Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Information Security Final Exam: Questions and Answers, Exams of Information Technology

A collection of questions and answers related to information security, covering topics such as cryptography, access control, and network security. It offers a basic understanding of key concepts and principles in the field, but lacks in-depth analysis and real-world applications.

Typology: Exams

2024/2025

Available from 03/12/2025

Tutornurse
Tutornurse 🇺🇸

3.5

(2)

3.4K documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
INFORMATION SECURITY FINAL EXAM
WITH CORRECT ACTUAL QUESTIONS AND
CORRECTLY WELL DEFINED ANSWERS
LATEST 2025 ALREADY GRADED A+
integrity - ANSWERS-Only the authorized people can modify the contents of
information/data:
Cryptography - ANSWERS-Which technique can be used to ensure confidentiality?
Hash Functions - ANSWERS-Which function ensure the integrity?
inside hacking - ANSWERS-The biggest threat of the User domain is:
People (users) - ANSWERS-The weakest link in IT industry is
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download Information Security Final Exam: Questions and Answers and more Exams Information Technology in PDF only on Docsity!

INFORMATION SECURITY FINAL EXAM

WITH CORRECT ACTUAL QUESTIONS AND

CORRECTLY WELL DEFINED ANSWERS

LATEST 2025 ALREADY GRADED A+

integrity - ANSWERS-Only the authorized people can modify the contents ofinformation/data:

Cryptography - ANSWERS-Which technique can be used to ensure confidentiality? Hash Functions - ANSWERS-Which function ensure the integrity? inside hacking - ANSWERS-The biggest threat of the User domain is: People (users) - ANSWERS-The weakest link in IT industry is

False - ANSWERS-Hash functions is extremely easy to reverse. True or false Fixed and same - ANSWERS-Regardless the length of the password, the hashfunctions always creates ______ size of hash

SAM File - ANSWERS-The password file stored on windows computer is termed as: True - ANSWERS-Search space is the all possible passwords. True or false True - ANSWERS-If we increase the length of the password, the size of the searchspace becomes longer. True or false

Authorization - ANSWERS-After the succesful authentication, the authenticationnext step is:

username and password - ANSWERS-In authorization factors, something youknow is:

keystroke dynamics - ANSWERS-In authentication factor, what do you do: wireshark - ANSWERS-For sniffing of the credentials, the best software is:

Passive - ANSWERS-_____ tokens store the credentials permanently in ROM & thecredentials are static

Hash Value - ANSWERS-Usually, the response of the challenge (send byAuthentication system) is _____ calculated with Base Secret

Track the failed password attempts - ANSWERS-To avoid strong risks, whichshould be the best technique to detect the guessing attack:

Access Control System - ANSWERS-Grants or denies the access to specificequipment and resources?

Logical - ANSWERS-_____access control control the access of computer, networksand computational systems.

Security Kernel - ANSWERS-_____is a security system that enforced access controlfor computational systems

True - ANSWERS-Security Kernel is usually a centralized system. True or false Subjects - ANSWERS-In Access control systems, the users are known as: Single sign on (SSO) - ANSWERS-Which access control is more suitable in Multivendor environment:

Discretionary Access Control (DAC) - ANSWERS-Which is the least restrictedaccess control model:

Mandatory Access Control (MAC) - ANSWERS-Which is the most restricted accesscontrol model:

Rule Based Access Control (RBAC) - ANSWERS-Which is the best method fordynamic organizations, where rules can be assigned to objects.

Separation of Duties - ANSWERS-Split the critical tasks between two or morepeople, so none of them knows the overall system

Group Policy - ANSWERS-Which particular access control and managementtechnique is developed by Microsoft inc. and comes with windows:

Dormant - ANSWERS-Accounts that has not been accessed for long time Authentication, Authorization, Accounting - ANSWERS-AAA servers are mandatorypart of the organizations, where AAA stands for:

RADIUS - ANSWERS-Which of the filling formal authentication system invented in1992 and became the telecom industrial standard authentication model:

Cryptanalysis - ANSWERS-Breaking of secret codes are known as: Stenography - ANSWERS-The process of concealing a file/image within anotherfile or image is:

Enigma - ANSWERS-In World War I, the German forces took the advantage of____, an automatic cipher machine.

Non-repudiation - ANSWERS-By incorporating________, the users cannot disowntheir actions.

true - ANSWERS-Encrypted text is also known as Cipher text. true or false false - ANSWERS-In Symmetric key encryption, the sender and the receiver usedifferent keys.

true or false false - ANSWERS-Hash functions are exclusively designed for encryption. true or false

111 - ANSWERS-If key=111 and plain text=000 then using XOR gate what will bethe cipher

0000 - ANSWERS-Which of the followings is the weakest key example: DES - ANSWERS-Which of the following symmetric encryption algorithm was thejoint venture of DoD and IBM?

56 - ANSWERS-DES uses the ____bit key size to encrypt 64-bit of the data. AES - ANSWERS-Which of the following algorithms is currently the US FederalGov. Standard?

fasle - ANSWERS-Bitlocker is the encryption feature of MAC OS, that can encryptthe whole hard drive

true or false OTP - ANSWERS-Which of the following key stream mechanism is theoreticallyimpossible to crack.

3 times - ANSWERS-To erase a plain text file, how many times overwriting isrecommended:

true - ANSWERS-RSA uses the two Prime numbers to calculate Public and Privatekeys

true or false Non-repudiation - ANSWERS-Digital signatures are often used to provide: true - ANSWERS-In DVD players, to unwrap the Disk key, the DVD player uses"Player Key".

true or false false - ANSWERS-A digital signature uses symmetric keys to sign or verify digitaldata.

true or false false - ANSWERS-The shorter the encryption key, the more difficult it is to crack. true or false Salt (Nonce) - ANSWERS-To avoid the static behavior, the _____can be addedbefore computing the Hash value of the message.

Disk Key - ANSWERS-In DVD players, the title key can be unwrapped using _____ Public - ANSWERS-In RSA key wrapping (hybrid scheme), the sender uses the ____key of the receiver to wrap the secret key (through which data has been encrypted) true - ANSWERS-In RSA usually, Public keys are much longer than secret keys toachieve optimal security

true or false false - ANSWERS-The encryption protects data from unauthorized change andprotects the data integrity.

true or false false - ANSWERS-To protect the data, the best solution is check sum. true or false false - ANSWERS-To verify the digital signature, the receiver uses his/her privatekey.

true - ANSWERS-Bluejacking is considered more annoying than harmful. true or false Blue Snarfing - ANSWERS-In _____, the attacker accesses the internal datawithout the owner's knowledge with just establishing the bluetooth connection.

rogue access point - ANSWERS-An unauthorized access point that allows anattacker to bypass the network security configurations.

war driving - ANSWERS-When the Attackers search for open wifi networks bydriving down the streets, the process is known as:

true - ANSWERS-Once all the legitimate devices have connected the sending outthe SSID becomes unnecessary.

true or false WPA - ANSWERS-Which security algorithm was reported to be vulnerable withinfew months of its invention.

WPA2 - ANSWERS-Which WLAN security algorithm is more robust than others:

true - ANSWERS-By using Wireless Probes, one can detect the rogue wifi. true or false Site surveys and audits - ANSWERS-______is the best solution to find out the eviltwin.

false - ANSWERS-Web application security is much easier than protecting theother network systems.

true or false HTTP - ANSWERS-The traditional network security devices don't filter_____packets.

true - ANSWERS-The XSS attack is more susceptible to blogging websites. true or false Malicious script - ANSWERS-In XSS, the attacker posts comment which has aunderlying______ that may run itself to steal data

true - ANSWERS-In 2013, Adobe systems were hacked, but fortunately hackersgot encrypted financial details

true or false risk - ANSWERS-Likelihood of something bad can happen: Confidentiality, Integrity, Availability - ANSWERS-CIA stands for: CISO - ANSWERS-Usually the top most position in information securitydepartment is:

Security Technician - ANSWERS-Who performs day to day security tasks and hasnothing to do with project supervision:

Authentication - ANSWERS-In_______ the system ensures whether the individualis who, he/she claims to be not an impostor.

reconnaissance - ANSWERS-Collection of information about the target such as: IPaddress, vulnerability etc. is known as

IoTs - ANSWERS-System of interrelated devices provided with unique ID andability to transfer data without human intervention is known as:

cloud - ANSWERS-The network of servers hosted over internet is: physical security - ANSWERS-Which is the biggest problem of IoTs? VPN - ANSWERS-The mobile apps somehow work like _____ client Software. Data Analytics - ANSWERS-The process of inspecting, cleaning and modeling datato discover useful information form the bulk data is:

Security and Privacy - ANSWERS-The biggest risk with BYOD policy: Mobile Node - ANSWERS-The device which moves from one network to anotheris:

Care of Address (CoA) - ANSWERS-IP address issued by Foreign Agent (FA) isKnown as:

(Note: Please select the best matching answer)

false - ANSWERS-The piggyback entry wiretapping is passive type of wiretapping true or false cookies - ANSWERS-Small text file, which are created by the web sites, allowed byuser's web browsers and stored on local computer:

espionage - ANSWERS-Which threat is related to disclosure: SYN Flood - ANSWERS-Ghost IP address can be used to launch DoS attack, whichtype of DoS attack uses the Ghost IPs

Session Hijacking - ANSWERS-Attacker steals the session token to take control ofthe session this attack is known as:

Pharming - ANSWERS-The attacker redirects the user to crafted (fraudulent)website to get confidential data:

Appender - ANSWERS-Which virus infection method is easily detectable by anti-viruses?

Swiss cheese - ANSWERS-In which method of virus infection, virus code isencrypted?

installation of anti-virus - ANSWERS-Malware does everything expect: fale - ANSWERS-Virus can transport itself automatically without any humanintervention:

true or false rootkits - ANSWERS-______facilitates the existing viruses and hides them frombeing detected.

buffer overflow - ANSWERS-_______ attack is the modification of Return addresspointer of CPU & RAM.

XML injection - ANSWERS-_______injecting tags to web server to accessunauthorized directories.

True - ANSWERS-Worm can replicate itself without any human intervention. true or false