On This Page

This set of Information Security Multiple Choice Questions & Answers (MCQs) focuses on Information Security Set 1

Q1 | This technology is used to measure and analyze human body characteristics forauthentication purposes.
  • Footprinting
  • Biometrics
  • JBOD
  • Anthropomorphism
Q2 | __________ is an electronic or paper log used to track computer activity.
  • Traceroute
  • Cookie
  • Weblog
  • Audit trail
Q3 | This is a series of messages sent by someone attempting to break into a computer to learn which computer network services the computer provides.
  • Bit robbing
  • Web services description language (WSDL)
  • Jabber
  • Port scan
Q4 | This is the name for a group of programmers who are hired to expose errors or securityholes in new software or to find out why a computer network's security is being broken.
  • ERM group
  • Computer emergency response tea
  • Tiger team
  • Silicone cockroach
Q5 | This is a mechanism for ensuring that only authorized users can copy or use specific software applications.
  • Authorized program analysis report
  • Private key
  • Service level agreement
  • Dongle
Q6 | At which two traffic layers do most commercial IDSes generate signatures?
  • Application layer
  • Network layer
  • Session layer
  • Transport layer
Q7 | This is a Peripheral Component Interconnect (PCI) card that offloads SSL processing tospeed up secure transactions on e-commerce Web sites.
  • PCMCIA card
  • Smart card
  • Server accelerator card
  • Network interface card
Q8 | ___________is a form of eavesdropping used to pick up telecommunication signals bymonitoring the electromagnetic fields produced by the signals.
  • Reverse engineering
  • Magneto resistive head technology
  • Van Eck phreaking
  • Electronic data processing (EDP)
Q9 | This enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
  • Security Identifier (SID)
  • Public key infrastructure (PKI)
  • Internet Assigned Numbers Authority (IANA)
  • Private Branch Exchange (PBX)
Q10 | This is an assault on the integrity of a security system in which the attacker substitutesa section of cipher text (encrypted text) with a different section that looks like (but is not the same as) the one removed.
  • Trojan horse
  • Hashing
  • Switching fabric
  • Cut and paste attack
Q11 | Which of the following is an advantage of anomaly detection?
  • Rules are easy to define.
  • Custom protocols can be easily analyzed.
  • The engine can scale as the rule set grows.
  • Malicious activity that falls within normal usage patterns is detected.
Q12 | A false positive can be defined as…
  • An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior.
  • An alert that indicates nefarious activity on a system that is not running on the network.
  • The lack of an alert for nefarious activity.
  • Both a. and b.
Q13 | This is an encryption/decryption key known only to the party or parties that exchangesecret messages.
  • E-signature
  • Digital certificate
  • Private key
  • Security token
Q14 | What is the purpose of a shadow honeypot?
  • To flag attacks against known vulnerabilities
  • To help reduce false positives in a signature-based IDS.
  • To randomly check suspicious traffic identified by an anomaly detection system.
  • To enhance the accuracy of a traditional honeypot.
Q15 | This is is the hiding of a secret message within an ordinary message and the extractionof it at its destination.
  • Secret key algorithm
  • Message queuing
  • Spyware
  • Steganography
Q16 | An IDS follows a two-step process consisting of a passive component and an activecomponent. Which of the following is part of the active component?
  • Inspection of password files to detect inadvisable passwords
  • Mechanisms put in place to reenact known methods of attack and record system responses
  • Inspection of system to detect policy violations
  • Inspection of configuration files to detect inadvisable settings
Q17 | When discussing IDS/IPS, what is a signature?
  • An electronic signature used to authenticate the identity of a user on the network
  • Attack-definition file
  • It refers to "normal," baseline network behavior
  • None of the above
Q18 | Semantics-aware" signatures automatically generated by Nemean are based on trafficat which two layers?
  • Application layer
  • Network layer
  • Session layer
  • Both a and c
Q19 | In what type of attack does an intruder manipulate a URL in such a way that the Web server executes or reveals the contents of a file anywhere on the server, including those lying outside the document root directory?
  • Cross-site scripting
  • Command injection
  • SQL injection
  • Path traversal attacks
Q20 | Which of the following is true of improper error handling?
  • Attackers can use error messages to extract specific information from a system.
  • Attackers can use unexpected errors to knock an application off line, creating a denial-of- service attack.
  • Unexpected errors can provide an attacker with a buffer or stack overflow condition that sets the stage for an arbitrary code execution.
  • All of the above.
Q21 | Which of the following is NOT recommended for securing Web applications against authenticated users?
  • Client-side data validation
  • Filtering data with a default deny regular expression
  • Running the application under least privileges necessary
  • Using parameterized queries to access a database
Q22 | In which of the following exploits does an attacker insert malicious coding into a link that appears to be from a trustworthy source?
  • Cross-site scripting
  • Command injection
  • Path traversal attack
  • Buffer overflow
Q23 | In which of the following exploits does an attacker add SQL code to a Web form inputbox to gain access to resources or make changes to data?
  • Cross-site scripting
  • Command injection
  • SQL injection
  • Buffer overflow
Q24 | Which of the following is characteristic of spyware?
  • Blocking access to antivirus and antispyware updates
  • Aggregating surfing habits across multiple users for advertising
  • Customizing search results based on an advertiser's needs
  • All of the above
Q25 | One of the most obvious places to put an IDS sensor is near the firewall. Where exactlyin relation to the firewall is the most productive placement?
  • Inside the firewall
  • Outside the firewall
  • Both
  • None