April 22, 2019

Network Security - MCQS

Question
Consider these statements and state which are true.
i)   Encoding and encryption change the data format.
ii)  Encoding is a reversible process, while encryption is not.
iii) Both Encoding and Encryption are reversible processes.
iv)  Any third party will be able to reverse an encoded data,but not an encrypted data.

Select one:
i), iii) and iv)
ii) and iv)
i) and iv)
i),  ii) and iv)

The correct answer is: i), iii) and iv)

Question
Which of the following attacks is not an attack on Integrity?

Select one:
Modification
Replay
Denial Of Service
Masquerading

The correct answer is:: Denial Of Service

Question
I sent a data set {A,B,C,D} to a recipient which got received as {B,A,D,C}.

Select one:
Data security is compromised
Data integrity is lost
Confidentiality is lost
Data availability is compromised

The correct answer is:: Data integrity is lost

Question
A website login mechanim employs both password and verifying a PIN number sent via SMS to registered mobile.

This scenario provides ______
Select one:
High convenience but low security
High convenience and good security
Low convenience and low security
Low convenience but good security

The correct answer is:: Low convenience but good security

Question
A fake email posing as a legitimate email from bank is 

Select one:
Attack on Availability
Masquerading attack
Denial of Service (DOS) attack
Attack on Confidentiality

The correct answer is:: Masquerading attack

Question
Which of these mechanims provide data integrity ?
i) DES Encryption
ii) Asymmetric encryption
iii) SHA Hashing
iv) Hashed-MAC

Select one:
i and iv
i and iii
ii and iii
iii and iv

The correct answer is:: iii and iv

Question
Email attachments typically employ

Select one:
Base64 encoding
Base16 encoding
UTF-8 encoding
URL encoding

The correct answer is:: Base64 encoding

Question
The combination of key exchange, hash and encryption algorithms is termed as _______ in SSL/TLS.     

Select one:
TLS Handshake
Protocol suite
Cipher suite
TLS Records

The correct answer is:: Cipher suite

Question
The protocol ‘POP’ stands for-

Select one:
Personal Office Protocol
Post Office Protocol
Privacy Overall Protocol
Privacy Over Protocol

The correct answer is:: Post Office Protocol

Question
Which is the most secure way to remote login?

Select one:
SSH with public keys
Telnet with password
SSH with password
Telnet with public keys

The correct answer is:: SSH with public keys


Question
The Application layer protocol required for Electronic Mail is:

Select one:
SMTP
HTTP
FTP
SIP

The correct answer is: SMTP

Question
Which of these statements regarding HTTP is true.

Select one:
HTTPS adds security to HTTP POST and PUT messages as this is where password exchange is done.
HTTPS uses the same HTTP message format but  adds a handshake+encryption mechanism.
HTTPS introduces new messages HANDSHAKE and ALERT for bringing in security in HTTP.
HTTPS does not add security to HTTP GET and HEAD messages

The correct answer is: HTTPS uses the same HTTP message format but  adds a handshake + encryption mechanism.

Question
For SSL which is the advised cryptographic algorithm?

Select one:
twofish 128
aes 192
aes 128
blowfish

The correct answer is:: aes 128

Question
In SSL handshake, Server Hello message typically contains

Select one:
List of ciphers for the session and extensions list
Selected cipher for the session and random bytes
Selected cipher for the session and public key of server
Random bytes and public key of server

The correct answer is: Selected cipher for the session and random bytes

Question
Pretty Good Privacy (PGP) is employed in

Select one:
FTP and WWW Security
Email and FTP Security
Email security
Email and WWW Security

The correct answer is:: Email security

Question
What is the common term present in HTTP request and status line?

Select one:
HTTP version number
URL
Method
None of the mentioned

The correct answer is:: HTTP version number

Question
A session symmetric key between two keys is used:

Select one:
Only once
Two times
Multiple times
Dependent on other conditions

The correct answer is:: Only once

Question
Which one of the following is a cryptographic protocol used to secure HTTP connection?

Select one:
Stream Control Transmission Protocol (SCTP)
Pretty Good Privacy (PGP)
Secure Mime(SMIME)
Transport Layer Security (TLS)

The correct answer is:: Transport Layer Security (TLS)

Question
The services provided by application layer are:

Select one:
Network virtual terminal
File transfer, access, and management
Mail service
All of the mentioned

The correct answer is:: All of the mentioned

Question
A group having 30 members uses Symmetric Key Encryption for message transmission.   How many secret keys are needed if all the members need to send secret messages to each other?

Select one:
30
60
435
900

The correct answer is: 435

Question
I - me@gmail.com - tried to email a .jar file to Dinesh. dinesh@company.com . But it got blocked by gmail while attaching.Then I tried sending a .txt file to Dinesh which went through fine. What do you infer? .jar files cannot be sent as

Select one:
A. it is blocked by gmail as .jar files are bigger in size
B. Email uses SMTP which is a Text protocol
C. it is blocked by company.com
D. it is blocked by gmail as it could contain viruses.

The correct answer is: it is blocked by gmail as it could contain viruses.

Question
What is the protocol used between Message User Agent (MUA) and Message Transfer Agent (MTA) in email system.

Select one:
A. HTTP
B. SMTP
C. IMAP
D. POP3

The correct answer is: SMTP

Question
IPSec defines these two protocols:

Select one:
A. PGP; ESP
B. AH; ESP
C. AH; SSL
D. PGP: SSL

The correct answer is: AH; ESP

Question
HTTPS implicitly uses Server certificates. These Server certificates contain ______

Select one:
A. Server's public key, algorithm used and digital signature
B. Server's public key and private key
C. Server's private key, algorithm used and digital signature
D. Server's public key and digital signature

The correct answer is: Server's public key, algorithm used and digital signature

Question
Asymmetric encryption has

Select one:
A. one key for encryption and another key for decryption
B. two keys - one key for public encryption and another for private encryption
C. one public key for doing encryption and decryption and another private key only for decryption
D. only one public key which is shared

The correct answer is: one key for encryption and another key for decryption

Question
IP Header contains

Select one:
A. Source and destination IP addresses and priority numbers
B. Source and destination IP addresses and IP version number
C. Source and destination IP addresses and Port numbers
D. Source and destination IP addresses and sequence numbers

The correct answer is: Source and destination IP addresses and IP version number

Question
Pick the most relevant option. I sent a data set {J,K,L,M,N} to a recipient which got received as {J,K,N}.

Select one:
A. Data integrity is lost
B. Data availability is compromised
C. Both Confidentiality and integrity are compromised
D. Data Confidentiality is compromised

The correct answer is: Data integrity is lost

Question
A data center is secured with 3 outer gates - Og1, Og2, Og3    locked by separate keys - Kog1, Kog2, Kog3 - given to    three personnel - P1, P2, P3. These 3 outer gates lead to 2 inner gates - Ig1, Ig2 - which provide main corridor access. The matching keys - Kig1, Kig2 are given to P2 and P4. The order of acessibility from most access to least access  for the personnel is ____________

Select one:
A. P2, P1, P3, P4
B. P1, P2, P3, P4
C. P4, P3, P2, P1
D. P2, P4, P1, P3

The correct answer is: P2, P1, P3, P4

Question
Pick the closest in meaning to non-repudiation. Manu sends data to Naren. Paari is sniffing the data transfer.

Select one:
A. Naren can verify that data was indeed sent by Manu.
B. Paari is unable to get the original data.
C. Manu can verify if data reached Naren without any change.
D. Naren can verify if the data got changed by Paari

The correct answer is: Naren can verify that data was indeed sent by Manu.

Question
The modes  of IP-Sec are

Select one:
A. Padding mode and Non-padding mode.
B. Secure and Unsecure Mode
C. Tunnel Mode and Transport Mode
D. SPD and SAD mode

The correct answer is: Tunnel Mode and Transport Mode

Question
Of these, Which is the most secure way to remote login?

Select one:
A. SSH with public keys
B. Telnet with password
C. Telnet with public keys
D. SSH with password

The correct answer is: SSH with public keys

Question
Megha's uses a 4-digit bank ATM PIN. Guna peeped in,as Megha keyed-in and found the last two digits of her PIN. Knowing that Megha does not use 0 in her PIN, what is the maximum attempts for Guna to get her PIN correct ?

Select one:
A. 18
B. 81
C. 19
D. 90

The correct answer is: 81

Question
When using HTTPS, a sniffer in a local LAN will be able to

Select one:
A. sniff only the websites/domain but not the URLs
B. sniff only the websties/domain but not the IP addresses
C. sniff only the URLs in the data exchange but not the posted/downloaded data contents.
D. sniff only the HTTP headers in the requests and response

The correct answer is: sniff only the websites/domain but not the URLs

Question
Pick the statement which is true. A network application

Select one:
A. can use both TCP and UDP at the same time, but only maximum of 256 ports. Incorrect
B. cannot use both TCP and UDP at the same time.
C. can use both TCP and UDP at the same time
D. can use both TCP and UDP at the same time, but only maximum of 1024 ports.

The correct answer is: can use both TCP and UDP at the same time

24 comments:

  1. please upload for DSTN and SA.

    ReplyDelete
  2. Pick the closest in meaning to non-repudiation. Manu sends data to Naren. Paari is sniffing the data transfer.

    Select one:
    A. Naren can verify that data was indeed sent by Manu.
    B. Naren can verify if the data got changed by Paari
    C. Paari is unable to get the original data.
    D. Manu can verify if data reached Naren without any change.

    ReplyDelete
    Replies
    1. Answer is B.-->Naren can verify that data was indeed sent by Manu.

      Delete
  3. Megha's uses a 4-digit bank ATM PIN. Guna peeped in,as Megha keyed-in and found the last two digits of her PIN. Knowing that Megha does not use 0 in her PIN, what is the maximum attempts for Guna to get her PIN correct ?


    Select one:
    A. 90
    B. 81
    C. 18
    D. 19

    ReplyDelete
    Replies
    1. 90
      Because we will try 1 with 1-9 similarly till 9 with 1-9 which adds up to 90

      Delete
  4. The modes of IP-Sec are

    Select one:
    A. Tunnel Mode and Transport Mode
    B. Padding mode and Non-padding mode.
    C. SPD and SAD mode
    D. Secure and Unsecure Mode

    ReplyDelete
  5. When using HTTPS, a sniffer in a local LAN will be able to

    Select one:
    A. sniff only the websties/domain but not the IP addresses
    B. sniff only the websites/domain but not the URLs
    C. sniff only the HTTP headers in the requests and response
    D. sniff only the URLs in the data exchange but not the posted/downloaded data contents.

    ReplyDelete
    Replies
    1. Answer is A --> Sniff only the Http headers in the requests and response

      Delete
  6. Pick the statement which is true. A network application

    Select one:
    A. cannot use both TCP and UDP at the same time.
    B.
    can use both TCP and UDP at the same time, but only
    maximum of 256 ports.
    C.
    can use both TCP and UDP at the same time
    D.
    can use both TCP and UDP at the same time, but only
    maximum of 1024 ports.

    ReplyDelete
  7. A data center is secured with 3 outer gates - Og1, Og2, Og3 locked by separate keys - Kog1, Kog2, Kog3 - given to three personnel - P1, P2, P3.
    These 3 outer gates lead to 2 inner gates - Ig1, Ig2 - which
    provide main corridor access. The matching keys - Kig1, Kig2
    are given to P2 and P4.
    The order of acessibility from most access to least access
    for the personnel is ____________

    Select one:
    A. P2, P4, P1, P3
    B. P1, P2, P3, P4
    C. P4, P3, P2, P1
    D. P2, P1, P3, P4

    ReplyDelete
  8. Of these, Which is the most secure way to remote login?

    Select one:
    A. SSH with public keys
    B. SSH with password
    C. Telnet with public keys
    D. Telnet with password

    ReplyDelete
  9. A data center is secured with 3 outer gates - Og1, Og2, Og3 locked by separate keys - Kog1, Kog2, Kog3 - given to three personnel - P1, P2, P3.
    These 3 outer gates lead to 2 inner gates - Ig1, Ig2 - which
    provide main corridor access. The matching keys - Kig1, Kig2
    are given to P2 and P4.
    The order of acessibility from most access to least access
    for the personnel is ____________

    Select one:
    A. P2, P4, P1, P3
    B. P4, P3, P2, P1
    C. P1, P2, P3, P4
    D. P2, P1, P3, P4

    ReplyDelete
    Replies
    1. P2, P4, P1, P3 Correct: source :http://www.trenovision.com/mcq/network-security-questions-and-answers/

      Delete
  10. Pick the closest in meaning to non-repudiation.Manu sends data to Karen. Paari is sniffing the data transfer.

    Select one:

    A. Manu can verify if data reached Naren without any change.

    B. Naren can verify if the data got changed by Paari.

    C. Naren can verify that data was indeed sent by Manu.

    D. Paari is unable to get the original data.

    ReplyDelete
  11. I - me@gmail.com - tried to email a .jar file to Dinesh. dinesh@company.com . But it got blocked by gmail while attaching.Then I tried sending a .txt file to Dinesh which went through fine. What do you infer? .jar files cannot be sent as


    Select one:
    A. it is blocked by gmail as it could contain viruses.
    B. it is blocked by gmail as .jar files are bigger in size
    C. it is blocked by company.com
    D. Email uses SMTP which is a Text protocol

    ReplyDelete