Professional Documents
Culture Documents
The ____________security program must include the right level of responsibility and
authorization to be effective.
a. Authority
b. Framework
c. Planning
d. Gap Analysis
Answer: a
2. ________________for the use of software, computer systems, and networks should be clearly
documented for the sake of the people who use these technologies
a. Rules
b. Guidelines
c. Program
d. Network
Answer: b
3. A _________________ is a plan of action for how to implement the security remediation plans.
a. Planning
b. Road
c. Roadmap
d. Gap Analysis
Answer: c
4. ______________is concerned with protecting information in all its forms, whether written,
spoken, electronic, graphical, or using other methods of communication.
a. Information security
b. Network Security
c. Computer Security
d. Graphics Security
Answer: a
a. Information
b. Algorithm
c. Program
d. All of the Above
Answer :a
Answer: d
9. __________Assessing what needs to be protected, why, and how leads to a strategy for
improving the security posture.
a. Assessment
b. Planning
c. Frame Work
d. Roadmap
Answer: a
10. A universal truth of security, regardless of the application, is that the job of the attacker is
always ___________ than the job of the defender.
a. Difficult
b. Easy
c. Moderate
d. None of the Above
Answer: b
13. ___________are used to educate employees, business partners, and other stakeholders about
what behaviours are expected of them, what actions they should take under various
circumstances to comply with security policies
a. 10%
b. 20%
c. 30%
d. 100%
Answer: d
a. Authority
b. Framework
c. Planning
d. Défense
Answer: d
Security in Computing
Unit 1
Chapter 2
1. A ________________is a term used to describe where a threat originates and the path it takes
to reach a target.
a. threat vector
b. Malicious mobile code
c. Advanced Persistent Threats
d. Manual attacks
Correct answer: a . threat vector
2 _________Viruses infect the data running on top of an application by using the program’s
macro or scripting language
a. Boot sector
b. Macro
c. Computer worm
d. Trojans
Correct answer: b . Macro
3. ______ is a self-replicating program that uses other host files or code to replicate
a. Malicious mobile code
b. Content Attack
c. Computer Virus
d. DNS spoofing
Correct answer: c. Computer Virus
5. A ____ virus prove that a virus can steal private encryption keys
a. Caligula
b. Remote access Trojan
c. Bugbear
d. Nimda
Correct answer: a. Caligula
6. ____________is used in distributed denial of service (DDoS) attack
a. Zombie Trojans
b. Bugbear
c. Js.ExitW
d. Remote access Trojans
Correct answer: a. Zombie Trojans
7 Which one of the following is common content attack
a. SQL injection attacks
b. DHCP Poisoning
c. ARP poisoning
d. Packet Sniffing
Correct answer: a. SQL injection attacks
10 ____ is a type of man-in-the-middle attack in which server IP address that a user connects to is
also applied to the attacker’s system
a. DNS spoofing attack
b. IP spoofing attack
c. ICMP Poisoning
d. Intrusion prevention system
Correct answer: b IP spoofing attack
2. _________ means protecting the data from getting disclosed to those who are not
authorized to use it.
A. Integrity
B. Authorization
C. Confidentiality
D. Availability
Answer: C Confidentiality
4. _____________ means that the sender must not be able to deny sending a message that he
/ she has sent.
A. Authentication
B. Integrity
C. Confidentiality
D. Non-repudiation
Answer: D Non-repudiation
13.Firewall examines each ____________ that are entering or leaving the internal network.
A. Email users
B. Updates
C. Connections
D. Data packets
Answer: B Security
1. What is Authentication ?
A. Encryption
B. Proof of Identity
C. Access
D. Modification
Ans . B
7. What is the problem with Secure Socket Layer based authentication method ?
A. Protection of the private key is very important
B. Key generation
C. No privacy
D. Different attacks
Ans. A
8. Which one of these methods uses One time passwords for authentication ?
A. Kerberos
B. Passwords
C. Time based keys
D. Secure socket layer
Ans. C
A. Smart Chip
B. Smart Pin
C. Smart Card Reader
D. Smart Card
Ans . C
10. Which EAP type is used for TLS authentication protocol to provide the ability
to use smart cards for remote authentication?
A. EAP/TLS
B. EAP/MD5-CHAP
C. EAP/MD5
D. EAP/CMOS
Ans. A
11. Which protocol is available for most versions of Unix as well as for
Windows systems?
A. IPSEC
B. SSL
C. RBAC
D. SSH
Ans. D
A. Authorization
B. Privileges
C. RBAC
D. Authenticate
Ans .A
13. Name the protocol that was developed to allow pluggable modules to be
incorporated in an overall authentication process?
A. EAP
B. Biometric
C. RBAC
D. ACLs
Ans. A
A. Binode
B. Inode
C. File mode
D. Uid
Ans. B
Answer a
12. if an unauthorized database transaction was performed at 4.00 p.m on Monday ,then the
databse can be restored through which backup
A. differential backups
b. full backups
c. point- in time backups
d. transactional log backups
Answer: c
13.database auditing means
a. keeping a log of data
b. data modification
c. usage of permissions
d. all of the above
Answer: d
14. when an employee record changes, corresponding changes can be easily made by calling
a. SQL commands
b. stored procedures
c. view querry
d. nested querry
Answer: b
15.The process of determining permission that are granted to a particular login is called as
a. authentication
b. validation
c. authorization
d. verification
Answer : c
Security in Computing
Database Security
Chapter 12
12. The most important data validation feature using hidden fields is called
a. hacking
b. SQL injection
c. spoofing
d. masquerading
Answer :b
13. If you back up 13GB of data to tape media and then the database becomes corrupted, the
recovery time might be
a. two hours.
b. three hours
c. four hours
d. five hours
Answer: a
14. Backups can be of these types except
a. Full
b. Differential
c. Transaction log
d. user-defined
Answer: d
15. Backup taken while system is up and running is called:
a. Cold backup
b. Hot backup
c. Severe Backup
d. mild Backup
Answer: b
SIC QB CHAPTER 8
4) Extranet can be described as a private network that uses _____ network to share
information with clients.
a) Private
b) Public
c) Personal
d) User
Answer: b)Public
7) As the data packet moves from the upper to the lower layers, headers are _______.
a) Rearranged
b) Removed
c) Added
d) Modified
Answer: c) Added
b) Tunnelling protocols
c) Network protocols
d) Mailing protocols
a) single organization
b) multiple organizations
c) multilevel organization
d) connected organizations
Answer: a) single organization
a) internet
b) token ring
c)html
d) extranet
a) logical
b) physical
c) dependent
d) connected
Answer: b) physical
13) In networking firewall and ____ systems are used for controlling traffic movement around
the network.
a) authorized
b) authentication
c) autogenerated
d) automatic
Answer: b) authentication
15) __________ provides an isolated tunnel across a public network for sending and receiving
data privately as if the computing devices were directly connected to the private network.
SIC MCQs
Chapter 9
1.To send a packet, the source should know the following addresses
a. MAC Address
b. IP address
c. DNS
Answer : d
2.DNS Stands for
Answer: a
3. The protocol used to find the IP address when Mac address is given
a. RARP
b.ARP
c. DNS
d. IP
Answer :b
a.5
b.6
c.7
d.8
Answer:c
5. The connection less protocol used in transport layer in OSI reference model is
a. TCP
b. UDP
c. IP
d. RARP
Answer: b
6. The dumb device used to provide solution to connectivity in network is
a. hub
b. switch
c. modem
d.cables
Answer: a
a. 23
b.25
c.80
d.443
Anwer : c
a. hubs
b. switch
c. modem
d.Rourters
answer :d
a. Internet protocol
10. _________ are the updates released by the product vendor which should be applied in a timely
manner
a. Patches
b. Updates
c. Instants
d. Data
Answer : a
11 The ______can be queried to see who logged on to the router from where
a. TFTP Server
b. Web server
c. Diagnostic Services
d. Finger Services
Answer :D
12. Web interface accessed by a browser can be monitored by _______
b. Diagnostic Services
c. SNMP
d. Network Protocol
Answer :C
Answer :D
a. Accounting
b. Accessing
c. Authentication
d. Authorization
Answer:C
15. ___________-is used to trouble shoot the network layer connectivity by mapping the network path
between the source and destination
a. Traceroute
b. Echo
c. SNMP
d. ICMP
Answer :a
a. Network unreachable
b. port unreachable.
c. Protocol unreachable
d. Port unreachable
Answer : D
17. ___________ is an attempt to slip through the external defenses by masquerading as an internal
host.
a. Sniffing
b. Address spoofing
c. Trojan horse
d. Worms
Answer: B
18. The fragmentation needed is which code of the ICMP error message
a. 1
b. 2
c. 3
d. 4
Answer :D
a. Time to leave
b. Take to leave
c. Time to live
d. Take to live
Answer : C
a. Network layer
b. Transport layer
c. Session layer
d. Data link layer
Answer:B
1. Omnidirectional antennas are used………………………wireless network topologies.
a) Point to point
b) Point to multipoint
c) Multipoint to point
d) All of the above
Ans : FHSS
Ans : ACK
5. DSSS system spreads the baseband signal by _____________the baseband pulses with a
pseudo noise sequence.
a) Adding
b) Subtracting
c) Multiplying
d) Dividing
Ans : Multiplying
Ans : Frequency
7. The __________ family of wireless LAN protocols, collectively known as Wi-Fi and
commonly found in many organizations and households
a) 802.11
b) 803
c) 801
d) 804
Ans : 802.11
Ans : d) WLAN
10. There are ________ generic types of antennas, which can be further divided into subtypes
a) 3
b) 4
c) 2
d) 5
Ans : a) 3
11. As such, Bluetooth is very resistant to ______________interference unless the interfering signal
covers the whole middle ISM band
a) microwave
b) radio
c) infrared
d) media
Ans : radio
Ans 802.11
14. One way to control your wireless signal spread is correct __________________
a) Antenna positioning
b) Order
c) sequence
d) transmitting power
Ans : c) Three
16. A radio transceiver can only transmit or receive at a given time on a given frequency, all 802.11-
compliant networks are __________________
a) full duplex
b) simplex
c) half duplex
d) complex
Subject:-SIC
A. force fully
B. With Permission
C. Without Permission
D. Both A and C
A. Host Based.
B. Network Based.
C.User Based.
D. Both B and C
3. In which approach references a baseline pattern of normal system activity to identify active
intrusion?
A. Anomaly detection.
B. Penetration identification.
C. Profile based
D. Machine based.
4. In which approach references a baseline pattern of normal system activity to identify active
intrusion?
A. Anomaly detection.
B. Penetration identification.
C. Profile based
D. Machine based.
C. Both A and B
D. Stack based.
6. In which approach use Network traffic for particular network segment analyses and detection
of threats?
8. For which IDS system is difficult to analyse the intrusion on multiple computers?
A. FTP.
B. IP.
C. HTTP.
D.UDP.
10. Which file IDS use to record all detected events and these record use for analyzing and
reporting purposes?
A. Exe File.
B. Log Files.
C. System File.
D. UB File.
1. _____ is the term for establishing a connection with a forged sender address.
a) Sequence Guessing.
b) Spam.
c) Spoofing.
d) Session hijacking.
Ans :C
2. _____ that identifies the users and groups who are allowed or denied access.
a) DACL.
b) SACL.
c) ACE.
d) ISP.
Ans : A
5. Trusted Network Interpretation of the TCSEC also know as the _____ book.
a) Orange
b) Red
c) Yellow
d) Pink
Ans :B
11. Which of the following is not the goal of the trust worthy computing
initiative.
a) Security
b) Privacy
c) Reliability
d) Authentication.
Ans :D
12. _____ defines a standard set of security requirement for a specific type of a
product (e.g OS,database or firewall)
a) Protection profile.
b) Security Targets.
c) EAL
d) TOE
Ans :A
13. Common criteria part _____ details the specific security functional
requirements and details a criterion for expressing the security functional
requirements for target of evaluation
a) 1
b) 2
c) 3
d) 4
Ans :B
15. _____ are security-related information that has been associated with object
such as files, process devices.
a) Reference monitor.
b) MAC.
c) Labels
d) DAC
Ans :C
Security in Computing SEMESTER VI
Multiple Choice Questions
Q.1 How many types of firewalls are there?
a)1
b)2
c)3
d)4
ANS: c
Q.2 which is that software installed using an internet connection as they come by-default with
operating systems?
a) Hardware
b)Software
c) stateful Inspection firewall
d) Microsoft firewall
ANS:b
Q.3 While entering or leaving the internal network,firewalls examine which of the following?
a) emails users
b) updates
c) connections
d) data packets
ANS:d
Q.4 which of the below defines the packet filtering firewall rules.
a) Access Control List
b) Protocols
c) Policies
d) Ports
ANS:a
Q.5 Which port number is used to effectively manage the firewall?
a) 70
b) 71
c) 80
d) 72
ANS:c
a) NAT
b) Static NAT
c) Dynamic NAT
d) PAT
ANS:b
Q.7 Which of the following is used to filter, analyse and perform heuristic behavior detection to
help the network security administrators?
a) UDP
b) ICMP
c) SIEM
d) DNS
ANS:c
Q.8 Using which filtering methods, firewalls can subtract the spam from your email messages?
a) URL filtering
b) Web content filtering
c) application filtering
d) Email spam filtering
ANS:d
a) firewalls
b) Web content
c) applications
d) spam
ANS: c
Q.10 Which layer of OSI model, packet filtering firewalls are implemented?
a) Application layer
b) Session layer
c) Presentation layer
d) Network layer
ANS:d
Q.11 which is the following process does converting one IP address to another, and logging of
traffic?
a)NAT
b)Static NAT
c)Dynamic NAT
d)PAT
ANS: a
a) Network Layer
b) Session layer
c) Presentation layer
d) Application layer
ANS: d
13)Which of the following involves submitting as many requests as possible to a single internet
service, overloading it and preventing it servicing legitimate requests?
a) DOS attack
b)Masquareaing
c)phishing
d)Backdoor
ANS:a
ANS:b
15) which of the following are types of firewall?
4) ___________ Scripts are used for performing validations like limiting the size of the
input fields, disallow certain characters.
a) Server side
b) Client side
c) SQL query
d) Application
Ans. Client side
5) Limiting the number of connections per second per IP address and use of strong
passwords can prevent ___________ attack.
a) Brute-force
b) SQL injection
c) Buffer overflow
d) Cookies
Ans. Brute-force
7) ___________ is common method of verifying that the person on the other end is a human
being by showing a distorted image of letters and numbers and requiring the user to type
them in correctly.
a) OTP
b) password
c) CAPTCHA
d) graphics
Ans. CAPTCHA
10) Customized client GUIs can be used to display ________________ that cannot be shown
using a regular web administration interface.
a) Complex graphics
b) header
c) footer
d) image
Ans. Complex graphics
14) _________________ is a technique to inject crafted SQL into user input fields that are
the part of the web forms.
a) SQL injection
b) brute-force
c) buffer overflow
d) cookies
Ans. SQL injection
15) ___________ Attacks are those that do not come under any specific category but still
they are considered as risk to website security.
a) General
b) cookies
c) forms
d) scripts
Ans. General
Unit 5
Chapter: Physical Security
1) Switches and Firewall come under the category of _______________ assets
a) Technical equipment
b) Computer equipment
c) Communication equipment
d) Security equipment
2) Racks and NEMA-rated enclosures come under the category of _______________ assets
a) Technical equipment
b) Furniture and Fixtures
c) Communication equipment
d) Storage equipment
12) _________________ standard is concerned with the Physical Security of Computer resources
a) ISO 45002
b) ISO 37002
c) ISO 1700
d) ISO 27002
14) One of the following is not a criteria for selecting site location for Security
a) Construction and excavation
b) RF and wireless transmission interception
c) Lighting
d) Markets and Malls
15) One of the following does not comes under the duty of Security Guards
a) Prevention of forcible intrusion
b) Prevention of Theft
c) Repairing of faulty CCTV
d) Prevention of Abuse and Arson
Sr.No Questions option-A option-B option-C option-D nswer_is_Correct
1 A firewall is installed at the point Chock point Meeting point Firewall Secure point Chock point
where the secure internal network point
and untrusted external network meet
which is also known as __________
Bit oriented Frame Network layer State full
State full firewall firewall and firewall and firewall and
Network layer firewall has two sub- firewall and
2 and stateless
categories as _________ byte oriented packet session layer stateless
firewall firewall firewall firewall firewall
Packet Filtering Dual Homed Screen Dual Host Packet
Which of the following is / are the
3 Firewall Gateway Host Firewall Filtering
types of firewall?
Firewall Firewall Firewall
4 A proxy firewall filters at _________ Physical layer Data link layer Network Application Application
layer layer layer
Network Network layer
A packet filter firewall filters at layer or Application or
5 Physical layer Data link layer Transport
__________ layer Transport
layer layer
6 A firewall needs to be __________ Robust Expansive Fast Scalable Expansive
so that it can grow proportionally
with the network that it protects.
7 A firewall is a ______security system: Network File Program None of These Network
A firewall is a network security system Hardware Both None of These Both hardware
______based that controls incoming hardware or or software
8 Software
and outgoing network traffic based on a software
set of rules:
9 Firewalls are used to protect: Home Corporate Both of None of These Both of Above
Networks Networks Above
10 If you have more than one computer Hardware Software HTML None of These Hardware
connected in the home, it is
important to protect every computer.
You should have a ____firewall
(such as a router) to protect your
network:
Either Either
Network Network
Network Host Based
11 Firewalls are often categorized as: firewalls or None of These firewalls or
Firewalls Firewalls
Host based Host based
firewalls firewalls
NAT stands for: Network Address Network Network None of These Network
12 Translation Address Access Address
Transformation Translation Translation
13 All memory units are expressed as 2 5 10 20 2
powers of ?
14 Firewall is a type of Virus Security Worm None of These Security
15 Firewalls can be of _______ kinds. 1 2 3 4 3
16 Network layer firewall works as a Frame filter Packet filter Content Virus filter Packet filter
__________ filter
17 _____________server effectively proxy Packet filter Content Application proxy
hides the true network addresses. filter Gateway
18 The first reported type of network packet Content filter Connection proxy packet filter
firewall is called a _______, which filter tracking[edit]
inspect packets transferred between
computers.
19 Data travels on the internet in small metadata packets Protocols Virus filter packets
pieces; these are called __________
20 __________ firewalls do not just Packet Application- Stateful Network Layer Application-laye
look at the metadata; they also look filtering layer packet
at the actual data transported.