Security Nca 6th Sem

Q.
1 MAC is also called

(A) Key Code
(B) Keyed Hash function
(C) Message Key flash function
(D) None of the above
Q.2 SSL Primarily fucuses on

(A) Integrity and Authenticity
(B) Integrity and Non-Repudiation
(C) Authenticity and Privacy
(D) Confidentiality and Integrity
Q.3 Which of the following is not requirement for Kerberos?

(A) Reliable
(B) Transport
(C) Scalable
(D) tunnel
Q.4 IPsec does not provides

(A) Integrity
(B) Authentication
(C) Confidentiality
(D) Keyless management
Q.5 Message digest is also called

(A) Hash code/Hash value
(B) Hash code
(C) Hash value
Q.6 __________ is a popular session key creator protocol that requires
Authentication server and a ticket granting server.
(A) KDC
(B) Kerberos
(C) CA
(D) None of these
Q.7 In Handshake protocol action, which is the last step of the phase 2:
Server Authentication and key exchange.
(A) Server_done
(B) Server_key_exchange
(C) Certificate_request
(D) Certificate_verify
Q.8 In the SSL protocol, each upper layer message is fragmented into a
maximum of ____ bytes.
(A) 216
(B) 232
(C) 214
(D) 212
Q.9 Why did SSL Certificate requires in HTTP?

(A) For making security weak
(B) For making information move faster
(C) For encrypted data, set over HTTP protocol
(D) For sending and receiving emails uncrypted
Q.10 IPsec in the _____ mode does not protect the IP header .
(A) Transport
(B) Tunnel
(C) Either (A) or (B)
(D) Neither (A) or (B)
Q.11 ______ uniquely identifies the MIME entities uniquely with reference to
multiple contexts .
(A) Content description
(B) Content_ID
(C) Content Type
(D) Content transfer encoding
Q.12 In Kerberos version 4, Which Encryption Algorithm is used.

(A) DES
(B) AES
(C) SES
(D) RAS
Q.13 The Subject unique identifier of the X.509 certificate was added in
which version.
(A) 1
(B) 2
(C) 3
(D) 4
Q.14 The main difference between MAC and digital signature is that , In
digital signature the hash value of the message is encrypted with the user’s
(A) Public Key
(B) Private Key
(C) We can use any key
Q.15 Internet Key Exchange Creates security association for
(A) SSL
(B) PGP
(C) IPsec
(D) VP
Q.16 IKE creates SAC for

(A) SSL
(B) PGP
(C) IPsec
(D) VP
Q.17 Which Hash Function is used to provide message authentication , The

Hash Function value referred to as
(A) Message field
(B) Message Digest
(C) Message Leap
Q.18 Extensions were added in which cerficate version ?

(A) 1
(B) 2
(C) 3
(D) 4
Q.19 In the Internet protocol security DOI stands for

(A) Domain of Interpretation
(B) Domain Interface
(C) Destination Interface
(D) Destination Interpretation
Q.20 Which One of the following is not a Higher-Layer SSL protocol ?
(A) Alert protocol
(B) Handshake protocol
(C) Alarm protocol
(D) Change cipher spec protocol
Q.21 __________ is a collection of protocols designed by the IETF ( Internet

Engineering Task Force ) to provide security for a packet at the network level.
(A) SSL
(B) PGP
(C) IPsec
(D) VP
Q.22 CRL stands for

(A) Cipher reusable list
(B) Certificate revocation list
(C) Certificate revocation language
(D) Certificate revocation language
Q.23 Hash function take an arbitrary block of data and returns

(A) Fixed size bit string
(B) Variable size bit string
(C) Can return both depending on the situation
(D) ARP
Q.24 Which protocol is used for the purpose of copying the pending state into
the current state ?
(A) Alert protocol
(B) Handshake protocol
(C) Upper-layer protocol
(D) Change cipher spec protocol
Q.25 PGP make use of which Cryptography algorithm ?

(A) DES
(B) AES
(C) RSA
(D) ROBIN
Q.26 PGP stands for {PGP: Pretty Good Privacy}

(A) Permitted gap permission
(B) Permitted great privacy
(C) Pretty good permission
Q.27 Which Cryptographic protocol used to secure HTTP connection

(A) TLs
(B) Reserve Reservation protocol
(C) SLS
(D) ARP
Q.28 DSS Signature uses which hash algorithm

(A) MD5
(B) SHA2
(C) SHA1
(D) does not use hash algorithm
VIRUS, MALWARE AND ATTACK MCQ’S
Q.1 Which of the following are the objectives of Malware.

(A) Provide remote control for an attacker to use an infected machine.
(B) Investige the infected user’s local network.
(C) Steal sensitive data.
(D) All of the above.
Q.2 Malware is short form of?

(A) Malicious Hardware
(B) Malicious Software
(C) Both (A) and (B)
(D) None of the above.
Q.3 Which of the following are the programs that copy themselves
throughout a computer or a network.
(A) Worms
(B) Trojans
(C) Viruses
(D) Rootkits
Q.4 Which is true about worms?

(A) Self replicating virus that exploit security vulnerabilities to automatically spread
themselves across computers and networks.
(B) Worms on existing programs and can only be activated when a user opens the program.
(C) Worms vary and hide themselves in the operating system.
(D) All of the above.
Q.5 Which of the following malware do not replicate or reproduce through
infection?
(A) Worms
(B) Trojans
(C) Viruses
(D) Rootkits
Q.6 Which Malware has short for “Robot Network”?

(A) Ronets
(B) Botnets
(C) Botwork
(D) Rowork
Q.7 RATs stands for?

(A) Rootkits Administration Tools
(B) Remote Access Tools
(C) Remote Administration Tools
(D) Remote Attack Tools
Q.8 Which Malware enable Administrative control, allowing the attacker to

do almost everything on an infected computer?
(A) Rootkits
(B) RATs
(C) Botnets
(D) Worms
Q.9 Which Malware are often the armies behind today’s Distributed Denial-
of-Services (DDoS) Attacks?
(A) Botnets
(B) BotnetsSpyware
(C) Trojans
(D) Viruses
Q.10 There are __________ types of computer virus.

(A) 5
(B) 7
(C) 10
(D) 12
Q.11 Which of the following is not a type of virus ?

(A) Boot sector
(B) Polymorphic
(C) Multipartite
(D) Trojans
Q.12 A computer _______ is a malicious code which self-replicates by copying

itself to other programs.
(A) Program
(B) Virus
(C) Application
(D) Worms
Q.13 Which of the following is not an ideal way of spreading a virus?

(A) Infected Websites
(B) Emails
(C) Official Antivirus CDs
(D) USBs
Q.14 In which year Apple II Virus come into Existence?

(A) 1989
(B) 1980
(C) 1981
(D) 1982
Q.15 In mid-1981, the 1st virus for apple computers with the name ________
came into existence.
(A) Apple I
(B) Apple II
(C) Apple III
(D) Apple Virus
Q.16 The virus hide himself from getting detected by _______ different ways.
(A) 2
(B) 3
(C) 4
(D) 5
Q.17 _________ infects the master boot record and it is challenging and a
complex task to remove this virus.
(A) Boot Sector virus
(B) Polymorphic
(C) Multipartite
(D) Trojans
Q.18 __________ gets installed and stays hidden in your computers memory.
It stays involved to the specific types of files which is infects.
(A) Boot sector Virus
(B) Direct Action Virus
(C) Polymorphic Virus
(D) Multipartite Virus
Q.19 Direct Action Virus is also known as____________
(A) Non-Resident Virus
(B) Boot Sector Virus
Q.20 ________ infects the executables as well as the boot sectors.

Q.21 __________ is also known as cavity virus.

(B) Overwrite Virus
(D) Space-filler Virus
Q.22 Which of the below-mentioned reasons does not satisfy the reason why
people create a computer virus.
(A) Research Purpose
(B) Pranks
(C) Identity Theft
(D) Protection
Q.23 __________ deletes all the files that it infects.

(B) Overwrite Virus
Q.24 __________ are difficult to identify as they keep on changing their type
and signature.
(C) polymorphic Virus
X.509 {MCQ}
Q.1 What is the PGP stand for?

(A) Permuted Gap Permission
(B) Permuted Great Privacy
(C) Pretty Good Permission
(D) None of the mentioned
Q.2 Which of the following is not an element/field of the X.509 certificates?

(A) Issuer name
(B) Serial Modifier
(C) Issuer Unique Identifier
(D) Signature
Q.3 It is desirable to revoke a certificate before it expires because

(A) The user is no longer certified by the CA
(B) The CA’s Certificate is assumed to be compromised
(C) The user’s Private key is assumed to be compromised
(D) All of the mentioned above
Q.4 Which of the following is not a part of an Extension?

(A) Extension identifier
(D) Extension Value
(C) Criticality Indicator
(D) All of the mentioned constitute the Extension
Q.5 X.509 certificate recommends which cryptographic algorithm?

(A) RSA
(B) DES
(C) AES
(D) Rabin
Q.6 The issuer unique identifier of the X.509 certificates was added in which
version?
(A) 1
(B) 2
(C) 3
(D) 4
Q.8 CMP stands for {CMP: Certificate Management Protocol}

(A) Cipher Message Protocol
(B) Cipher Management Protocol
(C) Certificate Message Protocol
(D) None of the Mentioned
Q.9 CMS stands for

(A) Cipher Message Syntax
(B) Certificate Message Session
(C) Cryptographic Message Syntax
Q.10 How many handshake rounds are required in the Public-Key Distribution
Scenario?
(A) 7
(B) 5
(C) 3
(D) 4
Q.11 Certificate extensions fall into 3 categories. Which one of the following is
not a Certificate extensions category?
(A) Subject and Issuer attributes
(B) Key and Policy information
(C) Certification Path Constraints
(D) All of the above are Certificate Extensions Categories
Q.12 Which systems use a timestamp?

(A) Public Key certificates
(B) Public Announcements
(C) Publicly Available Directories { Both (A) And (B) uses Timestamp}
(D) Public Key Authority
Q.13 USENET is related to which of the following Public Key distribution

schemes?
(C) Publicly Available Directories
Q.14 Which of the following public key distribution systems is most secure?
Q.15 Which system uses a trusted third party interface?

Q.16 Which of these systems use timestamps as an expiration date?

Q.17 Publicly Available directory is more secure than which other system?
(C) Public Key Authority
Q.18 Public key encryption/decryption is not preferred because

(A) It is slow
(B) It is Hardware/Software Intensive
(C) It is a high Computational Load
(D) All of the Mentioned
PRETTy GooD PRIVACy (PGP) MCQ’S
Q.1 Pretty good privacy (PGP) security system uses

(A) Public key Cryptosystem
(B) Private key Cryptosystem
(C) Public and Private key Cryptosystem
(D) None of the Mentioned Above
Q.2 Public key cryptosystem is used for the encryption of

(A) Message
(B) Session Key
(C) Message and Session key
(D) None of the mentioned above
Q.3 PGP offers _____ block ciphers for message encryption

(A) Triple-DES
(B) CAST
(C) IDEA
(D) All of the mentioned
Q.4 Data compression includes

(A) Removal of Redundant Character
(B) Uniform Distribution of Character
(C) Removal of Redundant Character and Uniform Distribution of Character
Q.5 Which block cipher has key length of 128 bits?

(A) IDEA
(B) CAST
(C) IDEA and CAST
Q.6 The key size of DES is

(A) 56 bits
(B) 64 bits
(C) 128 bits
(D) 168 bits
Q.7 These three ciphers can operate of ______ of plaintext and cipher text
(A) 128 bit blocks
(B) 64 bit blocks
(C) 256 bit blocks
(D) 156 bit blocks
Q.8 What is the key size allowed in PGP?

(A) 1024-1056
(B) 1024-4056
(C) 1024-4096
(D) 1024-2048
Q.9 Which algorithm is used for public key encryption?

(A) RSA
(B) Diffie-Hellman
(C) RSA and Diffie-Hellman
Q.10 Which should be used first to decrypt?

(A) Public key
(B) Private key
(C) Public key and Private key
Q.11 The digital signature provides authentication to the

(A) Sender
(B) Message
(C) Sender and Message
Q.12 The hash function

(A) Is collision free
(B) Has manageable collision
(C) Has high unmanageable level of collision
Q.13 DSA protocol is based on

(A) Discrete Logarithm Problem
(B) Continuous Logarithm Problem
(C) Discrete and Continuous Logarithm Problem
TRANSPoRT LAyER SECURITy MCQ’S
Q.1 In the SSLv3 the padding bits are _______ with the secret key.
(A) Padded
(B) XORed
(C) Concatenated
(D) ANDed
Q.2 Which of the following is not a valid input to the PRF in SSLv3?
(A) Secret value
(B) Identifying level
(C) Initialization vector
(D) Secret value
Q.3 Which of the following alert codes is not supported by SSLv3?

(A) record_overflow
(B) no_certificate
(C) internet_error
(D) decode_error
Q.4 Which key exchange technique is not supported by SSLv3?

(A) Anonymous Diffie-Hellman
(B) Fixed Diffie-Hellman
(C) RSA
(D) Fortezza
Q.5 In TLS padding can be upto a maximum of --

(A) 79 bytes
(B) 127 bytes
(C) 255 bytes
(D) none of the mentioned
Q.6 URL stands for-

(A) Universal Remote Locater
(B) Universal Resource Language
(C) Uniform Resource Locator
(D) Uniform Resource Language
Q.7 An HTTP Connection uses port______ whereas HTTPS uses port ______
and invokes SSL.
(A) 40;80
(B) 60;620
(C) 80;443
(D) 620;80
Q.8 Full form of SSL

(A) Simple Socket Layer
(B) Secure Service Layer
(C) Secure Socket Layer
(D) Simple Service Layer
Q.9 Which layer divides each message into packets at the source and re-
assembles them at the destination?
(A) Network layer
(B) Transport layer
(C) Data link layer
(D) Physical layer
Q.10 Basic data transfer, Reliability, flow control, Error Control, multiplexing,
connection control, precedence and security are functions of which layer.
(A) Data link layer
(B) Application layer
(C) Network layer
(D) Transport layer
Q.11 Which of the following is/are example of stateful application layer

protocols?
(A) HTTP
(B) FTP {Both (B) and (D)}
(C) TCP
(D) POP3
Q.12 Transport layer may be responsible for process to process delivery of the
(A) Message
(B) Address of message
(C) Few Packets of Message
(D) Partial Message
Q.13 TCP is a ______ protocol.

(A) stream-oriented
(B) message-oriented
(C) block-oriented
(D) packet-oriented
Q.14 To uses the services of the UDP we need ______ socket addresses.
(A) Four
(B) Two
(C) Three
(D) Five
Q.15 UDP packets are called......

(A) User datagram
(B) Segments
(C) Frames
(D) Packets
Q.16 UDP packets have fixed-sized header of............. bytes.

(A) 16
(B) 8
(C) 32
(D) 64
Q.17 UDP and TCP are both .............. layer protocols.

(A) Data link
(B) Network
(C) Transport
(D) Interface
Q.18 A port address in TCP/IP is______ bits long.

(A) 32
(B) 48
(C) 16
(D) 64
CRyPToGRAPHy
Q.1 In an asymmetric-key cipher, the sender uses the ___________ key.
(A) Private
(B) Public
(C) Either (a) or (b)
(D) neither (a) or (b)
Q.2 In an asymmetric-key cipher, the receiver uses the________ key.

(A) Private
(B) Public
(C) either (a) or (b)
Q.3 A _____- cipher replaces one character with another character.

(A) Substitution
(B) Transportation
Q.4 ______ ciphers can be categorized into two broad categories:

monoalphabetic and polyalphabetic.
(A) Substitution
(B) Transportation
Q.5 The Caesar cipher is a ______ cipher that has a key of 3.
(A) Transportation
(B) Additive
(C) Shift
Q.6 The ________ cipher is the simplest monoalphabetic cipher. It uses

modular arithmetic with the modulus of 26.
(A) Transportation
(B) Additive
(C) Shift
Q.7 The _____ cipher reorders the plain text characters to create a ciphertext.
(A) Substitution
(B) Transportation
Q.8 DES is a(n)_______ method adopted by the U.S. Government.

(A) Symmetric key
(B) asymmetric key
Q.9 DES has an initial and final permutation block and ______ rounds.
(A) 14
(B) 15
(C) 16
(D) none of the above
Q.10 The DES function has _______ components.

(A) 2
(B) 3
(C) 4
(D) 5
Q.11 DES uses a key generator to generate sixteen __________ round keys.
(A) 32-bit
(B) 48-bit
(C) 54-bit
(D) 42-bit
Q.12 ______ DES was designed to increase the size of the DES key.
(A) Double
(C) Triple
(C) Quadruple
Q.13 ________ is the round cipher based on the Rijndael algorithm that uses
a 128-bit block of data.
(A) AEE
(B) AED
(C) AER
(D) AES
Q.14 AES has _____ different configurations.

(A) two
(B) Three
(C) four
(D) Five
Q.15 ECB and CBC are ________ ciphers.

(A) Block
(B) Stream
(C) Field
Q.16 One commonly used cryptography method is the ________ algorithm.

(A) RSS
(B) RAS
(C) RSA
(D) RAA
Q.17 The ______ method provides a one time session key for two parties.
(A) Diffie-Hellman
(B) RSA
(C) DES
(D) AES
Q.18 What is the preffered way of encryption?

(A) Pre shared secret key
(B) Using key distribution cenrer (KDC)
(C) public key encryption
(D) Symmetric key
Q.19 What is not a role of encryption ?

(A) It is used to protect data from unauthorized access during transmission.
(B) It is used to ensure user authentication.
(C) It is used to ensure data integrity
(D) It is used to ensure data curruption doesnt happens.
Q.20 What is cipher block chaining?

(A) Data is logically ‘ANDed’ with previous block.
(B) Data is logically ‘ORed’ with previous block.
(C) Data is logically ‘XORed’ with previous block.
(D) None of the mentioned.
Q.21 What is not an encryption standard ?

(A) AES
(B) TES
(C) Triple DES
(D) DES
Q.22 Which of the following is not a stream cipher?

(A) Two fish
(B) RC5
(C) RC4
(D) TBONE
Q.23 What is hash function?

(A)It creates a small flexible block of data.
(B) It creates a small fixed block of data.
(C) it creates a encrypted block of data.
(D) None of the mentioned.
Q.24 MD5 produces ___________ bits hash data.
(A) 128
(B) 150
(C) 160
(D) 112
Q.25 SHA-1 produces__________ bits of hash.

(A) 128
(B) 160
(C) 150
(D) 112
Q.26 Which two of the following are authentication algorithm?

(A) MAC
(B) AES
(C) DAS
(D) Digital-signature
Q.27 What is the role of key distribution center?

(A) It is used to distribute keys to everyone in world.
(B) It intended to reduce the risks inherent in exchanging keys.
(C) All of the mentioned
Q.28 ______ is the science and art of transforming message to make them
secure and immune to attacks.
(A) cryptography
(B) Calligraphy
(C) Cryptanalysis
Q.29 In symmetric-key cryptography, the key locks and unlocks the box is
(A) shared
(B) same
(C) Private
(D) Public
Q.30 The acronym DES stands for

(A) Digital Evaluation System
(B) Digital Encryption System
(C) Digital Encryption Standard
(D) Double Encryption Standard
Q.31 Which of the following is not a physical layer vulnerability?

(A) Physical damage or destruction of data and hardware
(B) Keystroke and other inpit logging
(C) Physical theft of data and hardware
(D) Unauthorized network access
Q.32 Encryption strength is based on

(A) Length of key
(B) Secrecy of key
(C) Strength of algorithm
(D) All of the above
Q.33 An asymmetric-key cipher uses

(A) 2 key
(B) 4 key
(C) 3 key
(D) 1 key
Q.34 In asymmetric key cryptography, the private key is kept by_______

(A) Sender
(B) receiver
(C) All the connected devices to the network
(D) Sender and Receiver
Q.35 The keys used in cryptography are

(A) Private key
(B) public key
(C) Secret key
(D) All of the above
Q.36 The______ is the original message before transformation

(A) Secret-text
(B) Plaintext
(C) Ciphertext
Q.37 The ______ is the message after transformation.

(A) Plaintext
(B) Secret-key
(C) Ciphertext
Q.38 Network Security provides authentication and access control for

resources.
(A) True
(B) False
Q.39 Which is not an objective of network security?
(A) Identification
(B) Authentication
(C) Access Control
(D) Lock
Q.40 Which of these is a part of network identification?

(A) UserID
(B) Password
(C) OTP
(D) Fingerprint
Q.41 The process of verifying the identity of user.

(A) Authentication
(B) Identification
(C) Validation
(D) Verification
Q.42 A concern of authentication that deals with users rights.

(A) General Access
(B) Functional Authentication
(C) Functional Authorization
(D) Auto Verification
Q.43 CHAP Stands for?

(A) Challenge Handshake authentication protocol
(B) Challenge Hardware authentication protocol
(C) Circuit Hardware authentication protocol
(D) Circuit Handshake authentication protocol
Q.44 Security features that control that can access resources in the OS.
(A) Authentication
(B) Identification
(C) Validation
(D) Access control
Q.45 An algorithm in encryption is called

(A) Algorithm
(B) Procedure
(C) Cipher
(D) Module
Q.46 The information that gets transformed in encryption is

(A) Plain text
(B) Parallel text
(C) Encrypted text
(D) Decrypted text
Q.47 Which of the following protocols is used to provide secure access to

network resources over the internet?
(A) FTP
(B) Telnet
(C) SSH
(D) HTTP
Q.48 Which of the following is an example of a symmetric key encryption

algorithm?
(A) RSA
(B) Diffie-Hellman
(C) AES
(D) ECC
Q.49 Which of the following network devices is used to filter and forward
network traffic based on MAC addresses?
(A) Router
(B) Hub
(C) Switch
(D) Repeater
Q.50 Which of the following is a type of denial-of-service attack that floods a

network with bogus requests?
(A) Smurf Attack
(B) Spoofing
(C) SYN Flood
(D) Ping of Death
Q.51 Which of the following is a protocol used to securely transfer files over
the internet?
(A) Telnet
(B) FTP
(C) SMTP
(D) SFTP
Q.52 Which of the following is a type of firewall that operates at the

application layer of the OSI model?
(A) Packet filtering firewall
(B) Stateful inspection firewall
(C) Application firewall
(D) Network address translation firewall
Q.53 Which of the following is an encryption algorithm used for secure

communication over the internet?
(A) DES
(B) RSA
(C) Blowfish
(D) Twofish
Q.54 Which of the following is a type of network attack in which an attacker

intercepts and modifies network traffic?
(A) Spoofing
(B) Sniffing
(C) Hijacking
(D) Injection
Q.55 Which of the following is a type of security mechanism used to

authenticate users and devices on a network?
(A) Encryption
(B) Firewall
(C) Access control
(D) IDS/IPS
Q.56 Which of the following is a protocol used to secure web traffic over the
internet?
(A) HTTPS
(B) FTPS
(C) SFTP
(D) SMTPS
Q.57 Which of the following is a type of attack in which an attacker sends a
flood of ICMP packets to a target network?
(A) Ping of death
(B) SYN flood
(C) Smurf Attack
(D) Teardrop Attack

masquerades as a trusted entity to gain unauthorized access to network
resources?
(A) Injection
(B) Spoofing
(C) Hijacking
(D) Sniffing
Q.59 Which of the following is a type of firewall that examines the state of
network connections to determine whether to allow or block traffic?
(D) Network address translation firewall
Q.60 Which of the following is a type of authentication that uses physical

characteristics such as fingerprints or facial recognition?
(A) Password authentication
(B) Two-factor authentication
(C) Biometric authentication
(D) Token authentication
packet that is larger than the maximum packet size allowed by the target
system?
(A) Ping of death
(B) SYN Flood
(C) Smurf Attack
(D) Teardrop attack

intercepts network traffic to capture sensitive information such as passwords
or credit card numbers?
(A) Sniffing
(B) Injection
(C) Spoofing
(D) Hijacking
Q.63 Which of the following is a type of attack in which an attacker floods a

target system with a large number of connection requests?
(A) Ping of death
(B) SYN Flood
(C) Smurf Attack
(D) Teardrop attack
Q.64 Which of the following is a type of firewall that examines the content of
network traffic to block traffic that matches specific patterns or signatures?
(D) Intrusion detection firewall
Q.65 Which of the following is a type of encryption that uses the same key for
both encryption and decryption?
(A) Symmetric encryption
(B) Asymmetric encryption
(C) Hashing
(D) Digital signature
Q.66 Which of the following is a type of security mechanism used to protect

network traffic by hiding the IP addresses of internal devices?
(C) Network address translation
(D) virtual private network

packet with an IP address that has been forged to appear to be from a trusted
source?
(A) Injection
(B) Spoofing
(C) Hijacking
(D) Sniffing
Q.68 Which of the following is a type of authentication that uses a physical

device such as a smart card or token to verify a user’s identity?
(A) Password authentication
(B) two-factor authentication
(C) Biometric authentication
(D) token authentication
Q.69 Which of the following is a type of attack in which an attacker uses a
combination of social engineering and technical attacks to trick users into
revealing sensitive information?
(A) phishing
(B) spear phishing
(C) whaling
(D) vishing
Q.70 Which of the following is a type of security mechanism that uses a set of
rules to control access to network resources based on the identity of the user
or device?
(A) Access control list
(B) Intrusion prevention system
(C) Antivirus software
(D) Firewall

large number of email messages to a target system with the goal of
overloading the system?
(A) Smurf attack
(B) Teardrop attack
(C) Ping of death
(D) Email bombing
Q.72 Which of the following is a type of encryption that uses two keys, a
public key and a private key, to encrypt and decrypt data?
(C) Hashing
Q.73 Which of the following is a type of security mechanism that uses
machine learning and statistical analysis to detect and block attacks in real
time?
(A) Intrusion detection system
(D) Firewall

large number of ping requests to a target system with the goal of overloading
the system?
(A) Smurf attack
(B) Teardrop attack
(C) Ping of death
(D) Email bombing
Q.75 Which of the following is a type of security mechanism that monitors

and filters incoming and outgoing network traffic based on a set of predefined
rules?
(A) Intrusion detection system
(D) Firewall
Q.76 Which of the following is a type of encryption that uses the same key to
encrypt and decrypt data?
(C) Hashing
Q.77 Which of the following are forms of malicious attack?
(A) Theft of information
(B) Modification of data
(C) wiping of information
(D) All of the mentioned
Q.78 What are common security threats?

(A) File shredding
(B) File sharing and permission
(C) File currupting
(D) File integrity
Q.79 From the following, which is not a common file permission?

(A) Write
(B) Execute
(C) Stop
(D) Read
Q.80 Which of the following is least secure method of authentication?

(A)Key card
(B) fingerprint
(C) retina pattern
(D) Password
Q.81 To encrypt a message ________ is used on a character’s position.

(A) boolean algebra
(B) bijective function
(C) Inverse function
(D) surjective function
Q.82 Why is one time password safe?
(A) It is easy to generate
(B) It cannot be shared
(C) It is different for every access
(D) It is a complex encrypted password
Q.83 Why does Light Directory Access Protocol (LDAP) doesn’t store?
(A) Users
(B) Address
(C) Passwords
(D) Security Keys
Q.84 _______ can decrypt traffic to make it available to all other network
security functions such as web proxies.
(A) SSL visibility appliances
(B) RSA appliances
(C) Rodriguez cipher system
(D) Standard cipher system
Q.85 How many bits of message does the secure hash algorithm produce ?
(A) 160 bits
(B) 1035 bits
(C) 621 bits
(D) 3761 bits
Q.86 in a transposition cipher , the plaintext is constructed by the _______ of

the ciphertext .
(A) Permutation
(B) Combination
(C) Sequence
(D) Series
Q.87 Which happens first authorization or authentication?

(A) Authorization
(B) Authentication
(C) Authorization and Authentication are same
Q.88 What are the characteristics of the authorization?

(A) RADIUS and RSA
(B) 3 way handshaking with syn and fin
(C) Multilayered protection for securing resources
(D) Deals with privileges and rights
Q.89 Use Caesar’s cipher to decipher the following

HQFUBSWHG WHAW
(A)ABANDONED LOCK
(B) ENCRYPTED TEXT
(C) ABANDONED TEXT
(D) ENCRYPTED LOCK
Q.90 Caesar cipher is an example of

(A) Poly-alphabetic cipher
(B) Mono-alphabetic cipher
(C) Multi-alphabetic cipher
(D) Bi-alphabetic cipher
Q.91 A symmetric cipher system has an IC of 0.041 .

What is the length of the key ‘m’?
(A)1
(B) 3
(C) 2
(D) 5
Q.92 Monoalphabetic ciphers are stronger than Polyalphabetic ciphers , as

single alphabets are encrypted or decrypted at a time.
(A) True
(B) False
Q.93 What is the number of possible 3x3 affine cipher Transformations?

(A) 168
(B) 840
(C) 1024
(D) 1344
Q.94 Confusion hides the relationship between the ciphertext and the plain
text .
(A) True
(B) False
Q.95 The S-box is used to provide confusion, as it is dependent on the

unknown key.
(A) True
(B) False
Q.96 Which of the following slows the cryptographic algorithm

(A) Increase in number of rounds
(B) Decrease in block size {Both (B) and (C)}
(C) Decrease in key size
(D) Increase in Sub key generation
Q.97 ______ is an example of asymmetric cipher .

(A) Block cipher
(B) RSA Encryption
(C) AES Encryption
(D) Advanced cryptology
Q.98 There is no secret key in case of

(A) Symmetric ciphers
(B) Asymmetric ciphers
(C) RSA Encryption
(D) Alpha Numeric cryptology
Q.99 Electronic code book process is used in

(A) CAesar cipher
(B) Antisymmetric cipher
(C) Block cipher
(D) Stream cipher
Q.100 What type of algorithm does AES Algorithm use?

(A) Stream cipher
(B) Symmetric block cipher
(C) Asymmetric Caesar cipher
(D) DES encryption
Q.101 What is the block size of blowfish block cipher?

(A) 64 bits
(B) 128 bits
(C) 1043 bits
(D) 10 bits
Q.102 In which cipher each letter of the plain text is substituted by any other
letter to form the cipher message ?
(A) Shift cipher
(B) DES encryption
(C) Block cipher
(D) AES encryption
Q.103 When the DNS server accepts and uses incorrect information from a
host that has no authority giving that information , then it is called
(A) DNS lookup
(B) DNS hijacking
(C) DNS spoofing
Q.104 Unsolicited commercial email is known as

(A) Spam
(B) Virus
(C) Malware
(D) Spyware
Q.105 Which of the following is the type of Substitution cipher?

(A) Mono alphabetic cipher
(B) Transportation cipher
(C) Transportation cipher
(D) Transforming cipher
Q.106 Which of the following is the type of transposition cipher ?

(A) Rail fence cipher
(B) Hill cipher
(C) Rotor cipher
(D) One time pad
STEGANoGRAPHy
1. _____________ is another data hiding technique which can be used in conjunction
with cryptography for the extra-secure method of protecting data.
a) Cryptography
b) Steganography
c) Tomography
d) Chorography
2. _____________ is hiding of data within data, where we can hide images, text, and
other messages within images, videos, music or recording files.
a) Cryptography
b) Tomography
c) Steganography
d) Chorography
3. Steganography follows the concept of security through obscurity.

a) True
b) False
4. The word ________________is a combination of the Greek words ‘steganos’ which

means “covered or concealed”, and ‘graphein’ which means “writing”.
a) Cryptography
b) Tomography
c) Steganography
d) Chorography
5. A ________________ tool permits security professional or a hacker to embed hidden
data within a carrier file like an image or video which can later be extracted from
them.
a) Cryptography
b) Tomography
c) Chorography
d) Steganography
6. Which of the following is not a steganography tool?

a) Xaio steganography
b) Image steganography
c) ReaperExploit
d) Steghide
7. Which of the following is not a steganography tool?

a) Crypture
b) SteganographX Plus
c) rSteg
d) Burp Suite
8. The main motive for using steganography is that hackers or other users can hide a
secret message behind a ______________
a) special file
b) ordinary file
c) program file
d) encrypted file
9. People will normally think it as a normal/regular file and your secret message will
pass on without any _______________
a) suspicion
b) decryption
c) encryption
d) cracking
10. By using ______________ you can diminish the chance of data leakage.
a) Cryptography
b) Tomography
c) Chorography
d) Steganography
DES AND DSA

1. DES follows
a) Hash Algorithm
b) Caesars Cipher
c) Feistel Cipher Structure
d) SP Networks
2. The DES Algorithm Cipher System consists of ____________rounds (iterations) each

with a round key
a) 12
b) 18
c) 9
d) 16
3. The DES algorithm has a key length of

a) 128 Bits
b) 32 Bits
c) 64 Bits
d) 16 Bits
4. In the DES algorithm, although the key size is 64 bits only 48bits are used for the
encryption procedure, the rest are parity bits.
a) True
b) False
5. In the DES algorithm the round key is __________ bit and the Round Input is
____________bits.
a) 48, 32
b) 64,32
c) 56, 24
d) 32, 32
6. In the DES algorithm the Round Input is 32 bits, which is expanded to 48 bits via
____________
a) Scaling of the existing bits
b) Duplication of the existing bits
c) Addition of zeros
d) Addition of ones
7. The Initial Permutation table/matrix is of size

a) 16×8
b) 12×8
c) 8×8
d) 4×8
8. The number of unique substitution boxes in DES after the 48 bit XOR operation are
a) 8
b) 4
c) 6
d) 12
9. In the DES algorithm the 64 bit key input is shortened to 56 bits by ignoring every
4th bit.
a) True
b) False

Security Nca 6th Sem

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Security Nca 6th Sem

Uploaded by

Copyright:

Available Formats

Q.

1 MAC is also called

Q.2 SSL Primarily fucuses on

Q.3 Which of the following is not requirement for Kerberos?

Q.4 IPsec does not provides

Q.5 Message digest is also called

Q.9 Why did SSL Certificate requires in HTTP?

Q.12 In Kerberos version 4, Which Encryption Algorithm is used.

Q.16 IKE creates SAC for

Q.17 Which Hash Function is used to provide message authentication , The

Q.18 Extensions were added in which cerficate version ?

Q.19 In the Internet protocol security DOI stands for

Q.21 __________ is a collection of protocols designed by the IETF ( Internet

Q.22 CRL stands for

Q.23 Hash function take an arbitrary block of data and returns

Q.25 PGP make use of which Cryptography algorithm ?

Q.26 PGP stands for {PGP: Pretty Good Privacy}

Q.27 Which Cryptographic protocol used to secure HTTP connection

Q.28 DSS Signature uses which hash algorithm

Q.1 Which of the following are the objectives of Malware.

Q.2 Malware is short form of?

Q.4 Which is true about worms?

Q.6 Which Malware has short for “Robot Network”?

Q.7 RATs stands for?

Q.8 Which Malware enable Administrative control, allowing the attacker to

Q.10 There are __________ types of computer virus.

Q.11 Which of the following is not a type of virus ?

Q.12 A computer _______ is a malicious code which self-replicates by copying

Q.13 Which of the following is not an ideal way of spreading a virus?

Q.14 In which year Apple II Virus come into Existence?

Q.20 ________ infects the executables as well as the boot sectors.

Q.21 __________ is also known as cavity virus.

Q.23 __________ deletes all the files that it infects.

Q.1 What is the PGP stand for?

Q.2 Which of the following is not an element/field of the X.509 certificates?

Q.3 It is desirable to revoke a certificate before it expires because

Q.4 Which of the following is not a part of an Extension?

Q.5 X.509 certificate recommends which cryptographic algorithm?

Q.8 CMP stands for {CMP: Certificate Management Protocol}

Q.9 CMS stands for

Q.12 Which systems use a timestamp?

Q.13 USENET is related to which of the following Public Key distribution

Q.15 Which system uses a trusted third party interface?

Q.16 Which of these systems use timestamps as an expiration date?

Q.18 Public key encryption/decryption is not preferred because

Q.1 Pretty good privacy (PGP) security system uses

Q.2 Public key cryptosystem is used for the encryption of

Q.3 PGP offers _____ block ciphers for message encryption

Q.4 Data compression includes

Q.5 Which block cipher has key length of 128 bits?

Q.6 The key size of DES is

Q.8 What is the key size allowed in PGP?

Q.9 Which algorithm is used for public key encryption?

Q.10 Which should be used first to decrypt?

Q.11 The digital signature provides authentication to the

Q.12 The hash function

Q.13 DSA protocol is based on

Q.3 Which of the following alert codes is not supported by SSLv3?

Q.4 Which key exchange technique is not supported by SSLv3?

Q.5 In TLS padding can be upto a maximum of --

Q.6 URL stands for-

Q.8 Full form of SSL