cwipedia.in

Answer: Option C

4. The secret key between members needs to be created as a ______ key when two
members contact KDC.

A) public

B) session

C) complimentary

D) none of the above

Answer: Option B

5. The ________ criterion ensures that a message cannot easily be forged.

A) one-wayness

B) weak-collision-resistance

C) strong-collision-resistance

D) none of the above

Answer: Option B

6. A(n) _____ is a trusted third party that assigns a symmetric key to two parties.

A) KDC

B) CA

C) KDD

D) none of the above

Answer: Option A
cwipedia.in

7. A witness used in entity authentication is ____________.

A) something known

B) something possessed

C) something inherent

D) all of the above

Answer: Option D

8. A _______ message digest is used as an MDC.

A) keyless

B) keyed

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option A

9. A(n)______ creates a secret key only between a member and the center.

A) CA

B) KDC

C) KDD

D) none of the above

Answer: Option B
cwipedia.in

10. ________ means to prove the identity of the entity that tries to access the system’s
resources.

A) Message authentication

B) Entity authentication

C) Message confidentiality

D) none of the above

Answer: Option B

11. A ________ signature is included in the document; a _______ signature is a

separate entity.

A) conventional; digital

B) digital; digital

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option A

12. If _________ is needed, a cryptosystem must be applied over the scheme.

A) integrity

B) confidentiality

C) nonrepudiation

D) authentication

Answer: Option B

13. Digital signature provides ________.

cwipedia.in

A) authentication

B) nonrepudiation

C) both (a) and (b)

D) neither (a) nor (b)

Answer: Option C

14. Digital signature cannot provide ________ for the message.

A) integrity

B) confidentiality

C) nonrepudiation

D) authentication

Answer: Option B

15. To authenticate the data origin, one needs a(n) _______.

A) MDC

B) MAC

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option B

16. A(n) _________ can be used to preserve the integrity of a document or a message.

A) message digest

B) message summary
cwipedia.in

C) encrypted message

D) none of the above

Answer: Option A

17. Challenge-response authentication can be done using ________.

A) symmetric-key ciphers

B) asymmetric-key ciphers

C) keyed-hash functions

D) all of the above

Answer: Option D

18. The _______criterion ensures that we cannot find two messages that hash to the
same digest.

A) one-wayness

B) weak-collision-resistance

C) strong-collision-resistance

D) none of the above

Answer: Option C

19. A digital signature needs a(n)_________ system.

A) symmetric-key

B) asymmetric-key

C) either (a) or (b)

D) neither (a) nor (b)

cwipedia.in

Answer: Option B

20. A(n) ________is a federal or state organization that binds a public key to an entity
and issues a certificate.

A) KDC

B) Kerberos

C) CA

D) none of the above

Answer: Option C

21. Message ________ means that the sender and the receiver expect privacy.

A) confidentiality

B) integrity

C) authentication

D) none of the above

Answer: Option A

22. In ________ authentication, the claimant proves that she knows a secret without
actually sending it.

A) password-based

B) challenge-response

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option B
cwipedia.in

23. In _______, a claimant proves her identity to the verifier by using one of the three
kinds of witnesses.

A) message authentication

B) entity authentication

C) message confidentiality

D) message integrity

Answer: Option B

24. The _______ criterion states that it must be extremely difficult or impossible to
create the message if the message digest is given.

A) one-wayness

B) weak-collision-resistance

C) strong-collision-resistance

D) none of the above

Answer: Option A

25. A(n) ______ is a hierarchical system that answers queries about key certification.

A) KDC

B) PKI

C) CA

D) none of the above

Answer: Option C
cwipedia.in

26. _________ means that a sender must not be able to deny sending a message that
he sent.

A) Confidentiality

B) Integrity

C) Authentication

D) Nonrepudiation

Answer: Option D

27. A hash function must meet ________ criteria.

A) two

B) three

C) four

D) none of the above

Answer: Option B

28. __________ is a popular session key creator protocol that requires an

authentication server and a ticket-granting server.

A) KDC

B) Kerberos

C) CA

D) none of the above

Answer: Option B

29. Password-based authentication can be divided into two broad categories: _______
and _______.
cwipedia.in

A) fixed; variable

B) time-stamped; fixed

C) fixed; one-time

D) none of the above

Answer: Option C

30. _________ operates in the transport mode or the tunnel mode.

A) IPSec

B) SSL

C) PGP

D) none of the above

Answer: Option A

31. IKE creates SAs for _____.

A) SSL

B) PGP

C) IPSec

D) VP

Answer: Option C

32. ______ provides either authentication or encryption, or both, for packets at the IP
level.

A) AH

B) ESP

C) PGP
cwipedia.in

D) SSL

Answer: Option B

33. One security protocol for the e-mail system is _________.

A) IPSec

B) SSL

C) PGP

D) none of the above

Answer: Option C

34. Typically, ______ can receive application data from any application layer protocol,
but the protocol is normally HTTP.

A) SSL

B) TLS

C) either (a) or (b)

D) both (a) and (b)

Answer: Option D

35. IKE is a complex protocol based on ______ other protocols.

A) two

B) three

C) four
cwipedia.in

D) five

Answer: Option B

36. IPSec defines two protocols: _______ and ________.

A) AH; SSL

B) PGP; ESP

C) AH; ESP

D) all of the above

Answer: Option C

37. In the ______ mode, IPSec protects information delivered from the transport layer
to the network layer.

A) transport

B) tunnel

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option A

38. ______ is the protocol designed to create security associations, both inbound and
outbound.

A) SA

B) CA

C) KDC
cwipedia.in

D) IKE

Answer: Option D

39. A _______network is used inside an organization.

A) private

B) public

C) semi-private

D) semi-public

Answer: Option A

40. SSL provides _________.

A) message integrity

B) confidentiality

C) compression

D) all of the above

Answer: Option D

41. The Internet authorities have reserved addresses for _______.

A) intranets

B) internets

C) extranets

D) none of the above

cwipedia.in

Answer: Option D

42. An _________ is a network that allows authorized access from outside users.

A) intranet

B) internet

C) extranet

D) none of the above

Answer: Option C

43. _________ is a collection of protocols designed by the IETF (Internet Engineering

Task Force) to provide security for a packet at the network level.

A) IPSec

B) SSL

C) PGP

D) none of the above

Answer: Option A

44. IKE uses _______.

A) Oakley

B) SKEME

C) ISAKMP

D) all of the above

cwipedia.in

Answer: Option D

45. IPSec uses a set of SAs called the ________.

A) SAD

B) SAB

C) SADB

D) none of the above

Answer: Option C

46. An ________ is a private network that uses the Internet model.

A) intranet

B) internet

C) extranet

D) none of the above

Answer: Option A

47. ______ is actually an IETF version of _____.

A) TLS; TSS

B) SSL; TLS

C) TLS; SSL

D) SSL; SLT
cwipedia.in

Answer: Option C

48. In ______, there is a single path from the fully trusted authority to any certificate.

A) X509

B) PGP

C) KDC

D) none of the above

Answer: Option A

49. The combination of key exchange, hash, and encryption algorithms defines a
________ for each SSL session.

A) list of protocols

B) cipher suite

C) list of keys

D) none of the above

Answer: Option B

50. A ______ provides privacy for LANs that must communicate through the global
Internet.

A) VPP

B) VNP

C) VNN

D) VPN
cwipedia.in

Answer: Option D

51. _______ uses the idea of certificate trust levels.

A) X509

B) PGP

C) KDC

D) none of the above

Answer: Option B

52. IPSec in the ______ mode does not protect the IP header.

A) transport

B) tunnel

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option A

53. ________ provides privacy, integrity, and authentication in e-mail.

A) IPSec

B) SSL

C) PGP

D) none of the above

cwipedia.in

Answer: Option C

54. In _____, there can be multiple paths from fully or partially trusted authorities.

A) X509

B) PGP

C) KDC

D) none of the above

Answer: Option B

55. ______ provides authentication at the IP level.

A) AH

B) ESP

C) PGP

D) SSL

Answer: Option A

56. In _______, the cryptographic algorithms and secrets are sent with the message.

A) IPSec

B) SSL

C) TLS

D) PGP

Answer: Option D
cwipedia.in

57. ______ is designed to provide security and compression services to data generated
from the application layer.

A) SSL

B) TLS

C) either (a) or (b)

D) both (a) and (b)

Answer: Option D

58. _______ provide security at the transport layer.

A) SSL

B) TLS

C) either (a) or (b)

D) both (a) and (b)

Answer: Option D

59. The _______ mode is normally used when we need host-to-host (end-to-end)
protection of data.

A) transport

B) tunnel

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option A
cwipedia.in

60. In the _______ mode, IPSec protects the whole IP packet, including the original IP
header.

A) transport

B) tunnel

C) either (a) or (b)

D) neither (a) nor (b)

Answer: Option B

61. ______ was invented by Phil Zimmerman.

A) IPSec

B) SSL

C) PGP

D) none of the above

Answer: Option C

62. A _______ layer security protocol provides end-to-end security services for
applications.

A) data link

B) network

C) transport

D) none of the above

Answer: Option C
cwipedia.in

63. In PGP, to exchange e-mail messages, a user needs a ring of _______ keys.

A) secret

B) public

C) either (a) or (b)

D) both (a) and (b)

Answer: Option B
 Cwipedia.in​ NIS 22620 QB1

Question Bank 1

1. Which of the following is an anti-virus program

A. Norton
B. K7
C. Quick heal
D. All Of These

D. All of these

2. All of the following are examples of real security and privacy threats except:
A. Hackers
B. Virus
C. Spam
D. Worm

C. Spam

Explanation : ​Spam​ or ​SPAM​ may refer to:

● Spamming, unsolicited or undesired electronic messages

● Email spam, unsolicited, undesired, or illegal email messages
● Messaging spam, spam targeting users of instant messaging (IM)
services, sms or private messages within websites
 Cwipedia.in​ NIS 22620 QB1

3. Trojan horses are very similar to virus in the matter that they are computer
programs that replicate copies of themselves
A. True
B. False

B. False

4. _____________ monitors user activity on internet and transmit that

information in the background to someone else.
A. Malware
B. Spyware
C. Adware
D. None of these

B. Spyware

5. Viruses are __________.

A. Man Made
B. Naturally occur
C. Machine made
D. All of the above

A. Man made

6. Firewall is a type of ____________.

A. Virus
B. Security threat
 Cwipedia.in​ NIS 22620 QB1

C. Worm
D. None Of The Above

D. None of the above

Explanation : a ​firewall ​is a network security system that monitors and

controls incoming and outgoing network traffic based on predetermined
security rules

7. Unsolicited commercial email is known as ____________.

A. Spam
B. Malware
C. Virus
D. Spyware

A. Spam

8. Which of the following is not an external threat to a computer or a computer

network
A. Ignorance
B. Trojan horses
C. Adware
D. Crackers

A. Ignorance

9. When a person is harrassed repeatedly by being followed, called or be

written to he / she is a target of
A. Bullying
 Cwipedia.in​ NIS 22620 QB1

B. Stalking
C. Identity theft
D. Phishing

B. Stalking

Explanation : ​Stalking is unwanted or repeated surveillance by an individual

or group towards another person. Stalking behaviors are interrelated to
harassment and intimidation and may include following the victim in person or
monitoring them.

Cyberstalking is the use of the Internet or other electronic means to stalk or

harass an individual, group, or organization.It may also include monitoring,
identity theft, threats, vandalism, solicitation for sex, or gathering information
that may be used to threaten, embarrass or harass.

10. Which of the following is a class of computer threat

A. Phishing
B. Soliciting
C. DoS Attacks
D. Stalking

C. DoS attacks

Explanation : ​denial-of-service attack (​DoS attack​) is a cyber-attack in

which the perpetrator seeks to make a machine or network resource
unavailable to its intended users by temporarily or indefinitely disrupting
services of a host connected to the Internet.
 Cwipedia.in​ NIS 22620 QB1

11. A lincense allows a user to use copyrighted material.

A. True
B. False

A. True

12. It is a program or hardware device that filters the information coming

through an internet connection to a network or computer system.
A. Anti virus
B. Cookies
C. Firewall
D. Cyber safety

C. Firewall

13. It allow a visited website to store its own information about a user on the
user’s computer.
A. Spam
B. Cookies
C. Malware
D. Adware

B. Cookies

14. It is stealing ideas or creations of others.

A. Plagiarism
B. Intellectual Property Rights
C. Piracy
D. All Of The Above
 Cwipedia.in​ NIS 22620 QB1

D. All of the above

15. Hacking a computer is always illegal and punishable by law.

A. True
B. False

A. True

16. Exploring appropriate and ethical behaviours related to online

environments and digital media.
A. Cyber ethics
B. Cyber security
C. Cyber safety
D. Cyber law

A. Cyber ethics

17. Which of the following is digital certificate standard?

A. X.508
B. X.509
C. D.509
D. None of the Above

B. X.509

18. Which of the following technique is used to verify the integrity of the
message?
A. Message Digest
 Cwipedia.in​ NIS 22620 QB1

B. Digital signature
C. Decryption algorithm
D. Protocol

A. Message digest

19. Which of the following principle is violated if computer system is not

accessible?
A. Confidentiality
B. Availability
C. Access Control
D. Authentication

B. Availability

20. The certificate Authority signs the digital certificate with

A. User's public key
B. User's Private Key
C. It's own public key
D. It's Own Private Key

D. It's own Private key

21. Transit time and response time measure the _______ of a network
A. Performance
B. Reliability
C. Security
D. Longevity
 Cwipedia.in​ NIS 22620 QB1

A. Performance

22. The number of users on a network has the greatest impact on the
network's _______
A. Performance
B. Reliability
C. Security
D. none of the above

A. Performance

23. Network failure is primarily a _______ issue.

A. Performance
B. Reliability
C. Security
D. none of the above

B. Reliability

24. _______ is a network reliability issue.

A. The number of users
B. The type of transmission medium
C. The Frequency Of Failure
D. Unauthorized access

C. The frequency of failure

25. _______ is a network reliability issue.

 Cwipedia.in​ NIS 22620 QB1

A. Catastrophe
B. The number of users
C. The type of transmission medium
D. Unauthorized access

A. Catastrophe

26. Unauthorized access is a network _______ issue.

A. Performance
B. Reliability
C. Security
D. none of the above

C. Security

27. A virus is a network _______ issue.

A. Performance
B. Reliability
C. Security
D. none of the above

C. Security

28. Encryption techniques improve a network's _______

A. Performance
B. Reliability
C. Security
D. Longevity
 Cwipedia.in​ NIS 22620 QB1

C. Security

29. A _______ is illicitly introduced code that damages a network device

A. Protocol
B. Virus
C. Catastrophe
D. Medium

B. Virus

30. Passwords are used to improve the _______ of a network.

A. Performance
B. Reliability
C. Security
D. Longevity

C. Security

31. Unauthorized access and viruses are issues dealing with network
_______
A. Performance
B. Reliability
C. Security
D. none of the above

C. Security
 Cwipedia.in​ NIS 22620 QB1

32. Which of the following are network reliability issues?

A. frequency of failure
B. recovery time after a failure
C. catastrophe
D. All Of The Above

D. all of the above

33. When a hacker penetrates a network, this is a network _______ issue

A. Performance
B. Reliability
C. Security
D. none of the above

C. Security

34. When a server goes down, this is a network _______ issue.

A. Performance
B. Reliability
C. Security
D. none of the above

B. reliability

35. When an earthquake severs a fiber-optic cable, this is a network _______

issue
A. Performance
B. Reliability
C. Security
 Cwipedia.in​ NIS 22620 QB1

D. none of the above

A. Performance

36. When a network upgrades to a transmission medium with a data rate that
is 100 times faster, this improves the _______ of the network.
A. Performance
B. Reliability
C. Security
D. none of the above

A. Performance

37. A company doubles the number of nodes on its network. The greatest
impact will be on the _______ of the network
A. Performance
B. Reliability
C. Security
D. none of the above

A. Performance

38. A company changes its network configuration so that only one router
instead of two can access the Internet. The greatest impact will be on the
_______ of the network
A. Performance
B. Reliability
C. Security
D. None of the above
 Cwipedia.in​ NIS 22620 QB1

C. Security

39. A company requires its users to change passwords every month. This
improves the _______ of the network
A. Performance
B. Reliability
C. Security
D. none of the above  

C. Security

40. A company buys a computer to serve as a backup to its main server. This
will mainly affect the _______ of the network.
A. Performance
B. Reliability
C. Security
D. none of the above

B. Reliability

41. A company requires each employee to power off his computer at the end
of the day. This rule was implemented to make the network _______
A. perform better
B. more reliable
C. More Secure
D. more error-free

C. more secure
 Cwipedia.in​ NIS 22620 QB1

42. What Security tradeoff occurs while using IDS (Intrusion Detection
System)?
A. Change in permission
B. Login Failures
C. Change in privilege
D. Performance Degradation

D. Performance degradation

Explanation : An intrusion detection system (IDS) is a device or software

application that monitors a network or systems for malicious activity or policy
violations. Any malicious activity or violation is typically reported either to an
administrator or collected centrally using a security information and event
management (SIEM) system

43. EDI (Electronic Data Interchange) use

A. requires an extranet
B. requires value added network
C. Can Be Done On Internet
D. requires a corporate intranet

C. can be done on internet

Explanation : EDI is a standardized method for transferring data between

different computer systems or computer networks. It is commonly used for
e-commerce purposes, such as sending orders to warehouses, tracking
shipments, and creating invoices.

44. EDI (Electronic Data Interchange) over internet uses

 Cwipedia.in​ NIS 22620 QB1

A. MIME To Attach EDI Forms To E-Mail Messages

B. FTP to send business forms
C. HTTP to send business forms
D. SGML to send business forms

A. MIME to attach EDI forms to e-mail messages

45. For secure EDI (Electronic Data Interchange) transmission on internet

A. MIME is used
B. S/MIME Is Used
C. PGP is used
D. TCP/IP is used

B. S/MIME is used

46. EDI (Electronic Data Interchange) standard

A. is not easily available
B. Defines Several Hundred Transaction Sets For Various Business
Forms
C. is not popular
D. defines only a transmission protocol

B. defines several hundred transaction sets for various business forms

47. By security in e-Commerce we mean

(i) Protecting an organization’s data resource from unauthorized access
(ii)Preventing disasters from happening
(iii) Authenticating messages received by an organization
 Cwipedia.in​ NIS 22620 QB1

(iv) Protecting messages sent on the internet from being read and understood
by unauthorized persons/organizations
A. i, ii
B. ii, iii
C. iii, iv
D. I, Iii, Iv

D. i, iii, iv

48. A firewall is a
A. wall built to prevent fires from damaging a corporate intranet
B. security device deployed at the boundary of a company to
prevent unauthorized physical access
C. Security Device Deployed At The Boundary Of A Corporate
Intranet To Protect It From Unauthorized Access
D. device to prevent all accesses from the internet to the corporate
intranet

C. security device deployed at the boundary of a corporate intranet to protect

it from unauthorized access

49. A firewall may be implemented in

A. Routers Which Connect Intranet To Internet
B. bridges used in an intranet
C. expensive modem
D. user’s application programs

A. routers which connect intranet to internet

 Cwipedia.in​ NIS 22620 QB1

50. Firewall as part of a router program

A. filters only packets coming from internet
B. filters only packets going to internet
C. Filters Packets Travelling From And To The Intranet From The
Internet
D. ensures rapid traffic of packets for speedy e-Commerce

C. filters packets travelling from and to the intranet from the internet

51. The Secure Electronic Transaction protocol is used for

A. Credit Card Payment
B. cheque payment
C. electronic cash payments
D. payment of small amounts for internet services

A. credit card payment

52. In SET protocol a customer encrypts credit card number using

A. his private key
B. Bank’s Public Key
C. bank’s private key
D. merchant’s public key

B. bank’s public key

53. In SET protocol a customer sends a purchase order

 Cwipedia.in​ NIS 22620 QB1

A. encrypted with his public key

B. in plain text form
C. encrypted using Bank’s public key
D. Using Digital Signature System

D. using digital Signature system

54. One of the problems with using SET protocol is

A. the merchant’s risk is high as he accepts encrypted credit card
B. the credit card company should check digital signature
C. The Bank Has To Keep A Database Of The Public Keys Of All
Customers
D. the bank has to keep a database of digital signatures of all
customers

C. the bank has to keep a database of the public keys of all customers

55. The bank has to have the public keys of all customers in SET protocol as
it has to
A. Check The Digital Signature Of Customers
B. communicate with merchants
C. communicate with merchants credit card company
D. certify their keys

A. check the digital signature of customers

56. In electronic cheque payments developed, it is assumed that most of the

transactions will be
A. customers to customers
 Cwipedia.in​ NIS 22620 QB1

B. customers to business
C. Business To Business
D. banks to banks

C. business to business

57. In cheque payment protocol, the purchase order form is signed by

purchaser using
A. his public key
B. his private key
C. His Private Key Using His Signature Hardware
D. various public keys

C. his private key using his signature hardware

58. In the NetBill’s protocol for small payments for services available in the
internet
(i) the customer is charged only when the information is delivered
(ii)the vendor is guaranteed payment when information is delivered
(iii) the customer must have a certified credit card
(iv) the customer must have a valid public key
A. i, ii
B. i, ii, iii
C. i, ii, iii, iv
D. I, Ii, Iv

D. i, ii, iv

59. In NetBill’s protocol for small payments for internet services

 Cwipedia.in​ NIS 22620 QB1

(i) Key to decrypt information is sent to customer by NetBill only when there is
enough amount in debit account
(ii) The vendor supplies the key to NetBill server when he receives payment
(iii) Checksum of encrypted information received by customer is attached to
his payment order
(iv) Vendor does not encrypt information purchased by customer
A. i, ii
B. I, Ii, Iii
C. i, ii, iii, iv
D. i, ii, iv

B. i, ii, iii

60. In Electronic cash payment

A. a debit card payment system is used
B. A Customer Buys Several Electronic Coins Which Are Digitally
Signed By Coin Issuing Bank
C. a credit card payment system is used
D. RSA cryptography is used in the transactions

B. a customer buys several electronic coins which are digitally signed by coin
issuing bank

61. Main function of proxy application gateway firewall is

A. to allow corporate users to use efficiently all internet services
B. To Allow Intranet Users To Securely Use Specified Internet
Services
C. to allow corporate users to use all internet services
D. to prevent corporate users from using internet services
 Cwipedia.in​ NIS 22620 QB1

B. to allow intranet users to securely use specified internet services

62. Proxy application gateway

(i) acts on behalf of all intranet users wanting to access internet securely
(ii)monitors all accesses to internet and allows access to only specified IP
addresses
(iii) disallows use of certain protocols with security problems
(iv) disallows all internet users from accessing intranet
A. i, ii
B. I, Ii, Iii
C. i, ii, iii, iv
D. ii, iii, iv

B. i, ii, iii

63. A hardened firewall host on an intranet

(i) has a proxy application gateway program running on it
(ii)Allows specified internet users to access specified services in the intranet
(iii) Initiates all internet activities requested by clients and monitors them
(iv) prevents outsiders from accessing IP addresses within the intranet
A. i, ii
B. i, ii, iii
C. I, Ii, Iii, Iv
D. ii, iii, iv

C. i, ii, iii, iv

64. A hardened firewall host on an Intranet is

 Cwipedia.in​ NIS 22620 QB1

A. a software which runs in any of the computers in the intranet

B. A Software Which Runs On A Special Reserved Computer On
The Intranet
C. a stripped down computer connected to the intranet
D. a mainframe connected to the intranet to ensure security

B. a software which runs on a special reserved computer on the intranet

65. By encryption of a text we mean

A. compressing it
B. expanding it
C. Scrambling It To Preserve Its Security
D. hashing it

C. scrambling it to preserve its security

66. Encryption is required to

(i) protect business information from eavesdropping when it is transmitted on
internet
(ii) efficiently use the bandwidth available in PSTN
(iii) to protect information stored in companies’ databases from retrieval
(iv) to preserve secrecy of information stored in databases if an unauthorized
person retrieves it
A. i and ii
B. ii and iii
C. iii and iv
D. I And Iv

D. i and iv
 Cwipedia.in​ NIS 22620 QB1

67. Encryption can be done

A. only on textual data
B. only on ASCII coded data
C. On Any Bit String
D. only on mnemonic data

C. on any bit string

68. By applying permutation (31254) and substitution by 5 characters away

from current character (A Æ F , B Æ G etc..) the following string
ABRACADABRA becomes
A. FGWCAAADRBF
B. RABCAAADRBF
C. WFGHFFFIWGF
D. None of the above

C. WFGHFFFIWGF

69. The following ciphertext was received. The plaintext was permuted using
permutation (34152) and substitution. Substitute character by character +3 (A
Æ D, etc). The plain text after decryption is: Cipher text :PDLJDLXHVQC
A. MAIGAIUESNZ
B. IAMAGENIUSZ
C. LDPDJHPLXVZ
D. IAMAGENIUSC

B. IAMAGENIUSZ
 Cwipedia.in​ NIS 22620 QB1

70. By symmetric key encryption we mean

A. One Private Key Is Used For Both Encryption And Decryption
B. private and public key used are symmetric
C. only public keys are used for encryption
D. only symmetric key is used for encryption

A. one private key is used for both encryption and decryption

71. The Acronym DES stands for

A. Digital Evaluation System
B. Digital Encryption Standard
C. Digital Encryption System
D. Double Encryption Standard

B. Digital Encryption Standard

72. DES works by using

A. Permutation And Substitution On 64 Bit Blocks Of Plain Text
B. only permutations on blocks of 128 bits
C. exclusive ORing key bits with 64 bit blocks
D. 4 rounds of substitution on 64 bit blocks with 56 bit keys

A. permutation and substitution on 64 bit blocks of plain text

73. DES
(i) is a symmetric key encryption method
(ii) guarantees absolute security
(iii) is implementable as hardware VLSI chip
 Cwipedia.in​ NIS 22620 QB1

(iv) is a public key encryption method

A. i and ii
B. ii and iii
C. I And Iii
D. iii and iv

C. i and iii

74. DES using 56 bit keys

A. Cannot be broken in reasonable time using presently available
computers
B. Can be broken only if the algorithm is known using even slow
computers.
C. Can Be Broken With Presently Available High Performance
Computers.
D. It is impossible to break ever.

C. Can be broken with presently available high performance computers.

75. Triple DES uses

A. 168 bit keys on 64-bit blocks of plain text
B. Working On 64-Bit Blocks Of Plain Text And 56 Bit Keys By
Applying DES Algorithm For Three Rounds.
C. Works with 144 bit blocks of plain text and applies DES algorithm
once.
D. Uses 128 bit blocks of plain text and 112 bit keys and apply DES
algorithm thrice.

B. Working on 64-bit blocks of plain text and 56 bit keys by applying DES
algorithm for three rounds.
 Cwipedia.in​ NIS 22620 QB1

76. ripple DES

A. Cannot Be Broken In Reasonable Time Using Presently Available
Computers.
B. Can be broken only if the algorithm is known using even slow
computer.
C. Can be broken with presently available high performance
computers.
D. It is impossible to break ever.

A. Cannot be broken in reasonable time using presently available computers.

77. Triple DES

A. is a symmetric key encryption method
B. Guarantees Excellent Security
C. is implementable as a hardware VLSI chip
D. is public key encryption method with three keys.

B. guarantees excellent security

78. Public key encryption method is a system

A. which uses a set of public keys one for each participant in
e-Commerce
B. In Which Each Person Who Wants To Communicate Has Two
Keys; A Private Key Known To Him Only And A Public Key Which
Is Publicized To Enable Others To Send Message To Him.
C. which uses the RSA coding system.
D. which is a standard for use in e-Commerce.
 Cwipedia.in​ NIS 22620 QB1

B. in which each person who wants to communicate has two keys; a private
key known to him only and a public key which is publicized to enable others to
send message to him.

79. Public key system is useful because

A. it uses two keys.
B. There Is No Key Distribution Problem As Public Key Can Be Kept
In A Commonly Accessible Database.
C. private key can be kept secret.
D. it is a symmetric key system.

B. there is no key distribution problem as public key can be kept in a

commonly accessible database.

80. In public key encryption if A wants to send an encrypted message

A. A encrypts message using his private key
B. A encrypts message using B’s private key
C. A Encrypts Message Using B’s Public Key
D. A encrypts message using his public key

C. A encrypts message using B’s public key

81. In public key encryption system if A encrypts a message using his private
key and sends it to B
A. If B Knows It Is From A He Can Decrypt It Using A’s Public Key
B. Even if B knows who sent the message it cannot be decrypted
C. It cannot be decrypted at all as no one knows A’s private key
D. A should send his public key with the message
 Cwipedia.in​ NIS 22620 QB1

A. if B knows it is from A he can decrypt it using A’s public key

82. Message can be sent more securely using DES by

A. encrypting plain text by a different randomly selected key for each
transmission
B. Encrypting Plain Text By A Different Random Key For Each
Message Transmission And Sending The Key To The Receiver
Using A Public Key System
C. using an algorithm to implement DES instead of using hardware
D. designing DES with high security and not publicizing algorithm
used by it

B. encrypting plain text by a different random key for each message

transmission and sending the key to the receiver using a public key system

83. DES and public key algorithm are combined

(i) to speed up encrypted message transmission
(ii)to ensure higher security by using different key for each transmission
(iii) as a combination is always better than individual system
(iv) as it is required in e-Commerce
A. I And Ii
B. ii and iii
C. iii and iv
D. i and iv

A. i and ii

84. A digital signature is

A. a bit string giving identity of a correspondent
 Cwipedia.in​ NIS 22620 QB1

B. a unique identification of a sender

C. An Authentication Of An Electronic Record By Tying It Uniquely
To A Key Only A Sender Knows
D. an encrypted signature of a sender

C. an authentication of an electronic record by tying it uniquely to a key only a

sender knows

85. A digital signature is required

(i) to tie an electronic message to the sender’s identity
(ii)for non repudiation of communication by a sender
(iii) to prove that a message was sent by the sender in a court of law
(iv) in all e-mail transactions
A. i and ii
B. I, Ii, Iii
C. i, ii, iii, iv
D. ii, iii, iv

B. i, ii, iii

86. A hashing function for digital signature

(i) must give a hashed message which is shorter than the original message
(ii)must be hardware implementable
(iii) two different messages should not give the same hashed message
(iv) is not essential for implementing digital signature
A. i and ii
B. ii and iii
C. I And Iii
D. iii and iv
 Cwipedia.in​ NIS 22620 QB1

C. i and iii

87. Hashed message is signed by a sender using

A. his public key
B. His Private Key
C. receiver’s public key
D. receiver’s private key

B. his private key

88. While sending a signed message, a sender

A. Sends Message Key Using Public Key Encryption Using DES
And Hashed Message Using Public Key Encryption
B. sends message using public key encryption and hashed
message using DES
C. sends both message and hashed message using DES
D. sends both message and hashed message using public key
encryption

A. sends message key using public key encryption using DES and hashed
message using public key encryption

89. The responsibility of a certification authority for digital signature is to

authenticate the
A. hash function used
B. private keys of subscribers
C. Public Keys Of Subscribers
 Cwipedia.in​ NIS 22620 QB1

D. key used in DES

C. public keys of subscribers

90. Certification of Digital signature by an independent authority is needed

because
A. it is safe
B. it gives confidence to a business
C. The Authority Checks And Assures Customers That The Public
Key Indeed Belongs To The Business Which Claims Its
Ownership
D. private key claimed by a sender may not be actually his

C. the authority checks and assures customers that the public key indeed
belongs to the business which claims its ownership

91. What does IP mean?

A. Instance Principle
B. Internet Protocol
C. Instant Protocol
D. Intellectual Property

B. Internet Protocol

92. What happens to your data when it is encrypted?

A. It is transferred to a third party, encoded, then sent back.
B. It is compressed, renamed, and archived.
 Cwipedia.in​ NIS 22620 QB1

C. It is sent through a series of supercomputers to be compressed

multiple times.
D. It Is Recorded To Retain Privacy From Third-Parties.

D. It is recorded to retain privacy from third-parties.

93. What is a computer virus?

A. A virus is the same as a cookie in that it is stored on your
computer against your permission.
B. A virus is friendly software that is simply mislabeled.
C. Malicious software that merely stays dormant on your computer.
D. Malicious Software That Inserts Itself Into Other Programs.

D. Malicious software that inserts itself into other programs.

94. Which of the following is valid difference between a Virus and a Spyware ?
A. Spyware damages data and also steals sensitive private
information
B. Virus Damages Data, Spyware Steals Sensitive Private
Information
C. Spyware damages data, Virus steals sensitive private information
D. Virus damages data and also steals sensitive private information

B. Virus damages data, Spyware steals sensitive private information

95. How to avoid Man-in-the-middle attacks?

A. Accept every SSL certificate, even the broken ones
B. Use connections without SSL
C. Use HTTPS Connections And Verify The SSL Certificate
 Cwipedia.in​ NIS 22620 QB1

D. None of the above

C. Use HTTPS connections and verify the SSL certificate

96. What happens during the TCP attack; Denial of Service?

A. A virus is sent to disable their dos prompt.
B. Viruses are sent to their ISP to deny them tech support.
C. A worm is loaded onto the victim’s computer to disable their
keyboard.
D. Information Is Repeatedly Sent To The Victim To Consume Their
System Resources, Causing Them To Shut Down.

D. Information is repeatedly sent to the victim to consume their system

resources, causing them to shut down.

97. What is Internet Protocol Security?

A. Methods To Secure Internet Protocol (IP) Communication.
B. Ways to disconnect your router in an emergency
C. Methods to secure a disconnected computer.
D. Methods to secure your documents from physical breaches.

A. Methods to secure Internet Protocol (IP) communication.

98. Which of the following is a valid Cyber / Internet Security requirement?

A. Authentication
B. Integrity
C. Confidentiality
D. All Of The Given Options Are Correct
 Cwipedia.in​ NIS 22620 QB1

D. All of the given options are correct

99. Digital signatures provide which of the following ?

A. Authentication
B. Non-repudiation
C. Integrity protection
D. All Of The Given Options Are Correct

D. All of the given options are correct

100. In which of the following protocols does a website (if accessed using the
protocol) encrypt the session with a Digital Certificate?
A. TCP
B. SHTTP
C. HTTPS
D. XHTTP

C. HTTPS

{Diploma}​ Computer Engineering Group all MCQs Question Banks with

Answer pdfs are available on cwipedia, Fire up your query on Diploma Search
Engine ​https://search.cwipedia.in/
 Question Bank 2

1. Which of the following are possible security threats?

A. Illegitimate use
B. Backdoors
C. Masquerading
D. All Of The Given Options Are Correct

D. All of the given options are correct

2. What is a firewall?
A. Firewalls Are Network-Based Security Measures That Control
The Flow Of Incoming And Outgoing Traffic
B. A firewall is a program that encrypts all the programs that access
the Internet.
C. A firewall is a program that keeps other programs from using the
network.
D. Firewalls are interrupts that automatically disconnect from the
internet when a threat appears

A. Firewalls are network-based security measures that control the flow of

incoming and outgoing traffic

3. Which of the following involves submitting as many requests as possible to

a single Internet computer or service, overloading it and preventing it from
servicing legitimate requests?
A. Distributed Denial-Of-Service Attacks
B. Backdoor
C. Masquerading
 D. Phishing

A. Distributed denial-of-service attacks

4. Which of the following symmetric keys can be derived from Symmetric

master key?
A. Authentication keys
B. Key wrapping keys
C. Data encryption keys
D. All Of The Given Options Are Correct

D. All of the given options are correct

5. Which of the following are valid Cryptographic key types?

A. Public authentication key
B. Public signature verification key
C. Private signature key
D. All Of The Given Options Are Correct

D. All of the given options are correct

6. Is true that HTTP is an insecure protocol?

A. True
B. False

A. True
7. Which is the best way a system can be hardened?
A. Total Disk Encryption Coupled With Strong Network Security
Protocols.
B. White-list ad filtering only.
C. Installing a commercial security suite.
D. Virus scanning only.

A. Total disk encryption coupled with strong network security protocols.

8. Why is it crucial to encrypt data in transit?

A. To assure that all of your information cannot be decrypted.
B. To decrease your resources.
C. So you can increase your chances of testing your encryption
capabilities.
D. To Prevent Unauthorized Access To Private Networks And
Sensitive Information During Its Most Vulnerable State.

D. To prevent unauthorized access to private networks and sensitive

information during its most vulnerable state.

9. Which of the following are the basic functionalities of the IPsec Protocol ?
A. Security association for policy management and traffic processing
B. Security protocols for AH and ESP
C. Manual and automatic key management for the internet key
exchange
D. All Of The Given Options Are Correct

D. All of the given options are correct

10. Can a proxy be used as a firewall? If so, how?
A. No. Proxies are data encryption stations whose sole purpose is to
encrypt and re-rout data.
B. No. Proxies are firewalls that are maintained at locations other
than that of the user.
C. No. All a proxy does is re-rout Internet traffic, and thus all the
malicious signals that go with it.
D. Yes. A Proxy Acts As A Network Intermediary For The User That
Serves To Control The Flow Of Incoming And Outgoing Traffic.

D. Yes. A proxy acts as a network intermediary for the user that serves to
control the flow of incoming and outgoing traffic.

11. In which of the following fraud methods is a legitimate/legal-looking email

sent in an attempt to gather personal and financial information from
recipients?
A. Virus
B. Masquerading
C. Phishing
D. Malware

C. Phishing

12. Which of the following is TRUE about TLS?

A. The HMAC construction used by most TLS cipher suites is
specified in RFC 2104
B. Provides protection against a downgrade of the protocol to a
previous (less secure) version or a weaker cipher suite
C. The message that ends the handshake sends a hash of all the
exchanged handshake messages seen by both parties
 D. All Of The Given Options Are Correct

D. All of the given options are correct

13. Which of the following is a VALID type of Key Management System?

A. Third-Party Key Management System
B. Dynamic Key Management System
C. Integrated Key Management System
D. Both Integrated Key Management System And Third-Party Key
Management System

D. Both Integrated Key Management System and Third-Party Key

Management System

14. What is one way that a web browser is vulnerable to breaching?

A. A browser can be infected by closing it.
B. A virus can be sent through the monitor.
C. A Browser Plugin Can Be Exploited.
D. Web browsers are impervious to exploitation.

C. A browser plugin can be exploited.

15. What two main categories of network topologies are there?

A. Digital and Topological
B. Direct and Indirect
C. Close and Distant
D. Physical And Logical.

D. Physical and logical.

16. What is another name for an insecure plugin?
A. Hardware
B. Software
C. Firmware
D. Malware

D. Malware

17. A digital signature scheme consists of which of the following typical

algorithms?
A. Key Generation, Signing And Signature Verifying Algorithm
B. Signature verifying algorithm
C. Key generation algorithm
D. Signing algorithm

A. Key generation, Signing and Signature verifying algorithm

18. Which of the following is TRUE about SSL 3.0?

A. It has a weak MAC construction that uses the MD5 hash function
with a secret prefix
B. Identical cryptographic keys are used for message authentication
and encryption
C. SSL 3.0 Improved Upon SSL 2.0 By Adding SHA-1 Based
Ciphers And Support For Certificate Authentication
D. It assumes a single service and a fixed domain certificate, which
clashes with the standard feature of virtual hosting in Web
servers
C. SSL 3.0 improved upon SSL 2.0 by adding SHA-1 based ciphers and
support for certificate authentication

19. There are two types of firewall. What are they?

A. Internet-based and home-based.
B. Hardware And Software.
C. Remote and local
D. Digital and electronic.

B. Hardware and software.

20. True of False? Malware exists which affects both Windows and Linux
systems.
A. True
B. False

A. True

21. Which of the following refers to programs that surreptitiously monitor

activity on a computer system and report that information to others without the
user's consent?
A. Malware
B. Botnet
C. Trojan horse
D. Spyware

D. Spyware
22. What is a computer worm?
A. It is software designed to exploit networks.
B. It is software designed to analyze and search for open ports.
C. It is a software utilized to scan packets on open networks.
D. It Is Malware Designed To Infect Other Computers.

D. It is malware designed to infect other computers.

23. Is a Unix-based system vulnerable to viruses?

A. Yes. The split is approximately 50/50 when it comes to attacks on
Windows vs. Unix based systems.
B. Yes, the majority of viruses attack Unix-based systems.
C. No. Linux systems are totally impervious to attacks.
D. Yes, However The Majority Are Coded To Attack Windows-Based
Systems.

D. Yes, however the majority are coded to attack Windows-based systems.

24. Which of the following protocol used Port 443 and Port 80 respectively
A. HTTPS And HTTP
B. XHTML
C. HTTP and HTTPS
D. DHTML

A. HTTPS and HTTP

25. Which of the following is a means to access a computer program or entire

computer system bypassing all security mechanisms?
 A. Backdoor
B. Masquerading
C. Phishing
D. Trojan Horse

A. Backdoor

26. What does TCP mean?

A. Total Content Positioning
B. Transmission Control Protocol
C. Transmittable Constant Protocol
D. Technical Control Panel

B. Transmission Control Protocol

27. What does cross-site scripting allow for attackers?

A. Direct introduction of viruses into a victims computer.
B. The introduction of worm viruses into the victims website.
C. A phishing attack that automatically downloads the victims
personal information.
D. Injection Of Client-Side Scripts Into Web Pages.

D. Injection of client-side scripts into web pages.

28. Which of the following is collection of Internet-connected programs

communicating with other similar programs in order to perform tasks?
A. Botnet
B. Spyware
C. Trojan horse
 D. Malware

A. Botnet

29. What are TLS and SSL?

A. Internet protocols.
B. Network layers.
C. Internet layers
D. Cryptographic Protocols.

D. Cryptographic protocols.

30. Who was TLS defined by?

A. The DEA
B. OSHA
C. Internet Engineering Task Force
D. NSA

C. Internet Engineering Task Force

31. Modern secure password storage should implement:

A. Salted plain-text values of the password
B. Hashed values of the password
C. Plain-text passwords stored in an encrypted database
D. Salted And Hashed Values Of The Password

D. Salted and hashed values of the password

32. What is network topology?
A. It is the inner networkings of a single computer.
B. It is the top layer of a computer network.
C. It Is The Framework Of The Components Of A Computer
Network.
D. It is the entirety of the data of a computer network.

C. It is the framework of the components of a computer network.

33. Which of the following is a general term for malicious software that
pretends to be harmless so that a user willingly allows it to be downloaded
onto the computer?
A. Spware
B. Virus
C. Trojan Horse
D. Botnets

C. Trojan Horse

34. What is another name for Internet Layer?

A. TCP layer
B. Interwebs
C. IP Layer
D. SSL layer

C. IP layer
35. Which of the following is the collective name for Trojan horses, spyware,
and worms?
A. Spware
B. Botnets
C. Virus
D. Malware

D. Malware

36. When cookies are used as session identifiers, how are they then used as
a potential security hazard?
A. They emulate user's by downloading all the victims information
onto a virtual machine.
B. User's cookies are altered to a virus-like state.
C. They emulate user's by stealing their personal identity.
D. Attackers Emulate Users By Stealing Their Cookies.

D. Attackers emulate users by stealing their cookies.

37. Which of the following is a valid flaw of SSL 2.0 ?

A. It does not have any protection for the handshake
B. Identical cryptographic keys are used for message authentication
and encryption
C. It has a weak MAC construction that uses the MD5 hash function
with a secret prefix
D. All Of The Given Options Are Correct

D. All of the given options are correct

38. Which of the following is an ITU-T standard for a public key infrastructure
(PKI) and Privilege Management Infrastructure (PMI)?
A. X.507
B. X.519
C. X.508
D. X.509

D. X.509

39. Trojan Horse programs operate with what intent?

A. To slowly but surely infect and become your operating system
until the system crashes.
B. To openly exploit a systems weaknesses until the user discovers
it.
C. To Masquerade As Non-Malicious Software While Exploiting A
System's Weaknesses.
D. To do a series of brute force attacks within the system itself and a
series of external attacks from other servers

C. To masquerade as non-malicious software while exploiting a system's

weaknesses.

40. Why is a virtual machine considered a sandboxing method?

A. Virtual machines all have firewalls, virus scanners, and proxy
connetions.
B. Virtual machines all have sandbox features installed on them.
C. Virtual machines take the brunt of the attack, so the user is
always safe.
D. All Host Resources Are Channeled Through The Emulator.

D. All host resources are channeled through the emulator.

41. When is encrypted data the safest?
A. When it is being transferred via usb stick.
B. When it is in transit.
C. When It Is Being Written. When It Is At Rest.
D. When it is being written.

C. When it is being written. When it is at rest.

42. Which of the following keys are used to generate random numbers?
A. Symmetric random number generation keys
B. Symmetric And Asymmetric Random Number Generation Keys
C. Public signature verification key
D. Asymmetric random number generation keys

B. Symmetric and asymmetric random number generation keys

43. Which of the following is true about Public Key Encryption?

A. Anyone can encrypt with the public key and anyone can decrypt
with the private key
B. Anyone Can Encrypt With The Public Key, Only One Person Can
Decrypt With The Private Key
C. Anyone can encrypt with the private key, only one person can
decrypt with the public key
D. Only one person can encrypt with the public key and anyone can
decrypt with the private key

B. Anyone can encrypt with the public key, only one person can decrypt with
the private key
44. If you set up a BUS network, what is the major disadvantage?
A. It is entirely wireless and open to wifi-based attacks.
B. It is daisy-chained together with several cables
C. It Is Linked With A Single Cable Which Can Be A Major
Vulnerability.
D. It is connected in a star pattern and can be disabled by disrupting
one data center.

C. It is linked with a single cable which can be a major vulnerability.

45. What does the acronym BEAST mean in Beast Attack?

A. Breaking and Entering Against SSL/TLS
B. Browser Extension And SSL/TLS
C. Browser Exploit Against SSL/TLS
D. Breach Entering Against SSL/TLS

C. Browser Exploit Against SSL/TLS

46. TCP is used for what three main functions?

A. Connect To The Web, Deliver Email, And Transfer Files.
B. Connect to the Web, compress data, encrypt mail.
C. Connect to the web, conceal data, transfer files.
D. Connect to the Web, encrypt data, transmit information.

A. Connect to the Web, deliver email, and transfer files.

47. Secure cookies have which feature?

A. They are not encrypted, just sent via secure server.
 B. They Are Encrypted.
C. Secure cookies are passed along via encrypted programs.
D. Cookies are always traded between trusted users.

B. They are encrypted.

48. How are port numbers categorized?

A. Static, dynamic, enigmatic
B. Known, well-known, unknown
C. Well-Known, Registered, And Static/Dynamic.
D. Unknown, unregistered, invalid

C. Well-known, registered, and static/dynamic.

49. Which of the following type of attack can actively modify communications
or data?
A. Both Active and Passive attack
B. Neither Active nor Passive attack
C. Active Attack
D. Passive attack

C. Active attack

50. What is the top method an attacker might infect a target?

A. Social Engineering, Or Psychological Manipulation.
B. SQL injection.
C. Buffer overflow.
D. Hacking via the Internet.
A. Social engineering, or psychological manipulation.

51. Secure Sockets Layer is a predecessor of which cryptographic protocol?

A. IPSec
B. Transport Layer Security
C. SSL 3.0
D. HTTPS

B. Transport Layer Security

52. An SQL injection is often used to attack what?

A. Small scale machines such as diebold ATMs
B. Large-Scale Sequel Databases Such As Those Containing Credit
Card Information.
C. Servers running SQL databases similar to Hadoop or Hive.
D. Servers built on NoSQL

B. Large-scale sequel databases such as those containing credit card

information.

53. Which version of TLS is vulnerable to BEAST exploit?

A. TLS 1.1
B. TLS 3.0
C. TLS 0.5
D. TLS 2.0
E. TLS 1.0

E. TLS 1.0
54. According to OWASP what is the most dangerous web vulnerability?
A. Injections (SQL, LDAP, Etc)
B. Cross-site-scripting (XSS)
C. Security Misconfiguration
D. Cross-Site Request Forgery (CSRF)
E. Sensitive Data Exposure

A. Injections (SQL, LDAP, etc)

55. Sandboxing does what to computer programs?

A. Sandboxing protects your system by trapping all the viruses.
B. It Separates And Isolates Them.
C. Sandboxing doesn't protect your system.
D. Sandboxes protect your programs by isolating all the other
programs except the one you are using at the time.

B. It separates and isolates them.

56. What is largely considered the most advanced computer virus?

A. Conficker Virus
B. Zeus
C. Stuxnet.
D. agent.biz

C. Stuxnet.
57. What is necessary for a cross-site script attack with cookies to be
thwarted?
A. CAPTCHAs
B. Virtual machines
C. Proxies
D. Firewalls

A. CAPTCHAs

58. What are the two primary classifications of cross-site scripting?

A. DOM-based and persistent
B. traditional and DOM-based
C. traditional and non-persistent
D. Non-Persistent And Persistent.

D. non-persistent and persistent.

59. Which of the following is a VALID authorization key?

A. Public Authorization Key
B. Public ephemeral key authorization key
C. Asymmetric authorization keys
D. Symmetric authorization keys

A. Public authorization key

60. Which of the following is a VALID digital signature key?

A. Public signature authentication key
B. Private signature authentication key
C. Symmetric signature authentication key
 D. Private Signature Key

D. Private signature key

61. How can cookies be used to mitigate cross-site scripting?

A. Cookies can be coded like a program to intercept script attacks.
B. Cookies store an exact mirror copy of all a users web activity.
C. Cookies Allow For Cookie-Based User Authentication.
D. They can't. Cookies only store user information.

C. Cookies allow for cookie-based user authentication.

62. Which of the following uses asymmetric cryptography ?

A. VoIP
B. SSL
C. Both VoIP And SSL
D. None of these

C. Both VoIP and SSL

63. Which of the following is not a VALID type of firewall?

A. Application-level gateways
B. Circuit-level gateways
C. Proxy Server Gateways
D. Packet filters

C. Proxy Server Gateways

64. What is the less secure AES encryption mode?
A. CFB
B. OCB
C. ECB
D. CTR
E. CBC

E. CBC

65. What is a method to fend off a Sockstress attack?

A. Do nothing. It will pass on its own.
B. Prepare a retaliatory DDOS attack
C. Black-listing access to TCP services on critical systems
D. White-Listing Access To TCP Services On Critical Systems.

D. White-listing access to TCP services on critical systems.

66. Which of the following HTTP method is considered insecure ?

A. POST
B. DELETE
C. TRACE
D. GET

C. TRACE

67. Which of the following represents a cryptographic key that is generated for
each execution of a key establishment process ?
A. Private key transport key
 B. Public signature verification key
C. Private Ephemeral Key Agreement Key
D. Public authentication key

C. Private ephemeral key agreement key

68. What does the Linux kernal use to sandbox running programs?
A. Linux doesn't sandbox because it is impervious to any and all
cyber attacks
B. Linux uses a layered system of user authentication to perform
sandbox-like functions.
C. Seccomp, Or Secure Computing Mode
D. Linux drives are fully encrypted, thus they don't need sandboxing.

C. seccomp, or Secure Computing Mode

69. Which of the following keys are the private keys of asymmetric (public) key
pairs that are used only once to establish one or more keys ?
A. Public ephemeral key agreement key
B. Asymmetric random number generation keys
C. Symmetric random number generation keys
D. Private Ephemeral Key Agreement Key

D. Private ephemeral key agreement key

70. What does a cryptographic key do within the Internet Layer?

A. It specifies how encrypted data is transferred and to whom.
B. It Specifies How Transferred Information Is Converted Into
Cyphertext.
 C. It converts it into encrypted language.
D. It is the specialized dataset that is able to decrypt cyphertext.

B. It specifies how transferred information is converted into cyphertext.

71. What is the difference between a worm and virus?

A. A worm does not replicate itself like a virus does, but rather
moves from computer to computer
B. A virus infects files, while a worm eats them
C. A worm is a virus created for a very specific purpose
D. Unlike A Virus, A Worm Does Not Need To Attach Itself To A
Program To Spread.

D. Unlike a virus, a worm does not need to attach itself to a program to

spread.

72. Which of the following represents a cryptographic key that is intended to

be used for a long period of time?
A. Private key transport key
B. Public authentication key
C. Public signature verification key
D. Private Static Key Agreement Key

D. Private static key agreement key

73. Which of the following is a VALID ephemeral key?

A. Asymmetric ephemeral random number generation keys
B. Public ephemeral verification key
 C. Symmetric ephemeral random number generation keys
D. Public Ephemeral Key Agreement Key

D. Public ephemeral key agreement key

74. Which of the following enables secure and private data exchange/transfer
on an unsecure public network ?
A. Public Key Infrastructure
B. Virtual Key Infrastructure
C. Private Key Infrastructure
D. All of the given options are correct

A. Public Key Infrastructure

75. Which of the following keys are used to encrypt other keys using
symmetric key algorithms ?
A. Symmetric random number generation keys
B. Asymmetric random number generation keys
C. Symmetric Key Wrapping Key
D. Public signature verification key

C. Symmetric key wrapping key

76. Which of the following keys are used to encrypt other keys using
symmetric key algorithms ?
A. Symmetric random number generation keys
B. Asymmetric random number generation keys
C. Symmetric Key Wrapping Key
D. Public signature verification key
C. Symmetric key wrapping key

77. Which of the following is a standalone computer program that pretends to

be a well-known program in order to steal confidential data ?
A. Virus
B. Spyware
C. Fraudtool
D. Malware

C. Fraudtool

78. In the sublayer of which of the following does TLS and SSL performs the
data encryption of network connections?
A. presentation layer
B. Both session and presentation layer
C. session layer
D. Application Layer

D. application layer

79. Which of the following are the public keys of asymmetric (public) key pairs
that are used to encrypt keys using a public key algorithm?
A. Public signature verification key
B. Private signature key
C. Public Key Transport Key
D. Private key transport key

C. Public key transport key

80. Which of the following are the public keys of asymmetric key pairs that are
used to encrypt keys using a public key algorithm ?
A. Private signature key
B. Private Key Transport Key
C. Public signature verification key
D. Public authentication key

B. Private key transport key

 Question Bank 3

1. Which of the following are the ways through which virus spreads?
A. Floppy Disk
B. CD
C. Email attachments
D. Network connection
E. All Of The Above

E. All of the above

2. Which of the following are categories of spam mails?

A. Phishing and Fraud
B. Spoofing mails
C. Hoaxes
D. Chain mails
E. All Of The Above

E. All of the above

3. Daniel has deployed an antispam solution in his network. If a spam SMTP

is accepted, it is called:
A. Negative detection
B. False positive
C. False Negative
D. Untrue detection

C. False negative
4. Which of the following are preventive antivirus measures?
A. Do not open attachments from suspicious sources.
B. Delete chain and junk mails.
C. Exercise caution while downloading from the internet
D. Backup your files.
E. All Of The Above

E. All of the above

5. Which of the following ports is used by IMAP?

A. 139
B. 143
C. 142
D. 25

B. 143

6. What are zombies?

A. Antispam solutions.
B. Remotely Controlled Hosts.
C. Antivirus solutions
D. Hackers

B. Remotely controlled hosts.

7. How many keys are required if two parties communicate using Asymmetric
Cryptography?
A. One
 B. Two
C. Three
D. Four

B. Two

8. Which of the following programs establishes modem connection with

pay-per-visit resources?
A. Trojans
B. Automatic Dialers
C. Worms
D. Antivirus

B. Automatic dialers

9. Suppose you got a mail from the HSBC bank asking you to give your online
bank account details. Under which of the spam mail categories does this
mail?
A. Phishing And Fraud.
B. Chain Mails.
C. Hoaxes
D. Brand spoofing.

A. Phishing and fraud.

10. What is Phishing?

A. Fraudulently Acquiring Sensitive Information.
B. An encryption technique
C. An anti-spam technique
 D. A password building technique

A. Fraudulently acquiring sensitive information.

11. Which of the following are direct harms caused by spam?

A. Loss of productivity
B. Increased staff costs
C. Increased infrastructure costs
D. Increased downloading costs
E. All Of The Above

E. All of the above

12. Which of the following is the Hashing Algorithm?

A. AES
B. 3-DES
C. DES
D. MD5

D. MD5

13. Which key is used to decrypt the message in PKI?

A. Public Key.
B. Private Key.
C. Pre-shared Secret Key.
D. Hybrid Key.
B. Private Key.

14. What is Joe Job?

A. A virus
B. An antivirus
C. A Spam Attack
D. An antispam

C. A spam attack

15. Which of the following are Email Security Protocols?

A. S/MIME
B. PEM
C. STE
D. PME

A. S/MIME

16. Which of the following symmetric algorithms have variable key length?
A. AES
B. Triple DES
C. IDEA
D. Rivest Cipher 4

D. Rivest Cipher 4

17. What is Mail Exchanger(MX) Record?

 A. Router route.
B. Record in router.
C. Record In DNS Specifying The Internet Email Route.
D. Record in DHCP specifying the email route

C. Record in DNS specifying the internet email route.

18. Which of the following measures should be taken to tackle spam mails?
A. Blocking and accepting on the basis of MTA IP address
B. Limiting the number of outgoing e-mails per account
C. Authentication mechanisms
D. Spam filtering.
E. All Of The Above

E. All of the above

19. Which of the following are different categories of viruses?

A. Parasitic
B. Bootstrap sector
C. Companion
D. All Of The Above

D. All of the above

20. What is the function of the Reverse DNS Look up Technique in identifying
spam mails?
A. To check the sender's email server attempting for spoofing
B. To check the receiver's email server attempting for spoofing
C. To Check The DNS Server Validity
 D. None of these

C. To check the DNS server validity