On This Page

This set of Information Security Multiple Choice Questions & Answers (MCQs) focuses on Information Security Set 1

Q1 | This technology is used to measure and analyze human body characteristics forauthentication purposes.
Q2 | __________ is an electronic or paper log used to track computer activity.
Q3 | This is a series of messages sent by someone attempting to break into a computer to learn which computer network services the computer provides.
Q4 | This is the name for a group of programmers who are hired to expose errors or securityholes in new software or to find out why a computer network's security is being broken.
Q5 | This is a mechanism for ensuring that only authorized users can copy or use specific software applications.
Q6 | At which two traffic layers do most commercial IDSes generate signatures?
Q7 | This is a Peripheral Component Interconnect (PCI) card that offloads SSL processing tospeed up secure transactions on e-commerce Web sites.
Q8 | ___________is a form of eavesdropping used to pick up telecommunication signals bymonitoring the electromagnetic fields produced by the signals.
Q9 | This enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
Q10 | This is an assault on the integrity of a security system in which the attacker substitutesa section of cipher text (encrypted text) with a different section that looks like (but is not the same as) the one removed.
Q11 | Which of the following is an advantage of anomaly detection?
Q12 | A false positive can be defined as…
Q13 | This is an encryption/decryption key known only to the party or parties that exchangesecret messages.
Q14 | What is the purpose of a shadow honeypot?
Q15 | This is is the hiding of a secret message within an ordinary message and the extractionof it at its destination.
Q16 | An IDS follows a two-step process consisting of a passive component and an activecomponent. Which of the following is part of the active component?
Q17 | When discussing IDS/IPS, what is a signature?
Q18 | Semantics-aware" signatures automatically generated by Nemean are based on trafficat which two layers?
Q19 | In what type of attack does an intruder manipulate a URL in such a way that the Web server executes or reveals the contents of a file anywhere on the server, including those lying outside the document root directory?
Q20 | Which of the following is true of improper error handling?
Q21 | Which of the following is NOT recommended for securing Web applications against authenticated users?
Q22 | In which of the following exploits does an attacker insert malicious coding into a link that appears to be from a trustworthy source?
Q23 | In which of the following exploits does an attacker add SQL code to a Web form inputbox to gain access to resources or make changes to data?
Q24 | Which of the following is characteristic of spyware?
Q25 | One of the most obvious places to put an IDS sensor is near the firewall. Where exactlyin relation to the firewall is the most productive placement?