Information Cyber Security Set 1 MCQs

Q1 | In the _______ mode, IPSec protects the whole IP packet, including the original IP header.

transport

tunnel

either (a) or (b)

neither (a) nor (b)

Q2 | An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL

40; 80

60; 620

80; 443

620; 80

Q3 | What port does Telnet use?

22

80

20

23

Q4 | A digital Signature is

a bit string giving identity of a correspondent

a unique identification of a sender

an authentication of an electronic record by trying it uniquely to a key only a sender knows

an encrypted signature of sender

Q5 | A ___________ is an extension of an enterprise’s private intranet across a public network such as the internet, creating a secure private connection.

vnp

vpn

vsn

vspn

Q6 | ______uses the idea of certificate trust levels

x509

pgp

kdc

none of them

Q7 | A digital signature needs a

private-key system

shared-key system

public-key system

all of them

Q8 | Pretty good privacy (PGP) is used in ______

browser security

email security

ftp security

wifi security

Q9 | What is necessary for a cross-site script attack with cookies to be thwarted

captchas

virtual machines

proxies

firewalls

Q10 | The _______ mode is normally used when we need host-to-host (end-to-end) protection of data.

transport

tunnel

either (a) or (b)

neither (a) nor (b)

Q11 | For each _______ the Kerberos Key Distribution Center (KDC) maintains a database of the realm’s principal and the principal’s associated “secret keys”.

key

realm

document

none of the mentioned

Q12 | The basic Web Services platform is combination of _____ and _______

css + http

xml + html

xml + http

css + java

Q13 | For a client-server authentication, the client requests from the KDC a ________ for access to a specific asset.

ticket

local

token

user

Q14 | What is one advantage of setting up a DMZ with two firewalls?

you can control where traffic goes in three networks

you can do stateful packet filtering

you can do load balancing

??improved network performance

Q15 | What are the two primary classifications of cross-site scripting?

dom based and persistent

traditional and dom based

traditional and non-persistent

non-persistent and persistent

Q16 | Imagine a social networking web app (like Twitter) that allows users to post short blurbs of text.

cross-site scripting

sql injection

packet sniffing

a and b

Q17 | Why would a hacker use a proxy server?

to create a stronger connection with the target.

to create a ghost server on the network.

to obtain a remote access connection

to hide malicious activity on the network.

Q18 | IPSec is designed to provide security at the _________

transport layer

network layer

application layer

session layer

Q19 | Which component is included in IP security?

authentication header (ah)

encapsulating security payload (esp)

internet key exchange (ike)

all of the mentioned

Q20 | What is Firewall?

firewalls are network based security measures that control the flow of incoming and outgoing traffic

firewall is a program that encrypts all programs that access the internet

a firewall is a program that keeps other programs from using the internet

firewall are the interrupts that automatically disconnect from the internet when a threat appears.

Q21 | SSL stands for?

secured socket layer

secured shell layer

system socket layer

system secured layer

Q22 | What is the most important activity in system hacking?

information gathering

cracking passwords

escalating privileges

covering tracks

Q23 | Why would HTTP Tunneling be used?

to identify proxy servers

web activity is not scanned

to bypass a firewall

http is a easy protocol to work with

Q24 | The domain name space (tree) is devided into---------different sections

3

2

4

none

Q25 | The _____domains define registered hosts according to their generic behaviour.

generic

country

inverse

none