Quiznetik

Information Cyber Security (ICS) | Set 1

1. In the _______ mode, IPSec protects the whole IP packet, including the original IP header.

A. transport

B. tunnel

C. either (a) or (b)

D. neither (a) nor (b)

Correct : B. tunnel

2. An HTTP connection uses port _ whereas HTTPS uses port ____ and invokes SSL

A. 40; 80

B. 60; 620

C. 80; 443

D. 620; 80

Correct : C. 80; 443

3. What port does Telnet use?

A. 22

B. 80

C. 20

D. 23

Correct : D. 23

4. A digital Signature is

A. a bit string giving identity of a correspondent

B. a unique identification of a sender

C. an authentication of an electronic record by trying it uniquely to a key only a sender knows

D. an encrypted signature of sender

Correct : C. an authentication of an electronic record by trying it uniquely to a key only a sender knows

5. A ___________ is an extension of an enterprise’s private intranet across a public network such as the internet, creating a secure private connection.

A. vnp

B. vpn

C. vsn

D. vspn

Correct : B. vpn

6. ______uses the idea of certificate trust levels

A. x509

B. pgp

C. kdc

D. none of them

Correct : B. pgp

7. A digital signature needs a

A. private-key system

B. shared-key system

C. public-key system

D. all of them

Correct : C. public-key system

8. Pretty good privacy (PGP) is used in ______

A. browser security

B. email security

C. ftp security

D. wifi security

Correct : B. email security

9. What is necessary for a cross-site script attack with cookies to be thwarted

A. captchas

B. virtual machines

C. proxies

D. firewalls

Correct : A. captchas

10. The _______ mode is normally used when we need host-to-host (end-to-end) protection of data.

A. transport

B. tunnel

C. either (a) or (b)

D. neither (a) nor (b)

Correct : A. transport

11. For each _______ the Kerberos Key Distribution Center (KDC) maintains a database of the realm’s principal and the principal’s associated “secret keys”.

A. key

B. realm

C. document

D. none of the mentioned

Correct : B. realm

12. The basic Web Services platform is combination of _ and ___

A. css + http

B. xml + html

C. xml + http

D. css + java

Correct : C. xml + http

13. For a client-server authentication, the client requests from the KDC a ________ for access to a specific asset.

A. ticket

B. local

C. token

D. user

Correct : A. ticket

14. What is one advantage of setting up a DMZ with two firewalls?

A. you can control where traffic goes in three networks

B. you can do stateful packet filtering

C. you can do load balancing

D. ??improved network performance

Correct : C. you can do load balancing

15. What are the two primary classifications of cross-site scripting?

A. dom based and persistent

B. traditional and dom based

C. traditional and non-persistent

D. non-persistent and persistent

Correct : D. non-persistent and persistent

16. Imagine a social networking web app (like Twitter) that allows users to post short blurbs of text.

A. cross-site scripting

B. sql injection

C. packet sniffing

D. a and b

Correct : D. a and b

17. Why would a hacker use a proxy server?

A. to create a stronger connection with the target.

B. to create a ghost server on the network.

C. to obtain a remote access connection

D. to hide malicious activity on the network.

Correct : D. to hide malicious activity on the network.

18. IPSec is designed to provide security at the _________

A. transport layer

B. network layer

C. application layer

D. session layer

Correct : B. network layer

19. Which component is included in IP security?

A. authentication header (ah)

B. encapsulating security payload (esp)

C. internet key exchange (ike)

D. all of the mentioned

Correct : D. all of the mentioned

20. What is Firewall?

A. firewalls are network based security measures that control the flow of incoming and outgoing traffic

B. firewall is a program that encrypts all programs that access the internet

C. a firewall is a program that keeps other programs from using the internet

D. firewall are the interrupts that automatically disconnect from the internet when a threat appears.

Correct : A. firewalls are network based security measures that control the flow of incoming and outgoing traffic

21. SSL stands for?

A. secured socket layer

B. secured shell layer

C. system socket layer

D. system secured layer

Correct : A. secured socket layer

22. What is the most important activity in system hacking?

A. information gathering

B. cracking passwords

C. escalating privileges

D. covering tracks

Correct : B. cracking passwords

23. Why would HTTP Tunneling be used?

A. to identify proxy servers

B. web activity is not scanned

C. to bypass a firewall

D. http is a easy protocol to work with

Correct : C. to bypass a firewall

24. The domain name space (tree) is devided into---------different sections

A. 3

B. 2

C. 4

D. none

Correct : A. 3

25. The _____domains define registered hosts according to their generic behaviour.

A. generic

B. country

C. inverse

D. none

Correct : A. generic

26. DNS can use services of________using the well known port 53

A. udp

B. tcp

C. either (a) or (b)

D. none of the above

Correct : C. either (a) or (b)

27. In the DNS the names are defined in _____ sturucture

A. a linear list

B. an invertred tree

C. a graph

D. none

Correct : B. an invertred tree

28. The root of DNS tree is____

A. a string of characters

B. a string of 63 characters

C. an empty string

D. none

Correct : C. an empty string

29. A full domain name is sequence of lables seperated by____

A. semicolons

B. dots

C. colons

D. none

Correct : B. dots

30. When discussing IDS/IPS, what is a signature?

A. an electronic signature used to authenticate the identity of a user on the network

B. patterns of activity or code corresponding to attacks

C. "normal," baseline network behavior

D. none of the above

Correct : B. patterns of activity or code corresponding to attacks

31. Which is true of a signature-based IDS?

A. it cannot work with an ips

B. it only identifies on known signatures

C. it detects never-before-seen anomalies

D. it works best in large enterprises.

Correct : B. it only identifies on known signatures

32. A false positive can be defined as:

A. an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior

B. an alert that indicates nefarious activity on a system that, upon further inspection, turns out to truly be nefarious activity

C. the lack of an alert for nefarious activity

D. all of the above

Correct : A. an alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior

33. The features of traditional IPSes are found in all of these modern systems, except:

A. next-generation firewalls

B. antimalware

C. unified threat management appliances

D. network behavior analysis systems

Correct : B. antimalware

34. How does machine learning benefit IDSes/IPSes?

A. by lowering the volume of attacks analyzed

B. by adding heuristic anomaly detection capabilities

C. by searching for similar patterns to known attacks

D. by helping identify signatures more quickly

Correct : C. by searching for similar patterns to known attacks

35. A valid definition of digital evidence is:

A. none of the below

B. data stored or transmitted using a computer

C. digital data of probative value

D. any digital evidence on a computer

Correct : C. digital data of probative value

36. What are the three general categories of computer systems that can contain digital evidence?

A. desktop, laptop, server

B. personal computer, internet, mobile telephone

C. hardware, software, networks

D. open computer systems, communication systems, embedded systems

Correct : D. open computer systems, communication systems, embedded systems

37. In terms of digital evidence, the Internet is an example of:

A. open computer systems

B. communication systems

C. embedded computer systems

D. none of the above

Correct : B. communication systems

38. Cybertrails are advantageous because:

A. they are not connected to the physical world.

B. nobody can be harmed by crime on the internet.

C. they are easy to follow.

D. offenders who are unaware of them leave behind more clues than they otherwise would have.

Correct : D. offenders who are unaware of them leave behind more clues than they otherwise would have.

39. Personal computers and networks are often a valuable source of evidence. Those involved with _______ should be comfortable with this technology.

A. criminal investigation

B. prosecution

C. defense work

D. all of the above

Correct : D. all of the above

40. Computers can play the following roles in a crime:

A. target, object, and subject

B. evidence, instrumentality, contraband, or fruit of crime

C. object, evidence, and tool

D. symbol, instrumentality, and source of evidence

Correct : B. evidence, instrumentality, contraband, or fruit of crime

41. The following specializations exist in digital investigations:

A. first responder (a.k.a. digital crime scene technician)

B. forensic examiner

C. digital investigator

D. all of the above

Correct : D. all of the above

42. The process of documenting the seizure of digital evidence and, in particular, when that evidence changes hands, is known as:

A. chain of custody

B. field notes

C. interim report

D. none of the above

Correct : A. chain of custody

43. When assessing the reliability of digital evidence, the investigator is concerned with whether the computer that generated the evidence was functioning normally, and:

A. whether chain of custody was maintained

B. whether there are indications that the actual digital evidence was tampered with

C. whether the evidence was properly secured in transit

D. whether the evidence media was compatible with forensic machines

Correct : B. whether there are indications that the actual digital evidence was tampered with

44. The fact that with modern technology, a photocopy of a document has become acceptable in place of the original is known as:

A. best evidence rule

B. due diligence

C. quid pro quo

D. voir dire

Correct : A. best evidence rule

45. An investigation can be hindered by the following:

A. preconceived theories

B. improperly handled evidence

C. offender concealment behavior

D. all of the above

Correct : D. all of the above

46. Forensic analysis involves the following:

A. assessment, experimentation, fusion, correlation, and validation

B. seizure and preservation

C. recovery, harvesting, filtering, organization, and search

D. all of the above

Correct : A. assessment, experimentation, fusion, correlation, and validation

47. The first step in applying the scientific method to a digital investigation is to:

A. form a theory on what may have occurred

B. experiment or test the available evidence to confirm or refute your prediction

C. make one or more observations based on events that occurred

D. form a conclusion based on the results of your findings

Correct : C. make one or more observations based on events that occurred

48. The process model whose goal is to completely describe the flow of information in a digital investigation is known as:

A. the physical model

B. the staircase model

C. the evidence flow model

D. the subphase model

Correct : C. the evidence flow model

49. The crime scene preservation process includes all but which of the following:

A. protecting against unauthorized alterations

B. acquiring digital evidence

C. confirming system date and time

D. controlling access to the crime scene

Correct : C. confirming system date and time

50. Investigative reconstruction is composed of three different forms. Which of the following is NOT one of those three forms?

A. functional

B. intentional

C. relational

D. temporal

Correct : B. intentional

51. In crimes against individuals the ______ period leading up to the crime often contains the most important clues regarding the relationship between the offender and the victim.

A. 24-hour

B. 28-hour

C. 60-minute

D. 15-minute

Correct : A. 24-hour

52. The type of report that is a preliminary summary of findings is known as:

A. sitrep

B. threshold assessment report

C. full investigative report

D. field notes

Correct : B. threshold assessment report

53. Creating a histogram of times to reveal periods of high activity is an example of which form of investigative reconstruction?

A. functional

B. intentional

C. relational

D. temporal

Correct : D. temporal

54. Investigators should not rely on one piece of digital evidence when examining an alibi – they should look for an associated _______.

A. cybertrail

B. piece of physical evidence

C. statement

D. none of the above

Correct : A. cybertrail

55. It is quite difficult to fabricate an alibi on a network successfully because:

A. an offender may not have the proper access.

B. an offender would need system administrator access level to make the necessary changes.

C. an individual rarely has the ability to falsify digital evidence on all the computers that are involved.

D. creating an alibi on a network could take months of work.

Correct : C. an individual rarely has the ability to falsify digital evidence on all the computers that are involved.

56. Types of digital evidence that might corroborate an alibi include:

A. evidence of computer usage when the offense was supposed to occurred

B. computer records from credit cards, the telephone company, or subway ticket usage

C. gps information from mobile devices indicating the user’s location and time

D. all of the above

Correct : D. all of the above

57. To demonstrate that someone is lying about an alibi, it is necessary to:

A. find evidence that clearly demonstrates the lie

B. require the suspect to submit to a polygraph

C. interrogate the suspect using a number of methods

D. show that no evidence confirming the alibi is available

Correct : A. find evidence that clearly demonstrates the lie

58. In confirming an alibi involving an obscure piece of equipment, if no documentation is available, the manufacturer is no longer in business, or the equipment/network is so complicated that nobody fully understands how it works, you should:

A. state that the alibi is considered unproven

B. search the internet for any pertinent information

C. recreate the events surrounding the alibi

D. contact other investigators and average their opinions

Correct : C. recreate the events surrounding the alibi

59. Absence of evidence refutes an alibi.

A. true

B. false

Correct : B. false

60. An implication from studies indicating that many stalkers had prior acquaintance with their victims is that:

A. part of the blame can be assigned to the victim.

B. the offender is likely to be found in the same area as the victim

C. investigators should pay particular attention to acquaintances of the victim

D. investigators should always check the immediate family

Correct : C. investigators should pay particular attention to acquaintances of the victim

61. When a cyberstalking case is stalled, it is a good idea to interview the victim again, because:

A. the victim might have been withholding information during the first interview.

B. the information that investigators have gathered might help the victim recall additional details.

C. the time between the first and second interviews has given the victim time to seek counseling.

D. none of the above

Correct : B. the information that investigators have gathered might help the victim recall additional details.

62. That part of cyberstalking where the offender is using the Internet to find a victim is known as:

A. profiling

B. trolling

C. surreptitious monitoring

D. none of the above.

Correct : C. surreptitious monitoring

63. The _____________ documentation specifies who handled the evidence, when, where, and for what purpose.

A. evidence inventory

B. . chain of custody

C. evidence intake

D. preservation notes

Correct : B. . chain of custody

64. When you have developed a theory, what can you do to confirm that your hypothesis is correct?

A. predict, based on your hypothesis, where artifacts should be located

B. perform experiments to test results and rule out alternate explanations

C. conclude, based on your findings, whether the evidence supports the hypothesis

D. all of the above

Correct : D. all of the above

65. Of particular significance in the scientific method is the weight attached to finding evidence which supports a particular hypothesis

A. true

B. false

Correct : A. true

66. When reconstructing evidence surrounding a violent crime, it is generally helpful to:

A. lay out all the evidence so it can be viewed in its entirety

B. work with the crime scene technicians so that a better understanding of the crime is achieved

C. construct a timeline of events from digital evidence

D. begin the process of converting field notes to a final report

Correct : C. construct a timeline of events from digital evidence

67. Computers and mobile devices are treated as _________ crime scenes in violent crime investigations.

A. temporary

B. immediate

C. remote

D. secondary

Correct : D. secondary

68. Given the scope and consequences of violent crimes, it is advisable to seek out and preserve all available digital evidence.

A. true

B. false

Correct : A. true

69. In the course of conducting forensic analysis, which of the following actions are carried out?

A. critical thinking

B. fusion

C. validation

D. all of the above

Correct : D. all of the above

70. Security Measures Needed to protect ________ during their transmission

A. file

B. data

C. packet

D. all of above

Correct : B. data

71. __________ means knowledge obtained from investigation, study , intelligence new ,facts .

A. security

B. data

C. information

D. none of these

Correct : C. information

72. Prevention of the unauthorised used of Resources refers too?

A. data integrity

B. data confidentiality

C. acess control

D. none of these

Correct : C. acess control

73. Protection against Denial by one of these parties in a communication refers to?

A. non-repudiation

B. data integrity

C. authentication

D. none of these

Correct : A. non-repudiation

74. Which One of them is Passive attack?

A. denial of service

B. modify message in transit

C. replay previous message

D. obtain message contain

Correct : D. obtain message contain

75. What is lying of IP address called as?

A. ip spoofing

B. ip scamming

C. ip lying

D. none of theses

Correct : A. ip spoofing

76. What is full form of DDoS?

A. derived denial of service

B. distributed denial of service

C. denial of service

D. none of these

Correct : B. distributed denial of service

77. A hacker guessing suggested password to a program is call as?

A. password guessing

B. dictionary attack

C. default password attack

D. none of these

Correct : C. default password attack

78. Symmetric key encryption is also called as?

A. public key encryption

B. private key encryption

C. both of these

D. none of these

Correct : B. private key encryption

79. Conversion of Cypher text to plain text?

A. encryption

B. decryption

C. simple text

D. none of these

Correct : B. decryption

80. __is used to create the organisation's overall security program.

A. program policy

B. purpose

C. security

D. none of these

Correct : A. program policy

81. An act of protecting information from unauthorised disclouser to an entity.-

A. intergrity

B. avability

C. confidentiality

D. none of these

Correct : C. confidentiality

82. A way to ensure that the entity is indeed what it claims to be.-

A. authentication

B. accountability

C. identification

D. security

Correct : A. authentication

83. The__model is 7 layer architecture where each layer is having some specific functionality to perform.

A. tcp

B. osi

C. ois

D. none of these

Correct : B. osi

84. The full form of OSI is OSI model__.

A. open systems interconnection

B. open software interconnection

C. open connection

D. open system internet

Correct : A. open systems interconnection

85. The technique in which when one character is replaced by another Character is called as?

A. transposition

B. substitution

C. combinational

D. none of these

Correct : B. substitution

86. Conversion of plain text into Cipher text is called as________.

A. encryption

B. decryption

C. hidden text

D. none of above

Correct : A. encryption

87. In Symmetric schemes requires both parties to share how many secret key?

A. one

B. two

C. three

D. four

Correct : A. one

88. Blum Blum Shub Generator is based on which Algorithm?

A. private key

B. public key

C. both a & b

D. none of these

Correct : B. public key

89. In DES step both LPT and RPT undergoes in how much key Rounds?

A. 8

B. 16

C. 32

D. 64

Correct : B. 16

90. What is the 4th step in DES Algorithm?

A. key transformation

B. s-box substitution

C. p-box permutation

D. expansion permutation

Correct : C. p-box permutation

91. In AES in which Round Subkeys are Generated from Original key for each round?

A. key expansion

B. initial round

C. finale round

D. none of these

Correct : A. key expansion

92. AES stands for ?

A. authorized encryption standard

B. advance encryption standard

C. advance encryption strategy

D. none of these

Correct : B. advance encryption standard

93. Which of them is type of Cipher?

A. stream cipher

B. block cipher

C. both of them

D. none of these

Correct : C. both of them

94. The message which is not understandable is called as?

A. cipher text

B. plain text

C. hidden text

D. both a & c

Correct : A. cipher text

95. _______ is the practice and precautions taken to protect valuable information from unauthorized access, recording, disclosure or destruction.

A. network security

B. database security

C. information security

D. physical security

Correct : C. information security

96. _______ platforms are used for safety and protection of information in the cloud.

A. cloud workload protection platforms

B. cloud security protocols

C. aws

D. one drive

Correct : A. cloud workload protection platforms

97. Compromising confidential information comes under _________

A. bug

B. threat

C. vulnerability

D. attack

Correct : B. threat

98. An attempt to harm, damage or cause threat to a system or network is broadly termed as ______

A. cyber-crime

B. cyber attack

C. system hijacking

D. digital crime

Correct : B. cyber attack

99. The CIA triad is often represented by which of the following?

A. triangle

B. diagonal

C. ellipse

D. circle

Correct : A. triangle

100. Related to information security, confidentiality is the opposite of which of the following?

A. closure

B. disclosure

C. disaster

D. disposal

Correct : B. disclosure

Quiznetik

Information Cyber Security (ICS) | Set 1

1. In the _______ mode, IPSec protects the whole IP packet, including the original IP header.

2. An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL

3. What port does Telnet use?

4. A digital Signature is

5. A ___________ is an extension of an enterprise’s private intranet across a public network such as the internet, creating a secure private connection.

6. ______uses the idea of certificate trust levels

7. A digital signature needs a

8. Pretty good privacy (PGP) is used in ______

9. What is necessary for a cross-site script attack with cookies to be thwarted

10. The _______ mode is normally used when we need host-to-host (end-to-end) protection of data.

11. For each _______ the Kerberos Key Distribution Center (KDC) maintains a database of the realm’s principal and the principal’s associated “secret keys”.

12. The basic Web Services platform is combination of _____ and _______

13. For a client-server authentication, the client requests from the KDC a ________ for access to a specific asset.

14. What is one advantage of setting up a DMZ with two firewalls?

15. What are the two primary classifications of cross-site scripting?

16. Imagine a social networking web app (like Twitter) that allows users to post short blurbs of text.

17. Why would a hacker use a proxy server?

18. IPSec is designed to provide security at the _________

19. Which component is included in IP security?

20. What is Firewall?

21. SSL stands for?

22. What is the most important activity in system hacking?

23. Why would HTTP Tunneling be used?

24. The domain name space (tree) is devided into---------different sections

25. The _____domains define registered hosts according to their generic behaviour.

26. DNS can use services of________using the well known port 53

27. In the DNS the names are defined in _____ sturucture

28. The root of DNS tree is____

29. A full domain name is sequence of lables seperated by____

30. When discussing IDS/IPS, what is a signature?

31. Which is true of a signature-based IDS?

32. A false positive can be defined as:

33. The features of traditional IPSes are found in all of these modern systems, except:

34. How does machine learning benefit IDSes/IPSes?

35. A valid definition of digital evidence is:

36. What are the three general categories of computer systems that can contain digital evidence?

37. In terms of digital evidence, the Internet is an example of:

38. Cybertrails are advantageous because:

39. Personal computers and networks are often a valuable source of evidence. Those involved with _______ should be comfortable with this technology.

40. Computers can play the following roles in a crime:

41. The following specializations exist in digital investigations:

42. The process of documenting the seizure of digital evidence and, in particular, when that evidence changes hands, is known as:

43. When assessing the reliability of digital evidence, the investigator is concerned with whether the computer that generated the evidence was functioning normally, and:

44. The fact that with modern technology, a photocopy of a document has become acceptable in place of the original is known as:

45. An investigation can be hindered by the following:

46. Forensic analysis involves the following:

47. The first step in applying the scientific method to a digital investigation is to:

48. The process model whose goal is to completely describe the flow of information in a digital investigation is known as:

49. The crime scene preservation process includes all but which of the following:

50. Investigative reconstruction is composed of three different forms. Which of the following is NOT one of those three forms?

51. In crimes against individuals the ______ period leading up to the crime often contains the most important clues regarding the relationship between the offender and the victim.

52. The type of report that is a preliminary summary of findings is known as:

53. Creating a histogram of times to reveal periods of high activity is an example of which form of investigative reconstruction?

54. Investigators should not rely on one piece of digital evidence when examining an alibi – they should look for an associated _______.

55. It is quite difficult to fabricate an alibi on a network successfully because:

56. Types of digital evidence that might corroborate an alibi include:

57. To demonstrate that someone is lying about an alibi, it is necessary to:

58. In confirming an alibi involving an obscure piece of equipment, if no documentation is available, the manufacturer is no longer in business, or the equipment/network is so complicated that nobody fully understands how it works, you should:

59. Absence of evidence refutes an alibi.

60. An implication from studies indicating that many stalkers had prior acquaintance with their victims is that:

61. When a cyberstalking case is stalled, it is a good idea to interview the victim again, because:

62. That part of cyberstalking where the offender is using the Internet to find a victim is known as:

63. The _____________ documentation specifies who handled the evidence, when, where, and for what purpose.

64. When you have developed a theory, what can you do to confirm that your hypothesis is correct?

65. Of particular significance in the scientific method is the weight attached to finding evidence which supports a particular hypothesis

66. When reconstructing evidence surrounding a violent crime, it is generally helpful to:

67. Computers and mobile devices are treated as _________ crime scenes in violent crime investigations.

68. Given the scope and consequences of violent crimes, it is advisable to seek out and preserve all available digital evidence.

69. In the course of conducting forensic analysis, which of the following actions are carried out?

70. Security Measures Needed to protect ________ during their transmission

71. __________ means knowledge obtained from investigation, study , intelligence new ,facts .

72. Prevention of the unauthorised used of Resources refers too?

73. Protection against Denial by one of these parties in a communication refers to?

74. Which One of them is Passive attack?

75. What is lying of IP address called as?

76. What is full form of DDoS?

77. A hacker guessing suggested password to a program is call as?

78. Symmetric key encryption is also called as?

2. An HTTP connection uses port _ whereas HTTPS uses port ____ and invokes SSL

12. The basic Web Services platform is combination of _ and ___