Program: BE INFORMATION TECHNOLOGY Engineering

Curriculum Scheme: Revised 2016

Examination: Final Year Semester VII
Course Code :ITC702 and Course Name: Infrastructure Security
Time :1 hr Max Marks :50

Question Options
Question Statement
No. A: B: C: D:
Criminal offenses that are performed using
1 Cyber Crime Cyber war Cyber space Cyber Security
computers are called
2 Star Property of Bell La Pedula is No read up No read down No write up No write down
Which is the user access control mechanism
3 MAC DAC RBAC ABAC
which uses Access Control List?
The Zeus banking Trojan deployed in recent
4 years , created from its crimeware toolkit, is a Spyware Adware Rootkit Ransomware
prominent example of _________
_____ is the process of memory protection of
taking a program as if it began at address 0
5 Fence Paging Relocation Segmentation
and changing all addresses to reflect the actual
address at which program is located in
_____ divides the process into segments and
6 can be loaded at non continuous Memory Paging Virtual memory Segmentation Fence
location
Mostly Operating system uses ___ for User
7 ABAC MAC DAC RBAC
Authentication
In which model does the decomposition
8 Smith-Winslett Sandhu-Jajodia SeaView CIA
algorithm uses on Horizontal fragmentation
In which security model, the security level can
9 be assigned only to the primary key and the Smith-Winslett Sandhu-Jajodia SeaView CIA
tuples as a whole
Security related information like A3/A8 Base Station
10 SIM Mobile Data Card Mobile RAM
algorithm are stored on Subsystem
 What is Side Channel attack (also known as Attacker is able to Attacker can use a Attacker is capable
Partitioning attack ) disable the false BTS same as of extracting Ki
Attacker is able to
11 connection between users network and even if he/she has
partition the MSSC
mobile station and impersonate access to SIM for a
the base station himself/herself. minute.
UMTS User Equipment does NOT include the Universal Subscriber Authentication
12 UE RF circuitry Battery
following element Identity Module Center
Which of the following is NOT a shared
Home Location Equipment Identity Authentication
13 element in 3G UMTS core network Evolved Packet Core
Register Register Center
architecture.
It is the standard for interoperable cloud-based
14 KMIP PMIK AIMK DIMK
key management?
______ is one of the most actively developing
Regulatory
15 and important areas of cloud computing Logging Auditing Integrity checking
compliance
technology?
______ provides a token service that can be
16 OAuth OCheck SAML OpenSSL
used to present validated access to resources?
It is used to define the service component that
17 WSDL SCDL XML SOA
performs the service?
The cookies which are created with expiration
18 Session cookies Persistent cookies Temporary cookies Permanent cookies
date may be few days or several years
19 What type of certificate is used for HTTPS? SSL FTP TCP DNS
By altering DNS entries for user’s computer or modify the route of perform session
20 perform SQLi attack inject malwares
network, an attacker can URL hijacking
Service not provided by Secure Electronic a secure
Transaction (SET) is ___ communications trust by the use of
21 channel among all X.509v3 digital Ensures privacy 3D secure scheme
parties involved in a certificates
transaction
In addition to the creation of fake websites, the
phishers also utilize the latest techniques such
22 Virus Firewall Spyware Adware
as Screen grabbers, Key loggers, and ___ in an
attempt to steal a user’s credentials.
 An application is vulnerable to XXE attacks if
it enabled users to upload ___ which further
23 malicious XML code virus SQL query
exploits the vulnerable code and/or
dependencies.”
The policies are defined at -----------level and
24 pushed to various department and individual Top executive level Middle level Top middle level Program level
to adhere.
The security policy includes the ---------- and -
25 Scope, Statement Statement, Goal Purpose, Goal Goal , Scope
----------of the program.