McqMate
These multiple-choice questions (MCQs) are designed to enhance your knowledge and understanding in the following areas: Computer Science Engineering (CSE) , Information Technology Engineering (IT) , Bachelor of Science in Animation SY (BSC [animation]) , Bachelor of Science in Animation (BSc animation) .
| 1. |
In the _______ mode, IPSec protects the whole IP packet, including the original IP header. |
| A. | transport |
| B. | tunnel |
| C. | either (a) or (b) |
| D. | neither (a) nor (b) |
| Answer» B. tunnel | |
| 2. |
An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL |
| A. | 40; 80 |
| B. | 60; 620 |
| C. | 80; 443 |
| D. | 620; 80 |
| Answer» C. 80; 443 | |
| 3. |
What port does Telnet use? |
| A. | 22 |
| B. | 80 |
| C. | 20 |
| D. | 23 |
| Answer» D. 23 | |
| 4. |
A digital Signature is |
| A. | a bit string giving identity of a correspondent |
| B. | a unique identification of a sender |
| C. | an authentication of an electronic record by trying it uniquely to a key only a sender knows |
| D. | an encrypted signature of sender |
| Answer» C. an authentication of an electronic record by trying it uniquely to a key only a sender knows | |
| 5. |
A ___________ is an extension of an enterprise’s private intranet across a public network such as the internet, creating a secure private connection. |
| A. | vnp |
| B. | vpn |
| C. | vsn |
| D. | vspn |
| Answer» B. vpn | |
| 6. |
______uses the idea of certificate trust levels |
| A. | x509 |
| B. | pgp |
| C. | kdc |
| D. | none of them |
| Answer» B. pgp | |
| 7. |
A digital signature needs a |
| A. | private-key system |
| B. | shared-key system |
| C. | public-key system |
| D. | all of them |
| Answer» C. public-key system | |
| 8. |
Pretty good privacy (PGP) is used in ______ |
| A. | browser security |
| B. | email security |
| C. | ftp security |
| D. | wifi security |
| Answer» B. email security | |
| 9. |
What is necessary for a cross-site script attack with cookies to be thwarted |
| A. | captchas |
| B. | virtual machines |
| C. | proxies |
| D. | firewalls |
| Answer» A. captchas | |
| 10. |
The _______ mode is normally used when we need host-to-host (end-to-end) protection of data. |
| A. | transport |
| B. | tunnel |
| C. | either (a) or (b) |
| D. | neither (a) nor (b) |
| Answer» A. transport | |
| 11. |
For each _______ the Kerberos Key Distribution Center (KDC) maintains a database of the realm’s principal and the principal’s associated “secret keys”. |
| A. | key |
| B. | realm |
| C. | document |
| D. | none of the mentioned |
| Answer» B. realm | |
| 12. |
The basic Web Services platform is combination of _____ and _______ |
| A. | css + http |
| B. | xml + html |
| C. | xml + http |
| D. | css + java |
| Answer» C. xml + http | |
| 13. |
For a client-server authentication, the client requests from the KDC a ________ for access to a specific asset. |
| A. | ticket |
| B. | local |
| C. | token |
| D. | user |
| Answer» A. ticket | |
| 14. |
What is one advantage of setting up a DMZ with two firewalls? |
| A. | you can control where traffic goes in three networks |
| B. | you can do stateful packet filtering |
| C. | you can do load balancing |
| D. | ??improved network performance |
| Answer» C. you can do load balancing | |
| 15. |
What are the two primary classifications of cross-site scripting? |
| A. | dom based and persistent |
| B. | traditional and dom based |
| C. | traditional and non-persistent |
| D. | non-persistent and persistent |
| Answer» D. non-persistent and persistent | |
| 16. |
Imagine a social networking web app (like Twitter) that allows users to post short blurbs of text. |
| A. | cross-site scripting |
| B. | sql injection |
| C. | packet sniffing |
| D. | a and b |
| Answer» D. a and b | |
| 17. |
Why would a hacker use a proxy server? |
| A. | to create a stronger connection with the target. |
| B. | to create a ghost server on the network. |
| C. | to obtain a remote access connection |
| D. | to hide malicious activity on the network. |
| Answer» D. to hide malicious activity on the network. | |
| 18. |
IPSec is designed to provide security at the _________ |
| A. | transport layer |
| B. | network layer |
| C. | application layer |
| D. | session layer |
| Answer» B. network layer | |
| 19. |
Which component is included in IP security? |
| A. | authentication header (ah) |
| B. | encapsulating security payload (esp) |
| C. | internet key exchange (ike) |
| D. | all of the mentioned |
| Answer» D. all of the mentioned | |
| 20. |
What is Firewall? |
| A. | firewalls are network based security measures that control the flow of incoming and outgoing traffic |
| B. | firewall is a program that encrypts all programs that access the internet |
| C. | a firewall is a program that keeps other programs from using the internet |
| D. | firewall are the interrupts that automatically disconnect from the internet when a threat appears. |
| Answer» A. firewalls are network based security measures that control the flow of incoming and outgoing traffic | |
| 21. |
SSL stands for? |
| A. | secured socket layer |
| B. | secured shell layer |
| C. | system socket layer |
| D. | system secured layer |
| Answer» A. secured socket layer | |
| 22. |
What is the most important activity in system hacking? |
| A. | information gathering |
| B. | cracking passwords |
| C. | escalating privileges |
| D. | covering tracks |
| Answer» B. cracking passwords | |
| 23. |
Why would HTTP Tunneling be used? |
| A. | to identify proxy servers |
| B. | web activity is not scanned |
| C. | to bypass a firewall |
| D. | http is a easy protocol to work with |
| Answer» C. to bypass a firewall | |
| 24. |
The domain name space (tree) is devided into---------different sections |
| A. | 3 |
| B. | 2 |
| C. | 4 |
| D. | none |
| Answer» A. 3 | |
| 25. |
The _____domains define registered hosts according to their generic behaviour. |
| A. | generic |
| B. | country |
| C. | inverse |
| D. | none |
| Answer» A. generic | |
| 26. |
DNS can use services of________using the well known port 53 |
| A. | udp |
| B. | tcp |
| C. | either (a) or (b) |
| D. | none of the above |
| Answer» C. either (a) or (b) | |
| 27. |
In the DNS the names are defined in _____ sturucture |
| A. | a linear list |
| B. | an invertred tree |
| C. | a graph |
| D. | none |
| Answer» B. an invertred tree | |
| 28. |
The root of DNS tree is____ |
| A. | a string of characters |
| B. | a string of 63 characters |
| C. | an empty string |
| D. | none |
| Answer» C. an empty string | |
| 29. |
A full domain name is sequence of lables seperated by____ |
| A. | semicolons |
| B. | dots |
| C. | colons |
| D. | none |
| Answer» B. dots | |
| 30. |
When discussing IDS/IPS, what is a signature? |
| A. | an electronic signature used to authenticate the identity of a user on the network |
| B. | patterns of activity or code corresponding to attacks |
| C. | "normal," baseline network behavior |
| D. | none of the above |
| Answer» B. patterns of activity or code corresponding to attacks | |
| 31. |
Which is true of a signature-based IDS? |
| A. | it cannot work with an ips |
| B. | it only identifies on known signatures |
| C. | it detects never-before-seen anomalies |
| D. | it works best in large enterprises. |
| Answer» B. it only identifies on known signatures | |
| 32. |
A false positive can be defined as: |
| A. | an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior |
| B. | an alert that indicates nefarious activity on a system that, upon further inspection, turns out to truly be nefarious activity |
| C. | the lack of an alert for nefarious activity |
| D. | all of the above |
| Answer» A. an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior | |
| 33. |
The features of traditional IPSes are found in all of these modern systems, except: |
| A. | next-generation firewalls |
| B. | antimalware |
| C. | unified threat management appliances |
| D. | network behavior analysis systems |
| Answer» B. antimalware | |
| 34. |
How does machine learning benefit IDSes/IPSes? |
| A. | by lowering the volume of attacks analyzed |
| B. | by adding heuristic anomaly detection capabilities |
| C. | by searching for similar patterns to known attacks |
| D. | by helping identify signatures more quickly |
| Answer» C. by searching for similar patterns to known attacks | |
| 35. |
A valid definition of digital evidence is: |
| A. | none of the below |
| B. | data stored or transmitted using a computer |
| C. | digital data of probative value |
| D. | any digital evidence on a computer |
| Answer» C. digital data of probative value | |
| 36. |
What are the three general categories of computer systems that can contain digital evidence? |
| A. | desktop, laptop, server |
| B. | personal computer, internet, mobile telephone |
| C. | hardware, software, networks |
| D. | open computer systems, communication systems, embedded systems |
| Answer» D. open computer systems, communication systems, embedded systems | |
| 37. |
In terms of digital evidence, the Internet is an example of: |
| A. | open computer systems |
| B. | communication systems |
| C. | embedded computer systems |
| D. | none of the above |
| Answer» B. communication systems | |
| 38. |
Cybertrails are advantageous because: |
| A. | they are not connected to the physical world. |
| B. | nobody can be harmed by crime on the internet. |
| C. | they are easy to follow. |
| D. | offenders who are unaware of them leave behind more clues than they otherwise would have. |
| Answer» D. offenders who are unaware of them leave behind more clues than they otherwise would have. | |
| 39. |
Personal computers and networks are often a valuable source of evidence. Those involved with _______ should be comfortable with this technology. |
| A. | criminal investigation |
| B. | prosecution |
| C. | defense work |
| D. | all of the above |
| Answer» D. all of the above | |
| 40. |
Computers can play the following roles in a crime: |
| A. | target, object, and subject |
| B. | evidence, instrumentality, contraband, or fruit of crime |
| C. | object, evidence, and tool |
| D. | symbol, instrumentality, and source of evidence |
| Answer» B. evidence, instrumentality, contraband, or fruit of crime | |
| 41. |
The following specializations exist in digital investigations: |
| A. | first responder (a.k.a. digital crime scene technician) |
| B. | forensic examiner |
| C. | digital investigator |
| D. | all of the above |
| Answer» D. all of the above | |
| 42. |
The process of documenting the seizure of digital evidence and, in particular, when that evidence changes hands, is known as: |
| A. | chain of custody |
| B. | field notes |
| C. | interim report |
| D. | none of the above |
| Answer» A. chain of custody | |
| 43. |
When assessing the reliability of digital evidence, the investigator is concerned with whether the computer that generated the evidence was functioning normally, and: |
| A. | whether chain of custody was maintained |
| B. | whether there are indications that the actual digital evidence was tampered with |
| C. | whether the evidence was properly secured in transit |
| D. | whether the evidence media was compatible with forensic machines |
| Answer» B. whether there are indications that the actual digital evidence was tampered with | |
| 44. |
The fact that with modern technology, a photocopy of a document has become acceptable in place of the original is known as: |
| A. | best evidence rule |
| B. | due diligence |
| C. | quid pro quo |
| D. | voir dire |
| Answer» A. best evidence rule | |
| 45. |
An investigation can be hindered by the following: |
| A. | preconceived theories |
| B. | improperly handled evidence |
| C. | offender concealment behavior |
| D. | all of the above |
| Answer» D. all of the above | |
| 46. |
Forensic analysis involves the following: |
| A. | assessment, experimentation, fusion, correlation, and validation |
| B. | seizure and preservation |
| C. | recovery, harvesting, filtering, organization, and search |
| D. | all of the above |
| Answer» A. assessment, experimentation, fusion, correlation, and validation | |
| 47. |
The first step in applying the scientific method to a digital investigation is to: |
| A. | form a theory on what may have occurred |
| B. | experiment or test the available evidence to confirm or refute your prediction |
| C. | make one or more observations based on events that occurred |
| D. | form a conclusion based on the results of your findings |
| Answer» C. make one or more observations based on events that occurred | |
| 48. |
The process model whose goal is to completely describe the flow of information in a digital investigation is known as: |
| A. | the physical model |
| B. | the staircase model |
| C. | the evidence flow model |
| D. | the subphase model |
| Answer» C. the evidence flow model | |
| 49. |
The crime scene preservation process includes all but which of the following: |
| A. | protecting against unauthorized alterations |
| B. | acquiring digital evidence |
| C. | confirming system date and time |
| D. | controlling access to the crime scene |
| Answer» C. confirming system date and time | |
| 50. |
Investigative reconstruction is composed of three different forms. Which of the following is NOT one of those three forms? |
| A. | functional |
| B. | intentional |
| C. | relational |
| D. | temporal |
| Answer» B. intentional | |
Done Studing? Take A Test.
Great job completing your study session! Now it's time to put your knowledge to the test. Challenge yourself, see how much you've learned, and identify areas for improvement. Don’t worry, this is all part of the journey to mastery. Ready for the next step? Take a quiz to solidify what you've just studied.