Network & Information Security MCQ Book

Question

The field that covers a variety of computer networks, both public and private,
that are used in everyday jobs.
a) Artificial Intelligence
b) ML
c) Network Security
d) IT

Question

Network Security provides authentication and access control for resources.

a) True
b) False

Question

Which is not an objective of network security?

a) Identification
b) Authentication
c) Access control
d) Lock
Question

Which of these is a part of network identification?

a) UserID
b) Password
c) OTP
d) fingerprint

Question

The process of verifying the identity of a user.

a) Authentication
b) Identification
c) Validation
d) Verification

Question

A concern of authentication that deals with user rights.

a) General access
b) Functional authentication
c) Functional authorization
d) Auto verification
Question

CHAP stands for?

a) Challenge Handshake authentication protocol
b) Challenge Hardware authentication protocol
c) Circuit Hardware authentication protocol
d) Circuit Handshake authentication protocol

Question

Security features that control that can access resources in the OS.
a) Authentication
b) Identification
c) Validation
d) Access control

Question

An algorithm in encryption is called _____________

a) Algorithm
b) Procedure
c) Cipher
d) Module

Question
The information that gets transformed in encryption is ____________
a) Plain text
b) Parallel text
c) Encrypted text
d) Decrypted text

Question

_______ is the practice and precautions taken to protect valuable information

from unauthorised access, recording, disclosure or destruction.
a) Network Security
b) Database Security
c) Information Security
d) Physical Security

Question

From the options below, which of them is not a threat to information security?
a) Disaster
b) Eavesdropping
c) Information leakage
d) Unchanged default password

Question

From the options below, which of them is not a vulnerability to information

security?
a) flood
b) without deleting data, disposal of storage media
c) unchanged default password
d) latest patches and updates not done

Question

_____ platforms are used for safety and protection of information in the cloud.
a) Cloud workload protection platforms
b) Cloud security protocols
c) AWS
d) One Drive

Question

Which of the following information security technology is used for avoiding

browser-based hacking?
a) Anti-malware in browsers
b) Remote browser access
c) Adware remover in browsers
d) Incognito mode in a browser

Question

The full form of EDR is _______

a) Endpoint Detection and recovery
b) Early detection and response
c) Endpoint Detection and response
d) Endless Detection and Recovery

Question

_______ technology is used for analyzing and monitoring traffic in network and
information flow.
a) Cloud access security brokers (CASBs)
b) Managed detection and response (MDR)
c) Network Security Firewall
d) Network traffic analysis (NTA)

Question

Compromising confidential information comes under _________

a) Bug
b) Threat
c) Vulnerability
d) Attack

Question

Lack of access control policy is a _____________

a) Bug
b) Threat
c) Vulnerability
d) Attack

Question

Possible threat to any information cannot be ________________

a) reduced
b) transferred
c) protected
d) ignored

Question

There are _________ types of computer virus.

a) 5
b) 7
c) 10
d) 12

Question

Which of the following is not a type of virus?

a) Boot sector
b) Polymorphic
c) Multipartite
d) Trojans
 Question

A computer ________ is a malicious code which self-replicates by copying itself

to other programs.
a) program
b) virus
c) application
d) worm

Question

Which of them is not an ideal way of spreading the virus?

a) Infected website
b) Emails
c) Official Antivirus CDs
d) USBs

Question

In which year Apple II virus came into existence?

a) 1979
b) 1980
c) 1981
d) 1982

Question
In mid-1981, the 1st virus for Apple computers with the name _________ came
into existence.
a) Apple I
b) Apple II
c) Apple III
d) Apple Virus

Question

The virus hides itself from getting detected by ______ different ways.
a) 2
b) 3
c) 4
d) 5

Question

_______________ infects the master boot record and it is challenging and a

complex task to remove this virus.
a) Boot Sector Virus
b) Polymorphic
c) Multipartite
d) Trojans

Question
________________ gets installed & stays hidden in your computer’s memory.
It stays involved to the specific type of files which it infects.
a) Boot Sector Virus
b) Direct Action Virus
c) Polymorphic Virus
d) Multipartite Virus

Question

Direct Action Virus is also known as ___________

a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus

Question

______________ are difficult to identify as they keep on changing their type

and signature.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus
Question

Which of the below-mentioned reasons do not satisfy the reason why people
create a computer virus?
a) Research purpose
b) Pranks
c) Identity theft
d) Protection

Question

When an attempt is to make a machine or network resource unavailable to its

intended users, the attack is called _____________
a) denial-of-service attack
b) slow read attack
c) spoofed attack
d) starvation attack

Question

The code segment that misuses its environment is called a _____________

a) internal thief
b) trojan horse
c) code stacker
d) none of the mentioned
Question

The internal code of any software that will set of a malicious function when
specified conditions are met, is called _____________
a) logic bomb
b) trap door
c) code stacker
d) none of the mentioned

Question

The pattern that can be used to identify a virus is known as _____________

a) stealth
b) virus signature
c) armoured
d) multipartite

Question

Which one of the following is a process that uses the spawn mechanism to
revage the system performance?
a) worm
b) trojan
c) threat
d) virus
Question

What is a trap door in a program?

a) a security hole, inserted at programming time in the system for later use
b) a type of antivirus
c) security hole in a network
d) none of the mentioned

Question

Which one of the following is not an attack, but a search for vulnerabilities to
attack?
a) denial of service
b) port scanning
c) memory access violation
d) dumpster diving

Question

File virus attaches itself to the _____________

a) source file
b) object file
c) executable file
d) all of the mentioned
 Question

Multipartite viruses attack on _____________

a) files
b) boot sector
c) memory
d) all of the mentioned

Question

In asymmetric encryption _____________

a) same key is used for encryption and decryption
b) different keys are used encryption and decryption
c) no key is required for encryption and decryption
d) none of the mentioned

Question

Which of the following are forms of malicious attack?

a) Theft of information
b) Modification of data
c) Wiping of information
d) All of the mentioned
Question

What are the common security threats?

a) File Shredding
b) File sharing and permission
c) File corrupting
d) File integrity

Question

From the following, which is not a common file permission?

a) Write
b) Execute
c) Stop
d) Read

Question

Which of the following is a good practice?

a) Give full permission for remote transferring
b) Grant read only permission
c) Grant limited permission to specified account
d) Give both read and write permission but not execute
Question

What is not a good practice for user administration?

a) Isolating a system after a compromise
b) Perform random auditing procedures
c) Granting privileges on a per host basis
d) Using telnet and FTP for remote access

Question

Which of the following is the least secure method of authentication?

a) Key card
b) fingerprint
c) retina pattern
d) Password

Question

Which of the following is a strong password?

a) 19thAugust88
b) Delhi88
c) P@assw0rd
d) !augustdelhi
 Question

Why is one time password safe?

a) It is easy to generated
b) It cannot be shared
c) It is different for every access
d) It is a complex encrypted password

Question

What does Light Directory Access Protocol (LDAP) doesn’t store?

a) Users
b) Address
c) Passwords
d) Security Keys

Question

What is characteristic of RADIUS system?

a) It is essential for centralized encryption and authentication
b) It works on Network layer to deny access to unauthorized people
c) It provides centralized authentication mechanism via network devices
d) It’s a strong File access system
Question

Which happens first authorization or authentication?

a) Authorization
b) Authentication
c) Authorization & Authentication are same
d) None of the mentioned

Question

What are the characteristics of Authorization?

a) RADIUS and RSA
b) 3 way handshaking with syn and fin
c) Multilayered protection for securing resources
d) Deals with privileges and rights

Question

What is not a best practice for password policy?

a) Deciding maximum age of password
b) Restriction on password reuse and history
c) Password encryption
d) Having change password every 2 years
Question

Equations have either no solution or exactly three incongruent solutions

a) True
b) False

Question

Find the solution of x2≡ 3 mod 11

a) x ≡ -9 mod 11 and x≡ 9 mod 11
b) x ≡ 9 mod 11
c) No Solution
d) x ≡ 5 mod 11 and x ≡ 6 mod 11

Question

Find the solution of x2≡ 2 mod 11

a) No Solution
b) x ≡ 9 mod 11
c) x ≡ 4 mod 11
d) x ≡ 4 mod 11 and x ≡ 7 mod 11

Question
 Find the set of quadratic residues in the set –
Z11* = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10}
a) QR set = {1, 2, 4, 5, 9} of Z11*
b) QR set = {1, 3, 6, 5, 9} of Z11*
c) QR set = {1, 3, 4, 9,10} of Z11*
d) QR set = {1, 3, 4, 5, 9} of Z11*

Question

If end to end connection is done at a network or IP level, and if there are N

hosts, then what is the number of keys required?
a) N(N-1)/2
b) N
c) N(N+1)/2
d) N/2

Question

For 1000 nodes in IP level, how many keys would be required?

a) 499000
b) 499500
c) 500500
d) 500000

Question
 Communication between end systems is encrypted using a key, often known as
a) temporary key
b) section key
c) line key
d) session key

Question

Session keys are transmitted after being encrypted by

a) make-shift keys
b) temporary keys
c) master keys
d) section keys

Question

PDU stands for

a) Protocol data unit
b) Pre data underscore
c) Permuted data unity
d) Protocol data untiy

Question

SSM stands for

a) Secure Security Module
b) Session Security Module
 c) Service Session Module
d) Session Service Module

Question

Which is the last step in establishing a connection between hosts using the
SSM?
a) Interaction/ Handshaking between the SSM and the KDC
b) Establishment of the connection
c) Release of connection request packet
d) SSM saves the packet and applies to the KDC for connection permission

Question

Network layer firewall works as a __________

a) Frame filter
b) Packet filter
c) Content filter
d) Virus filter

Question

Network layer firewall has two sub-categories as _________

a) State full firewall and stateless firewall
b) Bit oriented firewall and byte oriented firewall
c) Frame firewall and packet firewall
d) Network layer firewall and session layer firewall
Question

firewall is installed at the point where the secure internal network and
untrusted external network meet which is also known as __________
a) Chock point
b) Meeting point
c) Firewall point
d) Secure point

Question

Which of the following is / are the types of firewall?

a) Packet Filtering Firewall
b) Dual Homed Gateway Firewall
c) Screen Host Firewall
d) Dual Host Firewall

Question

A proxy firewall filters at _________

a) Physical layer
b) Data link layer
c) Network layer
d) Application layer

Question
 A packet filter firewall filters at __________
a) Physical layer
b) Data link layer
c) Network layer or Transport layer
d) Application layer

Question

What is one advantage of setting up a DMZ with two firewalls?

a) You can control where traffic goes in three networks
b) You can do stateful packet filtering
c) You can do load balancing
d) Improved network performance

Question

What tells a firewall how to reassemble a data stream that has been divided
into packets?
a) The source routing feature
b) The number in the header’s identification field
c) The destination IP address
d) The header checksum field in the packet header

Question
 A stateful firewall maintains a ___________ which is a list of active
connections.
a) Routing table
b) Bridging table
c) State table
d) Connection table

Question

A firewall needs to be __________ so that it can grow proportionally with the

network that it protects.
a) Robust
b) Expansive
c) Fast
d) Scalable

Question

IPSec is designed to provide security at the _________

a) Transport layer
b) Network layer
c) Application layer
d) Session layer

Question
 In tunnel mode, IPSec protects the ______
a) Entire IP packet
b) IP header
c) IP payload
d) IP trailer

Question

Which component is included in IP security?

a) Authentication Header (AH)
b) Encapsulating Security Payload (ESP)
c) Internet key Exchange (IKE)
d) All of the mentioned

Question

WPA2 is used for security in _______

a) Ethernet
b) Bluetooth
c) Wi-Fi
d) Email

Question

An attempt to make a computer resource unavailable to its intended users is

called ______
a) Denial-of-service attack
 b) Virus attack
c) Worms attack
d) Botnet process

Question

Extensible authentication protocol is authentication framework frequently used

in ______
a) Wired personal area network
b) Wireless networks
c) Wired local area network
d) Wired metropolitan area network

Question

Pretty good privacy (PGP) is used in ______

a) Browser security
b) Email security
c) FTP security
d) WiFi security

Question

PGP encrypts data by using a block cipher called ______

a) International data encryption algorithm
b) Private data encryption algorithm
c) Internet data encryption algorithm
d) Local data encryption algorithm

Question

When a DNS server accepts and uses incorrect information from a host that has no
authority giving that information, then it is called _________
a) DNS lookup
b) DNS hijacking
c) DNS spoofing
d) DNS authorizing

Question

There are _______ major ways of stealing email information.

a) 2
b) 3
c) 4
d) 5

Question

Which of them is not a major way of stealing email information?

a) Stealing cookies
b) Reverse Engineering
c) Password Phishing
d) Social Engineering
 Question

____________ is the method for keeping sensitive information in email

communication & accounts secure against unofficial access, loss, or compromise.
a) Email security
b) Email hacking
c) Email protection
d) Email safeguarding

Question

____________ is a famous technological medium for the spread of malware,

facing problems of spam, & phishing attacks.
a) Cloud
b) Pen drive
c) Website
d) Email

Question

Which of them is not a proper method for email security?

a) Use Strong password
b) Use email Encryption
c) Spam filters and malware scanners
d) Click on unknown links to explore
 Question

If a website uses a cookie, or a browser contains the cookie, then every time you
visit that website, the browser transfers the cookie to that website.
a) True
b) False

Question

The stored cookie which contains all your personal data about that website can be
stolen away by _____________ using _____________ or trojans.
a) attackers, malware
b) hackers, antivirus
c) penetration testers, malware
d) penetration testers, virus

Question

If the data stored in the _____________ is not encrypted, then after cookie
stealing, attackers can see information such as username and password stored by
the cookie.
a) memory
b) quarantine
c) cookies
d) hard drive
 Question

Which of the following is a non-technical type of intrusion or attack technique?

a) Reverse Engineering
b) Malware Analysis
c) Social Engineering
d) Malware Writing

Question

Which of them is an example of grabbing email information?

a) Cookie stealing
b) Reverse engineering
c) Port scanning
d) Banner grabbing

Question

_____________ is the technique used for tricking users to disclose their username
and passwords through fake pages.
a) Social Engineering
b) Phishing
c) Cookie Stealing
d) Banner Grabbing

Question
Using email hacking illicit hackers can send & spread ___________ virus
_____________ and spam emails.
a) trojans, redirected malicious URLs
b) antivirus, patches
c) cracked software, redirected malicious URLs
d) malware, security patches

Question

Unsolicited Bulk E-mails (UBI) are called __________

a) SMS
b) MMS
c) Spam emails
d) Malicious emails

Question

Fraudulent email messages are some fake email messages that seem legitimate
which ask for your bank details and reply those emails with updated confidential
information.
a) True
b) False

Question
Fraudulent email messages are some fake email messages that seem legitimate
which asks for your confidential bank details such as _____________ details
_________ and passwords.
a) credit card, antivirus name
b) credit card, login ID
c) cell phone, antivirus name
d) car model, account ID

Question

Which of the following is not a type of cyber crime?

a) Data theft
b) Forgery
c) Damage to data and systems
d) Installing antivirus for protection

Question

Cyber-laws are incorporated for punishing all criminals only.

a) True
b) False

Question

Cyber-crime can be categorized into ________ types.

a) 4
b) 3
c) 2
d) 6

Question

Which of the following is not a type of peer-to-peer cyber-crime?

a) Phishing
b) Injecting Trojans to a target victim
c) MiTM
d) Credit card details leak in deep web

Question

Which of the following is not an example of a computer as weapon cyber-crime?

a) Credit card fraudulent
b) Spying someone using keylogger
c) IPR Violation
d) Pornography

Question

Which of the following is not done by cyber criminals?

a) Unauthorized account access
b) Mass attack using Trojans as botnets
c) Email spoofing and spamming
d) Report vulnerability in any system
 Question

What is the name of the IT law that India is having in the Indian legislature?
a) India’s Technology (IT) Act, 2000
b) India’s Digital Information Technology (DIT) Act, 2000
c) India’s Information Technology (IT) Act, 2000
d) The Technology Act, 2008

Question

In which year India’s IT Act came into existence?

a) 2000
b) 2001
c) 2002
d) 2003

Question

What is the full form of ITA-2000?

a) Information Tech Act -2000
b) Indian Technology Act -2000
c) International Technology Act -2000
d) Information Technology Act -2000

Question
The Information Technology Act -2000 bill was passed by K. R. Narayanan.
a) True
b) False

Question

Under which section of IT Act, stealing any digital asset or information is written a
cyber-crime.
a) 65
b) 65-D
c) 67
d) 70

Question

What is the punishment in India for stealing computer documents, assets or any
software’s source code from any organization, individual, or from any other
means?
a) 6 months of imprisonment and a fine of Rs. 50,000
b) 1 year of imprisonment and a fine of Rs. 100,000
c) 2 years of imprisonment and a fine of Rs. 250,000
d) 3 years of imprisonment and a fine of Rs. 500,000

Question

What is the updated version of the IT Act, 2000?

a) IT Act, 2007
b) Advanced IT Act, 2007
c) IT Act, 2008
d) Advanced IT Act, 2008

Question

In which year the Indian IT Act, 2000 got updated?

a) 2006
b) 2008
c) 2010
d) 2012

Question

What type of cyber-crime, its laws and punishments does section 66 of the Indian
IT Act holds?
a) Cracking or illegally hack into any system
b) Putting antivirus into the victim
c) Stealing data
d) Stealing hardware components