SRM INSTITUTE OF SCIENCE AND TECHNOLOGY

RAMAPURAM CAMPUS

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

QUESTION BANK
2022-2023 EVEN SEMESTER

SUBJECT NAME : NETWORK SECURITY

SUBJECT CODE : 18CSE354T

YEAR : III
SEMESTER : VI

1
 UNIT- 1

Networking Devices (Layer1,2,3), Different types of network layer attacks,

Firewall- ACL, Packet Filtering, DMZ, Alerts, Audit Trials, IDS, Advantages and
Disadvantages of IDS (Need of IPS), Advantages of IPS over IDS, IPS, IPS Types-
Signature based, Anomaly based, Policy based, IPS Types - Honeypot based,
Applications, Malicious Software

PART A

1. A _____________ is a set of devices (nodes) connected by media links

A. Message
B. Protocol
C. Network
D. Distributor

Answer Network

2. In a _______ relationship, the link is shared equally between devices

A. Peer- Peer
B. Point -Point
C. Primary - secondary
D. master – slave

Answer Peer- Peer

3. Which of the following networking hardware can operate at anyone of the seven
layers of the open systems interconnection model?
A. Router
B. Gateway
C. Switch
D. Modem

Answer Gateway

4. Which device allows a network to connect to the Internet?

2
 a. Router
b. Switch
c. Hub
d. WAP
Answer Router
5. Which of the following networking devices forwards data packets between
computer networks?
A. Router
B. Gateway
C. Switch
D. Hub

Answer Router

6. Identify the network which extends a private network across a public network.
a. Storage Area Network
b. Virtual Private Network
c. Enterprise Private Network
d. Local area Network
Answer Virtual Private Network
7. Identify the layer which determines the interface of the system with the user.
a. Network
b. Datalink
c. Physical
d. Application
Answer Application
8. In which of the following, a person is constantly followed/chased by another
person or group of several peoples?
A. Phishing
B. Bulling
C. Stalking
D. Identity theft

Answer Stalking

9. Packet sniffers involve_______ receiver

A. Active

3
 B. Passive
C. legal
D. semi Active

Answer Passive

10. The DoS attack, in which the attacker establishes a large number of half open or
fully open TCP connection at the target host is_____________
A. Vulnerability attack
B. Bandwidth Flooding
C. Connection Flooding
D. UDP flooding
Answer Connection Flooding
11. Sniffers can be prevented using
A. Wired Environment
B. WiFi
C. Ethernet LAN
D. Switched Network
Answer Switched Network
12. _____________ type of cyber attack is performed by hackers without the use of
any computer software program.
a. Cross-Site Scripting
b. ARP Poisoning
c. SQL Injection
d. Social Engineering
ANSWER: Social Engineering

13. This is a type of cyber attack that has a program running on your server to bypass
the authorization.
a. DoS
b. Phishing
c. Backdoor
d. Sniffing
ANSWER: Backdoor

4
14. Which of the following statement is true?
a. All the website on the Internet is trustworthy
b. If your email attachments look suspicious, do not open it
c. Keep all the passwords the same for your different login accounts.
d. Using a pirated software doesn’t compromise your system security
ANSWER: B
15. Network layer firewall works as a __________
a. Frame filter
b. Packet filter
c. Content filter
d. Virus filter
Answer Packet Filter
16. Where is the optimal place to have a proxy server?
a. In between two private networks
b. In between a private network and a public network
c. In between two public networks
d. On all of the servers
Answer B
17. Network layer firewall has two sub-categories as _________
a. State full firewall and stateless firewall
b. Bit oriented firewall and byte oriented firewall
c. Frame firewall and packet firewall
d. Network layer firewall and session layer firewall
Answer: State full firewall and stateless firewall
18. A firewall is installed at the point where the secure internal network and
untrusted external network meet which is also known as __________
a. Chock point
b. Meeting point
c. Firewall point
d. Secure point
Answer Chock Point
19. What is one advantage of setting up a DMZ with two firewalls?
a. You can control where traffic goes in three networks
b. You can do stateful packet filtering
c. You can do load balancing

5
 d. Improved network performance
Answer You can do load balancing
20. A stateful firewall maintains a ___________ which is a list of active connections.
a. Routing table
b. Bridging table
c. State table
d. Connection table
Answer: Routing table
21. A firewall is to be configured to allow hosts in a private network to freely open
TCP connections and send packets on open connections. However, it will only
allow external hosts to send packets on existing open TCP connections or
connections that are being opened (by internal hosts) but not allow them to open
TCP connections to hosts in the private network. To achieve this the minimum
capability of the firewall should be that of
a. A combinational circuit
b. A finite automaton
c. A pushdown automaton with one stack
d. A pushdown automaton with two stacks

Answer: A pushdown automaton with two stacks

22. What is the best practice in the firewall domain environment?
A. Create two domain trusted and untrusted domain
B. Create strong policy in firewall to support different types of users
C. Create a Demilitarized zone
D. Create two DMZ zones with one untrusted domain
Answer : Create a Demilitarized zone
23. Which is not the purpose of Risk analysis?
a. It supports risk based audit decisions
b. Assists the Auditor in determining Audit objectives
c. Ensures absolute safety during the Audit
d. Assists the Auditor in identifying risks and threats
Answer : Ensures absolute safety during the Audit
24. What is the best example of why plan testing is important?
a. To prove the plan worked the first time
b. To find the correct problems

6
 c. To show the team that is not pulling their own weight
d. To verify that everyone shows up at the recovery site
Answer : To find the correct problems
25. An Intrusion Detection System (IDS) .....
a. can be configured to allow the intruder IP when an alert is generated
b. opening the network connection for an active and passive attack
c. inspects network activities and identifies suspicious patterns that may
indicate a network attack
d. an identifier for the correct usage of particular computer or total network
Answer C
26. Looks for specific network patterns generate by known malware.
a. Signature based
b. Host intrusion detection system (HIDS)
c. Anomaly based
d. Security functionality
Answer Signature based
27. What are the different ways to intrude?
a. Buffer overflows
b. Unexpected combinations and unhandled input
c. Race conditions
d. All of the Above
Answer All of the Above
28. What are the different ways to classify an IDS?
a. Zone based
b. Host & Network based
c. Network & Zone based
d. Level based
Answer Host & Network based
29. Firewalls, antivirus and anti spyware installed on every machine that monitors
all incoming and outgoing traffic for suspicious activities
a. Host intrusion detection system (HIDS)
b. Distributed intrusion detection system (DIDS)
c. Intrusion detection system (IDS)
d. Network intrusion detection system (NIDS)
Answer Host intrusion detection system (HIDS)

7
30. What are the drawbacks of the host based IDS?
a. Unselective logging of messages may increase the audit burdens
b. Selective logging runs the risk of missed attacks
c. They are very fast to detect
d. They have to be programmed for new patterns
Answer : Unselective logging of messages may increase the audit burdens
31. What are the characteristics of signature based IDS?
a. Most are based on simple pattern matching algorithms
b. It is programmed to interpret a certain series of packets
c. It models the normal usage of network as a noise characterization
d. Anything distinct from the noise is assumed to be intrusion activity
Answer : Most are based on simple pattern matching algorithms

32. Which of the following is a DISADVANTAGE of Host- based IDS?

a. Detect broad range of decision support threats
b. Maintenance is difficult due to distributed agents
c. monitor the data on the system by collect and analyse data, aggregating it
to be analysed
d. No requirement of dedicated hardware
Answer B
33. What is the major drawback of anomaly detection IDS?
a. These are very slow at detection
b. It generates many false alarms
c. It doesn't detect novel attacks
d. It generates only positive alarms
Answer It generates many false alarms
34. How are honeypots created?
a. Uses a code-transformation tool
b. Takes the input of original application source code
c. It uses a code-transformation tool and takes the input of original
application source code
d. From suspected spam messages
Answer C
35. What is the purpose of a shadow honeypot?
a. To flag attacks against known vulnerabilities

8
 b. To help reduce false positives in a signature-based IDS
c. To randomly check suspicious traffic identified by an anomaly detection
system
d. To enhance the accuracy of a traditional honeypot
Answer C
36. Into how many categories is honeypots classified based on interaction level?
A. 2
B. 3
C. 4
D. 5
Answer 3
37. Which of the following is not a type of honeypot?
a. Spider
b. Email
c. Database
d. Network
Answer Network
38. In order to help prevent spam, a honeypot performs which of the following
functions?
a. Acts as a desirable mail server in order to lure spammers
b. Delivers suspected spam messages more slowly
c. Traps suspected spam messages
d. Routes suspected spam to special enclaves in the system
e. Answer : Acts as a desirable mail server in order to lure spammers
39. Which is not a disadvantage of honeypot?
a. Puts your organization’s incident response capabilities to the test
b. It may introduce additional risks into your environment
c. It can only detect an intrusion when it is attacked directly
d. A compromised honeypot that’s not isolated effectively may be used launch
an attack on the real network
Answer Puts your organization’s incident response capabilities to the test

40. A computer ________ is a malicious code which self-replicates by copying itself to

other programs.
a. program

9
 b. virus
c. application
d. worm
Answer virus

41. ______________ infects the master boot record and it is challenging and a complex
task to remove this virus.
a. Boot Sector Virus
b. Polymorphic
c. Multipartite
d. Trojans
Answer Boot Sector Virus
42. Rootkits are
a. A set of software tools that enable an unauthorized user to gain control of
a computer system without being detected
b. A network of private computers infected with malicious software and
controlled as a group without the owners' knowledge, e.g., to send spam
messages
c. Kits used to treat online malware
d. A type of greyware

Answer A

43. What term is commonly used to describe malware that changes characteristics
or rewrites its code between infections?
a. Replicating
b. Resident
c. Polymorphic
d. User-mode
Answer : Polymorphic
44. What is a computer called when it is infected with a malware bot?
a. A zombie
b. An Android
c. A worm
d. Trojan horse
Answer A zombie

10
45. What is a Logic Bomb?
a. Bombs that detonate online when hackers play a code.
b. a set of instructions secretly incorporated into a program so that if a
particular condition is satisfied they will be carried out, usually with
harmful effects.
c. An intelligent bomb.
d. malicious software or code that is considered to fall in the "grey area"
between normal software and a virus.

Answer B

46. What is a Trojan Horse?

a. A program designed to take down the computer system while performing
an inoffensive task.
b. A hollow wooden statue of a horse in which the Greeks concealed
themselves in order to enter Troy.
c. A different type of horse.
d. A chess piece.
Answer A
47. What's Email Spoofing?
a. Adding inappropriate pictures to emails.
b. The creation of email messages with a forged sender address.
c. Fact checking emails.
d. sending emails to people you don't know.
Answer The creation of email messages with a forged sender address.
48. Software that enables a user to obtain secret information about another
computer's activities.
a. Malware
b. Adware
c. Spyware
d. Trackware
Answer Spyware
49. What is DNS Spoofing?
a. a set of instructions secretly incorporated into a program so that if a
particular condition is satisfied they will be carried out, usually with
harmful effects.

11
 b. Hacking into people's DNA's.
c. Hacking into DNS files on hospitals.
d. a form of computer hacking in which corrupt Domain Name System data
is introduced into a DNS resolver's cache, causing the name server to
return an incorrect IP address, which results in diverting traffic to the
attacker's computer.

Answer D

50. What is Buffer Overflow?

a. a form of computer hacking in which corrupt Domain Name System data
is introduced into a DNS resolver's cache, causing the name server to
return an incorrect IP address, which results in diverting traffic to the
attacker's computer
b. an anomaly where a program, while writing data to a buffer, overruns the
buffer's boundary and overwrites adjacent memory locations.
c. The overflow of butter on a kitchen counter or other surface.
d. A type of Adware.
Answer B

PART B
1. What is meant by Trusted Systems?
2. Write down the System security standards?
3. What is the role of bastion host?
4. State the difference between threats and attacks.
5. What is meant by Denial of Service and Distributed Denial of Service?
6. What is IP address spoofing?

12
7. What is meant by hijacking, smurf, wormhole, blackhole, sybil and sinkhole.
8. What is digital immune system?
9. Identify the benefits of IP Security.
10. Differentiate spyware and virus.
11. List the difference between viruses and worms and give few examples
12. In general terms, how does a worm propagate?
13. What are the typical phases of operation of a virus or worm?
14. What do you mean by Trojan Horses and logical bomb?
15. What are Zombies?
16. Give the mechanisms that access control relies on.
17. Define Audit logs
18. What are the various types of firewall and its design goal?
19. What information is used by a typical packet-filtering router?
20. What are some weaknesses of a packet- filtering router?
21. What is the difference between a packet-filtering router and a stateful inspection
firewall?
22. What is circuit level gateway?
23. What are the differences among the three configurations of firewall?
24. What is application level gateway?
25. List four techniques used by firewalls to control access and enforce a security
policy.
26. What is an access control matrix? What are its elements?
27. Identify the three classes of Intruders.
28. Give the advantages of intrusion detection system over firewall.
29. Show the design goals of firewalls.
30. Discriminate statistical anomaly detection and rule-based detection
31. Does the firewall ensure 100% security to the system? Comment.
32. What is an Intruder? List the classes of intruders.
33. What do you mean by Intrusion Detection?
34. Define honey pots? What are Honey Pots in Intrusion Detection System?
35. Write short notes on three types of Intruders.
36. What is meant by a trusted system?
37. Mention the two levels of hackers.
38. What are the two types of audit records?

13
39. What are the issues derived by porras about the design of distributed Intrusion
Detection System?
40. What are the main components involved in the distributed Intrusion Detection
System?
41. What metrics are useful for profile-based intrusion detection?
42. What are the three benefits that can be provided by IDS?
43. What is the difference between statically anomaly detection and rule-based
intrusion detection?
44. Evaluate Honeypots, Honey nets, Padded cells.
45. How Intrusion Prevention System (IPS) are classified

PART C

1. Explain in detail about the Networking Devices which are present in Layer 1,2
and 3
2. Explain in detail about Different types of network layer attacks
3. Examine in detail about Access control list.
4. Explain in detail about System Access control Mechanism.
5. Explain firewall design principles, characteristics, types and Limitations of
firewalls.
6. Explain the different types of firewalls and its configurations in detail
7. Classify architectural implementation of firewalls and Analyze typical
relationship among the untrusted network, the firewall, and the trusted network?
8. Explain how does screened host architectures for firewalls differ from screened
subnet firewall architectures? Which of these offers more security for the
information assets that remain on the entrusted network?
9. Examine in detail about Access control list. Give an example of Systems-specific
policy.
10. Explain in detail about System Access control Mechanism.
11. Summarize the different approaches to Intrusion Detection and Intrusion
Prevention
12. Discuss the architecture of distributed intrusion detection system with the
necessary diagrams?
13. Discuss the architecture of distributed intrusion prevention system with the
necessary diagrams?

14
14. Explain types of Hosts based intrusion detection. List any two IDS software
available.
15. Generalize the role of intrusion detection system? Point out the three benefits
that can be provided by the intrusion detection system?
16. Prepare comparison details between statistical anomaly detection and rule-based
intrusion detection system?
17. List the difference between statistical anomaly prevention and rule-based
intrusion prevention system?
18. Sketch the Honey pot Architecture and explain in detail
19. Explain about the malicious software, Identify a few malicious programs that
need a host program for their existence.

15
 UNIT II

Overview of IPSEC- Security Associations, Security Association Database, Security Policy

databases, AH and ESP, Tunnel and Transport mode, IP header Protection, IP and IPv6,
IPV4 and IPV6 header, Authentication Header, Mutable, Immutable and Mutable but
predictable, Encapsulation Security Payload (ESP), Internet Key Exchange, Phases of IKE,
Phase I IKE- Modes and key types, Phase I IKE Protocols, Phase II IKE, ISAKMP/IKE
Encoding

PART A
1. _________is the protocol designed to create security associations, both inbound
and outbound.
A. SA
B. CA
C. KDC
D. IKE
2. The IPsec header includes a field known as the which identifies the security
association in SAD [Security Association Database].
A. State index
B. Security parameter index
C. Sequence index
D. Flag
3. IPsec is designed to provide security at the _________
A. Transport layer
B. Network layer
C. Application layer
D. Session layer
Answer: Network layer

4. ______________ operates in transport mode and tunnel mode

A. IPsec
B. SSL
C. PGP
D. TLS
Answer: IPsec

5. ________________ is a collection of protocols designed by IETF (Internet

Engineering Task Force) to provide security for a packet at network level
A. SSL
B. PGP
C. TLS
D. IPsec
Answer: IPsec

6. IPsec defines two protocols, they are __________ and _______

16
 A. AH and SSL
B. PGP and ESP
C. AH and ESP
D. PGP and SSL
Answer: AH and ESP

7. In tunnel model, IPsec protects the_______

A. Entire IP packet
B. IP header
C. IP payload
D. IP trailer

8. The mode which can be used to secure communications between two LANs
is________
A. AH tunnel mode
B. IKE tunnel mode
C. AH transport mode
D. ESP transport mode

9. A link local address of the local addresses is used in an _____

A. isolated router
B. subnets
C. isolated subnet
D. super nets
Answer: isolated subnet

10. In the subcategories of reserved address in the Internet Protocol Version (IPv6),
the address that is used by a host to test itself without going into the network is
called
A. unspecified address
B. loopback address
C. compatible address
D. mapped address
Answer loopback address
11. The value 0000001 of the prefix of the Internet Protocol Version (IPv6) address
shows the type of
A. multicast address
B. unicast address
C. reserved
D. ISO network addresses
Answer ISO network addresses

12. Which of the following is true when describing a multicast address?

A. Packets addressed to a unicast address are delivered to a single interface.
B. Packets are delivered to all interfaces identified by the address. This is also
called a one-to-many address.

17
 C. Identifies multiple interfaces and is only delivered to one address. This
address can also be called one-to-one-of-many.
D. These addresses are meant for non routing purposes, but they are almost
globally unique so it is unlikely they will have an address overlap.
Answer B

13. Extensible Authentication Protocol is authentication framework frequently used

in___________
A. Wired Personal area Network
B. Wireless Network
C. Wired Local area Network
D. Wired Metropolitan area Network
Answer Wireless Network

14. ___________ Provides authentication at the IP Level

A. AH (Authentication Header)
B. ESP (Encapsulation Security Payload)
C. PGP (Pretty Good Privacy)
D. SSL (Secure Sockets Layer)
Answer: AH

15. The ___________ Protocol is designed to authenticate the source and to ensure
the integrity of the Payload carried by the IP Packet
A. AH (Authentication Header)
B. ESP (Encapsulation Security Payload)
C. IKE (Internet Key Exchange)
D. SSL (Secure Sockets Layer)
Answer AH

16. The _________ Protocol Provides message authentication, integrity and privacy
A. AH (Authentication Header)
B. ESP (Encapsulation Security Payload)
C. IKE (Internet Key Exchange)
D. SSL (Secure Sockets Layer)
Answer ESP

17. ESP does not provide ________

A. source authentication
B. data integrity
C. privacy
D. error control
Answer: error control

18. _________ is used for encrypting data at network level.

A. IPsec
B. HTTPS
C. SMTP

18
 D. S/MIME
Answer: IPsec

19. In ………………. Mode, the authentication header is inserted immediately after

the IP header.
A. Tunnel
B. Transport
C. Authentication
D. Both A and B
Answer: Tunnel

20. In____________ there is a single path from the fully trusted authority to any
certificate.
A. X.509
B. PGP
C. KDC
D. TSL

21. ______ provides either authentication or encryption, or both, for packets at the
IP level.
A. AH (Authentication Header)
B. ESP (Encapsulation Security Payload)
C. PGP (Pretty Good Privacy)
D. SSL (Secure Sockets Layer)
Answer ESP

22. The ……………. is used to provide integrity check, authentication, and

encryption to IP datagram.
A. AH (Authentication Header)
B. ESP (Encapsulation Security Payload)
C. PGP (Pretty Good Privacy)
D. SSL (Secure Sockets Layer)
Answer ESP

23. In the handshake protocol which is the message type first sent between client
and server ?
A. server_hello
B. client_hello
C. hello_request
D. certificate_request
Answer: client_hello

24. An ESP trailer contains:

a. Padding and Pad length
b. Padding and Integrity Check Value (ICV)
c. Padding, Pad length, and Next header
d. Padding, Pad length, Next header, Security Parameter Index (SPI), and
ICV

19
 e. Padding, Pad length, Next header and ICV
25. Encapsulating Security Payload (ESP) belongs to which Internet Security
Protocol?
A. Secure Socket Layer Protocol
B. Secure IP Protocol
C. Secure Http Protocol
D. Transport Layer Security Protocol
Answer Secure IP Protocol

26. In the above figure from left to right, the correct order of the shaded levels is
A. Network level, Application level, Transport level
B. Application level, Network level, Transport level
C. Transport level, Application level, Network level
D. Network level, Transport level, Application level
Answer: Network level, Transport level, Application level

27. In the above figure, which of the above shaded block is transparent to end
users and applications?
A. IP/IPSec
B. SSL
C. Kerberos
D. S/MIME
Answer: IP/IPSec

28. Internet Key Exchange has .... phases and modes of operations
A. 2
B. 3
C. 4
D. 5
Answer 2

29. Internet Key Exchange (IKE) uses _______.

A. Oakley
B. SKEME
C. ISAKMP
D. Oakley,SKEME,ISAKMP
Answer: Oakley,SKEME,ISAKMP

20
30. Internet Key Exchange (IKE) creates SAs for _____.
A. SSL
B. PGP
C. IPSec
D. VP
Answer IPsec

31. _______________ public key infrastructure (PKI) standard identifies the format of
public key certificates. *
a. X.500
b. X.509
c. X.590
d. X.540
32. Which of the following statements is NOT TRUE in IKE:
A. IKE is used to negotiate ESP keys for symmetric encryption for
confidentiality
B. In aggressive mode the Initiator only suggest 1 set of SA for the
communication
C. Oakley provides a framework for key exchange, but the actual key
exchange is based on the ISAKMP protocol
D. The two IKE components are ISAKMP and Oakley
E. The ISAKMP SA is first established before AH or ESP SA’s are
established

33. Internet Key Exchange (IKE) is a complex protocol based on _______ other
protocols.
A. Two
B. Three
C. Four
D. Five
Answer Three
34. The subject unique identifier of the X.509 certificates was added in which
version?
a. 1
b. 2
c. 3
d. 4
Answer 2
35. Which of the following is not an element/field of the X.509 certificates?
a. Issuer Name
b. Serial Modifier
c. Issuer unique Identifier
d. Signature
Answer: Serial Modifier

36. ---------- is an integrated system of software, encryption methodologies, and

legal agreements that can be used to support the entire information
infrastructure of an organization.

21
 a. SSL
b. PKC
c. PKI
d. SIS
Answer PKI
37. The end result of Phase 1 of ISAKMP is an interim secure channel over which
Phase II of ISAKMP is performed. What does Phase II do?
A. Negotiate ISAKMP SAs
B. Negotiate IPSEC SAs
C. Perform peer authentication
D. Perform initial Diffie-Hellman Key Exchange
38. What is the end result of Phase II of ISAKMP?
a. The IPSEC tunnel is established
b. Phase III of ISAKMP commences
c. The IPSEC tunnel is torn down and renegotiated
d. An interim secure channel is established
39. Which of the following is NOT a value add of the companion protocol ISAKMP
for IPSEC?
a. It automates the IPSEC tunnel establishment process
b. It allows symmetric keys used by encryption and hashing algorithms to
be negotiated dynamically
c. It gives a lifetime to the tunnel, after which the tunnel expires and is re-
established
d. It reduces the overheads associated with IPSEC tunnel establishment
40. Where does ISAKMP reside in the TCP/IP protocol stack?
a. Directly above IP with protocol number 50
b. Above UDP with port number 500
c. Above TCP with port number 500
d. Over AH/ESP with port number 500

41. Which of the following approaches may be used to do peer authentication

during Phase 1 of ISAKMP?
a. Pre-Shared Keys
b. Digital Certificates
c. Peer authentication is not performed during Phase 1 of ISAKMP
d. Pre-Shared Keys and Digital Certificates
42. Suppose that A has obtained a certificate from certification authority X1 and B
has obtained certificate authority from CA X2. A can use a chain of certificates
to obtain B’s public key. In notation of X.509, this chain is represented in the
correct order as –
a. X2 X1 X1 B
b. X1 X1 X2 A
c. X1 X2 X2 B
d. X1 X2 X2 A
Answer X1 X2 X2 B
43. “Conveys any desired X.500 directory attribute values for the subject of this
certificate.” Which Extension among the following does this refer to?
A. Subject alternative name

22
B. Issuer Alternative name
C. Subject directory attributes
D. Time Register directories
Answer : Subject directory attributes

23
 PART B

1. What is security policy in IPsec?

2. What are the 3 protocols used in IPsec?
3. How many security associations are there in IPsec?
4. What is the use of security association?
5. What are the five components of security policy?
6. How does IPSec work step by step?
7. What are the function areas of IP security?
8. What is tunnel mode in IP Security
9. What are the services provided by IP Security
10. What are the applications involved in IP security?
11. What are the different modes with IPsec
12. What are the protocols used to provide IP Security
13. At what layer does IPSEC and SSL VPN work on?
14. Differentiate between the transport mode and tunnel mode
15. Analyse on the term Dual stack.
16. How does AH and ESP differ while working under transport and tunnel mode?
17. What is the primary difference between AH and ESP?
18. Draw the sketch of IPv6 packet header
19. Compare IPv4 and IPv6.
20. Does IPsec Protect IP header?
21. What are the 3 main types of IPv6 addressing?
22. Show the unabbreviated colon hex notation for following IPv6 address
i. An address with 64 0s followed by 64 1s
ii. An address with 128 0s
iii. An address with 128 alternative 1s and 0s
iv. An address with 128 1s
23. Show the IPv6 abbreviated address notations given below"
i. 0000:2213:FFFF:0000:0000:0000:0000
ii. 4322:3432:0000:0000:0000:0000:1111
iii. 0000:0001:0000:0000:0000:2000:2002
iv. 0000:0000:0000:0000:FFDD:42:123
24. Find an unabbreviated IPv6 address from the following

24
 i. BCBC:B:BC:4567
ii. For the above value find the binary equivalent
iii. Find the decimal notation for the above value
iv. Identify leading 0 suppression notation for above value
v. Identify zero compression notation
25. Which IPSEC VPN protocol is used for encryption and authentication.
26. Draw the Packet Structure of IPv6
27. Give IPSEC ESP format.
28. How does IPsec offer the authentication and confidentiality services?
29. Draw the architecture of IP Security
30. What is meant by Authentication Header (AH)
31. What is meant by Encapsulated Security Payload (ESP)
32. How ESP works in transport and tunnel mode?
33. Why does ESP include a padding field
34. What are the phases of IKE
35. Draw the header format for an ISAKMP message.
36. How many phases are there in IKEv2?
37. How does the IKE protocol work?
38. What is IKE and components of IKE?
39. What is x.509 standard? When are the certificates revoked in X.509
40. List the authentication procedure of X. 509.
41. Explain the format of the X.509 certificate.
42. What is IKE Phase 1 and IKE Phase 2?
43. What are the three authentication methods that you can use during IKE Phase
1?
44. Define public key infrastructure (PKI)
45. What are the Methods of certification in public key infrastructure
46. What is meant by Block chain-based PKI
47. How PKI can be deployed by SSL Attacks

PART C

1. What is IPsec explain in detail security associations security association

Database and policy database?

25
2. Enumerate the basic Combinations of security associations in detail
3. Discuss the basic approaches to bundle security association (SA)
4. Draw and explain the architecture of IP Security
5. Explain in detail operation of Transport layer security in detail
6. Assess and explain about the transition from IPv4 to IPv6.
7. Interpret the three addressing types of IPv6
8. What is global unicast address? Outline the Three levels of hierarchy of global
unicast address with a neat sketch
9. Define AH in tunnel and transport model and state the difference between AH
and ESP.
10. Discuss the processing model for outbound packets
11. With a neat sketch show the actual ISAKMP packets that are exchanged
between initiator using the pre-shared key method in main model
12. Discuss the top-level format of an Encapsulation Security Payload (ESP) Packet
13. Explain in detail about different Phases and Modes of operation in Internet Key
Exchange
14. List and explain the important features of IKE key determination algorithm
15. With Relevant diagram, describe IKE header and Payload format
16. Explain X.509 authentication service and its certificates.
17. Describe briefly about X.509 authentication procedures. And also list out the
drawbacks of X.509 version 2.

26
 UNIT- III

Security Services for E-mail, establishing keys, Establishing Public and secret
keys, Privacy, End-to end Privacy, Privacy with distribution, List Exploders,
Authentication of the source, Based on public key technology and secret, keys
and with distribution list, Message Integrity, Non-repudiation, Introduction and
Overview of PGP, Efficient Encoding, Certificate and key revocation, Signature
types, Private key, Fing types, Anomalies, Object Format, S/MIME

PART A

1. What is e-mail?
A. Method of exchanging messages via electronic devices
B. Speed message transfer to location
C. Musical messaging service
D. Information Exchange
Answer: Method of exchanging messages via electronic devices

2. Which of them is not a major way of stealing email information?

A. Stealing cookies
B. Reverse Engineering
C. Password Phishing
D. Social Engineering
Answer: Reverse Engineering

3. Which of them is not a proper method for email security?

A. Use Strong password
B. Use email Encryption
C. Spam filters and malware scanners
D. Click on unknown links to explore
Answer D
4. ____________is a process which verifies the identity of a user who wants
to access the system.
A. Authentication
B. Non-repudiation
C. Integrity
D. Availability
Answer Authentication

5. What are email security services?

A. confidentiality
B. authentication
C. non-repudiation of origin

27
 D. all of the above
Answer D

6. Which algorithm provides the private key and its corresponding public key?
A. Key generation algorithm
B. Signature verifying algorithm
C. Signing algorithm
D. DES algorithm
Answer Key generation algorithm

7. Which hashing algorithm is used to derive the PTK for PMK?

A. SHA —1
B. SHA — 2
C. SHA — 3
D. MD — 5
Answer SHA 1

8. In which port forwarding technique does the client act on the server's behalf?
A. Remote forwarding
B. Local forwarding
C. Stable forwarding
D. Packet forwarding
Answer Remote forwarding

9. Which systems use a timestamp?

i. Public-Key Certificates
ii. Public announcements
iii. Publicly available directories
iv. Public-Key authority
A. i) and ii)
B. iii) and iv)
C. i) and iv)
D. iv) only
Answer C

10. The four Primary Security Principles related to messages are

a. Confidentiality, Integrity, Non repudiation and Authentication.
b. Confidentiality, Access Control, Integrity, Non repudiation.
c. Authentication, Authorization, Availability, Integrity
d. Availability, Authorization, Confidentiality, Integrity.
Answer A

11. Which of these systems use timestamps as an expiration date?

a. Public-Key Certificates
b. Public announcements
c. Publicly available directories
d. Public-Key authority
Answer: Public-Key Certificates

28
12. How many algorithms digital signature consists of _______
a. 2
b. 3
c. 4
d. 5
Answer 3 Algorithms

13. Using public key cryptography, X adds a digital signature σ to message M,

encrypts < M, σ >, and sends it to Y, where it is decrypted. Which one of the
following sequences of keys is used for the operations?
A. Encryption: X’s private key followed by Y’s private key; Decryption: X’s
public key followed by Y’s public key
B. Encryption: X’s private key followed by Y’s public key; Decryption: X’s
public key followed by Y’s private key
C. Encryption: X’s public key followed by Y’s private key; Decryption: Y’s
public key followed by X’s private key
D. Encryption: X’s private key followed by Y’s public key; Decryption: Y’s
private key followed by X’s public key
Answer D

14. A sender 'S' sends a message 'in' to receiver 'R', which is digitally signed by S with
its private key. In this scenario one (or) more of the following security violations
can take place.
(i) S can launch a birthday attack to replace m with fraudulent
message
(ii) A third-party attacker can launch a birthday attack to replace m
with a fraudulent message
(iii) R can launch a birthday attack to replace m with a fraudulent
message,
Which of the following are possible security violations?
a. (i) only
b. (ii) only
c. (i) and (ii) only
d. (i) and (iii) only
Answer (i) Only
15. Which of the following are used to generate a message digest by the network
security protocols?
(P) RSA (Q) SHA-1 (iii) DES (S) MDS
A. P and R only
B. R and S only
C. Q and R only
D. Q and S only

16. In the RSA algorithm, we select 2 random large values ‘p’ and ‘q’. Which of the
following is the property of ‘p’ and ‘q’?

29
 A. p and q should be divisible by Ф(n)
B. p and q should be co-prime
C. p and q should be prime
D. p/q should give no remainder
Answer C

17. For p = 11 and q = 19 and choose d=17. Apply RSA algorithm where Cipher
message=80 and thus find the plain text.
a. 54
b. 43
c. 5
d. 24
Answer: c

18. Mention the size of the message integrity code key

A. 64 bits
B. 128 bits
C. 256 bits
D. 512 bits

19. Which operation is used in encryption using IDEA?

A. Addition modulo 216
B. Bit wise XOR
C. Addition modulo 216 and bit wise XOR
D. Addition modulo 216 and bit wise AND

20. Pretty good privacy (PGP) security system uses______________

A. Public key cryptosystem
B. Private key cryptosystem
C. Public & Private key cryptosystem
D. Secret key cryptosystem
Answer C

21. Data compression includes______________

a. Removal of redundant character
b. Uniform distribution of characters
c. Removal of redundant character & Uniform distribution of characters
d. Removing a part of data randomly
Answer C

22. What is the key size allowed in PGP?

30
 a. 1024-1056
b. 1024-4056
c. 1024-4096
d. 1024-2048
Answer C

23. ___________ was invented by Phil Zimmerman

a. IPSec
b. SSL
c. TLS
d. PGP
Answer D

24. ________________ Provides Privacy, Integrity and Authentication in e-mail

a. IPSec
b. SSL
c. TLS
d. PGP
Answer D

25. In PGP, a hash code of a message is created using ____.

a. SHA-1
b. IDEA
c. 3DES
d. Whirlpool
Answer: A

26. _________ uniquely identifies the MIME entities uniquely with reference to
multiple contexts.
a. Content description.
b. Content -id.
c. Content type.
d. Content transfer encoding.
Answer: B

31
27. Receiving agents of S/MIME uses ____ algorithm.
a. Triple DES
b. RSA
c. SHA-1
d. MD5
Answer: B

28. S/MIME uses Cryptographic ___________security service such has confidentiality

or integrity
a. Message Syntax
b. Algorithms
c. Hashing
d. Mechanism
Answer: A

29. What type of data is processed from MIME to MTA in S/MIME

a. Non ASCII Code
b. 7 Bit ASCII Code
c. 8 Bit ASCII Code
d. Plain text
Answer B

30. The processed S/MIME along with security related data is called as ________.
a. public key cryptography standard.
b. private key cryptography standard.
c. S/MIME.
d. MIME.
Answer: A.

31. uniquely identifies the MIME entities uniquely with reference to multiple
contents.
A. Content description
B. Content ID
C. Content type
D. Content transfer encoding
Answer: Content ID

32
33
 PART B

1. List the Security Services available for Email.

2. How to establishing keys privacy over Email.
3. What is meant by Message Integrity
4. How do I provide security to my email?
5. What are the types of email security?
6. How do I create a public and private key?
7. Which algorithm is used to generate public and private keys?
8. State the difference between End-to end Privacy and Privacy with distribution
9. Describe the Pretty Good Privacy for E-mail security
10. What are distribution keys?
11. What is the distribution list?
12. What do you mean by PGP? List the services of PGP
13. How does PGP generate a signature before applying compression?
14. Why R64 conversion useful for email generation?
15. What are the five principal services offered by PGP?
16. Draw the general format for PGP message.
17. What are the security options PGP allows when sending an email message?
18. How does PGP use the concept of trust?
19. What is message integrity and message authentication?
20. How do you check integrity of a message?
21. What part of a message ensures the integrity of the message?
22. What are the differences between message confidentiality and integrity?
23. What is non-repudiation with example? Where is non-repudiation used?
24. What does repudiation mean in Network security?
25. What is non-repudiation in CIA?
26. What is encoding in network security?
27. How does encoding help data security?
28. What is a key revocation certificate? What are the reasons for certificate
revocation?
29. Where is certificate revocation list stored?
30. What is signature in network security?
31. What are the types of signature?
32. Define Fing? List the types of Fing

34
33. What does Network anomaly mean?
34. What are the three 3 basic approaches to anomaly detection?
35. Define S/MIME.
36. Write down the functions provided by S/MIME.
37. What are the different types of MIME?
38. How the signed data entity of S-MIME be prepared? Write the Steps.
39. What are the key algorithms used in S/MIME?
40. What are the headers fields define in MIME?

35
 PART C

1. Describe the message format, the message transfer and the underlying protocol
involved in the working of an electronic mail.
2. Analyze the architecture and services of an E-mail system.
3. Explain in detail about attacks that are possible through E-mail.
4. Explain in detail about authentication of the source in email services.
5. Explain in details how electronic mail application is carried out in a network. Also
explain the protocols used in this application
6. How would you transfer the message using Simple Mail Transfer Protocol?
7. Explain the final delivery of email to the end user using POP3.
8. Explain in detail about PGP and draw the general format of PGP message.
9. Explain about the RSA Algorithm with example as p=7, q=13, e=5 & PT=10.
10. Explain in detail about elliptic curves cryptography and how does elliptic curves
take part in Encryption and decryption Process?
11. Explain Key-distribution center with all aspects with neat diagram. What are the
4 methods of public key distribution?
12. How do you Measure the Public key-distribution and Symmetric Key-Distribution
13. What do you mean by AES? Diagrammatically illustrate the structure of AES and
describe the steps in AES encryption process with example.
14. Explain in detail about key revocation and Certificate revocation
15. Explain in detail about security Services present in Network Security
16. How does PGP provide confidentiality and authentication service for e-mail and
file storage applications? Draw the block diagram and explain its components.
17. Explain about PGP message generation and reception.
18. For what purpose Zimmerman developed PGP? Brief the various services
provided by PGP? Discuss the threats faced by an e-mail and explain its security
requirements to provide a secure e-mail service
19. Describe in detail about S/MIME.
20. Evaluate the performance of PGP. Compare it with S/MIME

36
 UNIT- IV

SSL/TLS Basic Protocol, computing the keys, client authentication, PKI as

deployed by SSL, SSL Attacks fixed in v3, Exportability, Encoding, Encrypted
Record, Handshake messages, Change_cipher_spec and Alerts, SET.

PART A

1. ___________security protocol is the internet standard version (IETF ) of SSL

A. SSL
B. PGP
C. TLS
D. IPSec
Answer: C

2. TLS has ___________ and _________ protocol

A. Handshake, Data Exchange
B. Data Exchange, Acknowledgement
C. Acknowledge, Data Retransmission
D. Error Messages, Data Retransmission
Answer: A

3. Calculation of the certificate verify in TLS involves the use of a finished label.
The finished label is the string
A. client finished for the client
B. client finished for the client; server finished for the server
C. server finished for the server
D. client finished for the server; server finished for the client
Answer: B
4. Which one of the following is not a higher ________ layer SSL protocol?
A. Alert protocol
B. Handshake protocol
C. Alarm protocol
D. Change cipher spec protocol

5. Which protocol is used to convey SSL related alerts to the peer entity?
A. Alert protocol
B. Handshake protocol
C. Upper layer protocol
D. Change cipher spec protocol

6. SSL primarily focuses on ___________

A. Integrity and non-repudiation
B. Integrity and authenticity

37
 C. Authenticity and privacy
D. Confidentiality and integrity
Answer B

7. Why did SSL certificate require in HTTP?

A. for making security weak
B. for making information move faster
C. for encrypted data sent over http protocol
D. for sending and receiving emails unencrypted
Answer» C.

8. In the SSL Protocol, each upper layer message if fragmented into a maximum of
__________ bytes.
A. 2^16
B. 2^32
C. 2^14
D. 2^12
Answer: C

9. Which protocol is used to convey SSL related alerts to the peer entity?
A. Alert Protocol
B. Handshake Protocol
C. Upper-Layer Protocol
D. Change Cipher Spec Protocol
Answer: A

10. In the SSL protocol, which protocol consists of only 1 byte?

A. Alert protocol
B. Handshake protocol
C. Upper-layer protocol
D. Change cipher spec protocol
Answer: A

11. On the upper layer of SSL, a protocol for initial authentication and transfer of
encryption keys called the …………………
A. SSL handshake protocol
B. SSL authentication protocol
C. SSL record protocol
D. SSL cipher protocol
Answer: A

12. At the lower layer of SSL, a protocol for transferring data using a variety of
predefined cipher and authentication combinations called the ……………….
A. SSL handshake protocol
B. SSL authentication protocol
C. SSL record protocol

38
 D. SSL cipher protocol
Answer: C

13. In SSL handshake, server hello messages typically contain _______________

A. List of ciphers for the session
B. Selected cipher for the session and extensions list and random bytes
C. Selected cipher for the session server
D. Random bytes and public key and public key for server

14. In the alert protocol the first byte takes the value 1 or 2 which corresponds to
and respectively.
A. Select, alarm
B. Alert, alarm
C. Warning, alarm
D. Warning, fatal
Answer D

15. Which is the key exchange algorithm used in cipher suite parameters?
A. RSA
B. Fixed Diffie-Hellman
C. Ephemeral
D. A, B and C
Answer D

16. The certificate message is required for any agreed-on key exchange method
______________ except
A. Ephemeral Diffie — Hellman
B. Anonymous Diffie — Hellman
C. Fixed Diffie — Hellman
D. RSA
Answer B*

17. ___________layer security protocol provides end to end security services for
applications.
A. Data link layer
B. Network
C. Transport
D. Application
Answer C

18. The combination of key exchange, hash and encryption algorithms defines
a_____for each SSL session.
A. List of protocols
B. Cipher suites
C. List of keys

39
 D. Handshake
Answer B

19. Which one of the following is not a session state parameter?

A. Master Secret
B. Cipher Spec
C. Peer Certificate
D. Server Write Key
Answer: D

20. In the handshake protocol which is the message type first sent between client
and server?
A. server_hello
B. client_hello
C. hello_request
D. certificate_request
Answer» B

21. Which protocol is used for the purpose of copying the pending state into the
current state?
A. Alert Protocol
B. Handshake Protocol
C. Upper-Layer Protocol
D. Change Cipher Spec Protocol
Answer D
22. The Secure Electronic Transaction Protocol is used for
A. Credit card Payment
B. Cheque Payment
C. Electronic Cash Payments
D. Payment in Internet Services
Answer A
23. In SET protocol a customer encrypts credit card number using
A. his private key
B. bank’s public key
C. bank’s private key
D. merchant’s public key
Answer B
24. The bank has to have the public keys of all customers in SET protocol as it has
to______________
A. check the digital signature of customers
B. communicate with merchants
C. communicate with merchant’s credit card company
D. certify their keys
Answer A

40
25. SET is ______________ and security specification developed to protect credit card
transaction on internet.
A. Decryption
B. Encryption
C. Compression
D. Authentication
Answer B
26. in ___________ the user needs to authenticate before using a credit card in
electronic transaction
A. SET
B. SSL
C. S-D Secure
D. WTLS
Answer B

41
 PART B
1. Mention four SSL Protocols
2. What are web security threats?
3. What protocols comprise SSL?
4. Define TLS
5. What are the steps involved in SS L required protocol?
6. How SSL Attacks can be fixed in v3.
7. What's the difference between SSL, TLS, and HTTPS?
8. What is meant by Certificate Revocation
9. What is meant by Online Certificate Status Protocol (OCSP)
10. Define public key infrastructure (PKI)
11. What are the Methods of certification in public key infrastructure
12. What is meant by Block chain-based PKI
13. How PKI can be deployed by SSL Attacks
14. With an Example, Demonstrate Encryption of Record.
15. List Different types of Handshake messages,
16. What is meant by Change_cipher_spec
17. Define Exportability
18. What is meant by Encoding
19. List Different types of Encoding Methods Present in Transport Layer
Security.
20. Define SET.
21. What is meant by SET? What are the features of SET?

42
 PART C
1. Describe the SSL Architecture in detail.
2. Write about SSL and TLS.
3. Explain handshake protocol actions of SSL.
4. Illustrate and describe the actions involved in SSL record protocol.
5. Explain Secure Socket Layer provides the reliable service.
6. Describe the SSL Specific protocol – Handshake action in detail.
7. Explain in detail operation of Transport layer security in detail
8. Write a detailed note on Web Security. What is the importance of web security?
9. Discuss in detail about change cipher spec and alert protocol.
10. Discuss in detail secure electronic transaction with neat diagram.
11. Explain in detail about SET and its operations.
12. List out the participants of SET system, and explain in detail

43
 UNIT- V

Wireless Security: IEEE 802.11 Wireless LAN, Authentication, Authentication

and confidentiality, Cellphone Security, GSM (2G) Security, Security in UMTS
(3G), Wireless LAN Vulnerabilities, Phishing, Buffer Overflow, Format String
Attacks, Cross-site Scripting (XSS), SQL Injection, Case Studies: Secure Inter-
branch Payment, Transactions, Virtual Elections.

PART A

1. In IEEE 802.11, When a frame is coming from an AP and going to station , the
address flag is_____________
A. 00
B. 01
C. 10
D. 11
Answer B
2. Which layer in the IEEE 802.11 protocol stack has the function of flow control
and error control?
A. Physical Layer
B. Logic Link Control Layer
C. Medium Access Layer
D. Transport Layer
Answer B

3. With respect to IEEE 802.11 wireless LAN, MSDU stands for

A. MAC service data unit
B. Main server data user
C. Multiframe service datagram
D. MAC service device usage usage
Answer A

4. IEEE 802.11 defines ___________ services that need to be provided by the wireless
LAN to achieve functionality equivalent to that which is inherent to wired LANs.
A. 4
B. 7
C. 5
D. 9
Answer D

44
5. _________ services are implemented in every 802.11 station, including AP
stations. _________ services are provided between BSSs.
A. Station, Distribution
B. Distribution, Station
C. Extended, Basic
D. Basic, Extended
Answer A

6. What was the security algorithm defined for the IEEE 802.11?
A. WEP
B. RSN
C. WPA
D. SSL
Answer A

7. Frequency band definition and wireless signal encoding are functions of which
layer?
A. Physical layer
B. Medium access layer
C. Logical link control layer
D. Application layer
Answer A

8. Which of the following has the strongest wireless security?

A. WPA
B. WEP
C. WPA3
D. WPA2
Answer C

9. Which of these is the anticipation of unauthorized access, data or break to

computers by means of wireless networks?
A. Wireless security
B. Wireless access
C. Wired device apps
D. Wired Security
Answer A

10. Which layer keep tracks of the frames that have been transmitted and received?
A. Physical layer
B. Medium access layer
C. Logic link control layer
D. Transport layer
Answer C

45
11. Another name for the AAA key (Authentication, Authorization and Accounting
key) is
A. Pre-shared key
B. Master session key
C. Pairwise transient key
D. Kcy conformation key
Answer B

12. Message confidentiality uses _______

A. Cipher
B. Symmetric-Key
C. Asymmetric-Key
D. Cipher Text
Answer C

13. In which phase of operation does the STA prove their identities to each other?
A. Discovery
B. Authentication
C. Key generation
D. Protected data transfer
Answer B
14. GSM is a secure _______ system.
A. Wired
B. Wireless
C. Simple
D. Complex
Answer B

15. The cryptography algorithms used in GSM are__________.

A. A1
B. A3
C. A8
D. A3/A8
Answer D
16. How many different types of cell sizes present in the GSM network?
A. 3
B. 4
C. 5
D. 6
Answer C

17. Which key distribution protocol is specified in WEP?

A. Diffie-Hellman key distribution.
B. RC4 key distribution.

46
 C. RSA key distribution.
D. There is no specified key distribution protocol in WEP.
Answer B

18. What is the minimum data speed offered by 3G mobile technology for a Stationary
user?
A. 128kbps
B. 384 kbps
C. 2 mbps
D. 8 mbps
Answer C

19. Where is encryption located in the UMTS stack of protocols?

A. In Physical Layer and Media Access Control Layer
B. In Media Access Control Layer and Radio Link Control Layer
C. In Radio Link Control Layer and Radio Resource Control Protocol
D. In Radio Resource Control Protocol and Higher Layers

20. A UMTS(Universal Mobile Telecommunication) network is a ___ network.

A. First Generation
B. Second Generation
C. Third Generation
D. Fourth Generation
Answer C

21. What are the parts of a 3G network architecture?

A. User Equipment (UE)
B. Radio Access Network (RAN)
C. Core Network
D. UE, RAN and Core network.
Answer D

22. What is the maximum data rate supported by a 3G network or UMTS network?
A. 384 kbps
B. 2 Mbps
C. 32 Mbps
D. 42 Mbps
Answer D

23. In UMTS, the security mechanisms employed between the Mobile Station and the
Radio Network Controller are responsible for:
A. Sequence Number Management
B. Encryption and Integrity Protection
C. User Authentication
D. Network Authentication

47
24. In which of the following, a person is constantly followed/chased by another
person or group of several peoples?

A. Phishing
B. Bulling
C. Stalking
D. Identity theft

Answer C

25. Which one of the following refers to the technique used for verifying the integrity
of the message?
A. Digital signature
B. Decryption algorithm
C. Protocol
D. Message Digest
Answer D

26. Which one of the following usually used in the process of Wi-Fi-hacking?
A. Aircrack-ng
B. Wireshark
C. Norton
D. Kaspersky
Answer A

27. In system hacking, which of the following is the most crucial activity?

A. Information gathering
B. Covering tracks
C. Cracking passwords
D. Information Cracking
Answer C

28. The Storm botnet was mainly used for

A. Phishing
B. DDOS Attack
C. Hacking
D. Buffer Overflow
Answer B

29. Why would a hacker use a proxy server?

A. To create a stronger connection with the target.
B. To create a ghost server on the network.
C. To obtain a remote access connection.
D. To hide malicious activity on the network.
Answer – D

48
30. Which of the following is not a factor in securing the environment against an
attack on security?
A. The education of the attacker
B. The system configuration
C. The network architecture
D. The business strategy of the company
Answer – D

31. Which phase of hacking performs actual attack on a network or system?

A. Reconnaissance
B. Maintaining Access
C. Scanning
D. Gaining Access
Answer – D

32. Which of the following is not a typical characteristic of an ethical hacker?

A. Excellent knowledge of Windows.
B. Understands the process of exploiting network vulnerabilities.
C. Patience, persistence and perseverance.
D. Has the highest level of security for the organization.
Answer – D

33. Which of the following statements (in the area of protection against typical
vulnerabilities) is true?

A. There is no reliable way to protect against format string vulnerabilities.

B. Injected shellcode can be reliably identified by intrusion detection
software.
C. Proper use of secure integer libraries eliminates integer overflow
vulnerabilities.
D. Using data execution prevention, address space layout randomization and
stack smashing protection at the same time provides complete protection
against buffer overflow exploits.
Answer C

34. In a _____________ attack, the extra data that holds some specific instructions in
the memory for actions is projected by a cyber-criminal or penetration tester to
crack the system.
A. Phishing
B. MiTM
C. Buffer-overflow
D. Click jacking
Answer C

35. Which of the stored procedure is used to test the SQL injection attack?
A. XP write
B. XP_regwrite
C. XP_reg

49
 D. XP cmdshell
Answer B
36. SQL injection is an attack in which code is inserted into strings that are later
passed to instance of SQL server.
A. Malicious
B. Redundant
C. Clean
D. Non-malicious
Answer A

37. When a station moves only within the direct communication range of the
communication stations of a single BSS, it is referred to as
A. No transition
B. BSS transition
C. ESS transition
D. MS transition
Answer A

38. Which of the following is true with respect to buffer overflows?

A. Buffer overflows on the heap cannot be exploited to run arbitrary code.
B. If a function is vulnerable to a buffer overflow due to large user input
being put in a small fixed-size buffer, making the buffer 10 times as
large as a “quick fix” will reduce the impact of the vulnerability.
C. Buffer overflows can be used to alter the state and operation of the
vulnerable application in an undetectable way.
D. Calling free() on the same memory address twice may crash the
application, but will not lead to an exploitable buffer overflow.
Answer C

39. Which of these statements about the buffer overflow problem are not correct?
A. The buffer overflow problem is partly caused by the way the C language
handles memory management
B. The buffer overflow problem is partly caused by C programmers not
handling their own memory
management properly by checking boundaries of buffers
C. All buffer overflows are simple programmer errors that are easily spotted
D. Because of the complexity of the problem, buffer overflows may be
overlooked by the most seasoned programmer
Answer C

50
40. What can make a buffer overflow a security problem?
A. Only when the attacker is able to hijack the execution of the program
B. Only when the buffer overflow is between two computers on a network
C. When security-sensitive data is overwritten
D. When data that is critical to the execution of the program is overwritten
causing the program to crash
Answer C & D

41. What typically happens when a buffer is overflowed?

A. The memory space that comes after the buffer holds the extra data as
well as
keeping the data that it contained before
B. Whatever is in the memory space that comes after the buffer is
overwritten
C. The memory chip in the computer gets too big and explodes
D. Electrons fall out of the memory chip and start a fire
Answer B

42. XSS is:

A. Injection of commands
B. Injection parameters
C. Injection of scripts
D. Injection of Intruders
Answer C
43. Which of the following languages are associated with cross-site scripting?
A. HTML
B. SQL
C. XSLT
D. JavaScript
Answer A or D
44. Which attack can execute scripts in the user’s browser and is capable of hijacking
user sessions, defacing websites or redirecting the user to malicious sites?
A. SQL Injection
B. Malware Uploading
C. Man in the middle
D. Cross site scripting
Answer D
PART B

51
1. Summarize three versions of PHY layer with the format of an IEEE 802.11 PHY
frame.
2. Formulate the basic structure of an IEEE 802.11 MAC data frame and also
explain the special control packets.
3. Interpret the two network architectures of WLAN.
4. What are the logical channels in GSM?
5. Distinguish wireless LAN and wired LAN.
6. What are the objectives and the requirements for interworking between a
wireless wide area network (WWAN) and a wireless local area network (WLAN)?
7. What is UMTS? How to handle the mobility in the UTRAN.
8. What are the elements of UTRAN architecture?
9. What is Meant by Cellphone Security.
10. Define GSM (2G). What are the 3 different types of GSM?
11. What is the range of GSM?
12. List the Services of GSM.
13. Describe the function of HLR and VLR.
14. What are the subsystems of GSM?
15. Point out the major functions in NSS
16. What security services are included in 3G UMTS?
17. How can security be applied in 3G network?
18. How many security features are there in 3G security architecture?
19. What are the three 3 basic network security measures?
20. What are the 3 elements of network security?
21. List the Security present in UMTS (3G)
22. What are the two major problems associated with wireless LAN's?
23. What are the 3 major security threats of a wireless network?
24. What is the biggest challenge when using a wireless LAN?
25. Why is a WLAN more vulnerable to security breaches than a wired LAN?
26. What is Phishing? How can I identify a Phishing scam?
27. Why is understanding the risk of Phishing important? What can I do to avoid
Phishing attacks?
28. What is buffer overflow with example?
29. What are some common buffer overflow attacks?
30. What are the types of format string attacks?
31. What causes format string vulnerability?

52
32. What are format strings explain with example?
33. What is the difference between HTML Injection and XSS?
34. What is an example of cross-site scripting XSS?
35. Which three 3 things can cross-site scripting be used for?
36. What are the most common XSS attacks?
37. Which attack is possible using XSS?
38. What is SQL injection attack with example? What is the most common SQL
injection?
39. Compare 2G and 3G Mobile Technologies.

53
 PART C
1. Write in detail about IEEE 802.11 wireless LAN. Analyze its performance.
2. Illustrate the following IEEE 802.11 architecture with neat diagrams:
(i) System architecture (ii) Protocol architecture
3. Discuss about Wireless LAN Standards. What are the design goals and
applications of wireless LAN. Menion the advantages and disadvantages of WLAN.
4. Describe about buffer overflow and format string attacks.
5. Explain 1G,2G and 3G of wireless network?
6. Describe GSM architecture and its services in detail.
7. Explain GSM Authentication and Security.
8. Identify at least four similarities and four dissimilarities between a GSM network
and UMTS network.
9. Illustrate how a GSM network provides security to the customers.
10. Elaborate on the various 802.11i phases of operation analyze its performance.
11. Formulate the gateway approach to internetwork WLANs and 3G networks.
12. Explain the architecture of UTRAN and its elements.
13. Explain in detail about the Vulnerabilities present in Wireless LAN
14. Discuss about the XSS vulnerabilities and explain the solutions to overcome the
XSS.

54
55