McqMate
1. |
In the _______ mode, IPSec protects the whole IP packet, including the original IP header. |
A. | transport |
B. | tunnel |
C. | either (a) or (b) |
D. | neither (a) nor (b) |
Answer» B. tunnel |
2. |
An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL |
A. | 40; 80 |
B. | 60; 620 |
C. | 80; 443 |
D. | 620; 80 |
Answer» C. 80; 443 |
3. |
What port does Telnet use? |
A. | 22 |
B. | 80 |
C. | 20 |
D. | 23 |
Answer» D. 23 |
4. |
A digital Signature is |
A. | a bit string giving identity of a correspondent |
B. | a unique identification of a sender |
C. | an authentication of an electronic record by trying it uniquely to a key only a sender knows |
D. | an encrypted signature of sender |
Answer» C. an authentication of an electronic record by trying it uniquely to a key only a sender knows |
5. |
A ___________ is an extension of an enterprise’s private intranet across a public network such as the internet, creating a secure private connection. |
A. | vnp |
B. | vpn |
C. | vsn |
D. | vspn |
Answer» B. vpn |
6. |
______uses the idea of certificate trust levels |
A. | x509 |
B. | pgp |
C. | kdc |
D. | none of them |
Answer» B. pgp |
7. |
A digital signature needs a |
A. | private-key system |
B. | shared-key system |
C. | public-key system |
D. | all of them |
Answer» C. public-key system |
8. |
Pretty good privacy (PGP) is used in ______ |
A. | browser security |
B. | email security |
C. | ftp security |
D. | wifi security |
Answer» B. email security |
9. |
What is necessary for a cross-site script attack with cookies to be thwarted |
A. | captchas |
B. | virtual machines |
C. | proxies |
D. | firewalls |
Answer» A. captchas |
10. |
The _______ mode is normally used when we need host-to-host (end-to-end) protection of data. |
A. | transport |
B. | tunnel |
C. | either (a) or (b) |
D. | neither (a) nor (b) |
Answer» A. transport |
11. |
For each _______ the Kerberos Key Distribution Center (KDC) maintains a database of the realm’s principal and the principal’s associated “secret keys”. |
A. | key |
B. | realm |
C. | document |
D. | none of the mentioned |
Answer» B. realm |
12. |
The basic Web Services platform is combination of _____ and _______ |
A. | css + http |
B. | xml + html |
C. | xml + http |
D. | css + java |
Answer» C. xml + http |
13. |
For a client-server authentication, the client requests from the KDC a ________ for access to a specific asset. |
A. | ticket |
B. | local |
C. | token |
D. | user |
Answer» A. ticket |
14. |
What is one advantage of setting up a DMZ with two firewalls? |
A. | you can control where traffic goes in three networks |
B. | you can do stateful packet filtering |
C. | you can do load balancing |
D. | ??improved network performance |
Answer» C. you can do load balancing |
15. |
What are the two primary classifications of cross-site scripting? |
A. | dom based and persistent |
B. | traditional and dom based |
C. | traditional and non-persistent |
D. | non-persistent and persistent |
Answer» D. non-persistent and persistent |
16. |
Imagine a social networking web app (like Twitter) that allows users to post short blurbs of text. |
A. | cross-site scripting |
B. | sql injection |
C. | packet sniffing |
D. | a and b |
Answer» D. a and b |
17. |
Why would a hacker use a proxy server? |
A. | to create a stronger connection with the target. |
B. | to create a ghost server on the network. |
C. | to obtain a remote access connection |
D. | to hide malicious activity on the network. |
Answer» D. to hide malicious activity on the network. |
18. |
IPSec is designed to provide security at the _________ |
A. | transport layer |
B. | network layer |
C. | application layer |
D. | session layer |
Answer» B. network layer |
19. |
Which component is included in IP security? |
A. | authentication header (ah) |
B. | encapsulating security payload (esp) |
C. | internet key exchange (ike) |
D. | all of the mentioned |
Answer» D. all of the mentioned |
20. |
What is Firewall? |
A. | firewalls are network based security measures that control the flow of incoming and outgoing traffic |
B. | firewall is a program that encrypts all programs that access the internet |
C. | a firewall is a program that keeps other programs from using the internet |
D. | firewall are the interrupts that automatically disconnect from the internet when a threat appears. |
Answer» A. firewalls are network based security measures that control the flow of incoming and outgoing traffic |
21. |
SSL stands for? |
A. | secured socket layer |
B. | secured shell layer |
C. | system socket layer |
D. | system secured layer |
Answer» A. secured socket layer |
22. |
What is the most important activity in system hacking? |
A. | information gathering |
B. | cracking passwords |
C. | escalating privileges |
D. | covering tracks |
Answer» B. cracking passwords |
23. |
Why would HTTP Tunneling be used? |
A. | to identify proxy servers |
B. | web activity is not scanned |
C. | to bypass a firewall |
D. | http is a easy protocol to work with |
Answer» C. to bypass a firewall |
24. |
The domain name space (tree) is devided into---------different sections |
A. | 3 |
B. | 2 |
C. | 4 |
D. | none |
Answer» A. 3 |
25. |
The _____domains define registered hosts according to their generic behaviour. |
A. | generic |
B. | country |
C. | inverse |
D. | none |
Answer» A. generic |
26. |
DNS can use services of________using the well known port 53 |
A. | udp |
B. | tcp |
C. | either (a) or (b) |
D. | none of the above |
Answer» C. either (a) or (b) |
27. |
In the DNS the names are defined in _____ sturucture |
A. | a linear list |
B. | an invertred tree |
C. | a graph |
D. | none |
Answer» B. an invertred tree |
28. |
The root of DNS tree is____ |
A. | a string of characters |
B. | a string of 63 characters |
C. | an empty string |
D. | none |
Answer» C. an empty string |
29. |
A full domain name is sequence of lables seperated by____ |
A. | semicolons |
B. | dots |
C. | colons |
D. | none |
Answer» B. dots |
30. |
When discussing IDS/IPS, what is a signature? |
A. | an electronic signature used to authenticate the identity of a user on the network |
B. | patterns of activity or code corresponding to attacks |
C. | "normal," baseline network behavior |
D. | none of the above |
Answer» B. patterns of activity or code corresponding to attacks |
31. |
Which is true of a signature-based IDS? |
A. | it cannot work with an ips |
B. | it only identifies on known signatures |
C. | it detects never-before-seen anomalies |
D. | it works best in large enterprises. |
Answer» B. it only identifies on known signatures |
32. |
A false positive can be defined as: |
A. | an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior |
B. | an alert that indicates nefarious activity on a system that, upon further inspection, turns out to truly be nefarious activity |
C. | the lack of an alert for nefarious activity |
D. | all of the above |
Answer» A. an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior |
33. |
The features of traditional IPSes are found in all of these modern systems, except: |
A. | next-generation firewalls |
B. | antimalware |
C. | unified threat management appliances |
D. | network behavior analysis systems |
Answer» B. antimalware |
34. |
How does machine learning benefit IDSes/IPSes? |
A. | by lowering the volume of attacks analyzed |
B. | by adding heuristic anomaly detection capabilities |
C. | by searching for similar patterns to known attacks |
D. | by helping identify signatures more quickly |
Answer» C. by searching for similar patterns to known attacks |
35. |
A valid definition of digital evidence is: |
A. | none of the below |
B. | data stored or transmitted using a computer |
C. | digital data of probative value |
D. | any digital evidence on a computer |
Answer» C. digital data of probative value |
36. |
What are the three general categories of computer systems that can contain digital evidence? |
A. | desktop, laptop, server |
B. | personal computer, internet, mobile telephone |
C. | hardware, software, networks |
D. | open computer systems, communication systems, embedded systems |
Answer» D. open computer systems, communication systems, embedded systems |
37. |
In terms of digital evidence, the Internet is an example of: |
A. | open computer systems |
B. | communication systems |
C. | embedded computer systems |
D. | none of the above |
Answer» B. communication systems |
38. |
Cybertrails are advantageous because: |
A. | they are not connected to the physical world. |
B. | nobody can be harmed by crime on the internet. |
C. | they are easy to follow. |
D. | offenders who are unaware of them leave behind more clues than they otherwise would have. |
Answer» D. offenders who are unaware of them leave behind more clues than they otherwise would have. |
39. |
Personal computers and networks are often a valuable source of evidence. Those involved with _______ should be comfortable with this technology. |
A. | criminal investigation |
B. | prosecution |
C. | defense work |
D. | all of the above |
Answer» D. all of the above |
40. |
Computers can play the following roles in a crime: |
A. | target, object, and subject |
B. | evidence, instrumentality, contraband, or fruit of crime |
C. | object, evidence, and tool |
D. | symbol, instrumentality, and source of evidence |
Answer» B. evidence, instrumentality, contraband, or fruit of crime |
41. |
The following specializations exist in digital investigations: |
A. | first responder (a.k.a. digital crime scene technician) |
B. | forensic examiner |
C. | digital investigator |
D. | all of the above |
Answer» D. all of the above |
42. |
The process of documenting the seizure of digital evidence and, in particular, when that evidence changes hands, is known as: |
A. | chain of custody |
B. | field notes |
C. | interim report |
D. | none of the above |
Answer» A. chain of custody |
43. |
When assessing the reliability of digital evidence, the investigator is concerned with whether the computer that generated the evidence was functioning normally, and: |
A. | whether chain of custody was maintained |
B. | whether there are indications that the actual digital evidence was tampered with |
C. | whether the evidence was properly secured in transit |
D. | whether the evidence media was compatible with forensic machines |
Answer» B. whether there are indications that the actual digital evidence was tampered with |
44. |
The fact that with modern technology, a photocopy of a document has become acceptable in place of the original is known as: |
A. | best evidence rule |
B. | due diligence |
C. | quid pro quo |
D. | voir dire |
Answer» A. best evidence rule |
45. |
An investigation can be hindered by the following: |
A. | preconceived theories |
B. | improperly handled evidence |
C. | offender concealment behavior |
D. | all of the above |
Answer» D. all of the above |
46. |
Forensic analysis involves the following: |
A. | assessment, experimentation, fusion, correlation, and validation |
B. | seizure and preservation |
C. | recovery, harvesting, filtering, organization, and search |
D. | all of the above |
Answer» A. assessment, experimentation, fusion, correlation, and validation |
47. |
The first step in applying the scientific method to a digital investigation is to: |
A. | form a theory on what may have occurred |
B. | experiment or test the available evidence to confirm or refute your prediction |
C. | make one or more observations based on events that occurred |
D. | form a conclusion based on the results of your findings |
Answer» C. make one or more observations based on events that occurred |
48. |
The process model whose goal is to completely describe the flow of information in a digital investigation is known as: |
A. | the physical model |
B. | the staircase model |
C. | the evidence flow model |
D. | the subphase model |
Answer» C. the evidence flow model |
49. |
The crime scene preservation process includes all but which of the following: |
A. | protecting against unauthorized alterations |
B. | acquiring digital evidence |
C. | confirming system date and time |
D. | controlling access to the crime scene |
Answer» C. confirming system date and time |
50. |
Investigative reconstruction is composed of three different forms. Which of the following is NOT one of those three forms? |
A. | functional |
B. | intentional |
C. | relational |
D. | temporal |
Answer» B. intentional |
51. |
In crimes against individuals the ______ period leading up to the crime often contains the most important clues regarding the relationship between the offender and the victim. |
A. | 24-hour |
B. | 28-hour |
C. | 60-minute |
D. | 15-minute |
Answer» A. 24-hour |
52. |
The type of report that is a preliminary summary of findings is known as: |
A. | sitrep |
B. | threshold assessment report |
C. | full investigative report |
D. | field notes |
Answer» B. threshold assessment report |
53. |
Creating a histogram of times to reveal periods of high activity is an example of which form of investigative reconstruction? |
A. | functional |
B. | intentional |
C. | relational |
D. | temporal |
Answer» D. temporal |
54. |
Investigators should not rely on one piece of digital evidence when examining an alibi – they should look for an associated _______. |
A. | cybertrail |
B. | piece of physical evidence |
C. | statement |
D. | none of the above |
Answer» A. cybertrail |
55. |
It is quite difficult to fabricate an alibi on a network successfully because: |
A. | an offender may not have the proper access. |
B. | an offender would need system administrator access level to make the necessary changes. |
C. | an individual rarely has the ability to falsify digital evidence on all the computers that are involved. |
D. | creating an alibi on a network could take months of work. |
Answer» C. an individual rarely has the ability to falsify digital evidence on all the computers that are involved. |
56. |
Types of digital evidence that might corroborate an alibi include: |
A. | evidence of computer usage when the offense was supposed to occurred |
B. | computer records from credit cards, the telephone company, or subway ticket usage |
C. | gps information from mobile devices indicating the user’s location and time |
D. | all of the above |
Answer» D. all of the above |
57. |
To demonstrate that someone is lying about an alibi, it is necessary to: |
A. | find evidence that clearly demonstrates the lie |
B. | require the suspect to submit to a polygraph |
C. | interrogate the suspect using a number of methods |
D. | show that no evidence confirming the alibi is available |
Answer» A. find evidence that clearly demonstrates the lie |
58. |
In confirming an alibi involving an obscure piece of equipment, if no documentation is available, the manufacturer is no longer in business, or the equipment/network is so complicated that nobody fully understands how it works, you should: |
A. | state that the alibi is considered unproven |
B. | search the internet for any pertinent information |
C. | recreate the events surrounding the alibi |
D. | contact other investigators and average their opinions |
Answer» C. recreate the events surrounding the alibi |
59. |
Absence of evidence refutes an alibi. |
A. | true |
B. | false |
Answer» B. false |
60. |
An implication from studies indicating that many stalkers had prior acquaintance with their victims is that: |
A. | part of the blame can be assigned to the victim. |
B. | the offender is likely to be found in the same area as the victim |
C. | investigators should pay particular attention to acquaintances of the victim |
D. | investigators should always check the immediate family |
Answer» C. investigators should pay particular attention to acquaintances of the victim |
61. |
When a cyberstalking case is stalled, it is a good idea to interview the victim again, because: |
A. | the victim might have been withholding information during the first interview. |
B. | the information that investigators have gathered might help the victim recall additional details. |
C. | the time between the first and second interviews has given the victim time to seek counseling. |
D. | none of the above |
Answer» B. the information that investigators have gathered might help the victim recall additional details. |
62. |
That part of cyberstalking where the offender is using the Internet to find a victim is known as: |
A. | profiling |
B. | trolling |
C. | surreptitious monitoring |
D. | none of the above. |
Answer» C. surreptitious monitoring |
63. |
The _____________ documentation specifies who handled the evidence, when, where, and for what purpose. |
A. | evidence inventory |
B. | . chain of custody |
C. | evidence intake |
D. | preservation notes |
Answer» B. . chain of custody |
64. |
When you have developed a theory, what can you do to confirm that your hypothesis is correct? |
A. | predict, based on your hypothesis, where artifacts should be located |
B. | perform experiments to test results and rule out alternate explanations |
C. | conclude, based on your findings, whether the evidence supports the hypothesis |
D. | all of the above |
Answer» D. all of the above |
65. |
Of particular significance in the scientific method is the weight attached to finding evidence which supports a particular hypothesis |
A. | true |
B. | false |
Answer» A. true |
66. |
When reconstructing evidence surrounding a violent crime, it is generally helpful to: |
A. | lay out all the evidence so it can be viewed in its entirety |
B. | work with the crime scene technicians so that a better understanding of the crime is achieved |
C. | construct a timeline of events from digital evidence |
D. | begin the process of converting field notes to a final report |
Answer» C. construct a timeline of events from digital evidence |
67. |
Computers and mobile devices are treated as _________ crime scenes in violent crime investigations. |
A. | temporary |
B. | immediate |
C. | remote |
D. | secondary |
Answer» D. secondary |
68. |
Given the scope and consequences of violent crimes, it is advisable to seek out and preserve all available digital evidence. |
A. | true |
B. | false |
Answer» A. true |
69. |
In the course of conducting forensic analysis, which of the following actions are carried out? |
A. | critical thinking |
B. | fusion |
C. | validation |
D. | all of the above |
Answer» D. all of the above |
70. |
Security Measures Needed to protect ________ during their transmission |
A. | file |
B. | data |
C. | packet |
D. | all of above |
Answer» B. data |
71. |
__________ means knowledge obtained from investigation, study , intelligence new ,facts . |
A. | security |
B. | data |
C. | information |
D. | none of these |
Answer» C. information |
72. |
Prevention of the unauthorised used of Resources refers too? |
A. | data integrity |
B. | data confidentiality |
C. | acess control |
D. | none of these |
Answer» C. acess control |
73. |
Protection against Denial by one of these parties in a communication refers to? |
A. | non-repudiation |
B. | data integrity |
C. | authentication |
D. | none of these |
Answer» A. non-repudiation |
74. |
Which One of them is Passive attack? |
A. | denial of service |
B. | modify message in transit |
C. | replay previous message |
D. | obtain message contain |
Answer» D. obtain message contain |
75. |
What is lying of IP address called as? |
A. | ip spoofing |
B. | ip scamming |
C. | ip lying |
D. | none of theses |
Answer» A. ip spoofing |
76. |
What is full form of DDoS? |
A. | derived denial of service |
B. | distributed denial of service |
C. | denial of service |
D. | none of these |
Answer» B. distributed denial of service |
77. |
A hacker guessing suggested password to a program is call as? |
A. | password guessing |
B. | dictionary attack |
C. | default password attack |
D. | none of these |
Answer» C. default password attack |
78. |
Symmetric key encryption is also called as? |
A. | public key encryption |
B. | private key encryption |
C. | both of these |
D. | none of these |
Answer» B. private key encryption |
79. |
Conversion of Cypher text to plain text? |
A. | encryption |
B. | decryption |
C. | simple text |
D. | none of these |
Answer» B. decryption |
80. |
__is used to create the organisation's overall security program. |
A. | program policy |
B. | purpose |
C. | security |
D. | none of these |
Answer» A. program policy |
81. |
An act of protecting information from unauthorised disclouser to an entity.- |
A. | intergrity |
B. | avability |
C. | confidentiality |
D. | none of these |
Answer» C. confidentiality |
82. |
A way to ensure that the entity is indeed what it claims to be.- |
A. | authentication |
B. | accountability |
C. | identification |
D. | security |
Answer» A. authentication |
83. |
The__model is 7 layer architecture where each layer is having some specific functionality to perform. |
A. | tcp |
B. | osi |
C. | ois |
D. | none of these |
Answer» B. osi |
84. |
The full form of OSI is OSI model__. |
A. | open systems interconnection |
B. | open software interconnection |
C. | open connection |
D. | open system internet |
Answer» A. open systems interconnection |
85. |
The technique in which when one character is replaced by another Character is called as? |
A. | transposition |
B. | substitution |
C. | combinational |
D. | none of these |
Answer» B. substitution |
86. |
Conversion of plain text into Cipher text is called as________. |
A. | encryption |
B. | decryption |
C. | hidden text |
D. | none of above |
Answer» A. encryption |
87. |
In Symmetric schemes requires both parties to share how many secret key? |
A. | one |
B. | two |
C. | three |
D. | four |
Answer» A. one |
88. |
Blum Blum Shub Generator is based on which Algorithm? |
A. | private key |
B. | public key |
C. | both a & b |
D. | none of these |
Answer» B. public key |
89. |
In DES step both LPT and RPT undergoes in how much key Rounds? |
A. | 8 |
B. | 16 |
C. | 32 |
D. | 64 |
Answer» B. 16 |
90. |
What is the 4th step in DES Algorithm? |
A. | key transformation |
B. | s-box substitution |
C. | p-box permutation |
D. | expansion permutation |
Answer» C. p-box permutation |
91. |
In AES in which Round Subkeys are Generated from Original key for each round? |
A. | key expansion |
B. | initial round |
C. | finale round |
D. | none of these |
Answer» A. key expansion |
92. |
AES stands for ? |
A. | authorized encryption standard |
B. | advance encryption standard |
C. | advance encryption strategy |
D. | none of these |
Answer» B. advance encryption standard |
93. |
Which of them is type of Cipher? |
A. | stream cipher |
B. | block cipher |
C. | both of them |
D. | none of these |
Answer» C. both of them |
94. |
The message which is not understandable is called as? |
A. | cipher text |
B. | plain text |
C. | hidden text |
D. | both a & c |
Answer» A. cipher text |
95. |
_______ is the practice and precautions taken to protect valuable information from unauthorized access, recording, disclosure or destruction. |
A. | network security |
B. | database security |
C. | information security |
D. | physical security |
Answer» C. information security |
96. |
_______ platforms are used for safety and protection of information in the cloud. |
A. | cloud workload protection platforms |
B. | cloud security protocols |
C. | aws |
D. | one drive |
Answer» A. cloud workload protection platforms |
97. |
Compromising confidential information comes under _________ |
A. | bug |
B. | threat |
C. | vulnerability |
D. | attack |
Answer» B. threat |
98. |
An attempt to harm, damage or cause threat to a system or network is broadly termed as ______ |
A. | cyber-crime |
B. | cyber attack |
C. | system hijacking |
D. | digital crime |
Answer» B. cyber attack |
99. |
The CIA triad is often represented by which of the following? |
A. | triangle |
B. | diagonal |
C. | ellipse |
D. | circle |
Answer» A. triangle |
100. |
Related to information security, confidentiality is the opposite of which of the following? |
A. | closure |
B. | disclosure |
C. | disaster |
D. | disposal |
Answer» B. disclosure |
Done Reading?