All in One Quiz

My LMS Subjects >
2018-CSE5DNS(CB-2) > Subject Information > online test 1-Week6
Started on Wednesday, 5 September 2018, 11:18 AM

State Finished
Completed on Wednesday, 5 September 2018, 11:51 AM
Time taken 32 mins 14 secs
Marks 17.00/30.00
Grade 8.50 out of 15.00 (57%)
Question Incorrect
1 Mark 0.00 out of 1.00

▼
MD5 is quite fast and produces ________ message digests.
Select one:
a. 64 bits
b. 512 bits
c. 1024 bits
d. 128 bits
Your answer is incorrect.

The correct answer is: 128 bits
Question Incorrect
2 Mark 0.00 out of 1.00

▼
The first step of MD5 is __________.
Select one:
a. add padding bits to original messsge.
b. compression.
c. adding append length bits.
d. divide the input into 512 bit blocks.

The correct answer is: add padding bits to original messsge.
Question Correct
3 Mark 1.00 out of 1.00

▼
_________ is a block cipher.
Select one:
a. RSA
b. IDEA
c. DES
d. AES
Your answer is correct.

The correct answer is: DES
Question Correct
4 Mark 1.00 out of 1.00

▼
Triple DES
Select one:
a. guarantees excellent security
b. is a symmetric key encryption method
c. is public key encryption method with three keys.
d. is implementable as a hardware VLSI chip

The correct answer is: is a symmetric key encryption method
Question Correct
5 Mark 1.00 out of 1.00

▼
Hashed message is signed by a sender using
Select one:
a. his public key
b. receiver’s public key
c. his private key
d. receiver’s private key

The correct answer is: his private key
Question Correct
6 Mark 1.00 out of 1.00

▼
DES encrypts data in block size of __________ bits each.
Select one:
a. 64
b. 32
c. 56
d. 128

The correct answer is: 64
Question Incorrect
7 Mark 0.00 out of 1.00

▼
DES and public key algorithm are combined

(i) to speed up encrypted message transmission
(ii)to ensure higher security by using different key for each transmission
(iii) as a combination is always better than individual system
(iv) as it is required in e-Commerce
Select one:
a. iii and iv
b. i and ii
c. ii and iii
d. i and iv

The correct answer is: i and ii
Question Incorrect
8 Mark 0.00 out of 1.00

▼
In MD5, the process block divides the 512 bits into ________ sub blocks.
Select one:
a. 32
b. 16
c. 24
d. 84

Question Correct
9 Mark 1.00 out of 1.00

▼
Certification of Digital signature by an independent authority is needed because
Select one:
a. the authority checks and assures customers that the public key indeed belongs to the
business which claims its ownership
b. private key claimed by a sender may not be actually his
c. it gives confidence to a business
d. it is safe

The correct answer is: the authority checks and assures customers that the public key indeed
belongs to the business which claims its ownership
Question Correct
10 Mark 1.00 out of 1.00

▼
Which of the following provides additional encryption strength by repeating the encryption
process with additional keys?
Select one:
a. 3DES
b. Blowfish
c. Twofish
d. DES

The correct answer is: 3DES
Question Incorrect
11 Mark 0.00 out of 1.00

▼
A digital signature is
Select one:
a. a bit string giving identity of a correspondent
b. a unique identification of a sender
c. an encrypted signature of a sender
d. an authentication of an electronic record by tying it uniquely to a key only a sender

knows

The correct answer is: an authentication of an electronic record by tying it uniquely to a key only
a sender knows
Question Incorrect
12 Mark 0.00 out of 1.00

▼
Message can be sent more securely using DES by
Select one:
a. encrypting plain text by a different randomly selected key for each transmission
b. designing DES with high security and not publicizing algorithm used by it
c. encrypting plain text by a different random key for each message transmission and
sending the key to the receiver using a public key system
d. using an algorithm to implement DES instead of using hardware

The correct answer is: encrypting plain text by a different random key for each message
transmission and sending the key to the receiver using a public key system
Question Correct
13 Mark 1.00 out of 1.00

▼
A hashing function for digital signature

(i) must give a hashed message which is shorter than the original message
(ii)must be hardware implementable
(iii) two different messages should not give the same hashed message
(iv) is not essential for implementing digital signature
Select one:
a. ii and iii
b. i and ii
c. iii and iv
d. i and iii

The correct answer is: i and iii
Question Correct
14 Mark 1.00 out of 1.00

▼
Triple DES uses
Select one:
a. Uses 128 bit blocks of plain text and 112 bit keys and apply DES algorithm thrice.
b. 168 bit keys on 64-bit blocks of plain text
c. Working on 64-bit blocks of plain text and 56 bit keys by applying DES algorithm for
three rounds.
d. Works with 144 bit blocks of plain text and applies DES algorithm once.

The correct answer is: Working on 64-bit blocks of plain text and 56 bit keys by applying DES
algorithm for three rounds.
Question Correct
15 Mark 1.00 out of 1.00

▼
In which way does the Combined Encryption combine symmetric and assymmetric
encryption?
Select one:
a. The secret key is assymmetrically transmitted, the message itself symmetrically
b. First, the message is encrypted with assymmetric encryption and aferwards it is

encrypted symmetrically together with the key
c. First, the message is encrypted with symmetric encryption and aferwards it is

encrypted assymmetrically together with the key.
d. The secret key is symmetrically transmitted, the message itself assymmetrically

The correct answer is: The secret key is assymmetrically transmitted, the message itself
symmetrically
Question Incorrect
16 Mark 0.00 out of 1.00

▼
Assymmetric Encryption: Why can a message encrypted with the Public Key only be
decrypted with the receiver's appropriate Private Key?
Select one:
a. The encrypted message contains the function for decryption which identifies the
Private Key.
b. A so called "one way function with back door" is applyed for the encryption.
c. Not true, the message can also be decrypted with the Public Key
d. The Public Key contains a specialfunction which is used to encrypt the message and
which can only be reversed by the appropriate Private Key

The correct answer is: A so called "one way function with back door" is applyed for the
encryption.
Question Incorrect
17 Mark 0.00 out of 1.00

▼
The responsibility of a certification authority for digital signature is to authenticate the
Select one:
a. private keys of subscribers
b. public keys of subscribers
c. hash function used
d. key used in DES

The correct answer is: public keys of subscribers
Question Incorrect
18 Mark 0.00 out of 1.00

▼
In public key encryption system if A encrypts a message using his private key and sends it to
B
Select one:
a. A should send his public key with the message
b. if B knows it is from A he can decrypt it using A’s public key
c. It cannot be decrypted at all as no one knows A’s private key
d. Even if B knows who sent the message it cannot be decrypted

The correct answer is: if B knows it is from A he can decrypt it using A’s public key
Question Incorrect
19 Mark 0.00 out of 1.00

▼
What is a role of Certification Authorities (CA)?
Select one:
a. None of the above
b. To securely distribute shared public-/private key to multiple entities
c. To bind a public key to a specific entity
d. To securely relay a message from one side to the other
e. To establish a shared secret key between two parties

The correct answer is: To bind a public key to a specific entity
Question Incorrect
20 Mark 0.00 out of 1.00

▼
Public key system is useful because
Select one:
a. it is a symmetric key system.
b. private key can be kept secret.
c. there is no key distribution problem as public key can be kept in a commonly

accessible database.
d. it uses two keys.

The correct answer is: there is no key distribution problem as public key can be kept in a
commonly accessible database.
Question Correct
21 Mark 1.00 out of 1.00

▼
Which is the largest disadvantage of the symmetric Encryption?
Select one:
a. Less secure encryption function
b. Problem of the secure transmission of the Secret Key
c. Isn't used any more
d. More complex and therefore more time-consuming calculations.

The correct answer is: Problem of the secure transmission of the Secret Key
Question Correct
22 Mark 1.00 out of 1.00

▼
What is an important disadvantage of using a public key algorithm compared to a symmetric

algorithm?
Select one:
a. A symmetric algorithm is a faster process.
b. A symmetric algorithm provides better security
c. A symmetric algorithm provides better access control.

The correct answer is: A symmetric algorithm is a faster process.
Question Correct
23 Mark 1.00 out of 1.00

▼
_________is the first step in DES.
Select one:
a. Expansion permutation.
b. Key transformation.
c. S-box substitution.
d. P-box substitution.

The correct answer is: Key transformation.
Question Incorrect
24 Mark 0.00 out of 1.00

▼
A digital signature is required

(i) to tie an electronic message to the sender’s identity
(ii)for non repudiation of communication by a sender
(iii) to prove that a message was sent by the sender in a court of law
(iv) in all e-mail transactions
Select one:
a. i and ii
b. ii, iii, iv
c. i, ii, iii, iv
d. i, ii, iii

The correct answer is: i, ii, iii
Question Correct
25 Mark 1.00 out of 1.00

▼
Which of the following Algorithms belong to symmetric encryption?
Select one:
a. 3DES
b. RC5
c. ECC
d. RSA

The correct answer is: 3DES
Question Correct
26 Mark 1.00 out of 1.00

▼
Which of the following is used to verify data integrity?
Select one:
a. 3DES
b. RSA
c. SHA
d. AES

The correct answer is: SHA
Question Correct
27 Mark 1.00 out of 1.00

▼
DES consists of __________ rounds to perform the substitution and transposition

techniques.
Select one:
a. 16
b. 18
c. 25
d. 21

Question Incorrect
28 Mark 0.00 out of 1.00

▼
While sending a signed message, a sender
Select one:
a. sends both message and hashed message using DES
b. sends both message and hashed message using public key encryption
c. sends message key using public key encryption using DES and hashed message using
public key encryption
d. sends message using public key encryption and hashed message using DES

The correct answer is: sends message key using public key encryption using DES and hashed
message using public key encryption
Question Correct
29 Mark 1.00 out of 1.00

▼
In public key encryption if A wants to send an encrypted message
Select one:
a. A encrypts message using B’s public key
b. A encrypts message using his public key
c. A encrypts message using B’s private key
d. A encrypts message using his private key

The correct answer is: A encrypts message using B’s public key
Question Correct
30 Mark 1.00 out of 1.00

▼
Which of the following statements are correct?
Select one:
a. PGP uses assymmetric encryption
b. PGP uses combined encryption.
c. In the world wide web, primarly symmetric Encryption is used
d. Symmetric encryption is applied in the transmission of PIN numbers from the EC

automat to the server of the bank for example

The correct answer is: Symmetric encryption is applied in the transmission of PIN numbers from
the EC automat to the server of the bank for example
My LMS Subjects > 2018-CSE5DNS(CB-2) > Subject Information > Online Test 2
Started on Wednesday, 7 November 2018, 1:39 PM

State Finished
Completed on Wednesday, 7 November 2018, 1:49 PM
Marks 27.00/30.00
Grade 13.50 out of 15.00 (90%)
Question Correct
1 Mark 1.00 out of 1.00

▼
Which of the following is true about the purpose and mechanism of usage of IPSec tunnel
mode as one of the methods of implementation provided by IPSec security specification?
Select one:
a. End-to-end protection method provides only IP payload protection
b. Link protection method provides only IP payload protection
c. End-to-end protection method provides both IP payload and IP header protection
d. Link protection method provides both IP payload and IP header protection

The correct answer is: Link protection method provides both IP payload and IP header
protection
Question Correct
2 Mark 1.00 out of 1.00

▼
Which of the following are the OSI layers in which the above security protocols ( from left to
right) function?
Select one:
a. Network level, Transport level, Application level
b. Transport level, Application level, Network level
c. Application level, Network level, Transport level
d. Network level, Application level, Transport level

The correct answer is: Network level, Transport level, Application level
Question Correct
3 Mark 1.00 out of 1.00

▼
Which of the following is not true about TSL protocol?
Select one:
a. TLS is designed to prevent eavesdropping, tampering, and message forgery
b. TSL a widely deployed protocol for securing client-server communications over the
internet
c. Transport Layer Security (TLS) is a protocol that ensures privacy between

communicating applications and their users on the Internet
d. TLS is the predecessor of the Secure Sockets Layer (SSL)

The correct answer is: TLS is the predecessor of the Secure Sockets Layer (SSL)
Question Correct
4 Mark 1.00 out of 1.00

▼
What security implementation principle is used for granting users only the rights that are
necessary for them to perform their work?
Select one:
a. Discretionary Access
b. Mandatory Access
c. Least Privilege
d. Separation of Duties

The correct answer is: Least Privilege
Question Incorrect
5 Mark 0.00 out of 1.00

▼
Which of these uses Public Key Infrastructure (PKI) and digital certificates to provide privacy
and authentication?
Select one:
a. TSL
b. DES
c. 3DES
d. SSL

The correct answer is: SSL
Question Correct
6 Mark 1.00 out of 1.00

▼
What of the following network attack is a DoS attack?
Select one:
a. Continually overwhelming a targeted network with fake requests
b. Listening in on network traffic to identify the MAC address of a computer
c. Injecting bogus networking re-configuration commands
d. Forcing computers to drop their connections and reconnect with the attacker’s access
point

The correct answer is: Continually overwhelming a targeted network with fake requests
Question Correct
7 Mark 1.00 out of 1.00

▼
Pretty good privacy (PGP) security system uses
Select one:
a. Public Key Cryptosystem
b. Private Key Cryptosystem
c. Public & Private key cryptosystem
d. None of the mentioned

The correct answer is: Public & Private key cryptosystem
Question Correct
8 Mark 1.00 out of 1.00

▼
VPN is one of the several methods of achieving secure remote access. Which of the following
are true about how a VPN achieves security requirements?
Select one:
a. User authentication
b. Encryption of data across the insecure network
c. Availability of data though replay prevention
d. Integrity though encryption

The correct answer is: Encryption of data across the insecure network
Question Correct
9 Mark 1.00 out of 1.00

▼
The four sub-components (Record, Handshake, Change Cipher Spec and Alert protocols) of
the SSL protocol handle various tasks for secure communication between the client machine
and the server.
Which of the following is represented by the above figure of SSL Handshake protocol?
Select one:
a. Client authentication and key exchange
b. Server authentication and key exchange
c. Establishing security capabilities
d. Client authentication and certificate exchange

The correct answer is: Client authentication and key exchange
Question Correct
10 Mark 1.00 out of 1.00

▼
Which statement describes the characteristics of packet-filtering and stateful firewalls as

they relate to the OSI model?
Select one:
a. Both stateful and packet-filtering firewalls can filter at the application layer.
b. A stateful firewall can filter application layer information, while a packet-filtering

firewall cannot filter beyond the network layer.
c. A packet-filtering firewall uses session layer information to track the state of a

connection, while a stateful firewall uses application layer information to track the state
of a connection.
d. A packet-filtering firewall typically can filter up to the transport layer, while a stateful
firewall can filter up to the session layer.

The correct answer is: A packet-filtering firewall typically can filter up to the transport layer, while
a stateful firewall can filter up to the session layer.
Question Correct
11 Mark 1.00 out of 1.00

▼
Which of the following is NOT a valid access control mechanism?
Select one:
a. DAC (Discretionary Access Control) list.
b. SAC (Subjective Access Control) list.
c. MAC (Mandatory Access Control) list.
d. RBAC (Role Based Access Control) list.

The correct answer is: SAC (Subjective Access Control) list.
Question Correct
12 Mark 1.00 out of 1.00

▼
The accounting branch of a large organization requires an application to process expense

vouchers. Each voucher must be input by one of many accounting clerks,
verified by the clerk’s applicable supervisor then reconciled by an auditor before
the reimbursement check is produced. What access control technique should be built into
the application to meet the information protection needs?
Select one:
a. Role-based Access Control (RBAC)
b. Mandatory Access Control (MAC)
c. Password Security
d. Need to know

The correct answer is: Role-based Access Control (RBAC)
Question Correct
13 Mark 1.00 out of 1.00

▼
Which of the following can be used to authenticate and encrypt IP (Internet Protocol) traffic?
Select one:
a. ESP (Encapsulating Security Payload)
b. S/MIME (Secure Multipurpose Internet Mail Extensions)
c. IPSec (Internet Protocol Security)
d. Pv2 (Internet Protocol version 2)

The correct answer is: IPSec (Internet Protocol Security)
Question Correct
14 Mark 1.00 out of 1.00

▼
What are the goals of a port scan attack? (Select two)
Select one or more:

a. to discover system passwords
b. to disable used ports and services

 c. to determine potential vulnerabilities
d. to identify operating systems

 e. to identify active services

The correct answer is: to determine potential vulnerabilities, to identify active services
Question Correct
15 Mark 1.00 out of 1.00

▼
Which of the following is NOT true about IPSec?
Select one:
a. IPsec is not designed to work only with TCP as a transport protocol; it works with UDP
as well.
b. The most common use of IPsec is to provide a Virtual Private Network (VPN)
c. IPsec works from one application end to another application end;so,security cannot be
adopted without requiring changes to individual user computers/applications.
d. Since higher layer headers are hidden which carry port number, IPSec makes traffic
analysis more difficult.

The correct answer is: IPsec works from one application end to another application
end;so,security cannot be adopted without requiring changes to individual user
computers/applications.
Question Correct
16 Mark 1.00 out of 1.00

▼
What is the main difference between the implementation of IDS and IPS on devices?
Select one:
a. An IDS would allow malicious traffic to pass before it is addressed, whereas an IPS
stops it immediately
b. An IDS uses signature-based technology to detect malicious packets, whereas an IPS

uses profile-based technology.
c. An IDS needs to be deployed together with a firewall device, whereas an IPS can
replace a firewall.
d. An IDS can negatively impact the packet flow, whereas an IPS can not.

The correct answer is: An IDS would allow malicious traffic to pass before it is addressed,
whereas an IPS stops it immediately
Question Correct
17 Mark 1.00 out of 1.00

▼
In an IPSec protocol, authentication applied to the entire original IP packet is
Select one:
a. transport mode
b. security mode
c. tunnel mode
d. application mode

The correct answer is: tunnel mode
Question Correct
18 Mark 1.00 out of 1.00

▼
Which of the following is NOT a good property of a firewall?
Select one:
a. traffic must only be allowed to pass from inside to outside the firewall
b. the firewall itself, should be immune to penetration
c. it should allow for easy modification by authorised users
d. only authorised traffic must be allowed to pass through it

The correct answer is: traffic must only be allowed to pass from inside to outside the firewall
Question Incorrect
19 Mark 0.00 out of 1.00

▼
which of the following component of SSL protocol is responsible for authentication and
encryption?
Select one:
a. SSL handshake protocol
b. SSL record protocol
c. SSL alert protocol
d. SSL change cipher spec protocol

The correct answer is: SSL record protocol
Question Correct
20 Mark 1.00 out of 1.00

▼
Which of the following is an example of Network Layer security ?
Select one:
a. SSL/TSL
b. IPSec
c. SSH
d. WEP

The correct answer is: IPSec
Question Correct
21 Mark 1.00 out of 1.00

▼
Which firewall concept applies a set of rules to each incoming and outgoing IP packet and
then forwards or discards the packet?
Select one:
a. distributed
b. stateful inspection
c. packet filtering
d. host-based

The correct answer is: packet filtering
Question Correct
22 Mark 1.00 out of 1.00

▼
which of the following is NOT among the common attacks that can occur on a network due
to ICMP vulnerabilities?
Select one:
a. ICMP allows an attacker to carry out network reconnaissance to determine network
topology and paths into the network.
b. ICMP enables to map target networking by describing the path in real-time from the
client to the remote host.
c. An attacker can launch a denial of service attack using the ICMP vulnerability.
d. ICMP enables an attacker to poison the DNS cache by forging a response to a

recursive DNS query sent by a resolver to an authoritative server.

The correct answer is: ICMP enables an attacker to poison the DNS cache by forging a response
to a recursive DNS query sent by a resolver to an authoritative server.
Question Correct
23 Mark 1.00 out of 1.00

▼
IPSec provides the capacity to secure communications across a LAN, across private and
public WANs, and across the Internet. Which of the following is not true about the benefits of
IPSec?
Select one:
a. When it is implemented in a firewall or router, it provides security for all traffic crossing
the perimeter
b. It is transparent to end users as users don't need to know the underlying security
mechanisms
c. The principal feature of IPSec to encrypt/authenticate traffic at IP level enables to

secure distributed applications such as client/server
d. IPSec is below Transport Layer, and so it is not transparent to applications

The correct answer is: IPSec is below Transport Layer, and so it is not transparent to
applications
Question Correct
24 Mark 1.00 out of 1.00

▼
PGP ensures email compatibility through
Select one:
a. authentication
b. radix-64 encoding
c. encryption
d. digital signature

The correct answer is: radix-64 encoding
Question Correct
25 Mark 1.00 out of 1.00

▼
Select any two disadvantages of using network IPS? (Select two)
Select one or more:

a. Network IPS is operating system-dependent and must be customized for each
platform.
b. Network IPS sensors are difficult to deploy when new networks are added.
 c. Network IPS is incapable of examining encrypted traffic
d. Network IPS is unable to provide a clear indication of the extent to which the network is
being attacked
 e. Network IPS has a difficult time reconstructing fragmented traffic to determine if an
attack was successful

The correct answer is: Network IPS is incapable of examining encrypted traffic, Network IPS has
a difficult time reconstructing fragmented traffic to determine if an attack was successful
Question Incorrect
26 Mark 0.00 out of 1.00

▼
Which of the following is a best method to mitigate DoS attack from a network?
Select one:
a. a strong password policy
b. implementing anti-sniffer
c. Include a firewall and IPS in the network security

The correct answer is: Include a firewall and IPS in the network security
Question Correct
27 Mark 1.00 out of 1.00

▼
An intrusion detection system (IDS) can be used to monitor and filter network traffic. From
the viewpoint of detection, which main IDS types can be distinguished?
Select one:
a. Anomaly-based and heuristic-based
b. Signature-based and Anomaly-based
c. Anomaly-based and Access based
d. Signature-based and Knowledge-based

The correct answer is: Signature-based and Anomaly-based
Question Correct
28 Mark 1.00 out of 1.00

▼
In deploying an IPS in a corporate network, system operators first create a profile of normal
network operation by monitoring network activities in normal network uses. After the profile
is incorporated into the IPS triggering mechanism, alarms will be generated when the IPS
detects excessive activity that is beyond the scope of the profile. Which signature detection
mechanism is deployed?
Select one:
a. Signature based
b. Anomaly based
c. Pattern based
d. Honey pot based

The correct answer is: Anomaly based
Question Correct
29 Mark 1.00 out of 1.00

▼
A network technician has been asked to design a virtual private network between two branch
routers. Which type of cryptographic key should be used in this scenario?
Select one:
a. private key
b. public key
c. digital signature
d. hash key

The correct answer is: public key
Question Correct
30 Mark 1.00 out of 1.00

▼
_______________can be effective means of protecting a local system or network of systems

from network based security threats while at the same time affording access to the outside
world via wide area networks and the Internet.
Select one:
a. Firewalls
b. VPNs
c. IDS

The correct answer is: Firewalls
Online Test 2 Page 1 of 19
My LMS Subjects > 2018-CSE5DNS(CB-2) > Subject Information > Online Test 2
Started on Wednesday, 24 October 2018, 10:57 AM

State Finished
Completed on Wednesday, 24 October 2018, 11:38 AM
Marks 19.00/30.00
Grade 9.50 out of 15.00 (63%)
Question Not answered
1 Marked out of 1.00

▼
What are the goals of a port scan attack? (Select two)
Select one or more:

a. to discover system passwords
b. to disable used ports and services
c. to determine potential vulnerabilities
d. to identify operating systems
e. to identify active services

The correct answer is: to determine potential vulnerabilities, to identify active services
https://lms.latrobe.edu.au/mod/quiz/review.php?attempt=7597285 31/10/2018
Question Correct
2 Mark 1.00 out of 1.00

▼
We can think a Firewall  as security personnel at the gate and an
IDS  device is a security camera after the gate.

The correct answer is:
We can think a [Firewall] as security personnel at the gate and an [IDS] device is a security
camera after the gate.
Question Correct
3 Mark 1.00 out of 1.00

▼
In deploying an IPS in a corporate network, system operators first create a profile of
normal network operation by monitoring network activities in normal network uses.
After the profile is incorporated into the IPS triggering mechanism, alarms will be
generated when the IPS detects excessive activity that is beyond the scope of the
profile. Which signature detection mechanism is deployed?
Select one:
a. Signature based
b. Anomaly based
c. Pattern based
d. Honey pot based

The correct answer is: Anomaly based
Question Correct
4 Mark 1.00 out of 1.00

▼
Which of the following is a best method to mitigate DoS attack from a network?
Select one:
a. a strong password policy
b. implementing anti-sniffer
c. Include a firewall and IPS in the network security

The correct answer is: Include a firewall and IPS in the network security
Question Correct
5 Mark 1.00 out of 1.00

▼
Which hash functions are used in S/MIME?
Select one:
a. MD5 and SHA-1
b. MD4 and MD5
c. MD5 and SHA-2
d. SHA-1 and SHA-2
e. MD4, MD5, SHA-1 and SHA-2

The correct answer is: MD5 and SHA-1
Question Correct
6 Mark 1.00 out of 1.00

▼
Which of the following is NOT a valid access control mechanism?
Select one:
a. DAC (Discretionary Access Control) list.
b. SAC (Subjective Access Control) list.
c. MAC (Mandatory Access Control) list.
d. RBAC (Role Based Access Control) list.

The correct answer is: SAC (Subjective Access Control) list.
Question Incorrect
7 Mark 0.00 out of 1.00

▼
Pretty good privacy (PGP) security system uses
Select one:
a. Public Key Cryptosystem
b. Private Key Cryptosystem
c. Public & Private key cryptosystem
d. None of the mentioned

The correct answer is: Public & Private key cryptosystem
Question Correct
8 Mark 1.00 out of 1.00

▼
Which of the following are the OSI layers in which the above security protocols ( from
left to right) function?
Select one:
a. Network level, Transport level, Application level
b. Transport level, Application level, Network level
c. Application level, Network level, Transport level
d. Network level, Application level, Transport level

The correct answer is: Network level, Transport level, Application level
Question Incorrect
9 Mark 0.00 out of 1.00

▼
Which of the following is NOT true about IPSec?
Select one:
a. IPsec is not designed to work only with TCP as a transport protocol; it works with
UDP as well.
b. The most common use of IPsec is to provide a Virtual Private Network (VPN)
c. IPsec works from one application end to another application end;so,security

cannot be adopted without requiring changes to individual user
d. Since higher layer headers are hidden which carry port number, IPSec makes
traffic analysis more difficult.

The correct answer is: IPsec works from one application end to another application
end;so,security cannot be adopted without requiring changes to individual user
Question Correct
10 Mark 1.00 out of 1.00

▼
What of the following network attack is a DoS attack?
Select one:
a. Continually overwhelming a targeted network with fake requests
b. Listening in on network traffic to identify the MAC address of a computer
c. Injecting bogus networking re-configuration commands
d. Forcing computers to drop their connections and reconnect with the attacker’s
access point

The correct answer is: Continually overwhelming a targeted network with fake requests
Question Incorrect
11 Mark 0.00 out of 1.00

▼
Which of the following is true about the purpose and mechanism of usage of IPSec
tunnel mode as one of the methods of implementation provided by IPSec security
specification?
Select one:
a. End-to-end protection method provides only IP payload protection
b. Link protection method provides only IP payload protection
c. End-to-end protection method provides both IP payload and IP header protection
d. Link protection method provides both IP payload and IP header protection

The correct answer is: Link protection method provides both IP payload and IP header
protection
Question Correct
12 Mark 1.00 out of 1.00

▼
_______________can be effective means of protecting a local system or network of

systems from network based security threats while at the same time affording access
to the outside world via wide area networks and the Internet.
Select one:
a. Firewalls
b. VPNs
c. IDS

The correct answer is: Firewalls
Question Not answered
13 Marked out of 1.00

▼
Select any two disadvantages of using network IPS? (Select two)
Select one or more:

a. Network IPS is operating system-dependent and must be customized for each
platform.
b. Network IPS sensors are difficult to deploy when new networks are added.
c. Network IPS is incapable of examining encrypted traffic
d. Network IPS is unable to provide a clear indication of the extent to which the
network is being attacked
e. Network IPS has a difficult time reconstructing fragmented traffic to determine if

an attack was successful

The correct answer is: Network IPS is incapable of examining encrypted traffic, Network
IPS has a difficult time reconstructing fragmented traffic to determine if an attack was
successful
Question Correct
14 Mark 1.00 out of 1.00

▼
An intrusion detection system (IDS) can be used to monitor and filter network traffic.
From the viewpoint of detection, which main IDS types can be distinguished?
Select one:
a. Anomaly-based and heuristic-based
b. Signature-based and Anomaly-based
c. Anomaly-based and Access based
d. Signature-based and Knowledge-based

The correct answer is: Signature-based and Anomaly-based
Question Correct
15 Mark 1.00 out of 1.00

▼
Which security protocol is represented by the following flow chart during message
transmission?
Select one:
a. PGP
b. s/MIME
c. SSL/TSL
d. IPSec

The correct answer is: PGP
Question Correct
16 Mark 1.00 out of 1.00

▼
The accounting branch of a large organization requires an application to

process expense vouchers. Each voucher must be input by one of many accounting
clerks,
verified by the clerk’s applicable supervisor then reconciled by an auditor before
the reimbursement check is produced. What access control technique should be built
into
the application to meet the information protection needs?
Select one:
a. Role-based Access Control (RBAC)
b. Mandatory Access Control (MAC)
c. Password Security
d. Need to know

The correct answer is: Role-based Access Control (RBAC)
Question Incorrect
17 Mark 0.00 out of 1.00

▼
The four sub-components (Record, Handshake, Change Cipher Spec and Alert
protocols) of the SSL protocol handle various tasks for secure communication between
the client machine and the server.
Which of the following is represented by the above figure of SSL Handshake protocol?
Select one:
a. Client authentication and key exchange
b. Server authentication and key exchange
c. Establishing security capabilities
d. Client authentication and certificate exchange

The correct answer is: Client authentication and key exchange
Question Incorrect
18 Mark 0.00 out of 1.00

▼
What is the main purpose of access control?
Select one:
a. to limit the actions or operations that a legitimate user can perform
b. to authorise full access to authorised users
c. to protect computers from viral infections
d. to stop unauthorised users accessing resources

The correct answer is: to limit the actions or operations that a legitimate user can perform
Question Correct
19 Mark 1.00 out of 1.00

▼
Which of the following is an example of Network Layer security ?
Select one:
a. SSL/TSL
b. IPSec
c. SSH
d. WEP

The correct answer is: IPSec
Question Incorrect
20 Mark 0.00 out of 1.00

▼
A network technician has been asked to design a virtual private network between two
branch routers. Which type of cryptographic key should be used in this scenario?
Select one:
a. private key
b. public key
c. digital signature
d. hash key

The correct answer is: public key
Question Correct
21 Mark 1.00 out of 1.00

▼
Which of the following is not true about TSL protocol?
Select one:
a. TLS is designed to prevent eavesdropping, tampering, and message forgery
b. TSL a widely deployed protocol for securing client-server communications over

the internet
c. Transport Layer Security (TLS) is a protocol that ensures privacy between

communicating applications and their users on the Internet
d. TLS is the predecessor of the Secure Sockets Layer (SSL)

The correct answer is: TLS is the predecessor of the Secure Sockets Layer (SSL)
Question Incorrect
22 Mark 0.00 out of 1.00

▼
What security implementation principle is used for granting users only the rights that are
necessary for them to perform their work?
Select one:
a. Discretionary Access
b. Mandatory Access
c. Least Privilege
d. Separation of Duties

The correct answer is: Least Privilege
Question Correct
23 Mark 1.00 out of 1.00

▼
Which statement describes the characteristics of packet-filtering and stateful firewalls

as they relate to the OSI model?
Select one:
a. Both stateful and packet-filtering firewalls can filter at the application layer.
b. A stateful firewall can filter application layer information, while a packet-filtering

firewall cannot filter beyond the network layer.
c. A packet-filtering firewall uses session layer information to track the state of a

connection, while a stateful firewall uses application layer information to track the
state of a connection.
d. A packet-filtering firewall typically can filter up to the transport layer, while a

stateful firewall can filter up to the session layer.

The correct answer is: A packet-filtering firewall typically can filter up to the transport layer,
while a stateful firewall can filter up to the session layer.
Question Correct
24 Mark 1.00 out of 1.00

▼
PGP ensures email compatibility through
Select one:
a. authentication
b. radix-64 encoding
c. encryption
d. digital signature

The correct answer is: radix-64 encoding
Question Incorrect
25 Mark 0.00 out of 1.00

▼
which of the following is NOT among the common attacks that can occur on a network
due to ICMP vulnerabilities?
Select one:
a. ICMP allows an attacker to carry out network reconnaissance to determine
network topology and paths into the network.
b. ICMP enables to map target networking by describing the path in real-time from
the client to the remote host.
c. An attacker can launch a denial of service attack using the ICMP vulnerability.
d. ICMP enables an attacker to poison the DNS cache by forging a response to a

recursive DNS query sent by a resolver to an authoritative server.

The correct answer is: ICMP enables an attacker to poison the DNS cache by forging a
response to a recursive DNS query sent by a resolver to an authoritative server.
Question Correct
26 Mark 1.00 out of 1.00

▼
Which of the following can be used to authenticate and encrypt IP (Internet Protocol)
traffic?
Select one:
a. ESP (Encapsulating Security Payload)
b. S/MIME (Secure Multipurpose Internet Mail Extensions)
c. IPSec (Internet Protocol Security)
d. Pv2 (Internet Protocol version 2)

The correct answer is: IPSec (Internet Protocol Security)
Question Correct
27 Mark 1.00 out of 1.00

▼
In an IPSec protocol, authentication applied to the entire original IP packet is
Select one:
a. transport mode
b. security mode
c. tunnel mode
d. application mode

The correct answer is: tunnel mode
Question Correct
28 Mark 1.00 out of 1.00

▼
Which firewall concept applies a set of rules to each incoming and outgoing IP packet
and then forwards or discards the packet?
Select one:
a. distributed
b. stateful inspection
c. packet filtering
d. host-based

The correct answer is: packet filtering
Question Correct
29 Mark 1.00 out of 1.00

▼
Which of these uses Public Key Infrastructure (PKI) and digital certificates to provide
privacy and authentication?
Select one:
a. TSL
b. DES
c. 3DES
d. SSL

The correct answer is: SSL
Question Incorrect
30 Mark 0.00 out of 1.00

▼
VPN is one of the several methods of achieving secure remote access. Which of the
following are true about how a VPN achieves security requirements?
Select one:
a. User authentication
b. Encryption of data across the insecure network
c. Availability of data though replay prevention
d. Integrity though encryption

The correct answer is: Encryption of data across the insecure network

All in One Quiz

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

All in One Quiz

Uploaded by

Copyright:

Available Formats

My LMS Subjects >

2018-CSE5DNS(CB-2) > Subject Information > online test 1-Week6

Started on Wednesday, 5 September 2018, 11:18 AM

1 Mark 0.00 out of 1.00

MD5 is quite fast and produces ________ message digests.

Your answer is incorrect.

2 Mark 0.00 out of 1.00

The first step of MD5 is __________.

c. adding append length bits.

d. divide the input into 512 bit blocks.

Your answer is incorrect.

3 Mark 1.00 out of 1.00

_________ is a block cipher.

Your answer is correct.

4 Mark 1.00 out of 1.00

b. is a symmetric key encryption method

c. is public key encryption method with three keys.

d. is implementable as a hardware VLSI chip

Your answer is correct.

5 Mark 1.00 out of 1.00

Hashed message is signed by a sender using

b. receiver’s public key

c. his private key

d. receiver’s private key

Your answer is correct.

6 Mark 1.00 out of 1.00

DES encrypts data in block size of __________ bits each.

Your answer is correct.

7 Mark 0.00 out of 1.00

DES and public key algorithm are combined

Your answer is incorrect.

8 Mark 0.00 out of 1.00

Your answer is incorrect.

9 Mark 1.00 out of 1.00

Certification of Digital signature by an independent authority is needed because

b. private key claimed by a sender may not be actually his

c. it gives confidence to a business

Your answer is correct.

10 Mark 1.00 out of 1.00

Your answer is correct.

11 Mark 0.00 out of 1.00

b. a unique identification of a sender

c. an encrypted signature of a sender

d. an authentication of an electronic record by tying it uniquely to a key only a sender

Your answer is incorrect.

12 Mark 0.00 out of 1.00

Message can be sent more securely using DES by

d. using an algorithm to implement DES instead of using hardware

Your answer is incorrect.

13 Mark 1.00 out of 1.00

A hashing function for digital signature

Your answer is correct.

14 Mark 1.00 out of 1.00

Triple DES uses

b. 168 bit keys on 64-bit blocks of plain text

Your answer is correct.

15 Mark 1.00 out of 1.00

b. First, the message is encrypted with assymmetric encryption and aferwards it is

c. First, the message is encrypted with symmetric encryption and aferwards it is

d. The secret key is symmetrically transmitted, the message itself assymmetrically

Your answer is correct.

16 Mark 0.00 out of 1.00