












Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A collection of questions and answers related to information security, covering topics such as cryptography, access control, and network security. It offers a basic understanding of key concepts and principles in the field, but lacks in-depth analysis and real-world applications.
Typology: Exams
1 / 20
This page cannot be seen from the preview
Don't miss anything!
integrity - ANSWERS-Only the authorized people can modify the contents ofinformation/data:
Cryptography - ANSWERS-Which technique can be used to ensure confidentiality? Hash Functions - ANSWERS-Which function ensure the integrity? inside hacking - ANSWERS-The biggest threat of the User domain is: People (users) - ANSWERS-The weakest link in IT industry is
False - ANSWERS-Hash functions is extremely easy to reverse. True or false Fixed and same - ANSWERS-Regardless the length of the password, the hashfunctions always creates ______ size of hash
SAM File - ANSWERS-The password file stored on windows computer is termed as: True - ANSWERS-Search space is the all possible passwords. True or false True - ANSWERS-If we increase the length of the password, the size of the searchspace becomes longer. True or false
Authorization - ANSWERS-After the succesful authentication, the authenticationnext step is:
username and password - ANSWERS-In authorization factors, something youknow is:
keystroke dynamics - ANSWERS-In authentication factor, what do you do: wireshark - ANSWERS-For sniffing of the credentials, the best software is:
Passive - ANSWERS-_____ tokens store the credentials permanently in ROM & thecredentials are static
Hash Value - ANSWERS-Usually, the response of the challenge (send byAuthentication system) is _____ calculated with Base Secret
Track the failed password attempts - ANSWERS-To avoid strong risks, whichshould be the best technique to detect the guessing attack:
Access Control System - ANSWERS-Grants or denies the access to specificequipment and resources?
Logical - ANSWERS-_____access control control the access of computer, networksand computational systems.
Security Kernel - ANSWERS-_____is a security system that enforced access controlfor computational systems
True - ANSWERS-Security Kernel is usually a centralized system. True or false Subjects - ANSWERS-In Access control systems, the users are known as: Single sign on (SSO) - ANSWERS-Which access control is more suitable in Multivendor environment:
Discretionary Access Control (DAC) - ANSWERS-Which is the least restrictedaccess control model:
Mandatory Access Control (MAC) - ANSWERS-Which is the most restricted accesscontrol model:
Rule Based Access Control (RBAC) - ANSWERS-Which is the best method fordynamic organizations, where rules can be assigned to objects.
Separation of Duties - ANSWERS-Split the critical tasks between two or morepeople, so none of them knows the overall system
Group Policy - ANSWERS-Which particular access control and managementtechnique is developed by Microsoft inc. and comes with windows:
Dormant - ANSWERS-Accounts that has not been accessed for long time Authentication, Authorization, Accounting - ANSWERS-AAA servers are mandatorypart of the organizations, where AAA stands for:
RADIUS - ANSWERS-Which of the filling formal authentication system invented in1992 and became the telecom industrial standard authentication model:
Cryptanalysis - ANSWERS-Breaking of secret codes are known as: Stenography - ANSWERS-The process of concealing a file/image within anotherfile or image is:
Enigma - ANSWERS-In World War I, the German forces took the advantage of____, an automatic cipher machine.
Non-repudiation - ANSWERS-By incorporating________, the users cannot disowntheir actions.
true - ANSWERS-Encrypted text is also known as Cipher text. true or false false - ANSWERS-In Symmetric key encryption, the sender and the receiver usedifferent keys.
true or false false - ANSWERS-Hash functions are exclusively designed for encryption. true or false
111 - ANSWERS-If key=111 and plain text=000 then using XOR gate what will bethe cipher
0000 - ANSWERS-Which of the followings is the weakest key example: DES - ANSWERS-Which of the following symmetric encryption algorithm was thejoint venture of DoD and IBM?
56 - ANSWERS-DES uses the ____bit key size to encrypt 64-bit of the data. AES - ANSWERS-Which of the following algorithms is currently the US FederalGov. Standard?
fasle - ANSWERS-Bitlocker is the encryption feature of MAC OS, that can encryptthe whole hard drive
true or false OTP - ANSWERS-Which of the following key stream mechanism is theoreticallyimpossible to crack.
3 times - ANSWERS-To erase a plain text file, how many times overwriting isrecommended:
true - ANSWERS-RSA uses the two Prime numbers to calculate Public and Privatekeys
true or false Non-repudiation - ANSWERS-Digital signatures are often used to provide: true - ANSWERS-In DVD players, to unwrap the Disk key, the DVD player uses"Player Key".
true or false false - ANSWERS-A digital signature uses symmetric keys to sign or verify digitaldata.
true or false false - ANSWERS-The shorter the encryption key, the more difficult it is to crack. true or false Salt (Nonce) - ANSWERS-To avoid the static behavior, the _____can be addedbefore computing the Hash value of the message.
Disk Key - ANSWERS-In DVD players, the title key can be unwrapped using _____ Public - ANSWERS-In RSA key wrapping (hybrid scheme), the sender uses the ____key of the receiver to wrap the secret key (through which data has been encrypted) true - ANSWERS-In RSA usually, Public keys are much longer than secret keys toachieve optimal security
true or false false - ANSWERS-The encryption protects data from unauthorized change andprotects the data integrity.
true or false false - ANSWERS-To protect the data, the best solution is check sum. true or false false - ANSWERS-To verify the digital signature, the receiver uses his/her privatekey.
true - ANSWERS-Bluejacking is considered more annoying than harmful. true or false Blue Snarfing - ANSWERS-In _____, the attacker accesses the internal datawithout the owner's knowledge with just establishing the bluetooth connection.
rogue access point - ANSWERS-An unauthorized access point that allows anattacker to bypass the network security configurations.
war driving - ANSWERS-When the Attackers search for open wifi networks bydriving down the streets, the process is known as:
true - ANSWERS-Once all the legitimate devices have connected the sending outthe SSID becomes unnecessary.
true or false WPA - ANSWERS-Which security algorithm was reported to be vulnerable withinfew months of its invention.
WPA2 - ANSWERS-Which WLAN security algorithm is more robust than others:
true - ANSWERS-By using Wireless Probes, one can detect the rogue wifi. true or false Site surveys and audits - ANSWERS-______is the best solution to find out the eviltwin.
false - ANSWERS-Web application security is much easier than protecting theother network systems.
true or false HTTP - ANSWERS-The traditional network security devices don't filter_____packets.
true - ANSWERS-The XSS attack is more susceptible to blogging websites. true or false Malicious script - ANSWERS-In XSS, the attacker posts comment which has aunderlying______ that may run itself to steal data
true - ANSWERS-In 2013, Adobe systems were hacked, but fortunately hackersgot encrypted financial details
true or false risk - ANSWERS-Likelihood of something bad can happen: Confidentiality, Integrity, Availability - ANSWERS-CIA stands for: CISO - ANSWERS-Usually the top most position in information securitydepartment is:
Security Technician - ANSWERS-Who performs day to day security tasks and hasnothing to do with project supervision:
Authentication - ANSWERS-In_______ the system ensures whether the individualis who, he/she claims to be not an impostor.
reconnaissance - ANSWERS-Collection of information about the target such as: IPaddress, vulnerability etc. is known as
IoTs - ANSWERS-System of interrelated devices provided with unique ID andability to transfer data without human intervention is known as:
cloud - ANSWERS-The network of servers hosted over internet is: physical security - ANSWERS-Which is the biggest problem of IoTs? VPN - ANSWERS-The mobile apps somehow work like _____ client Software. Data Analytics - ANSWERS-The process of inspecting, cleaning and modeling datato discover useful information form the bulk data is:
Security and Privacy - ANSWERS-The biggest risk with BYOD policy: Mobile Node - ANSWERS-The device which moves from one network to anotheris:
Care of Address (CoA) - ANSWERS-IP address issued by Foreign Agent (FA) isKnown as:
(Note: Please select the best matching answer)
false - ANSWERS-The piggyback entry wiretapping is passive type of wiretapping true or false cookies - ANSWERS-Small text file, which are created by the web sites, allowed byuser's web browsers and stored on local computer:
espionage - ANSWERS-Which threat is related to disclosure: SYN Flood - ANSWERS-Ghost IP address can be used to launch DoS attack, whichtype of DoS attack uses the Ghost IPs
Session Hijacking - ANSWERS-Attacker steals the session token to take control ofthe session this attack is known as:
Pharming - ANSWERS-The attacker redirects the user to crafted (fraudulent)website to get confidential data:
Appender - ANSWERS-Which virus infection method is easily detectable by anti-viruses?
Swiss cheese - ANSWERS-In which method of virus infection, virus code isencrypted?
installation of anti-virus - ANSWERS-Malware does everything expect: fale - ANSWERS-Virus can transport itself automatically without any humanintervention:
true or false rootkits - ANSWERS-______facilitates the existing viruses and hides them frombeing detected.
buffer overflow - ANSWERS-_______ attack is the modification of Return addresspointer of CPU & RAM.
XML injection - ANSWERS-_______injecting tags to web server to accessunauthorized directories.
True - ANSWERS-Worm can replicate itself without any human intervention. true or false