Scribd Logo
Upload

Welcome to Scribd!

  • Computer Network Midterm #II Student #ID - Name (Chinese)

    Uploaded by

    陳品瑞
    15 views5 pages
    This document appears to be a computer network midterm exam with 46 multiple choice questions testing knowledge of topics including: computer virus types and properties; web security protocols; virtual private networks; computer security best practices; types of cyber attacks like SQL injection, social engineering, denial of service attacks; public key infrastructure; hashing algorithms; blockchain concepts; and elliptic curve cryptography. The exam asks students to identify examples and non-examples of these topics and correctly define or describe various computer and network security terms, concepts, and methods.

    Original Description:

    Original Title

    ??

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document appears to be a computer network midterm exam with 46 multiple choice questions testing knowledge of topics including: computer virus types and properties; web security protocols; virtual private networks; computer security best practices; types of cyber attacks like SQL injection, social engineering, denial of service attacks; public key infrastructure; hashing algorithms; blockchain concepts; and elliptic curve cryptography. The exam asks students to identify examples and non-examples of these topics and correctly define or describe various computer and network security terms, concepts, and methods.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views5 pages

    Computer Network Midterm #II Student #ID - Name (Chinese)

    Uploaded by

    陳品瑞
    This document appears to be a computer network midterm exam with 46 multiple choice questions testing knowledge of topics including: computer virus types and properties; web security protocols; virtual private networks; computer security best practices; types of cyber attacks like SQL injection, social engineering, denial of service attacks; public key infrastructure; hashing algorithms; blockchain concepts; and elliptic curve cryptography. The exam asks students to identify examples and non-examples of these topics and correctly define or describe various computer and network security terms, concepts, and methods.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Computer Network Midterm #II

    Student #ID____________ Name(Chinese)___________


    1. What kind of configurations of the browser is irrelevant for lifting the security? (a)
    HomePage (b) ActiveX (c) Cookie (d) Script
    2. Which kind of virus is not categorized? (a) booting (b) file (c) bonus (d) macro
    3. What is the physical principle of computer virus? (a) bad user (b) programs (c)
    memory leak (d) fire
    4. What kind of operation will cause the possibility for the damage of files? (a) running
    programs (b) waiting for input by users (c) reading files from disk (d) writing data
    to disk
    5. What is not one of web secure protocols? (a) personal communication protocol (b)
    https (c) bbs (d) secure e-commercial protocol
    6. What is not included in VPN? (a) tunnel (b) encryption (c) backup (d) authentication
    7. What’s property is not in computer virus? (a) occupy (b) infect (c) breed (d)
    resistance
    8. What is not a good habit for using instant messaging software? (a) do not open
    downloaded files (b) do not install unclear programs (c) open video meeting to
    friends (d) do not believe strangers
    9. What is not the main function of digital signatures? (a) sourcing (b) categorizing (c)
    tampering (d) un-deniability
    10. Which one can monitor and filter network packets to protect systems? (a) anti-virus
    software (b) firewall (c) browsers (d) instant messaging
    11. Which function is not one of Trojan Horse? (a) damaging (b) self-breeding (c)
    infection (d) stealing
    12. To avoid your file reading from others, you can encrypt your file by using (a) storage
    (b) ownership (c) key (d) userid
    13. What is the main weakness for social engineering? (a) communication (b) human
    interaction (c) operating system (d) illegal request for confidentiality
    14. Which statement is not right? (a) XCC will not only affect server but also browsers
    (b) SQL injection is attacking the database (c) cross-directory attack caused by bad
    programs design (d) a patched system will not be attacked again
    15. What is not the characteristic of SQL injection? (a) caused by user (b) causes the
    tampering and leakage of database (c) programs lack authentications (d) can bypass
    the authentication and intrude the system
    16. Which one is not a strategy of social engineering? (a) fake email (b) brute force
    analyze account and password (c) phishing (d) internet fraud
    17. Which one can make sure the security of data under a communication? (a)
    compression (b) backup (c) divide (d) encryption
    18. In a public-key crypto-system, to make sure the delivering data to be random and
    un-deniable, what keys are need? (a) sender’s and receiver’s private keys (b)
    sender’s and receiver’s public keys (c) sender’s public key and receiver’s private
    key (d) sender’s private key and receiver’s public key
    19. What is the benefit of anomaly-based detection? (a) more accurate (b) can detect
    unknown threats (c) faster (d) can real-time
    20. Which one is proved theoretically safe? (a) ECC (b) DES (c) onetime pad (d) RSA
    21. Which one is to insert fake messages inside a DNS server and induce it to wrong
    site? (a) poisoning (b) hijacking (c) cracking (d) injection
    22. What is right of digital certification? (a) published by police only (b) identify people
    (c) citizen certificate is not digital certification (d) citizen certificate only allows
    company but not single people
    23. What kind of attack will be prevented by a firewall? (a) zero-day vulnerability (b)
    phishing (c) dos (d) logic bomb
    24. Attacking the weakness of a system before the patching is called: (a) zero-day
    vulnerability (b) botnet (c) Trojan Horse (d) dos
    25. Remote control zombie computer to attack is called: (a) Trojan Horse (b) botnet (c)
    zero-day vulnerability (d) phishing
    26. Delivering amount packets to shutdown the server is called: (a) Trojan Horse (b)
    spam (c) dos (d) botnet
    27. Which of the following is not a commonly used file-hashing algorithm? (a) SHA-
    224 (b) SHA-256 (c) SHA-512 (d) TLS
    28. What is the primary benefit of steganography over encryption? (a) can hold more
    data securely (b) harder to brute force the key (c) difficulty in detecting it (d) ease
    of implementation
    29. If an attack is able to insert himself into an encrypted conversion between you and
    a secure web server, he has successfully executed what type of attack? (a) smurf
    attack (b) replay attack (c) clickjacking attack (d) man-in-the-middle attack
    30. Which of the following correctly describes a drawback of symmetric key system?
    (a) computationally less intensive than asymmetric systems (b) work much more
    slowly than asymmetric systems (c) carry out mathematically intensive tasks (d)
    key must be delivered via secure courier
    31. Which of the following best describes how a digit signature is created? (a) sender
    encrypts a message digest with his private key (b) sender encrypts a message digest
    with his public key (c) receiver encrypts a message digest with his private key (d)
    receiver encrypts a message digest with his public key
    32. The CIO asks you to ensure that all e-mails have strict non-repudiation. How can a
    PKI system solve this issue? (a) managing symmetric keys for e-mail encryption (b)
    forcing all users to use-two-factor authentication when accessing the e-mail server
    (c) using PKI to support TLS on the SMTP delivery (d) issuing a digit certificate to
    all users for signing e-mails
    33. What will you used to create a HMAC? (a) TLS (b) SHA-256 (c) AES (d) RSA
    34. Which of the following is one of the most common web attack methodologies? (a)
    cross-site scripting (b) cross-site request forgery (c) buffer overflows (d) RPC errors
    35. Your boss wants a network device that will detect malicious network traffic as it
    happens and stop it from reaching systems inside your network. She has asked you
    to come up with several different options and present them to her in the morning.
    You should researching which of the following? (a) intrusion detection systems (b)
    intrusion prevention systems (c) firewalls (d) continuous auditing systems
    36. Which of the following correctly defines SQL injection? (a) modifying a database
    query statement through false input to a function (b) the process by which
    application programs manipulate strings to a base form (c) inputs to web
    applications that are processed by different parsers (d) character code sets that all
    multilanguage capability
    37. Which of the following correctly describes cross-site scripting (XSS)? (a)
    overflowing the allocated storage area to corrupt a running program (b) attempting
    to break a cryptographic system (c) exploiting the trust a site has in the user’s
    browser (d) exploiting the trust a site has for the site
    38. You’ve been asked to help configure a router that is used to connect a remote branch
    office to your corporate headquarters. The router will need to be managed remotely
    from the corporate headquarters. Which of the following protocols would you
    recommend be used to manage the remote router? (a) HTTP (b) Telnet (c) SSH (d)
    SNMP
    39. What is unique characteristics of one-time pads? (a) unbreakable (b) 4096-bit
    symmetric keys (c) provides integrity (d) vulnerable to weak keys
    40. Which cipher depends on the difficulty in factoring problem? (a) RSA (b) ECC (c)
    AES (d) SHA-256
    41. Which cipher depends on the difficulty in discrete logarithm problem? (a) RSA (b)
    ECC (c) AES (d) SHA-256
    42. Which one is the most secure encryption scheme in streaming? (a) RC4 (b) AES
    CTR mode (c) chacha (d) salsa20
    43. What is the meaning of the word K in SHA2? (a) random number (b) decimal part
    of the square prime number (c) ASCII (d) memorial day number
    44. What is the concept of mining in bitcoin? (a) apply to be a next node (b) help to
    record the transactions (c) solve a mathematical problem of SHA (d) gathering
    friends
    45. What is the most characteristics of SHA3? (a) more secure than SHA2 (b) more
    efficient (c) customized length of output (d) nothing special
    46. See the following ecliptic curve, if Alice choose the point (17,3) and Bob choose
    the point (19,5), which point will be will be their shared key? How about Alice
    choose (6,4) and Bob choose (9,16)? How about (12,4) and (11,20)

    1. a
    2. c
    3. c
    4. d
    5. c
    6. c
    7. d
    8. c
    9. c
    10. b
    11. b
    12. c
    13. b
    14. a
    15. d
    16. b
    17. d
    18. c
    19. d
    20. a
    21. a
    22. b
    23. c
    24. a
    25. b
    26. c
    27. d
    28. c
    29. d
    30. d
    31. a
    32. d
    33. b
    34. b
    35. b
    36. a
    37. d
    38. c
    39. a
    40. a
    41. c
    42. b
    43. b
    44. c
    45. a
    46. (0,1) (19,5) (3,10)

    You might also like