Final ICS MCQ 3 UNITS

UNIT 1 MCQ
1. Which of the following is not a transport layer vulnerability? [BL1]

a) Mishandling of undefined, poorly defined
b) The Vulnerability that allows “fingerprinting” & other enumeration of host information
c) Overloading of transport-layer mechanisms
d) Unauthorized network access
Explanation: The different vulnerabilities of the Transport layer are mishandling of undefined,
poorly defined, Vulnerability that allow “fingerprinting” & other enumeration of host
information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an
example of physical layer vulnerability.
2. Which of the following is not session layer vulnerability? [BL1]

a) Mishandling of undefined, poorly defined
b) Spoofing and hijacking of data based on failed authentication attempts
c) Passing of session-credentials allowing intercept and unauthorized use
d) Weak or non-existent authentication mechanisms
Explanation: Vulnerabilities of session layer of the OSI model are spoofing and hijacking of
data based on failed authentication attempts, weak or non-existent authentication mechanisms,
and the passing of session-credentials allowing intercept and unauthorized use.
3. Failed sessions allow brute-force attacks on access credentials. This type of attacks are done
in which layer of the OSI model? [BL1]
a) Physical layer
b) Data-link Layer
c) Session layer
d) Presentation layer
Explanation: Session identification may be subject to spoofing may lead to data leakage which
depends on failed authentication attempts and allow hackers to allow brute-force attacks on
access credentials.
4. Transmission mechanisms can be subject to spoofing & attacks based on skilled

modified packets. [BL1]
a) True
b) False
Explanation: Transmission mechanisms can be subject to spoofing & attacks based on skilled
modified packets. This type of attacks is done in the transport layer of the OSI model.
5. Which of the following is not an example of presentation layer issues? [BL3]

a) Poor handling of unexpected input can lead to the execution of arbitrary instructions
b) Unintentional or ill-directed use of superficially supplied input
c) Cryptographic flaws in the system may get exploited to evade privacy
d) Weak or non-existent authentication mechanisms
Explanation: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-

directed use of superficially supplied input, and poor handling of unexpected input are examples
of presentation layer flaws.
6. Which of the following is not a vulnerability of the application layer? [BL3]

a) Application design bugs may bypass security controls
b) Inadequate security controls force “all-or-nothing” approach
c) Logical bugs in programs may be by chance or on purpose be used for crashing programs
d) Overloading of transport-layer mechanisms
Explanation: Application design flaws may bypass security controls, inadequate security controls
as well as logical bugs in programs may be by chance or on purpose be used for crashing
programs. These all are part of application layer vulnerability.
7. Which of the following is an example of Transport layer vulnerability? [BL3]

a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
Explanation: Overloading of transport-layer mechanisms is an example of transport layer

vulnerability. Other examples of Transport layer vulnerability are mishandling of undefined,
poorly defined, Vulnerability that allows “fingerprinting” & other enumeration of host
information.
8. Which of the following is an example of session layer vulnerability? [BL3]
c) poor handling of unexpected input
d) highly complex application security controls
Explanation: Weak or non-existent mechanisms for authentication is an example of session layer

vulnerability. Other examples are spoofing and the hijacking of data based on failed-
authentication attempts & passing of session-credentials allowing intercept and unauthorized use.
9. Which of the following is an example of presentation layer vulnerability? [BL3]

c) highly complex application security controls
d) poor handling of unexpected input
Explanation: Poor handling of unexpected input is an example of presentation layer

vulnerability. Cryptographic flaws may be exploited to circumvent privacy, unintentional use
of superficially supplied input are some other examples of presentation layer vulnerability.
10. Which of the following is an example of application layer vulnerability? [BL3]

a) Cryptographic flaws lead to the privacy issue
b) Very complex application security controls
c) MAC Address Spoofing
d) Weak or non-existent authentication
Explanation: Very complex application security controls can be an example of application layer
vulnerability. Inadequate security controls, as well as logical bugs in programs, are some other
examples of such type.
11. A is a process of breaking a password protected system or server

by simply & automatically entering every word in a dictionary as a password. [BL3]
a) Dictionary attack
b) Phishing attack
c) Social engineering attack
d) MiTM attack
Explanation: A dictionary attack is a process of breaking a password protected system or server

by simply & automatically entering every word in a dictionary as a password
12. Which of the following comes under the advantage of dictionary attack? [BL3]
a) Time-consuming
b) Moderate efficient
c) Very fast
d) Complex to carry-out
Explanation: A dictionary attack is a process of breaking a password protected system or server

by simply & automatically entering every word in a dictionary as a password. It is very fast,
time-saving and easy to perform.
13. The hybrid attack is a combination of dictionary attack followed by inserting entropy
& performs brute force. [BL1]
a) True
b) False
Explanation: A hybrid attack is a combination of both brute force attack & dictionary attack. So,
while a dictionary attack would comprise a wordlist of passwords, the brute force attack would
be functional for each possible password in the given list.
15. Brute force attack is . [BL2]

a) fast
b) inefficient
c) slow
d) complex to understand
Explanation: A brute force is the simplest process of gaining access to any password-protected
system. It tries a variety of combinations of usernames & passwords again and again until it
cracks it or password matches. But it is comparatively slow.
16. A attack one of the simplest processes of gaining access to any password-
protected system. [BL1]
a) Clickjacking
b) Brute force
c) Eavesdropping
d) Waterhole
Explanation: A brute force is the simplest process of gaining access to any password-protected
system. It tries a variety of combinations of usernames & passwords again and again until it
cracks it or password matches.
17. attack is a combination of Dictionary attack & brute force attack. [BL2]
a) Syllable
b) Syllabi
c) Database
d) Phishing
Explanation: Syllable attack is a combination of Dictionary attack & brute force attack.
This technique may be implemented when the password is a non-existing word and attacker
tries some techniques to crack it.
18. Attackers can use the _ when he/she gets some information or hint
regarding password he/she wants to crack. [BL3]
a) Syllable attack
b) Rule-based attack
c) Offline attack
d) Hybrid attack
Explanation: Attackers can use the rule-based attack when he/she gets some information or hint
regarding password he/she wants to crack. Examples of such scenarios are like: hacker knows
about the type of password, or size or what type of data it might contain.
19. are based on dictionary attack techniques. [BL1]

a) Hybrid attacks
b) Network attacks
c) TCP attacks
d) Database attacks
Explanation: Hybrid attacks are based on dictionary attack techniques. In such types of attacks,
the dictionary attack is mixed with some numerals and special symbols.
20. are based on dictionary attack techniques where the dictionary attack is
mixed with some numerals and special symbols. [BL1]
a) Syllable attack
b) Rule-based attack
c) Offline attack
d) Hybrid attack
Explanation: Hybrid attack is a type of offline attack which is based on dictionary attack
methods. In such types of attacks, the dictionary attack is mixed with some numerals and special
symbols.
21. Which of the following is not an example of non-technical attack techniques? [BL3]
a) Shoulder surfing
b) Keyboard sniffing
c) Phishing
d) Social engineering
Explanation: In the non-technical type of attacks, it is not required to have any technical
knowledge to attack your target victim. Examples of such types of attacks are shoulder surfing,
keyboard sniffing, and social engineering.
22. Why would a hacker use a proxy server? [BL3]
A. To create a stronger connection with the target.

B. To create a ghost server on the network.
C. To obtain a remote access connection.
D. To hide malicious activity on the network.
Explanation – Proxy servers exist to act as an intermediary between the hacker and the target
and servces to keep the hacker anonymous tot he network.
23. What type of symmetric key algorithm using a streaming cipher to encrypt
information? [BL3]
A. RC4
B. Blowfish
C. SHA
D. MD5
Explanation – RC$ uses streaming ciphers.
24. Which of the following is not a factor in securing the environment against an attack
on security? [BL3]
A. The education of the attacker

B. The system configuration
C. The network architecture
D. The business strategy of the company
Explanation – All of the answers are factors supporting the exploitation or prevention of an
attack. The business strategy may provide the motivation for a potential attack, but by itself will
not influence the outcome.
25. What type of attack uses a fraudulent server with a relay address? [BL2]
A. NTLM
B. MITM
C. NetBIOS
D. SMB
Explanation – MITM (Man in the Middle) attacks create a server with a relay address. It is used
in SMB relay attacks.
26. What port is used to connect to the Active Directory in Windows 2000? [BL1]
A. 80
B. 445
C. 139
D. 389
Explanation – The Active Directory Administration Tool used for a Windows 2000 LDAP
client uses port 389 to connect to the Active Directory service.
27. To hide information inside a picture, what technology is used? [BL1]

A. Rootkits
B. Bitmapping
C. Steganography
D. Image Rendering
Explanation – Steganography is the right answer and can be used to hide information in
pictures, music, or videos.
28. Which phase of hacking performs actual attack on a network or system? [BL3]
A. Reconnaissance
B. Maintaining Access
C. Scanning
D. Gaining Access
Explanation – In the process of hacking, actual attacks are performed when gaining access, or
ownership, of the network or system. Reconnaissance and Scanning are information gathering
steps to identify the best possible action for staging the attack. Maintaining access attempts to
prolong the attack.
29. Attempting to gain access to a network using an employee’s credentials is called the
mode of ethical hacking. [BL3]
A. Local networking
B. Social engineering
C. Physical entry
D. Remote networking
Explanation – Local networking uses an employee’s credentials, or access rights, to gain access
to the network. Physical entry uses credentials to gain access to the physical IT infrastructure.
30. Which Federal Code applies the consequences of hacking activities that disrupt subway
transit systems? [BL3]
A. Electronic Communications Interception of Oral Communications

B. 18 U.S.C. § 1029
C. Cyber Security Enhancement Act 2002
D. 18 U.S.C. § 1030
Explanation – The Cyber Security Enhancement Act 2002 deals with life sentences for hackers
who recklessly endanger the lives of others, specifically transportation systems.
31. Which of the following is not a typical characteristic of an ethical hacker? [BL3]
A. Excellent knowledge of Windows.

B. Understands the process of exploiting network vulnerabilities.
C. Patience, persistence and perseverance.
D. Has the highest level of security for the organization.
Explanation – Each answer has validity as a characteristic of an ethical hacker. Though having
the highest security clearance is ideal, it is not always the case in an organization.
32. What is the proper command to perform an Nmap XMAS scan every 15seconds? [BL3]
A. nmap -sX -sneaky

B. nmap -sX -paranoid
C. nmap -sX -aggressive
D. nmap -sX –polite
Explanation – SX is used to identify a xmas scan, while sneaky performs scans 15 seconds apart.
33. What type of rootkit will patch, hook, or replace the version of system call in order to
hide information? [BL3]
A. Library level rootkits

B. Kernel level rootkits
C. System level rootkits
D. Application level rootkits
Explanation – Library leve rootkits is the correct answer. Kerel level focuses on replaceing
specific code while application level will concentrate on modifying the behavior of the
application or replacing application binaries. The type, system level, does not exist for rootkits.
34. What is the purpose of a Denial of Service attack? [BL3]
A. Exploit a weakness in the TCP/IP stack

B. To execute a Trojan on a system
C. To overload a system so it is no longer operational
D. To shutdown services by turning them off
Explanation – DoS attacks force systems to stop responding by overloading the processing of
the system.
35. What are some of the most common vulnerabilities that exist in a network or system? [BL3]
A. Changing manufacturer, or recommended, settings of a newly installed application.

B. Additional unused features on commercial software packages.
C. Utilizing open source application code
D. Balancing security concerns with functionality and ease of use of a system.
Explanation – Linux is an open source code and considered to have greater security than the
commercial Windows environment. Balancing security. Ease of use and functionality can open
vulnerabilities that already exist. Manufacturer settings, or default settings, may provide basic
protection against hacking threats, but need to change to provide advance support. The unused
features of application code provide an excellent opportunity to attack and cover the attack.
36. What is the sequence of a TCP connection? [BL1]
A. SYN-ACK-FIN
B. SYN-SYN ACK-ACK
C. SYN-ACK
D. SYN-SYN-ACK
Explanation – A three-handed connection of TCP will start with a SYN packet followed by a
SYN-ACK packet. A final ACK packet will complete the connection.
37. What tool can be used to perform SNMP enumeration? [BL2]
A. DNSlookup
B. Whois
C. Nslookup
D. IP Network Browser
Explanation – SNMPUtil and IP Network Browser is SNMP enumeration tool
38. Which ports should be blocked to prevent null session enumeration? [BL2]
A. Ports 120 and 445

B. Ports 135 and 136
C. Ports 110 and 137
D. Ports 135 and 139
Explanation – Port 139 is the NetBIOS Session port typically can provide large amounts of
information using APIs to connect to the system. Other ports that can be blocked in 135,
137,138, and 445.
39. The first phase of hacking an IT system is compromise of which foundation of

security? [BL3]
A. Availability
B. Confidentiality
C. Integrity
D. Authentication
Explanation – Reconnaissance is about gathering confidential information, such as usernames

and passwords.
40. How is IP address spoofing detected? [BL2]
A. Installing and configuring a IDS that can read the IP header

B. Comparing the TTL values of the actual and spoofed addresses
C. Implementing a firewall to the network
D. Identify all TCP sessions that are initiated but does not complete successfully
Explanation – IP address spoofing is detectable by comparing TTL values of the actual and
spoofed IP addresses
41. Why would a ping sweep be used? [BL3]
A. To identify live systems

B. To locate live systems
C. To identify open ports
D. To locate firewalls
Explanation – A ping sweep is intended to identify live systems. Once an active system is found
on the network, other information may be distinguished, including location. Open ports and
firewalls.
42. What are the port states determined by Nmap? [BL3]
A. Active, inactive, standby

B. Open, half-open, closed
C. Open, filtered, unfiltered
D. Active, closed, unused
Explanation – Nmap determines that ports are open, filtered, or unfiltered.
43. What port does Telnet use? [BL1]
A. 22
B. 80
C. 20
D. 23
Explanation – Telnet uses port 23.
44. Which of the following will allow footprinting to be conducted without detection? [BL1]
A. PingSweep
B. Traceroute
C. War Dialers
D. ARIN
Explanation – ARIN is a publicly accessible database, which has information that could be
valuable. Because it is public, any attempt to obtain information in the database would go
undetected.
45. Performing hacking activities with the intent on gaining visibility for an unfair situation
is called . [BL1]
A. Cracking
B. Analysis
C. Hacktivism
D. Exploitation
Explanation – Hacktivism is the act of malicious hacking for a cause or purpose.
46. What is the most important activity in system hacking? [BL1]
A. Information gathering
B. Cracking passwords
C. Escalating privileges
D. Covering tracks
Explanation – Passwords are a key component to access a system, making cracking the
password the most important part of system hacking.
47. A packet with no flags set is which type of scan? [BL1]
A. TCP
B. XMAS
C. IDLE
D. NULL
Explanation – A NULL scan has no flags set.
48. Sniffing is used to perform fingerprinting. [BL3]
A. Passive stack
B. Active stack
C. Passive banner grabbing
D. Scanned
Explanation – Passive stack fingerprinting uses sniffing technologies instead of scanning.
49. Phishing is a form of . [BL2]
A. Spamming
B. Identify Theft
C. Impersonation
D. Scanning
Explanation – Phishing is typically a potential attacker posing, or impersonating, a financial

institution
50. Why would HTTP Tunneling be used? [BL3]
A. To identify proxy servers

B. Web activity is not scanned
C. To bypass a firewall
D. HTTP is a easy protocol to work with
Explanation – HTTP Tunneling is used to bypass the IDS and firewalls present on a network.
51. Which Nmap scan is does not completely open a TCP connection? [BL3]
A. SYN stealth scan

B. TCP connect
C. XMAS tree scan
D. ACK scan
Explanation – Also known as a “half-open scanning,” SYN stealth scan will not complete a full
TCP connection.
52. What protocol is the Active Directory database based on? [BL1]
A. LDAP
B. TCP
C. SQL
D. HTTP
Explanation – Active4 direction in Windows 200 is based on a Lightweight Directory Access

Protocol (LDAP).
53. Services running on a system are determined by . [BL1]
A. The system’s IP address.

B. The Active Directory
C. The system’s network name
D. The port assigned
Explanation – Hackers can identify services running on a system by the open ports that are
found.
54. What are the types of scanning? [BL3]
A. Port, network, and services

B. Network, vulnerability, and port
C. Passive, active, and interactive
D. Server, client, and network
Explanation – The three types of accepted scans are port, network, and vulnerability.
55. Enumeration is part of what phase of ethical hacking? [BL3]

A. Reconnaissance
C. Gaining Access
D. Scanning
Explanation – Enumeration is a process of gaining access to the network by obtaining

information on a user or system to be used during an attack.
56. Keyloggers are a form of . [BL3]
A. Spyware
B. Shoulder surfing
C. Trojan
D. Social engineering
Explanation – Keyloggers are a form of hardware or software spyware installed between the
keyboard and operating system.
57. What are hybrid attacks? [BL3]
A. An attempt to crack passwords using words that can be found in dictionary.

B. An attempt to crack passwords by replacing characters of a dictionary word with
numbers and symbols.
C. An attempt to crack passwords using a combination of characters, numbers, and symbols.
D. An attempt to crack passwords by replacing characters with numbers and symbols.
Explanation – Hybrid attacks do crack passwords that are created with replaced characters of
dictionary type words.
58. Which form of encryption does WPA use? [BL1]
A. Shared key
B. LEAP
C. TKIP
D. AES
Explanation – TKIP is used by WPA
59. What is the best statement for taking advantage of a weakness in the security of an
IT system? [BL3]
A. Threat
B. Attack
C. Exploit
D. Vulnerability
Explanation – A weakness in security is exploited. An attack does the exploitation. A weakness

is vulnerability. A threat is a potential vulnerability.
60. Which database is queried by Whois? [BL3]
A. ICANN
B. ARIN
C. APNIC
D. DNS
Explanation – Who utilizes the Internet Corporation for Assigned Names and Numbers.
61. Having individuals provide personal information to obtain a free offer provided through
the Internet is considered what type of social engineering? [BL3]
A. Web-based
B. Human-based
C. User-based
D. Computer-based
Explanation – Whether using email, a fake website, or popup to entice the used, obtaining
information from an individual over the Internet is a computer-based type of social engineering
62. In The SSL Record Protocol Operation Pad_2 Is – [BL3]
A. Is The Byte 0x36 Repeated 40 Times For MD5

B. Is The Byte 0x5C Repeated 48 Times For MD5
C. Is The Byte 0x5C Repeated 48 Times For SHA-1
D. Is The Byte 0x36 Repeated 48 Times For MD5
Is The Byte 0x5C Repeated 48 Times For MD5
63. The DSS Signature Uses Which Hash Algorithm? [BL2]

A. MD5
B. SHA-2
C. SHA-1
D. Does Not Use Hash Algorithm
Explanation: DSS Signature Uses SHA-1 Hash Algorithm
64. The Certificate_request Massage Includes Two Parameters, One Of Which Is- [BL3]
A. Certificate_extension
B. Certificate_creation
C. Certificate_exchange
D. Certificate_type
65. In The Handshake Protocol Which Is The Message Type First Sent Between Client
And Server ? [BL3]
A. Server_hello
B. Client_hello
C. Hello_request
D. Certificate_request
66. Which Of The Following Is An Independent Malicious Program That Need Not Any
Host Program? [BL2]
A. Trap Doors
B. Trojan Horse
C. Virus
D. Worm
67. Why Would A Hacker Use A Proxy Server? [BL3]

A. To Create A Stronger Connection With The Target.
B. To Create A Ghost Server On The Network.
C. To Hide Malicious Activity On The Network
D. To Obtain A Remote Access Connection.
68. Which Of The Following Is Not A Factor In Securing The Environment Against An
Attack On Security? [BL2]
A. The System Configuration
B. The Business Strategy Of The Company
C. The Education Of The Attacker
D. The Network Architecture
69. To Hide Information Inside A Picture, What Technology Is Used? [BL2]

A. Rootkits
B. Bitmapping
C. Steganography
D. Image Rendering
70. What Type Of Rootkit Will Patch, Hook, Or Replace The Version Of System Call In
Order To Hide Information? [BL2]
A. Library Level Rootkits
B. Kernel Level Rootkits
C. System Level Rootkits
D. Application Level Rootkits
71. What Is The Sequence Of A TCP Connection? [BL2]

A. SYN-ACK-FIN
B. SYN-SYN ACK-ACK
C. SYN-ACK
D. SYN-SYN-ACK
72. What Tool Can Be Used To Perform SNMP Enumeration? [BL2]

A. DNSlookup
B. Whois
C. Nslookup
D. IP Network Browser
73. The First Phase Of Hacking An IT System Is Compromise Of Which Foundation

Of Security? [BL1]
A. Availability
B. Confidentiality
C. Integrity
D. Authentication
74. What Port Does Telnet Use? [BL1]

A. 22
B. 80
C. 20
D. 23
75. Performing Hacking Activities With The Intent On Gaining Visibility For An
Unfair Situation Is Called . [BL1]
A. Cracking
B. Analysis
C. Hacktivism
D. Exploitation
76. What Is The Most Important Activity In System Hacking? [BL3]

A. Information Gathering
B. Cracking Passwords
C. Escalating Privileges
D. Covering Tracks
77. Phishing Is A Form Of . [BL3]

A. Impersonation
B. Spamming
C. Identify Theft
D. Scanning
78. Enumeration Is Part Of What Phase Of Ethical Hacking? [BL3]

A. Reconnaissance
C. Gaining Access
D. Scanning
79. When A Person Is Harrassed Repeatedly By Being Followed, Called Or Be Written

To He/she Is A Target Of [BL2]
A. Bullying
B. Identity Theft
C. Phishing
D. Stalking
80. Which Of The Following Malicious Program Do Not Replicate Automatically? [BL2]
A. Trojan Horse
B. Virus
C. Worm
D. Zombie
81. Keyloggers Are A Form Of [BL3]

A. Spyware
B. Shoulder Surfing
C. Trojan
D. Social Engineering
82. Which Of The Following Is A Class Of Computer Threat [BL2]

A. DoS Attacks
B. Phishing
C. Stalking D. Soliciting
Unit 2 MCQ
1. Caesar Cipher is an example of [BL1]

a) Poly-alphabetic Cipher
b) Mono-alphabetic Cipher
c) Multi-alphabetic Cipher
d) Bi-alphabetic Cipher
Answer: b
Explanation: Caesar Cipher is an example of Mono-alphabetic cipher, as single alphabets are
encrypted or decrypted at a time.
2. Monoalphabetic ciphers are stronger than Polyalphabetic ciphers because frequency analysis
is tougher on the former. [BL1]
a) True
b) False
Answer: b
Explanation: Monoalphabetic ciphers are easier to break because they reflect the
frequency of the original alphabet.
3. Choose from among the following cipher systems, from best to the worst, with respect to
ease of decryption using frequency analysis. [BL1]
a) Random Polyalphabetic, Plaintext, Playfair
b) Random Polyalphabetic, Playfair, Vignere
c) Random Polyalphabetic, Vignere, Playfair, Plaintext
d) Random Polyalphabetic, Plaintext, Beaufort, Playfair
Answer: c
Explanation: Random Polyalphabetic is the most resistant to frequency analysis, followed by
Vignere, Playfair and then Plaintext.
4. On Encrypting “thepepsiisintherefrigerator” using Vignere Cipher System using the

keyword “HUMOR” we get cipher text- [BL1]
a) abqdnwewuwjphfvrrtrfznsdokvl
b) abqdvmwuwjphfvvyyrfznydokvl
c) tbqyrvmwuwjphfvvyyrfznydokvl
d) baiuvmwuwjphfoeiyrfznydokvl
Answer: b
Explanation: Cipher text:= Ci = Pi + ki mod m (mod 26).
5. In brute force attack, on average half of all possible keys must be tried to achieve
success. [BL1]
a) True
b) False
Answer: a
Explanation: In brute force attack the attacker tries every possible key on a piece of
cipher-text until an intelligible translation into plaintext is obtained.
6. Use Caesar’s Cipher to decipher the following [BL1]

HQFUBSWHG WHAW
a) ABANDONED LOCK
b) ENCRYPTED TEXT
c) ABANDONED TEXT
d) ENCRYPTED LOCK
Answer: b
Explanation: Caesar Cipher uses C =(p+3) mod 26 to encrypt.
7. On Encrypting “cryptography” using Vignere Cipher System using the keyword

“LUCKY” we get cipher text [BL1]
a) nlazeiibljji
b) nlazeiibljii
c) olaaeiibljki
d) mlaaeiibljki
8. The S-Box is used to provide confusion, as it is dependent on the unknown key. [BL1]
a) True
b) False
Answer: a
Explanation: The S-Box is used to provide confusion, as it is dependent on the unknown key.
The P-Box is fixed, and there is no confusion due to it, but it provides diffusion.
9. This is an example of
Answer: b
Explanation: The figure is the Feistel Cipher Structure.
10. Which of the following slows the cryptographic algorithm – [BL1]

1) Increase in Number of rounds
2) Decrease in Block size
3) Decrease in Key Size
4) Increase in Sub key Generation
a) 1 and 3
b) 2 and 3
c) 3 and 4
d) 2 and 4
Answer: b
Explanation: Increase in any of the above 4 leads to slowing of the cipher algorithm i.e. more
computational time will be required.
11. DES follows [BL1]

a) Hash Algorithm
b) Caesars Cipher
c) Feistel Cipher Structure
d) SP Networks
Answer: c
Explanation: DES follows Feistel Cipher Structure.
12. The DES Algorithm Cipher System consists of rounds (iterations) each with
a round key [BL1]
a) 12
b) 18
c) 9
d) 16
Answer: d
Explanation: The DES Algorithm Cipher System consists of 16 rounds (iterations) each with a
round key.
13. The DES algorithm has a key length of [BL1]

a) 128 Bits
b) 32 Bits
c) 64 Bits
d) 16 Bits
Answer: c
Explanation: DES encrypts blocks of 64 bits using a 64 bit key.
14. In the DES algorithm, although the key size is 64 bits only 48bits are used for the
encryption procedure, the rest are parity bits. [BL1]
a) True
b) False
Answer: b
Explanation: 56 bits are used, the rest 8 bits are parity bits.
15. In the DES algorithm the round key is bit and the Round Input is [BL1]
bits.
a) 48, 32
b) 64,32
c) 56, 24
d) 32, 32
Answer: a
Explanation: The round key is 48 bits. The input is 32 bits.
16. In the DES algorithm the Round Input is 32 bits, which is expanded to 48 bits via
. [BL1]
a) Scaling of the existing bits
b) Duplication of the existing bits
c) Addition of zeros
d) Addition of ones
Answer: a
Explanation: The round key is 48 bits. The input is 32 bits. This input is first expanded to 48
bits (permutation plus an expansion), that involves duplication of 16 of the bits.
17. The Initial Permutation table/matrix is of size. [BL1]

a) 16×8
b) 12×8
c) 8×8
d) 4×8
Answer: c
Explanation: There are 64 bits to permute and this requires a 8×8 matrix.
18. The number of unique substitution boxes in DES after the 48 bit XOR operation are [BL1]
a) 8
b) 4
c) 6
d) 12
Answer: a
Explanation: The substitution consists of a set of 8 S-boxes, each of which accepts 6 bits as
input and produces 4 bits as output.
19. In the DES algorithm the 64 bit key input is shortened to 56 bits by ignoring every 4th
bit. [BL2]
a) True
b) False
Answer: b
Explanation: Every 8th bit is ignored to shorten the key length.
20. During decryption, we use the Inverse Initial Permutation (IP-1) before the IP. [BL2]
a) True
b) False
Answer: a
Explanation: IP-1 is the first step and the last step is IP during decryption.
21. The number of tests required to break the DES algorithm are
[BL2] a) 2.8×1014
b) 4.2×109
c) 1.84×1019
d) 7.2×1016
Answer: d
Explanation: There are 256 keys =7.2×1016.
22. The number of tests required to break the Double DES algorithm are
[BL2] a) 2112
b) 2111
c) 2128
d) 2119
Answer: b
Explanation: For Double DES key is 2112 bits, should require 2111 tests to break.
23. How many keys does the Triple DES algorithm use? [BL2]
a) 2
b) 3
c) 2 or 3
d) 3 or 4
Answer: c
Explanation: For Triple DES we can either have 2 or 3 keys.
Using two keys: c = Ek1(Dk2(Ek1(m)))
Using three keys: c = Ek3(Ek2(Ek1(m))).
24. In triple DES, the key size is and meet in the middle attack takes tests to break the
key. [BL2]
a) 2192 ,2112
b) 2184,2111
c) 2168,2111
d) 2168,2112
Answer: d
Explanation: The key size is 2168 and meet in the middle attack takes 2112 tests to break.
25. Using Differential Crypt-analysis, the minimum computations required to decipher the
DES algorithm is [BL2]
a) 256
b) 243
c) 255
d) 247
Answer: d
Explanation: Differential Crypt-analysis requires only 247 computations to decipher the DES
algorithm.
26. Using Linear Crypt-analysis, the minimum computations required to decipher the
DES algorithm is [BL2]
a) 248
b) 243
c) 256
d) 264
Answer: b
Explanation: Linear Crypt-analysis requires only 243 computations to decipher the DES
algorithm.
27. What is 11 mod 7 and -11 mod 7? [BL2]

a) 4 and 5
b) 4 and 4
c) 5 and 3
d) 4 and -4
Answer: d
Explanation:11 mod 7 = 4 ; -11 mod 7 = -4 mod 7 = 3 mod 7.
28. AES uses a bit block size and a key size of bits. [BL2]
a) 128; 128 or 256
b) 64; 128 or 192
c) 256; 128, 192, or 256
d) 128; 128, 192, or 256
Answer: d
Explanation: It uses a 128-bit block size and a key size of 128, 192, or 256 bits.
29. Like DES, AES also uses Feistel Structure. [BL2]

a) True
b) False
Answer: b
Explanation: AES does not use a Feistel structure. Instead, each full round consists of four
separate functions:
-byte substitution
-Permutation
-arithmetic operations over a finite field, and
-XOR with a key.
30. The 4×4 byte matrices in the AES algorithm are called [BL2]
a) States
b) Words
c) Transitions
d) Permutations
Answer: a
Explanation: The matrices are called states.
31. In AES the 4×4 bytes matrix key is transformed into a keys of size . [BL2]
a) 32 words
b) 64 words
c) 54 words
d) 44 words
Answer: d
Explanation: In AES the 4×4 bytes matrix key is transformed into a keys of size 44 bytes.
32. How many similar rounds are there in AES-128 algorithm [BL2]
a) 2 pair of 5 similar rounds
b) 9
c) 8
d) 10
Answer: b
Explanation: In the AES-128 there are 9 similar rounds
33. How many different rounds are there in AES-128 algorithm [BL2]
a) every alternate
b) the last
c) the first and last
d) no
Answer: b
Explanation: In the AES-128 the last round is different.
34. Which of the 4 operations are false for each round in the AES algorithm [BL2]
i) Substitute Bytes
ii) Shift Columns
iii) Mix Rows
iv) XOR Round Key
a) i) only
b) ii) iii) and iv)
c) ii) and iii)
d) only iv)
Answer: b
Explanation: AES rounds involve substitute bytes, shift rows, mix columns and addition of
round key.
35. There is an addition of round key before the start of the AES round algorithms. [BL3]
a) True
b) False
Answer: a
Explanation: In AES the final round contains only three transformations, and there is an initial
single transformation (Add Round Key) before the first round which can be considered Round
0. Each transformation takes 4×4 matrixes as input and produces a 4×4 matrix as output.
36. How many computation rounds does the simplified AES consists of? [BL3]
a) 5
b) 2
c) 8
d) 10
Answer: b
Explanation: The simplified AES has only 2 rounds of computation.
37. On comparing AES with DES, which of the following functions from DES does not have
an equivalent AES function? [BL3]
a) f function
b) permutation p
c) swapping of halves
d) xor of subkey with function f
Answer: c
Explanation: There is no equivalent to swapping of halves in the AES algorithm.
38. What is the block size in the Simplified AES algorithm? [BL3]
a) 8 bits
b) 40 bits
c) 16 bits
d) 36 bits
Answer: b
Explanation: The block size for the AES algorithm is 16 bits.
39. What is the key size in the S-AES algorithm? [BL3]

a) 16 bits
b) 32 bits
c) 24 bits
d) None of the mentioned
Answer: a
Explanation: The key size in the S-AES algorithm is 16 bits.
40. Which of the following is a faulty S-AES step function? [BL3]

a) Add round key
b) Byte substitution
c) Shift rows
d) Mix Columns
Answer: b
Explanation: The correct version in S-AES would be nibble substitution as 4 bits are taken at a
time.
41. How many step functions do Round 1 and 2 each have in S-AES? [BL3]
a) 4 and 3
b) Both 4
c) 1 and 4
d) 3 and 4
Answer: a
Explanation: Round 1 has four step functions whereas Round 2 has three step functions.
42. For a key 25D5 and PT input A479 what is the output we obtain after the “add round
key” function? [BL3]
a) F34D
b) 81AC
c) 79DF
d) 327D
Answer: b
Explanation: Simply apply XOR to the state matrix PT with the key matrix to obatain the output
which in this case is 81AC.
43. The output of the previous question, on passing through “nibble substitution” gets us
the output. [BL3]
a) 3267
b) 1344
c) 64C0
d) CA37
Answer: c
Explanation: 81AC after passing through the “nibble substitution” round produces an
output 64C0. A corresponding substitution is referred to in this step.
44. How many round keys are generated in the AES algorithm? [BL3]
a) 11
b) 10
c) 8
d) 12
Answer: a
Explanation: 11 round keys are generated. One for each of the 10 rounds and one of the
initial permutations (Round 0).
45. How many modes of operation are there in in DES and AES? [BL1]
a) 4
b) 3
c) 2
d) 5
Answer: d
Explanation: DES has 5 modes of operation.
46. Which one of the following modes of operation in DES is used for operating short
data? [BL2]
a) Cipher Feedback Mode (CFB)
b) Cipher Block chaining (CBC)
c) Electronic code book (ECB)
d) Output Feedback Modes (OFB)
Answer: c
Explanation: The Electronic code book mode is used for operating on short data as the same key
is used for each block. Thus repetitions in Plain Text lead to repetitions in Cipher Text.
47. Which of the following is false for ECB mode of operation [BL2]
i) The Plain text is broken into blocks of size 128 bytes
ii) Blocks can be swapped, repeated, replaced without recipient noticing
iii) Good for short data
iv) Encryption of each block is done separately using a randomly generated key for each block
a) i) only
b) ii) and iii)
c) i) and iv)
d) i) ii) and iv)
Answer: c
Explanation: Block size is 64 bits. The same Key is used for each block.
48. Which of the following statements are true [BL2]

i) In the CBC mode, the plaintext block is XORed with previous ciphertext block before
encryption
ii) The CTR mode does not require an Initialization Vector
iii) The last block in the CBC mode uses an Initialization Vector
iv) In CBC mode repetitions in plaintext do not show up in ciphertext
a) iii)
b) ii) and iv)
c) All the Statements are true
d) i) ii) and iv)
Answer: d
Explanation: The first block in CBC mode uses an IV.
49. There is a dependency on the previous ‘s’ bits in every stage in CFB mode. Here ‘s’ can
range from . [BL1]
a) 8-16 bits
b) 8-32 bits
c) 4-16 bits
d) 8-48 bits
Answer: b
Explanation: The range of the output of each stage of the cipher system is 8-32 bits for a 64 bit
system.
50. In OFB Transmission errors do not propagate: only the current ciphertext is affected,
since keys are generated “locally”. [BL3]
a) True
b) False
Answer: a
Explanation: Yes, transmission errors do not propagate in OFB mode because of the locally
generated key.
51. Which mode of operation has the worst “error propagation” among the following? [BL3]
a) OFB
b) CFB
c) CBC
d) ECB
Answer: d
Explanation: The ECB or electronic code book mode of operation propagates the most errors. A
single bit error is carried onto the next block and so on.
52. Which of the following modes of operation does not involve feedback? [BL3]
a) ECB
b) CBC
c) CTR
d) OFB
Answer: a
Explanation: Electronic code book does not involve feedback.
53. Confusion hides the relationship between the ciphertext and the plaintext. [BL1]
a) True
b) False
Answer: b
Explanation: Confusion hides the relationship between the ciphertext and the key.
54. The S-Box is used to provide confusion, as it is dependent on the unknown key. [BL1]
a) True
b) False
Answer: a
Explanation: The S-Box is used to provide confusion, as it is dependent on the unknown key.
The P-Box is fixed, and there is no confusion due to it, but it provides diffusion.
55. In cryptography, what is cipher? [BL3]

a) algorithm for performing encryption and decryption
b) encrypted message
c) both algorithm for performing encryption and decryption and encrypted message
d) decrypted message
Answer: a
Explanation: Cipher is a method to implement encryption and decryption of messages travelling
in a network. It’s used to increase the confidentiality of the messages.
56. In asymmetric key cryptography, the private key is kept by [BL1]

a) sender
b) receiver
c) sender and receiver
d) all the connected devices to the network
Answer: b
Explanation: The private key is kept only by the receiver of the message. Its aim is to make sure
that only the intended receiver can decipher the message.
57. Which one of the following algorithm is not used in asymmetric-key cryptography? [BL3]
a) rsa algorithm
b) diffie-hellman algorithm
c) electronic code book algorithm
d) dsa algorithm
Answer: c
Explanation: Electronic code book algorithm is a block cipher method in which each block of
text in an encrypted message corresponds to a block of data. It is not feasible for block sizes
smaller than 40 bits.
58. In cryptography, the order of the letters in a message is rearranged by . [BL3]
a) transposition ciphers
b) substitution ciphers
c) both transposition ciphers and substitution ciphers
d) quadratic ciphers
Answer: a
Explanation: In transposition ciphers, the order of letters in a plaintext message is shuffled using a
pre-defined method. Some of such ciphers are Rail fence cipher and Columnar transposition.
59. What is data encryption standard (DES)? [BL1]

a) block cipher
b) stream cipher
c) bit cipher
d) byte cipher
Answer: a
Explanation: DES is a symmetric key block cipher in which the block size is 64 bits and the key
size is 64 bits. It is vulnerable to some attacks and is hence not that popularly used.
60. Which of the following Algorithms belong to symmetric encryption? [BL1]

a. 3 DES
b. RSA
c. RC5
d. IDEA
Answers :a,c and D

Explanation : RSA is used in PGP
61. Which is the largest disadvantage of the symmetric Encryption? [BL3]

a). More complex and therefore more time-consuming calculations.
b) Problem of the secure transmission of the Secret Key.
c) Less secure encryption function.
d) Isn't used any more.
Answer: b
Explanation : As there is only one key in the symmetrical encryption, this must be known by
both sender and recipient and this key is sufficient to decrypt the secret message.
Therefore it must be exchanged between sender and receiver in such a manner that an
unauthorized person can in no case take possession of it.
62. The keys used in cryptography are [BL1]
a. secret key
b. private key
c. public key
d. All of them
Answer: d
63. Cryptography, a word with Greek origins, means [BL3]

a. Corrupting Data
b. Secret Writing
c. Open Writing
d. Closed Writing
Answer: b
64. The Advanced Encryption Standard (AES) was designed [BL3]

a. National Institute of Standards and Technology
b. IBM
c. HP
d. Intel
Answer: a
Explanation: AES was designed at NIST(National Institute of Standards and Technology )
65. An encryption algorithm transforms the plaintext into [BL3]

a. Cipher text
b. Simple Text
c. Plain Text
d. Empty Text
Answer: a
Explanation: in encryption algorithm original plaintext that is unreadable by a human or
computer without the proper cipher to decrypt it.
66. Data Encryption Standard (DES), was designed by [BL1]

a. Intel
b. IBM
c. HP
d. Sony
Answer: b
67. The shift cipher is sometimes referred to as the [BL2]

a. Caesar cipher
b. Shift cipher
c. cipher
d. cipher text
Answer: a
Explanation : In cryptography, a Caesar cipher, also known as Caesar's cipher, the shift
cipher, Caesar's code or Caesar shift
68. The substitution ciphers are [BL3]

a. Monoalphabetic
b. Semi alphabetic
c. polyalphabetic
d. both a and c
Answer: d
Explanation : Monoalphabetic and polyalphabetic ciphers are called substitutional cipher
69. A substitution cipher replaces one symbol with [BL3]

a. same symbol
b. provide two symbols for each
c. another
d. All of them
Answer: c
Explanation : In a Substitution cipher, any character of plain text from the given fixed set of
characters is substituted by some other character from the same set depending on a key.
70. ECB stands for [BL1]

a. Electronic Control Book
b. Electronic Code Book
c. Electronic Cipher Book
d. Electronic Cryptography Book
Answer: b
71. A process of making the encrypted text readable again. [BL1]

a. Decryption
b. Encryption
c. Network Security
d. Information Hiding
Answer: a
Explanation :Encrypted text is transformed to the original readable form. This process is called
Decryption
72. An encryption technique with 2 keys is . [BL3]
a. Monoalphabetic Cipher
b. Cryptography
c. Private key cryptography
d. Public key cryptography
Answer: d
Explanation : Public-key cryptography, or asymmetric cryptography, is a cryptographic system
that uses pairs of keys: public kay and private key
73. In public key cryptography, a key that decrypts the message. [BL3]
a. public key
b. unique key
c. private key
d. security key
Answer: c
74. Triple-DES has keys. [BL3]

a. 1
b. 2
c. 5
d. 4
Answer: b
Explanation :Triple-DES is just DES with two 56-bit keys applied. Given a plaintext message,
the first key is used to DES- encrypt the message. The second key is used to DES- decrypt the
encrypted message.
75. Encryption standard that is selected by the US government to replace DES. [BL3]
a. AES
b. BES
c. CES
d. DES
Answer: a
Explanation :AES is Advanced Encryption Standard. It was selected by the US
government. It is used to replace DES
76. is widely used today for protecting data in transit in a variety of

applications such as data transfer on the Internet, and on cellular phone networks. [BL3]
a. Encryption
b. Data mining
c. Internet Security
d. Architectural security
Answer: a
77. Which is the largest disadvantage of symmetric Encryption? [BL3]

a. More complex and therefore more time-consuming calculations
b. Problem of the secure transmission of the Secret Key
c. Less secure encryption function
d. Isn’t used any more
Answer: b
78. Using Differential Crypt-analysis, the minimum computations required to decipher the
DES algorithm is- [BL3]
a. 2^56
b. 2^43
c. 2^55
d. 2^47
Answer: d
Explanation : Differential Crypt-analysis requires only 247 computations to decipher the DES
algorithm.
79. Which of the following is not a type of traditional cipher? [BL3]

a) Substitution cipher
b) Transposition cipher
c) Mono alphabetic cipher
d) PKCS cipher
Answer: d
Explanation: There are two types of the traditional cipher. One is the transposition cipher and
the other is the substitution cipher. Whereas PKCS is a modern asymmetric cipher.
80. Columnar cipher falls under the category of? [BL1]

a) mono-alphabetic cipher
b) poly-alphabetic cipher
c) transposition cipher
d) additive cipher
Answer: c
Explanation: Columnar cipher is a transposition cipher. It falls under the category of
transposition cipher as it encrypts the plain text by rearranging its letters.
81. Which of the following ciphered text would have NOT used transposition cipher
for encryption of the plain text “CIPHER”? [BL3]
a) EPIHRC
b) EHIPCR
c) DTIPRC
d) HRIPEC
Answer: c
Explanation: We know that transposition cipher encrypts the plain text by shuffling the letters of
the plain text. So out of the given options, only “DTIPRC” does not have the same set of letters
as “CIPHER”.
82. Which of the following cipher is formed by applying columnar transposition cipher
twice? [BL3]
a) Rail Fence cipher
b) Route cipher
c) Double transposition cipher
d) One time pad
Answer: c
Explanation: Double transposition cipher is formed by applying columnar transposition cipher
twice. For the purpose of encryption, we may use the same key twice or we can use two
different keys.
83. Columnar transposition cipher is harder to crack as compared to double transposition

cipher? [BL1]
a) true
b) false
Answer: b
Explanation: Double transposition cipher is formed by applying columnar transposition
cipher twice. So it is harder to crack than a simple columnar transposition cipher.
84. What will be the encrypted text corresponding to plain text “CLASSIFIED” using
columnar transposition cipher with a keyword as “GAMES”? [BL3]
a) LFDSIASECI
b) SECIAISDFL
c) CILFAISESD
d) LFSECIAISD
Answer: d
Explanation: For encrypting using columnar cipher we have to arrange the letters of the plain
text in a table which has the same number of columns as the letters of the keyword. Then the
letters of the keyword are arranged in alphabetical order and we read along each column.
31425
GAMES
CLASS
IFIED
So the ciphered text will be “IFSECIAISD”.
85. Which of the following statement is not true regarding columnar transposition cipher? [BL3]
a) it is a weak cipher
b) probability of error is high while deciphering
c) it cannot be combined with other ciphers
d) it is a traditional symmetric cipher
Answer: c
Explanation: Although columnar transposition cipher is a weak cipher in itself. But it can be
combined with other substitution ciphers so as to improve its security. The probability of error
remains high while decoding columnar cipher as it is a lengthy process.
86. Which of the following is a type of substitution cipher? [BL3]

a).poly alphabetic cipher
b) transposition cipher
c) columnar cipher
d) rail fence cipher
Answer: a
Explanation: In substitution cipher the plain text is replaced by cipher text according to a fixed
rule. There are two types of substitution cipher- Mono alphabetic and Polyalphabetic cipher.
87. Which of the following correctly defines poly alphabetic cipher? [BL3]
a) substitution based cipher which uses multiple substitution at different positions
b) a substitution based cipher which uses fixed substitution over entire message
c)a transposition based cipher which uses multiple substitution at different positions
d) a transposition based cipher which uses fixed substitution over entire message
Answer: a
Explanation: Poly alphabetic cipher is a type of substitution cipher. It uses multiple substitution
at different positions in order to cipher the plain text.
88. Poly alphabetic cipher harder to decipher than mono alphabetic cipher. [BL3]
a) true
b)false
Answer: a
Explanation:Mono alphabetic ciphers can be decoded by using the method frequency analysis.
But in poly alphabetic cipher each symbol of plain text is replaced by a different cipher text
regardless of its occurrence. This makes it very difficult to be decoded by using frequency
analysis.
89. In which of the following cipher the plain text and the ciphered text do not have the
same number of letters? [BL3]
a) affine cipher
b) hill cipher
c) columnar cipher
d) additive cipher
Answer: b
Explanation: In transposition cipher and mono alphabetic cipher the number of letters remains
the same in ciphered and deciphered text. But in poly alphabetic cipher the number of letters are
different. So here as hill cipher is the only poly alphabetic cipher so it will be the answer.
90. Which of the following properties are the characteristic properties of a block
cipher technique which differs from stream cipher? [BL2]
a. Avalanche effect
b. Completeness
c. Both a. and b.
d. None of the above
Answer: c.
Explanation:Avalanche effect and Completeness are the two characteristic properties of Block
ciphers which differ them from stream ciphers.
91. What is the length of the cryptographic key used in the Data Encryption Standard
(DES) cryptosystem? [BL1]
a) 56 bits
b)128 bits
c) 192 bits
d). 256 bits
Answer: a
Explanation: DES uses a 56-bit key. This is considered one of the major weaknesses of this
cryptosystem.
92. What type of cipher relies upon changing the location of characters within a message
to achieve confidentiality? [BL3]
a) Stream cipher
b) Transposition cipher
c) Block cipher
d) Substitution cipher
Answer: b
Explanation: Transposition ciphers use a variety of techniques to reorder the characters within a
message.
93. Which one of the following is a cryptographic goal that cannot be achieved by a secret
key cryptosystem? [BL3]
a. Nonrepudiation
b. Confidentiality
c. Availability
d. Integrity
Answer: a
Explanation: Nonrepudiation requires the use of a public key cryptosystem to prevent users
from falsely denying that they originated a message.
94. When correctly implemented, what is the only cryptosystem known to be

unbreakable? [BL3]
a. Transposition cipher
b. Substitution cipher
c. Advanced Encryption Standard
d. One-time pad
Answer: d.
Explanation:Assuming that it is used properly, the one-time pad is the only known cryptosystem
that is not vulnerable to attacks.
95. Which one of the following cipher types operates on large pieces of a message rather
than individual characters or bits of a message? [BL3]
a. Stream cipher
b. Caesar cipher
c. Block cipher
d. ROT3 cipher
Answer: c
Explanation: Block ciphers operate on message “chunks” rather than on individual characters or
bits. The other ciphers mentioned are all types of stream ciphers that operate on individual bits or
characters of a message.
96. What is the minimum number of cryptographic keys required for secure two-way
communications in symmetric key cryptography? [BL3]
a. One
b. Two
c. Three
d. Four
Answer: a
Explanation: Symmetric key cryptography uses a shared secret key. All communicating
parties utilize the same key for communication in any direction.
97. What is the minimum number of cryptographic keys required for secure two-way
communications in asymmetric key cryptography? [BL3]
a. One
b. Two
c. Three
d. Four
Answer: d
Explanation: In asymmetric (public key) cryptography, each communicating party must have a
pair of public and private keys. Therefore, two-way communication between parties requires a
total of four cryptographic keys (a public and private key for each user).
98. Which one of the following Data Encryption Standard (DES) operating modes can be
used for large messages with the assurance that an error early in the encryption/decryption
process won't spoil results throughout the communication? [BL3]
a. Cipher Block Chaining (CBC)
b. Electronic Codebook (ECB)
c. Cipher Feedback (CFB)
d. Output Feedback (OFB)
Answer: d
Explanation:Cipher Block Chaining and Cipher Feedback modes will carry errors throughout
the entire encryption/decryption process. Electronic Codebook (ECB) operation is not suitable
for large amounts of data. Output Feedback (OFB) mode does not allow early errors to interfere
with future encryption/decryption.
99. The caesar cipher is a cipher that has a key of 3 . [BL3]
a. Transposition
b. Additive
c. shift
d. None of the above
Answer: c
Explanation: The Caesar cipher is named after Julius Caesar, who, according to Suetonius, used
it with a shift of three (A becoming D when encrypting, and D becoming A when decrypting) to
protect messages of military significance.
100. AES has different configuration. [BL1]

a. 2
b. 3
c. 4
d. 5
Answer: b
Explanation: There are three variants of AES based on different key sizes (128, 192, and 256
bits).
Unit 3 MCQ
1. _ is the process or mechanism used for converting ordinary plain text

into garbled non-human readable text & vice-versa. [BL1]
a) Malware Analysis
b) Exploit writing
c) Reverse engineering
d) Cryptography
Explanation: Cryptography is the process or mechanism used for converting ordinary plain text
into garbled non-human readable text & vice-versa. It is a means of storing & transmitting
information in a specific format so that only those for whom it is planned can understand or
process it.
2. is a means of storing & transmitting information in a specific format so that

only those for whom it is planned can understand or process it. [BL1]
a) Malware Analysis
b) Cryptography
c) Reverse engineering
d) Exploit writing
Explanation: Cryptography is a means of storing & transmitting information in a specific format
so that only those for whom it is planned can understand or process it where “kryptos” means
secret, “graphein” means to-write.
3. When plain text is converted to unreadable format, it is termed as [BL1]

a) rotten text
b) raw text
c) cipher-text
d) ciphen-text
Explanation: Cryptography helps in securing information in a specific format so that only
intended users can understand or process it. When plain text is converted to the unreadable
format, that type of text is termed as cipher-text.
4. Cryptographic algorithms are based on mathematical algorithms where these algorithms use
for a secure transformation of data. [BL1]
a) secret key
b) external programs
c) add-ons
d) secondary key
Explanation: When plain text is converted to unreadable format through some algorithms, that
type of text is termed as cipher text. Cryptographic algorithms are based on mathematical
algorithms where these algorithms use the secret key for a secure transformation of data.
5. Cryptography can be divided into types. [BL1]
a) 5
b) 4
c) 3
d) 2
Explanation: Cryptography can be divided into two types. These are classic cryptography &
modern cryptography. Using these techniques, users can secure their information from
illegitimate ones.
6. Data which is easily readable & understandable without any special algorithm or method is
called . [BL1]
a) cipher-text
b) plain text
c) raw text
d) encrypted text
Explanation: The means of storing or sending data in a specific format so that only intended
users can process it is called cryptography. Data which is easily readable & understandable
without any special algorithm or method is called plain text.
7. Plain text are also called . [BL1]
a) cipher-text
b) raw text
c) clear-text
d) encrypted text
Explanation: Data which is easily readable & understandable without any special algorithm
or method is called plain text or clear-text. This text is not secured and can be readable by
anyone who is not even a legitimate user.
8. There are types of cryptographic techniques used in general. [BL1]
a) 2
b) 3
c) 4
d) 5
Explanation: There are three types of cryptographic techniques used in general. These are
Symmetric Key cryptography, public key cryptography, and Hash functions based cryptography.
9. Conventional cryptography is also known as or symmetric-key encryption.

[BL1]
a) secret-key
b) public key
c) protected key
d) primary key
Explanation: The various cryptographic techniques are symmetric Key cryptography, public key
cryptography, and Hash functions based cryptography. Conventional cryptography is also
known as secret-key cryptography or symmetric-key encryption.
10. Data Encryption Standard is an example of a cryptosystem. [BL1]

a) conventional
b) public key
c) hash key
d) asymmetric-key
Explanation: Conventional cryptography is also known as secret-key cryptography or symmetric-
key encryption. Data Encryption Standard is an example of a conventional cryptosystem.
11. cryptography deals with traditional characters, i.e., letters &

digits directly. [BL2]
a) Modern
b) Classic
c) Asymmetric
d) Latest
modern cryptography. Classic cryptography deals with traditional characters, i.e., letters & digits
directly.
12. cryptography operates on binary-bit series and strings. [BL2]
a) Modern
b) Classic
c) Traditional
d) Primitive
modern cryptography. Modern cryptography operates on binary-bit series and strings.
13. cryptography has always been focussing on the concept of ‘security through
obscurity’. [BL2]
a) Modern
b) Asymmetric
c) Classic
d) Latest
modern cryptography. Classic cryptography deals with traditional characters, i.e., letters & digits
directly. It is based on the concept of ‘security through obscurity’.
14. cryptography is based on publicly known mathematically

designed algorithms to encrypt the information. [BL2]
a) Modern
b) Classic
c) Traditional
d) Primitive
Explanation: There are 2 types of cryptography – classic cryptography & modern cryptography.
Modern cryptography operates on binary-bit series and strings. It is based on publicly known
mathematically designed algorithms to encrypt the information.
15. Which is the key exchange algorithm used in CipherSuite parameter? [BL2]
a) RSA
b) Fixed Diffie-Hellman
c) Ephemeral Diffie-Hellman
d) Any of the mentioned
Explanation: We can use either of the following for the CipherSuite key exchange-
i) RSA
ii) Fixed Diffie-Hellman
iii) Ephemeral Diffie-Hellman
iv) Anonymous Diffie-Hellman
v) Fortezza.
16.The certificate message is required for any agreed-on key exchange method except
. [BL2]
a) Ephemeral Diffie-Hellman
b) Anonymous Diffie-Hellman
c) Fixed Diffie-Hellman
d) RSA
Explanation: The certificate message is required for any agreed-on key exchange method except
Anonymous Diffie-Hellman.
17. In the Phase 2 of the Handshake Protocol Action, the step server_key_exchange is
not needed for which of the following cipher systems? [BL2]
a) Fortezza
b) Anonymous Diffie-Hellman
c) Fixed Diffie-Hellman
d) RSA
Explanation: The Fixed Diffie-Helmann does not require the server_key_exchange step in the
handshake protocol. [BL2]
18. The DSS signature uses which hash algorithm? [BL2]
a) MD5
b) SHA-2
c) SHA-1
d) Does not use hash algorithm
Explanation: The DSS signature uses SHA-1.
19. The RSA signature uses which hash algorithm? [BL2]
a) MD5
b) SHA-1
c) MD5 and SHA-1
d) None of the mentioned.
Explanation: The MD5 and SHA-1 hash is concatenated together and the then encrypted with the
server’s private key.
20. The certificate_request massage includes two parameters, one of which is—- . [BL2]
a) certificate_extension
b) certificate_creation
c) certificate_exchange
d) certificate_type
Explanation: The certificate_request massage includes two parameters :certificate_type and
certificate_authorities.
21. What is the general equation for elliptic curve systems? [BL3]
a) y3+b_1 xy+b_2 y=x33+a_1 x2+a_2 x+a_3

b) y3+b_1 x+b_2 y=x2+a_1 x2+a_2 x+a_3
c) y2+b_1 xy+b_2 y=x3+a_1 x2+a_2
d) y2+b_1 xy+b_2 y=x3+a_1 x2+a_2 x+a_3
Explanation: The general equations for an elliptic curve system is y2+b_1 xy+b_2 y=x3+a_1
x2+a_2 x+a_3.
22. In the Singular elliptic curve, the equation x^3+ax+b=0 does roots. [BL3]
a) does not have three distinct

b) has three distinct
c) has three unique
d) has three distinct unique
Explanation: In Singular elliptic curve, the equation x^3+ax+b=0 does not have three distinct
roots.
23. How many real and imaginary roots does the equation y2=x3-1 have —-------. [BL3]
a) 2 real, 1 imaginary
b) all real
c) all imaginary
d) 2 imaginary, 1 real
Explanation: On solving the equation we get 2 imaginary and 1 real root.
24. How many real and imaginary roots does the equation y2=x3-4x have —----. [BL3]
a) 2 real, 1 imaginary
b) all real
c) all imaginary
d) 2 imaginary, 1 real
Explanation: On solving the equation we get all real roots.
25. In the elliptic curve group defined by y2= x3- 17x + 16 over real numbers, what is P + Q if P
= (0,-4) and Q = (1, 0)? [BL3]
a) (15, -56)
b) (-23, -43)
c) (69, 26)
d) (12, -86)
Explanation: P=(x1, y1)= (0,-4)
Q=(x2, y2)= (1,0)
From the Addition formulae:
λ= (0-(-4)) / (1-0) = 4
x3= = 16 – 0 – 1 = 15 and
y3= 4(0 – 15) –(-4) = -56
Thus R=P + Q = (15, -56).
26. In the elliptic curve group defined by y2= x3- 17x + 16 over real numbers, what is 2P if P
= (4, 3.464)? [BL3]
a) (12.022, -39.362)
b) (32.022, 42.249)
c) (11.694, -43.723)
d) (43.022, 39.362)
Explanation: From the Doubling formulae:
λ = (3*(4)2+ (-17)) / 2*(3.464) = 31 / 6.928 = 4.475

x3= (4.475)2- 2(4) = 20.022 – 8 = 12.022 and
y3= -3.464 + 4.475(4 – 12.022) = – 3.464 – 35.898 = -39.362
Thus 2P = (12.022, -39.362).
27. “Elliptic curve cryptography follows the associative property.” [BL3]
a) True
b) False
Explanation: ECC does follow associative property.
28. “In ECC, the inverse of point P =(x1, y1) is Q = (-x1, y1). “ [BL3]
a) True
b) False
Explanation: The inverse of point P =(x1, y1) is Q =(x1, -y1).
29. In the RSA algorithm, we select 2 random large values ‘p’ and ‘q’. Which of the following
is the property of ‘p’ and ‘q’? [BL3]
a) p and q should be divisible by Ф(n)

b) p and q should be co-prime
c) p and q should be prime
d) p/q should give no remainder
Explanation: ‘p’ and ‘q’ should have large random values which are both prime numbers.
30. In RSA, Ф(n) = in terms of p and q. [BL3]
a) (p)/(q)
b) (p)(q)
c) (p-1)(q-1)
d) (p+1)(q+1)
Explanation: Ф(n) = (p-1)(q-1).
31. In RSA, we select a value ‘e’ such that it lies between 0 and Ф(n) and it is relatively prime
to Ф(n). [BL3]
a) True
b) False
Explanation: gcd(e, Ф(n))=1; and 1 < e < Ф(n).
32. For p = 11 and q = 19 and choose e=17. Apply RSA algorithm where message=5 and find
the cipher text. [BL3]
a) C=80
b) C=92
c) C=56
d) C=23
Explanation: n = pq = 11 × 19 = 209.
33. For p = 11 and q = 19 and choose d=17. Apply RSA algorithm where Cipher
message=80 and thus find the plain text. [BL3]
a) 54
b) 43
c) 5
d) 24
Explanation: n = pq = 11 × 19 = 209.
C=Me mod n ; C=517 mod 209 ; C = 80 mod 209.
34. Perform encryption on the following PT using RSA and find the CT. p = 3; q = 11; M = 5.
[BL3]
a) 28
b) 26
c) 18
d) 12
Explanation: n = 33; f(n) = 20; d = 3; C = 26.
35. Perform encryption on the following PT using RSA and find the CT. p = 5; q = 11; M = 9
[BL3]
a) 43
b) 14
c) 26
d) 37
[BL3]
a) 19
b) 57
c) 76
d) 59
37. Perform encryption on the following PT using RSA and find the CT. p = 11; q = 13; M =
7 [BL3]
a) 84
b) 124
c) 106
d) 76
[BL3]
a) 254
b) 423
c) 128
d) 523
39. Perform encryption on the following PT using RSA and find the CT. n = 35; e = 5; C = 10.
What is the plaintext (use RSA) ? [BL3]
a) 3
b) 7
c) 8
d) 5
Explanation: Use RSA system to decrypt and get PT = 5.
40. For each the Kerberos Key Distribution Center (KDC) maintains a database of the
realm’s principal and the principal’s associated “secret keys”. [BL3]
a) key
b) realm
c) document
d) none of the mentioned
Explanation: Principals belong to administrative units called realms.
41. Which one of the following is not a public key distribution? [BL3]
a) Public-Key Certificates
b) Hashing Certificates
c) Publicly available directories
d) Public-Key authority
Explanation: Hashing certificates is some I just made up. It doesn’t exist noob.
43. What is the PGP stand for? [BL1]

a) Permuted Gap Permission
b) Permuted Great Privacy
c) Pretty Good Permission
Explanation: PGP stands for Pretty Good Privacy.
44. Which of the following public key distribution systems is most secure? [BL3]
b) Public announcements
Explanation: Public certificates are the most secure key distribution/management systems right
now.
45. Which systems use a timestamp? [BL3]

i) Public-Key Certificates
ii) Public announcements
iii) Publicly available directories
iv) Public-Key authority
a) i) and ii)
b) iii) and iv)
c) i) and iv)
d) iv) only
Explanation: Public announcements and Public Certificates involve the use of timestamps.
46. Which of these systems use timestamps as an expiration date? [BL3]
Explanation: Public key certificates use timestamps as expiration dates.
47. Which system uses a trusted third party interface? [BL2]

Explanation: Public-Key certificates use a trusted third party interface.
48. Publicly Available directory is more secure than which other system? [BL2]
c) Public-Key authority
Explanation: Publicly Available directory is more secure than Public announcements.
49. The subject unique identifier of the X.509 certificates was added in which version? [BL2]
a) 1
b) 2
c) 3
d) 4
Explanation: The subject unique identifier was added in the 2nd version.
50. Which of the following is not an element/field of the X.509 certificates? [BL2]
a) Issuer Name
b) Serial Modifier
c) Issuer unique Identifier
d) Signature
Explanation: Serial Modifier is not an element/field of the X.509 certificates.
51. Certificates generated by X that are the certificates of other CAs are Reverse
Certificates. [BL2]
a) True
b) False
Explanation: The statement is true. Certificates of X generated by other CAs are
forward certificates.
52. X.509 certificate recommends which cryptographic algorithm? [BL1]

a) RSA
b) DES
c) AES
d) Rabin
Explanation: RSA is the recommended cryptographic algorithm for X.509 certificates.
53. When a hash function is used to provide message authentication, the hash function value
is referred to as . [BL1]
a) Message Field
b) Message Digest
c) Message Score
d) Message Leap
Explanation: A hash function providing message authentication is referred to as massage digest.
54. Message authentication code is also known as —---. [BL1]

a) key code
b) hash code
c) keyed hash function
d) message key hash function
Explanation: Message authentication code is also known as keyed hash function.
55. The main difference in MACs and digital signatures is that, in digital signatures the
hash value of the message is encrypted with a user’s public key. [BL2]
a) True
b) False
Explanation: The main difference in MACs and digital signatures is that, in digital signatures the
hash value of the message is encrypted with a user’s private key.
56. Which one of the following is not an application hash function? [BL2]
a) One-way password file
b) Key wrapping
c) Virus Detection
d) Intrusion detection
Explanation: Key wrapping is a separate algorithm and not an application of hash fuctions.
57. Basically, in SHA-512, the message is divided into blocks of size bits for the hash
computation. [BL3]
a. 1024
b. 512
c. 256
d. 1248
Explanation:
As we study, the message is divided into blocks of size 1024 bits, and the output produced is a
512-bit message digest and uses the 512-bit buffer till 80 rounds.
58. Which of the following are used to create a message digest by the network security
protocols? [BL3]
a. RSA
b. SHA-1
c. DES
d. MD5
Explanation:
● RSA: Basically, it is an algorithm used to encrypt and decrypt messages.

● SHA 1: Secure Hash Algorithm 1 is a cryptographic hash function in cryptography. It
produces a 160 bit (20 bytes) hash value in cryptography.
● DES: Data Encryption Standard is a symmetric key algorithm for encryption of electronic
data in cryptography.
● MD5: It is a widely used cryptographic hash function that produces a 128-bit hash value
in cryptography.
59. What is the output of the N 1024-bit blocks from the Nth stage in this SHA? [BL1]
a. 512 bits
b. 1024 bits
c. N x 1024bits
d. N x 512 bits
Explanation:
We know that when we use SHA 512 we take 1024 bit plaintext into this algorithm and get the
output as 512 bit which is fixed.
60. What does the output of a cryptographic hash function mean? [BL1]
a. A variable set of bits

b. A fixed set of bits, derived from one-way mathematical operations
c. An output which may be easily discovered by an adversary
d. Outputs of such functions are of no importance
Explanation:
The output of a cryptographic hash function means as a fixed set of bits, derived from one-way
mathematical operations.
61. What is a Hash Function? [BL3]

a) It creates a small flexible block of data
b) It creates a small,fixed block of data
c) It creates a encrypted block of data
Answer: b
62. MD5 produces bits hash data. [BL1]

a) 128
b) 150
c) 160
d) 112
Answer: a
63. SHA-1 produces bit of hash. [BL1]

a) 128
b) 160
c) 150
d) 112
Answer: b
64. Which two of the following are authentication algorithms? [BL1]
a) MAC
b) AES
c) DAS
d) Digital-signature
Answer: a
65. What is the role of Key Distribution Center? [BL3]

a) It is used to distribute keys to everyone in world
b) It intended to reduce the risks inherent in exchanging keys
c) All of the mentioned
Answer: b
66. The certificate message is required for any agreed-on key exchange method except . [BL3]
a. Ephimeral Diffie Hellman
b. Anonymous Diffie Hellman
c. Fixed Diffie hellman
d. RSA
67. The DSS signature uses which hash algorithm? [BL1]

a. MD5
b. SHA-2
c. SHA-1
d. Does not use hash algorithm
68. The RSA signature uses which hash algorithm? [BL1]

a. MD5
b. SHA-1
c. MD5 and SHA-1
d. None of mentioned
Explanation: RSA is combined with the MD5 hashing function to sign a message in this
signature suite.
69. What is the size of the RSA signature hash after the MD5 and SHA-1 processing? [BL2]
a. 42 bytes
b. 32 bytes
c. 36 bytes
d. 48 bytes
Explanation: The size is 36 bytes after MD5 and SHA-1 processing
70. The certificate_request massage includes two parameters, one of which is- [BL2]
a. certificate_extension
b. certificate_creation
c. certificate_exchange
d. certificate_type
Explanation: The certificate_request massage includes two parameters :certificate_type and
certificate_authorities.
71. ensures the integrity and security of data that are passing over a
network. [BL2]
a) Firewall
b) Antivirus
c) Pentesting Tools
d) Network-security protocols
Explanation: The methods and processes in securing network data from unauthorized content
extraction are controlled by network-security protocols.
72. EAP stands for – [BL1]

a. Extended Application Protocol
b. Extensible Authentication Protocol
c. Embedded Application Protocol
d. Embedded Authentication Protocol
Explanation:Extensible Authentication Protocol
73. Which is the 3rd phase of operation in the IEEE 802.11i Protocol? [BL3]
a. Protected Data Transfer[BL3]
b. Discovery
c. Authentication
d. Key Management
Explanation: Key management is the 3rd Phase of operation in the IEEE 802.11i Protocol.
74. Which phase uses the Extensible Authentication Protocol? [BL3]

a. Discovery
b. Authentication
c. Key Management
d. Protected Data Transfer
Explanation: EAP belongs to the Authentication Phase and is defined in the IEEE 802.1X
standard.
75. In public key cryptosystem keys are used for encryption and decryption. [BL1]
a) Same
b) Different
c) Encryption Keys
Explanation: In conventional cryptosystem, same keys are used for encryption and decryption
where as in public key cryptosystem different keys are used
76. Encryption transformations are known as [BL1]

a) Diffusion
b) Confusion
c) Diffusion & Confusion
Explanation: The encryption transformations were termed confusion and diffusion by Shannon.
77. Public key cryptosystem uses same key for both encryption and decryption. [BL3]
a) True
b) False
Answer: b
Explanation: Public key cryptosystem uses different keys for encryption and decryption.
78. Which should be kept as a secret in public key cryptosystem? [BL3]

a) Encryption key
b) Decryption key
c) Encryption & Decryption key
Answer: b
Explanation: In public key cryptosystem, decryption key needs to be kept as a secret.
79. Public key cryptosystem is also known as [BL3]

a) One way function
b) Two way function
c) Feedback function
Answer: a
Explanation: Public key cryptosystem is called as a trap door one way function.
80. For digital signatures a private key cryptosystem is used. [BL3]

a) True
b) False
Answer: b
Explanation: Public key cryptosystem is used for the creation of digital signatures.
81. The digital signature provides authentication to the [BL3]

a) Sender
b) Message
c) Sender & Message
Answer: c
Explanation: The digital signature provides authentication to both the sender and the message.
82. In the hash function output length is fixed. [BL1]

a) True
b) False
Answer: a
Explanation: In hash function the output length is fixed and it is easy to compute.
83. The hash function [BL1]

a) Is collision free
b) Has manageable collision
c) Has high unmanageable level of collision
Answer: a
Explanation: Hash function is collision free and it is unfeasible that two different messages will
create the same hash value.
84. In the RSA public key cryptosystem, which one of the following numbers will always
be largest? [BL1]
a). e
b) n
c) p
d) q
Answer : b.
Explanation: The number n is generated as the product of the two large prime numbers p and q.
Therefore, n must always be greater than both p and q. Furthermore, it is an algorithm constraint
that e must be chosen such that e is smaller than n. Therefore, in RSA cryptography n is always
the largest of the four variables shown in the options to this question.
85. Which cryptographic algorithm forms the basis of the El Gamal cryptosystem? [BL1]
a. RSA
b. Diffie-Hellman
c. 3DES
d. IDEA
Answer :B.
Explanation: The El Gamal cryptosystem extends the functionality of the Diffie-Hellman key
exchange protocol to support the encryption and decryption of messages.
86. If Richard wants to send an encrypted message to Sue using a public key
cryptosystem, which key does he use to encrypt the message? [BL3]
a. Richard's public key
b. Richard's private key
c. Sue's public key
d. Sue's private key
Explanation: Richard must encrypt the message using Sue's public key so that Sue can decrypt it
using her private key. If he encrypted the message with his own public key, the recipient would
need to know Richard's private key to decrypt the message. If he encrypted it with his own
private key, any user could decrypt the message using Richard's freely available public key.
Richard could not encrypt the message using Sue's private key because he does not have access
to it. If he did, any user could decrypt it using Sue’s freely available public key.
87. Acme Widgets currently uses a 1,024-bit RSA encryption standard companywide. The
company plans to convert from RSA to an elliptic curve cryptosystem. If it wishes to
maintain the same cryptographic strength, what ECC key length should it use? [BL3]
a. 160 bits
b. 512 bits
c. 1,024 bits
d. 2,048 bits
Answer : a.
Explanation: The elliptic curve cryptosystem requires significantly shorter keys to achieve
encryption that would be the same strength as encryption achieved with the RSA encryption
algorithm. A 1,024- bit RSA key is cryptographically equivalent to a 160-bit elliptic curve
cryptosystem key.
88. Which one of the following message digest algorithms is considered flawed and should
no longer be used? [BL2]
a. SHA-1
b. MD2
c. MD4
d. MD5
Answer : C.
Explanation: The MD4 algorithm has documented flaws that produce collisions, rendering it
useless as a hashing function for secure cryptographic applications.
89. Which one of the following message digest algorithms is the current U.S.
government standard in use by secure federal information processing systems? [BL2]
a. SHA-1
b. MD2
c MD4
d. MD5
Explanation: SHA-1 is the current U.S. government standard, as defined in the Secure Hashing
Standard (SHS), also known as Federal Information Processing Standard (FIPS) 180. Several
newer algorithms (such as SHA-256, SHA-384, and SHA-512) are being considered to replace
SHA-1 and make it cryptographically compatible with the stronger Advanced Encryption
Standard.
90. Richard received an encrypted message sent to him from Sue. Which key should he use
to decrypt the message? [BL3]
c. Sue's public key
d. Sue's private key.
Explanation: Sue would have encrypted the message using Richard’s public key. Therefore,
Richard needs to use the complementary key in the key pair, his private key, to decrypt the
message.
91. Richard would like to digitally sign a message he’s sending to Sue so that Sue can be sure
the message came from him without modification while in transit. Which key should he use to
encrypt the message digest? [BL3]
c. Sue's public key
d. Sue's private key.
Explanation: Richard should encrypt the message digest with his own private key. When Sue
receives the message, she will decrypt the digest with Richard’s public key and then compute the
digest herself. If the two digests match, she can be assured that the message truly originated from
Richard
92. Which one of the following algorithms is not supported by the Digital Signature
Standard? [BL3]
a. Digital Signature Algorithm
b. RSA
c. El Gamal DSA
d. Elliptic Curve DSA
Explanation: The Digital Signature Standard allows federal government use of the Digital
Signature Algorithm, RSA, or the Elliptic Curve DSA in conjunction with the SHA-1 hashing
function to produce secure digital signatures.
93. Which International Telecommunications Union (ITU) standard governs the creation
and endorsement of digital certificates for secure electronic communication? [BL3]
a. X.500
b. X.509
c. X.900
d. X.905
Explanation: X.509 governs digital certificates and the public key infrastructure (PKI). It
defines the appropriate content for a digital certificate and the processes used by certificate
authorities to generate and revoke certificates.
94. What is the major disadvantage of using certificate revocation lists? [BL3]
a. Key management
b. Latency
c. Record keeping
d. Vulnerability to brute force attacks
Explanation: Certificate revocation lists (CRLs) introduce an inherent latency to the certificate
expiration process due to the time lag between CRL distributions.
95. The standard used in digital certificates that defines its structure, fields, and values is [BL3]
a. kerberos
b. End-to-end encryption
c. X.509
d. none of the above
Explanation: X.509 is the standard used in digital certificates that defines its structure, fields, and
values
96. Examples of asymmetric key algorithm are: [BL3]

a. Diffie Hellman, RSA and El-Gamal
b. RC4, Rc5 and RC6
c. DES, 3DES and AES
d. MD4, MD5 and MD6
Explanation :Popular asymmetric key encryption algorithm includes EIGamal, RSA,
DSA,Elliptic curve techniques, PKCS
97. A digital signature is best described as [BL3]

a. An electronic verification system used for transactional integrity in banking
b.A hash value encrypted by the sender’s private key
c. An electronic verification system used for encryption and hashing
d. A hash value encrypted #ith the DES,3DES and AES algorithms
Explanation :A digital signature is a hash value that has been encrypted with the sender's private
key. A message can be digitally signed, which provides authentication, nonrepudiation, and
integrity.
98. The man-in-middle attack can endanger the security of the Diffie-Hellman method if two
parties are not [BL2]
a. Authenticated
b. joined
c. Submit
d. Separate
Explanation: The man-in-middle attack can endanger the security of the Diffie-Hellman method
if two parties are notAuthenticated
99. The method provides a one-time session key for two parties. [BL2]
a) Diffie-Hellman
b) RSA
c) DES
d) AES
Answer: a
Explanation: the Diffie Hellman method provides a one-time session key for two parties
100. Elliptic curve cryptography follows the associative property.” [BL1]

a) True
b) False
Answer: a
Explanation: ECC does follow associative property.

Final ICS MCQ 3 UNITS

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Final ICS MCQ 3 UNITS

Uploaded by

Copyright:

Available Formats

UNIT 1 MCQ

1. Which of the following is not a transport layer vulnerability? [BL1]

2. Which of the following is not session layer vulnerability? [BL1]

4. Transmission mechanisms can be subject to spoofing & attacks based on skilled

5. Which of the following is not an example of presentation layer issues? [BL3]

Explanation: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-

6. Which of the following is not a vulnerability of the application layer? [BL3]

7. Which of the following is an example of Transport layer vulnerability? [BL3]

Explanation: Overloading of transport-layer mechanisms is an example of transport layer

Explanation: Weak or non-existent mechanisms for authentication is an example of session layer

9. Which of the following is an example of presentation layer vulnerability? [BL3]

Explanation: Poor handling of unexpected input is an example of presentation layer

10. Which of the following is an example of application layer vulnerability? [BL3]

11. A is a process of breaking a password protected system or server

Explanation: A dictionary attack is a process of breaking a password protected system or server

Explanation: A dictionary attack is a process of breaking a password protected system or server

15. Brute force attack is . [BL2]

19. are based on dictionary attack techniques. [BL1]

22. Why would a hacker use a proxy server? [BL3]

A. To create a stronger connection with the target.

Explanation – RC$ uses streaming ciphers.

A. The education of the attacker

27. To hide information inside a picture, what technology is used? [BL1]

A. Electronic Communications Interception of Oral Communications

A. Excellent knowledge of Windows.

A. nmap -sX -sneaky

A. Library level rootkits

34. What is the purpose of a Denial of Service attack? [BL3]

A. Exploit a weakness in the TCP/IP stack

A. Changing manufacturer, or recommended, settings of a newly installed application.

36. What is the sequence of a TCP connection? [BL1]

37. What tool can be used to perform SNMP enumeration? [BL2]

Explanation – SNMPUtil and IP Network Browser is SNMP enumeration tool

A. Ports 120 and 445

39. The first phase of hacking an IT system is compromise of which foundation of

Explanation – Reconnaissance is about gathering confidential information, such as usernames

40. How is IP address spoofing detected? [BL2]

A. Installing and configuring a IDS that can read the IP header

41. Why would a ping sweep be used? [BL3]

A. To identify live systems

42. What are the port states determined by Nmap? [BL3]

A. Active, inactive, standby

Explanation – Nmap determines that ports are open, filtered, or unfiltered.

43. What port does Telnet use? [BL1]

Explanation – Telnet uses port 23.

Explanation – Hacktivism is the act of malicious hacking for a cause or purpose.

46. What is the most important activity in system hacking? [BL1]

47. A packet with no flags set is which type of scan? [BL1]

Explanation – A NULL scan has no flags set.

48. Sniffing is used to perform fingerprinting. [BL3]

Explanation – Passive stack fingerprinting uses sniffing technologies instead of scanning.

49. Phishing is a form of . [BL2]

Explanation – Phishing is typically a potential attacker posing, or impersonating, a financial

50. Why would HTTP Tunneling be used? [BL3]

A. To identify proxy servers

A. SYN stealth scan

Explanation – Active4 direction in Windows 200 is based on a Lightweight Directory Access

53. Services running on a system are determined by . [BL1]

A. The system’s IP address.

54. What are the types of scanning? [BL3]

A. Port, network, and services

55. Enumeration is part of what phase of ethical hacking? [BL3]