1. A __________ is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers.
a) stack
b) queue
c) external storage
d) buffer
Answer: d
Explanation: A buffer is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers. The buffer can handle data only if limited data is inserted.

2. In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
a) Phishing
b) MiTM
c) Buffer-overflow
d) Clickjacking
Answer: c
Explanation: In a buffer-overflow attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.

3. How many types of buffer-overflow attack are there?
a) 4
b) 2
c) 5
d) 3
Answer: b
Explanation: There are two different types of buffer-overflow attack. These are stack-based and heap-based buffer overflow. In both the cases, this type of exploit takes advantage of an application that waits for user’s input.

4. Let suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________
a) buffer
b) external storage
c) processing power
d) local storage
Answer: a
Explanation: In a scenario, where to suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually, this is because of the limited buffer.

5. ______________ is a widespread app’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
a) Memory leakage
b) Buffer-overrun
c) Less processing power
d) Inefficient programming
Answer: b
Explanation: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.

6. Buffer-overflow is also known as ______________
a) buffer-overrun
b) buffer-leak
c) memory leakage
d) data overflow
Answer: a
Explanation: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by app developers which could be exploited by an attacker for gaining access or malfunctioning your system.

7. Buffer-overflow may remain as a bug in apps if __________ are not done fully.
a) boundary hacks
b) memory checks
c) boundary checks
d) buffer checks
Answer: c
Explanation: Buffer-overflow may remain as a bug in apps if boundary checks are not done fully by developers or are skipped by the QA (Quality Assurance) testers of the software development team.

8. Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.
a) C, Ruby
b) Python, Ruby
c) C, C++
d) Tcl, C#
Answer: c
Explanation: Applications developed by programming languages like C and C++ have this common buffer-overflow error. The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data.

9. Why apps developed in languages like C, C++ is prone to Buffer-overflow?
a) No string boundary checks in predefined functions
b) No storage check in the external memory
c) No processing power check
d) No database check
Answer: a
Explanation: The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data fetched from some other variable holding larger data.

10. Old operating systems like _______ and NT-based systems have buffer-overflow attack a common vulnerability.
a) Windows 7
b) Chrome
c) IOS12
d) UNIX
Answer: d
Explanation: Old operating systems like UNIX and NT-based systems have buffer-overflow attack a common vulnerability. This is because they were developed in old programming languages.

11. SQL injection is an attack in which _________ code is inserted into strings that are later passed to an instance of SQL Server.
a) malicious
b) redundant
c) clean
d) non malicious
Answer: a
Explanation: SQL injection is a code injection technique, used to attack data-driven applications.

12. Point out the correct statement.
a) Parameterized data cannot be manipulated by a skilled and determined attacker
b) Procedure that constructs SQL statements should be reviewed for injection vulnerabilities
c) The primary form of SQL injection consists of indirect insertion of code
d) None of the mentioned
Answer: b
Explanation: Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives.

13. Which of the following script is example of SQL injection attack?
a)
var Shipcity;

ShipCity = Request.form ("ShipCity");
var SQL = "select * from OrdersTable where ShipCity = '" + ShipCity + "'";

b)
var Shipcity;

ShipCity = Request.form ("ShipCity");

c)
var Shipcity;

var SQL = "select * from OrdersTable where ShipCity = '" + ShipCity + "'";

d) All of the mentioned
Answer: a
Explanation: The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user.

14. Any user-controlled parameter that gets processed by the application includes vulnerabilities like ___________
a) Host-related information
b) Browser-related information
c) Application parameters included as part of the body of a POST request
d) All of the mentioned
Answer: d
Explanation: SQL-injection exploit requires two things: an entry point and an exploit to enter.

15. Point out the wrong statement.
a) SQL injection vulnerabilities occur whenever input is used in the construction of an SQL query without being adequately constrained or sanitized
b) SQL injection allows an attacker to access the SQL servers and execute SQL code under the privileges of the user used to connect to the database
c) The use of PL-SQL opens the door to these vulnerabilities
d) None of the mentioned
Answer: c
Explanation: Dynamic SQL (the construction of SQL queries by concatenation of strings) opens the door to many vulnerabilities.

16. Which of the stored procedure is used to test the SQL injection attack?
a) xp_write
b) xp_regwrite
c) xp_reg
d) all of the mentioned
Answer: b
Explanation: xp_regwrite writes an arbitrary value into the Registry (undocumented extended procedure).

17. If xp_cmdshell has been disabled with sp_dropextendedproc, we can simply inject the following code?
a) sp_addextendedproc ‘xp_cmdshell’,’xp_log70.dll’
b) sp_addproc ‘xp_cmdshell’,’xp_log70.dll’
c) sp_addextendedproc ‘xp_cmdshell’,’log70.dll’
d) none of the mentioned
Answer: a
Explanation: Security best practices for SQL Server recommends disabling xp_cmdshell in SQL Server 2000 (in SQL Server 2005 it is disabled by default). However, if we have sysadmin rights (natively or by bruteforcing the sysadmin password, see below), we can often bypass this limitation.

18. Which of the following code can enable xp_cmdshell?
a)
master..sp_configure ‘show advanced options’,1

reconfigure
master..sp_configure 'xp_cmdshell',1
reconfigure

b)
master..sp_configure ‘show advanced options’,1

configure
master..sp_configure 'xp_cmdshell',1
configure

c)
master..sp_reconfigure ‘show advanced options’,1

reconfigure
master..sp_reconfigure 'xp_cmdshell',1
reconfigure

d) All of the mentioned
Answer: a
Explanation: By default xp_cmdshell and couple of other potentially dangerous stored procedures are disabled in SQL Server 2005.

19. Which of the following script is an example of Quick detection in the SQL injection attack?
a) SELECT loginame FROM master..sysprocesses WHERE spid = @@SPID
b) For integer inputs : convert(int,@@version)
c) IF condition true-part ELSE false-part (S)
d) SELECT header, txt FROM news UNION ALL SELECT name, pass FROM members
Answer: b
Explanation: Quick detection attacks should throw conversion errors.

20. _______________ is time based SQL injection attack.
a) Quick detection
b) Initial Exploitation
c) Blind SQL Injection
d) Inline Comments
Answer: c
Explanation: Blind SQL Injection is just like sleep, wait for specified time.

21. There are _________ types of computer virus.
a) 5
b) 7
c) 10
d) 12
Answer: c
Explanation: There are a total of 10 types of virus. These are categorized based on their working and characteristics. These are System or Boot Sector Virus, Direct Action Virus, Resident Virus, Multipartite Virus, Polymorphic Virus, Overwrite Virus, Space-filler Virus, File infectors, Macro Virus, Rootkit virus.

22. Which of the following is not a type of virus?
a) Boot sector
b) Polymorphic
c) Multipartite
d) Trojans
Answer: d
Explanation: Types of viruses are System or Boot Sector Virus, Direct Action Virus, Resident Virus, Multipartite Virus, Polymorphic Virus, Overwrite Virus, Space-filler Virus, File infectors, Macro Virus, Rootkit virus. Trojan does not come under types of virus.

23. A computer ________ is a malicious code which self-replicates by copying itself to other programs.
a) program
b) virus
c) application
d) worm
Answer: b
Explanation: A computer virus is a malicious code which self-replicates by copying itself to other programs. The computer virus gets spread by itself into other executable code or documents. The intention of creating a virus is to infect vulnerable systems.

24. Which of them is not an ideal way of spreading the virus?
a) Infected website
b) Emails
c) Official Antivirus CDs
d) USBs
Answer: c
Explanation: The ideal means of spreading computer virus are through emails, USB drives that are used portable and injected and ejected in different systems as well as from infected websites. Antivirus selling vendors do not place a virus in their CDs and DVDs.

25. In which year Apple II virus came into existence?
a) 1979
b) 1980
c) 1981
d) 1982
Answer: c
Explanation: In mid-1981, the 1^st virus for Apple computers with the name Apple II came into existence. It was also called Elk Cloner, which resided in the boot sectors of a 3.3 floppy disk.

26. In mid-1981, the 1^st virus for Apple computers with the name _________ came into existence.
a) Apple I
b) Apple II
c) Apple III
d) Apple Virus
Answer: b
Explanation: In mid-1981, the 1^st virus for Apple computers with the name Apple II came into existence. It was also called Elk Cloner, which resided in the boot sectors of a 3.3 floppy disk.

27. The virus hides itself from getting detected by ______ different ways.
a) 2
b) 3
c) 4
d) 5
Answer: b
Explanation: The virus hides itself from getting detected in three different ways. These are by encrypting itself, by altering the disk directory with additional virus bytes or it uses stealth algorithm to redirect disk data.

28. _______________ infects the master boot record and it is challenging and a complex task to remove this virus.
a) Boot Sector Virus
b) Polymorphic
c) Multipartite
d) Trojans
Answer: a
Explanation: Boot Sector Virus infects the master boot record & it is a challenging & a complex task to remove such virus. Mostly such virus spreads through removable devices.

29. ________________ gets installed & stays hidden in your computer’s memory. It stays involved to the specific type of files which it infects.
a) Boot Sector Virus
b) Direct Action Virus
c) Polymorphic Virus
d) Multipartite Virus
Answer: b
Explanation: Direct Action Virus gets installed & stays hidden in your computer’s memory. Such type of virus stays involved to the specific type of files which it infects.

30. Direct Action Virus is also known as ___________
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus
Answer: a
Explanation: Direct Action Virus is also known as a non-resident virus which gets installed & stays hidden in your computer’s memory. Such type of virus stays involved to the specific type of files which it infects.

31. ______________ infects the executables as well as the boot sectors.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus
Answer: d
Explanation: Multipartite Virus infects the executables as well as the boot sectors. It infects the computer or get into any system through multiple mediums and are hard to remove.

32. ______________ are difficult to identify as they keep on changing their type and signature.
a) Non-resident virus
b) Boot Sector Virus
c) Polymorphic Virus
d) Multipartite Virus
Answer: c
Explanation: Polymorphic Virus is difficult to identify as they keep on changing their type and signature. They’re not easily detectable by traditional antivirus. It usually changes the signature pattern whenever it replicates itself.

33. ____________ deletes all the files that it infects.
a) Non-resident virus
b) Overwrite Virus
c) Polymorphic Virus
d) Multipartite Virus
Answer: b
Explanation: Overwrite virus deletes all files that it infects. It can be removed by only deleting those infected files. Mostly, it gets spread via emails.

34. _____________ is also known as cavity virus.
a) Non-resident virus
b) Overwrite Virus
c) Polymorphic Virus
d) Space-filler Virus
Answer: d
Explanation: Space-fillers are a special type of virus which usually does not cause any serious harm to the system except it fills up the empty space in memory and codes leading to wastage of memory.

35. Which of the below-mentioned reasons do not satisfy the reason why people create a computer virus?
a) Research purpose
b) Pranks
c) Identity theft
d) Protection
Answer: d
Explanation: Computer virus is not created for protection. Virus writers may have other reasons like for research purpose, pranks, vandalism, financial gain, identity theft, and some other malicious purposes.

36. A ___________ is a small malicious program that runs hidden on infected system.
a) Virus
b) Trojan
c) Shareware
d) Adware
Answer: b
Explanation: A Trojan is a small malicious program that runs hidden on the infected system. They are created with the intent and they infected the system by misleading the user. It works in the background and steals sensitive data.

37. ____________ works in background and steals sensitive data.
a) Virus
b) Shareware
c) Trojan
d) Adware
Answer: c
Explanation: Trojans are malicious files designed to work hidden on the infected system. They are intended to infect the system by misleading the user. It works in the background and steals sensitive information about the target user.

38. By gaining access to the Trojaned system the attacker can stage different types of attack using that ____________ program running in the background.
a) Trojan
b) Virus
c) Antivirus
d) Anti-malware
Answer: a
Explanation: By gaining access to the Trojaned system the attacker can stage different types of attack using that Trojan program running in the background when the infected user’s system goes online.

39. Trojan creators do not look for _______________
a) Credit card information
b) Confidential data
c) Important documents
d) Securing systems with such programs
Answer: d
Explanation: Trojan creators do not look for securing victim’s system with their programs, rather they create such trojans for stealing credit card and financial details as well as important documents and files.

40. Which of them is not a proper way of getting into the system?
a) IM
b) Attachments
c) Official product sites
d) Un-trusted sites, freeware and pirated software
Answer: c
Explanation: Official product sites such as Microsoft’s site giving the option for downloading their updates and OS won’t contain any Trojans. Other than that Trojans can access your system by email attachments, Instant Messaging apps, un-trusted sites & links.

41. Which of the following port is not used by Trojans?
a) UDP
b) TCP
c) SMTP
d) MP
Answer: d
Explanation: MP is not a valid port name and does not have any port number also. But usually, Trojans likeBack Orifice, Deep Throat use UDP port; Trojans like Netbus, Master Paradise uses TCP & SMTP port to gain access to a system.

42. Trojans do not do one of the following. What is that?
a) Deleting Data
b) Protecting Data
c) Modifying Data
d) Copying Data
Answer: b
Explanation: Trojans perform malicious actions and operations. These are to modify data, copy data to its creator, delete data from the infected system or blocking data by carrying ransomware or other malicious programs along with it.

43. Some Trojans carry ransomware with them to encrypt the data and ask for ransom.
a) True
b) False
Answer: a
Explanation: Trojans are usually created to carry out the following actions like: modify data, copy data to its creator, delete data from the infected system or blocking data by carrying ransomware embedded in it.

44. Once activated __________ can enable ____________to spy on the victim, steal their sensitive information & gain backdoor access to the system.
a) virus, cyber-criminals
b) malware, penetration testers
c) trojans, cyber-criminals
d) virus, penetration testers
Answer: c
Explanation: Once activated, trojans can enable cyber-criminals to spy on the victim, steal their sensitive information & gain backdoor access to the system.

45. Trojans can not ______________
a) steal data
b) self-replicate
c) steal financial information
d) steal login credentials
Answer: b
Explanation: A Trojan is a malicious program that runs hidden on the infected system. They are developed with the intent and they infected the system by misleading the user. It works behind the system and steals sensitive data but cannot self-replicate.

46. A _______________ provides malicious users remote control over the targeted computer.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader
Answer: b
Explanation: A Backdoor Trojan provides malicious users remote control over the targeted computer. These trojans enable the author to perform anything they desire on the infected system which includes sending, receiving, launching & deleting files.

47. _______________ programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader
Answer: c
Explanation: Trojan-Banker is programs are specially designed for stealing your account data for online banking systems, e-payment services & credit/debit cards. They work silently in the back of the system process to steal such data.

48. ______________ perform automated DoS (Denial of Service) attacks on a targeted web address.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader
Answer: a
Explanation: DDoS Trojan performs automated DoS (Denial of Service) attacks on a targeted web address. By sending multiple requests from your system, it can target different websites which can lead to a Denial of Service attack.

49. Trojan-Downloader is a special type of trojans which can download & install new versions of malicious programs.
a) True
b) False
Answer: a
Explanation: Trojan-Downloader is another type of trojans that can download & install new versions of malicious programs. They work secretly & keep on downloading other malicious programs when the system is online.

50. ____________ work in background & keeps on downloading other malicious programs when the system is online.
a) DDoS-Trojan
b) Backdoor Trojan
c) Trojan-Banker
d) Trojan-Downloader
Answer: d
Explanation: Trojan-Downloader is a special type of trojans that work secretly & keep on downloading other malicious programs when the system is online. They can also download & install new versions of malicious programs.

51. What is true regarding ‘Fence’?
a) Its a method to confine users to one side of a boundary
b) It can protect Operating system from one user
c) It cannot protect users from each other
d) All of the mentioned
Answer: d
Explanation: None.

52. What is not true regarding ‘Fence’?
a) It is implemented via hardware register
b) It doesn’t protect users from each other
c) It good to protect OS from abusive users
d) Its implementation is unrestricted and can take any amount of space in Operating system.
Answer: d
Explanation: None.

53. What is correct regarding ‘relocation’ w.r.t protecting memory?
a) It is a process of taking a program as if it began at address 0
b) It is a process of taking a program as if it began at address 0A
c) Fence cannot be used within relocation process
d) All of the mentioned
Answer: a
Explanation: None.

54. How can fence and relocation be used together?
a) To each program address, the contents of fence register are added
b) To contents of fence register is subtracted from actual address of program
c) To each program address, the contents of fence register are not added
d) None of the mentioned
Answer: a
Explanation: This both relocates the address and guarantees that no one can access a location lower than a fence address.

55. What is the basic need in protecting memory in multi-user environment?
a) We need two registers one ‘start’ and other ‘end’
b) We need a variable register
c) A fence register has to be used known as base register.
d) None of the mentioned
Answer: c
Explanation: None.

56. What is the role of base/bound registers?
a) They give starting address to a program
b) Program’s addresses are neatly confined to space between the base and the bound registers
c) They provide encrypted environment
d) This technique doesn’t protects a program’s address from modification by another user
Answer: b
Explanation: None.

57. What is all-or-nothing situation for sharing in memory?
a) Program makes all its data available to be accessed
b) It prohibits access to some
c) It creates rules who can access program memory
d) It separates program memory and data memory
Answer: a
Explanation: None.

58. How is disadvantage of all-or-nothing approach overcome?
a) Base/Bound
b) Relocation technique
c) Fence method
d) Tagged architecture
Answer: d
Explanation: None.

59. What is true regarding tagged architecture?
a) Every word of machine memory has one or more extra bits
b) Extra bits are used to do padding
c) Extra bits are not used to identify rights to that word
d) It is very compatible to code upgrades
Answer: a
Explanation: None.

60. What is best solution to have effect of unbounded number if base/bound registers?
a) Tagged architecture
b) Segmentation
c) Fence method
d) None of the mentioned
Answer: b
Explanation: None.

61. What is a major feature of segmentation?
a) Program is divided in data memory and program memory
b) Program is executed in segments
c) Program is divided into pieces having different access rights
d) It has effect of an unbounded architecture
Answer: c
Explanation: None.

62. What is the correct way the segmentation program address is stored?
a) name, offset
b) start, stop
c) access, rights
d) offset, rights
Answer: a
Explanation: OS can retrieve the real address via looking for the table then making a simple calculation: address of the name + offset.

63. What is the main objective of protection?
a) Ensure all objects are protected individually
b) Objects have different priority and thus different levels of protection
c) Ensure that each object is accessed correctly and only by allowed processes
d) None of the mentioned
Answer: c
Explanation: None.

64. What is the principle of least privilege?
a) Less privileges provide difficulty in executing admin tasks
b) Users can get temporary high privilege access
c) Users should be given just enough privileges to perform their tasks
d) None of the mentioned
Answer: c
Explanation: None.

65. What is the need of protection?
a) Prevent mischievous violation
b) Prevent and intentional
c) Ensure that each program component uses resources allotted to it only
d) All of the mentioned
Answer: d
Explanation: None.

66. Reliability of files can be increased by _____________
a) keeping the files safely in the memory
b) making a different partition for the files
c) by keeping them in external storage
d) by keeping duplicate copies of the file
Answer: d
Explanation: None.

67. Protection is only provided at the _____ level.
a) lower
b) central
c) higher
d) none of the mentioned
Answer: a
Explanation: None.

68. What is the main problem with access control lists?
a) their maintenance
b) their length
c) their permissions
d) all of the mentioned
Answer: b
Explanation: None.

69. Many systems recognize three classifications of users in connection with each file (to condense the access control list).
a) Owner
b) Group
c) Universe
d) All of the mentioned
Answer: d
Explanation: None.

70. All users in a group get _______ access to a file.
a) different
b) similar
c) same
d) none of the mentioned
Answer: b
Explanation: None.

71. Universe consists of _____________
a) all users that aren’t included in the group or owners
b) all users that are not owners
c) all users in the system
d) none of the mentioned
Answer: c
Explanation: None.

72. In UNIX, groups can be created and modified by?
a) superuser
b) any user
c) a programmer only
d) the people in the group only
Answer: a
Explanation: None.

73. To control access the three bits used in UNIX are represented by _____________
a) r
b) w
c) x
d) all of the mentioned
Answer: d
Explanation: None.

74. If each access to a file is controlled by a password, then what is the disadvantage?
a) user will need to remember a lot of passwords
b) it is not reliable
c) it is not efficient
d) all of the mentioned
Answer: a
Explanation: None.

75. What will happen in a multi level directory structure?
a) the same previous techniques will be used as in the other structures
b) a mechanism for directory protection will have to applied
c) the subdirectories do not need protection once the directory is protected
d) none of the mentioned
Answer: b
Explanation: None.

76. In UNIX, the directory protection is handled _________ to the file protection.
a) different
b) similar
c) it is not handled at all
d) none of the mentioned
Answer: b
Explanation: None.

77. Disks are segmented into one or more partitions, each containing a file system or ______
a) left ‘raw’
b) made into swap space
c) made into backup space
d) left ‘ripe’
Answer: a
Explanation: None.

78. In general how many key elements constitute the entire security structure?
a) 1
b) 2
c) 3
d) 4
Answer: d
Explanation: The 4 key elements that constitute the security are: confidentiality, integrity, authenticity & availability. Authenticity is not considered as one of the key elements in some other security models, but the popular CIA Triad eliminates this as authenticity at times comes under confidentiality & availability.

79. According to the CIA Triad, which of the below-mentioned element is not considered in the triad?
a) Confidentiality
b) Integrity
c) Authenticity
d) Availability
Answer: c

Explanation: According to the CIA triad the three components that a security need is the Confidentiality, Integrity, Availability (as in short read as CIA).

80. This is the model designed for guiding the policies of Information security within a company, firm or organization. What is “this” referred to here?
a) Confidentiality
b) Non-repudiation
c) CIA Triad
d) Authenticity
Answer: c
Explanation: Various security models were being developed till date. This is by far the most popular and widely used model which focuses on the information’s confidentiality, integrity as well as availability and how these key elements can be preserved for a better security in any organization.

81. CIA triad is also known as ________
a) NIC (Non-repudiation, Integrity, Confidentiality)
b) AIC (Availability, Integrity, Confidentiality)
c) AIN (Availability, Integrity, Non-repudiation)
d) AIC (Authenticity, Integrity, Confidentiality)
Answer: b
Explanation: This approach of naming it CIA Triad as AIC (Availability, Integrity, Confidentiality) Triad because people get confused about this acronym with the abbreviation and the secret agency name Central Intelligence Agency.

82. When you use the word _____ it means you are protecting your data from getting disclosed.
a) Confidentiality
b) Integrity
c) Authentication
d) Availability
Answer: a
Explanation: Confidentiality is what every individual prefer in terms of physical privacy as well as digital privacy. This term means our information needs to be protected from getting disclose to unauthorised parties, for which we use different security mechanisms like password protection, biometric security, OTPs (One Time Passwords) etc.

83. ______ means the protection of data from modification by unknown users.
a) Confidentiality
b) Integrity
c) Authentication
d) Non-repudiation
Answer: b
Explanation: A information only seems valuable if it is correct and do not get modified during its journey in the course of arrival. The element integrity makes sure that the data sent or generated from other end is correct and is not modified by any unauthorised party in between.

84. When integrity is lacking in a security system, _________ occurs.
a) Database hacking
b) Data deletion
c) Data tampering
d) Data leakage
Answer: c
Explanation: The term data tampering is used when integrity is compromised in any security model and checking its integrity later becomes costlier. Example: let suppose you sent $50 to an authorised person and in between a Man in the Middle (MiTM) attack takes place and the value has tampered to $500. This is how integrity is compromised.

85. _______ of information means, only authorised users are capable of accessing the information.
a) Confidentiality
b) Integrity
c) Non-repudiation
d) Availability
Answer: d
Explanation: Information seems useful only when right people (authorised users) access it after going through proper authenticity check. The key element availability ensures that only authorised users are able to access the information.

86. Why these 4 elements (confidentiality, integrity, authenticity & availability) are considered fundamental?
a) They help understanding hacking better
b) They are key elements to a security breach
c) They help understands security and its components better
d) They help to understand the cyber-crime better
Answer: c
Explanation: The four elements of security viz. confidentiality, integrity, authenticity & availability helps in better understanding the pillars of security and its different components.

87. This helps in identifying the origin of information and authentic user. This referred to here as __________
a) Confidentiality
b) Integrity
c) Authenticity
d) Availability
Answer: c
Explanation: The key element, authenticity helps in assuring the fact that the information is from the original source.

88. Data ___________ is used to ensure confidentiality.
a) Encryption
b) Locking
c) Deleting
d) Backup
Answer: a
Explanation: Data encryption is the method of converting plain text to cipher-text and only authorised users can decrypt the message back to plain text. This preserves the confidentiality of data.

89. Which of these is not a proper method of maintaining confidentiality?
a) Biometric verification
b) ID and password based verification
c) 2-factor authentication
d) switching off the phone
Answer: d
Explanation: Switching off the phone in the fear of preserving the confidentiality of data is not a proper solution for data confidentiality. Fingerprint detection, face recognition, password-based authentication, two-step verifications are some of these.

90. Data integrity gets compromised when _____ and _____ are taken control off.
a) Access control, file deletion
b) Network, file permission
c) Access control, file permission
d) Network, system
Answer: c
Explanation: The two key ingredients that need to be kept safe are: access control & file permission in order to preserve data integrity.

91. ______ is the latest technology that faces an extra challenge because of CIA paradigm.
a) Big data
b) Database systems
c) Cloud storages
d) Smart dust
Answer: a
Explanation: Big data has additional challenges that it has to face because of the tremendous volume of data that needs protection as well as other key elements of the CIA triad, which makes the entire process costly and time-consuming.

92. One common way to maintain data availability is __________
a) Data clustering
b) Data backup
c) Data recovery
d) Data Altering
Answer: b
Explanation: For preventing data from data-loss, or damage data backup can be done and stored in a different geographical location so that it can sustain its data from natural disasters & unpredictable events.

1. Which of the following is not an appropriate way of targeting a mobile phone for hacking?
a) Target mobile hardware vulnerabilities
b) Target apps’ vulnerabilities
c) Setup Keyloggers and spyware in smart-phones
d) Snatch the phone
Answer: d
Explanation: Snatching is not a type of hacking any smart-phone. Targeting the hardware and application level vulnerabilities and setting some keylogger or spyware in the target mobile can help get valuable info about the victim.

2. Which of the following is not an OS for mobile?
a) Palm
b) Windows
c) Mango
d) Android
Answer: c
Explanation: A mobile/smart-phone operating system is software which allows smart-phones, tablets, phablets & other devices to run apps & programs within it. Palm OS, Windows OS, and Android OS are some of the examples of Mobile OS.

3. Mobile Phone OS contains open APIs that may be _____________ attack.
a) useful for
b) vulnerable to
c) easy to
d) meant for
Answer: b
Explanation: Mobile phone operating systems contain open APIs that or may be vulnerable to different attacks. OS has a number of connectivity mechanisms through which attackers can spread malware.

4. ____________ gets propagated through networks and technologies like SMS, Bluetooth, wireless medium, USBs and infrared to affect mobile phones.
a) Worms
b) Antivirus
c) Malware
d) Multimedia files
Answer: c
Explanation: Malware gets propagated through networks and technologies like SMS, Bluetooth, wireless medium, USBs and infrared to affect mobile phones.

5. ____________ is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.
a) OS Security
b) Database security
c) Cloud security
d) Mobile security
Answer: d
Explanation: Mobile security is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.

6. Mobile security is also known as ____________
a) OS Security
b) Wireless security
c) Cloud security
d) Database security
Answer: b
Explanation: Mobile security also known as wireless security is the protection of smart-phones, phablets, tablets, and other portable tech-devices, & the networks to which they connect to, from threats & bugs.

7. DDoS in mobile systems wait for the owner of the _____________ to trigger the attack.
a) worms
b) virus
c) botnets
d) programs
Answer: c
Explanation: Botnets on compromised mobile devices wait for instructions from their owner. After getting the owner’s instruction it launches DDoS flood attack. This result in a failure in connecting calls or transmitting data.

8. Hackers cannot do which of the following after compromising your phone?
a) Steal your information
b) Rob your e-money
c) Shoulder surfing
d) Spying
Answer: c
Explanation: Shoulder surfing is done before compromising the mobile. So, hackers can steal your information; rob your e-money or do spying after compromising your smart-phone.

9. Hackers cannot do which of the following after compromising your phone?
a) Shoulder surfing
b) Accessing your voice mail
c) Steal your information
d) Use your app credentials
Answer: a
Explanation: Shoulder surfing is done before compromising the mobile. So, hackers can steal your information; accessing your voice mail or use your app credentials after compromising your smart-phone.

10. App permissions can cause trouble as some apps may secretly access your memory card or contact data.
a) True
b) False
Answer: a
Explanation: App permissions can cause trouble as some apps may secretly access your memory card or contact data. Almost all applications nowadays ask for such permission, so make sure you do a proper survey on these apps before allowing such access.

11. Activate _____________ when you’re required it to use, otherwise turn it off for security purpose.
a) Flash Light
b) App updates
c) Bluetooth
d) Rotation
Answer: c
Explanation: Activate Bluetooth when you’re required it to use, otherwise turn it off for security purpose. This is because; there are various tools and vulnerabilities that may gain access to your smart-phone using Bluetooth.

12. Try not to keep ________________ passwords, especially fingerprint for your smart-phone, because it can lead to physical hacking if you’re not aware or asleep.
a) Biometric
b) PIN-based
c) Alphanumeric
d) Short
Answer: a
Explanation: Try not to keep biometric passwords, especially fingerprint for your smart-phone containing very confidential data, because anyone can do physical hacking if you’re not aware or asleep.

13. Which of the following tool is used for Blackjacking?
a) BBAttacker
b) BBProxy
c) Blackburried
d) BBJacking
Answer: b
Explanation: BBProxy (installed on blackberry phones) is the name of the tool used to conduct blackjacking. What attackers do is they install BBProxy on user’s blackberry and once the tool is activated it opens a covert channel between the hacker and the compromised host.

14. BBProxy tool is used in which mobile OS?
a) Android
b) Symbian
c) Raspberry
d) Blackberry
Answer: d
Explanation: BBProxy (installed on blackberry phones) is the name of the tool used to conduct blackjacking. What attackers do is they install BBProxy on user’s blackberry and once the tool is activated it opens a covert channel between the hacker and the compromised host.

15. Which of the following is not a security issue for PDAs?
a) Password theft
b) Data theft
c) Reverse engineering
d) Wireless vulnerability
Answer: c
Explanation: Reverse engineering is not an issue of PDA (Personal Digital Assistant). Password theft, data theft, wireless vulnerability exploitation, data corruption using virus are some of them.

16. Which of the following is the world’s first cellular system to specify digital modulation and network level architecture?
a) GSM
b) AMPS
c) CDMA
d) IS-54
Answer: a
Explanation: GSM was the world’s first cellular system to specify digital modulation and level architectures and services. It is the world’s most popular 2G technology. It was developed to solve the fragmentation problems of the first cellular systems in Europe.

17. Previously in 1980s, GSM stands for ____________
a) Global system for mobile
b) Groupe special mobile
c) Global special mobile
d) Groupe system mobile
Answer: b
Explanation: In the mid-1980s GSM was called by the name Groupe special mobile. In 1992, GSM changed its name to Global System for Mobile Communication for marketing reasons.

18. Who sets the standards of GSM?
a) ITU
b) AT & T
c) ETSI
d) USDC
Answer: c
Explanation: The setting of standards for GSM is under the aegis of the European Technical Standards Institute (ETSI). GSM task was to specify a common mobile communication system for Europe in the 900 MHZ band.

19. Which of the following does not come under the teleservices of GSM?
a) Standard mobile telephony
b) Mobile originated traffic
c) Base originated traffic
d) Packet switched traffic
Answer: d
Explanation: GSM services follow ISDN guidelines and are classified as either teleservices or data services. Teleservices include standard mobile telephony and mobile originated or base originated traffic.

20. Which of the following comes under supplementary ISDN services?
a) Emergency calling
b) Packet switched protocols
c) Call diversion
d) Standard mobile telephony
Answer: c
Explanation: Supplementary ISDN services are digital in nature. They include call diversion, closed user groups, and caller identification, and are not available in analog mobile networks. Supplementary services also include short messaging service (SMS).

21. Which of the following memory device stores information such as subscriber’s identification number in GSM?
a) Register
b) Flip flop
c) SIM
d) SMS
Answer: c
Explanation: SIM (subscriber identity module) is a memory device that stores information such as the subscriber’s identification number, the networks and countries where the subscriber is entitled to service, privacy keys, and other user specific information.

22. Which of the following feature makes impossible to eavesdrop on GSM radio transmission?
a) SIM
b) On the air privacy
c) SMS
d) Packet switched traffic
Answer: b
Explanation: The on the air privacy feature of GSM makes impossible to eavesdrop on a GSM radio transmission. The privacy is made possible by encrypting the digital bit stream sent by a GSM transmitter, according to a specific secret cryptographic key that is known only to the cellular carrier.

23. Which of the following does not come under subsystem of GSM architecture?
a) BSS
b) NSS
c) OSS
d) Channel
Answer: d
Explanation: The GSM architecture consists of three major interconnected subsystems that interact between themselves and with the users through certain network interfaces. The subsystems are BSS (Base Station Subsystem), NSS (Network and Switching Subsystem) and OSS (Operation Support Subsystem).

24. Which of the following subsystem provides radio transmission between mobile station and MSC?
a) BSS
b) NSS
c) OSS
d) BSC
Answer: a
Explanation: The BSS provides and manages radio transmission paths between the mobile stations and the Mobile Switching Center (MSC). It also manages the radio interface between the mobile stations and all other subsystems of GSM.

25. ___________ manages the switching function in GSM.
a) BSS
b) NSS
c) OSS
d) MSC
Answer: b
Explanation: NSS (Network and Switching Subsystem) manages the switching functions of the system. It allows the MSCs to communicate with other networks such as PSTN and ISDN.

26. __________ supports the operation and maintenance of GSM.
a) BSS
b) NSS
c) OSS
d) MSC
Answer: c
Explanation: The OSS (Operation Support Subsystem) supports the operation and maintenance of GSM. It allows system engineers to monitor, diagnose, and troubleshoot all aspects of GSM.

27. What is the full form of UMTS?
a) Universal Mobile Telephone System
b) Ubiquitous Mobile Telephone System
c) Ubiquitous Mobile Telemetry System
d) Universal Machine Telemedicine System
Answer: a
Explanation: UMTS (Universal Mobile Telephone System) is a visionary air interface standard that was introduced in 1996. European carriers, manufacturers, and government regulators collectively developed the early version of UMTS as an open air interface standard for third generation wireless telecommunication.

28. UMTS use which multiple access technique?
a) CDMA
b) TDMA
c) FDMA
d) SDMA
Answer: a
Explanation: Although UMTS is designed to operate on evolved GSM core networks, it uses code division multiple access (CDMA) for its air interface. The majority of the 3G systems in operation employ CDMA, while the rest use TDMA. CDMA allows various users to share a channel at the same time, while TDMA allows users to share the same channel by chopping it into different time slots.

29. UMTS does not has backward compatibility with ____________
a) GSM
b) IS-136
c) IS-95
d) GPRS
Answer: c
Explanation: UMTS assures backward compatibility with the second generation GSM, IS-136 and PDC TDMA technologies. It is also compatible with all 2.5G TDMA techniques like GPRS and EDGE. But it does not provide compatibility to CDMA technologies of 2G and 2.5 G. IS-95 is a CDMA standard of 2G.

30. UMTS is also known as _____________
a) IS-95
b) GPRS
c) CdmaOne
d) W-CDMA
Answer: d
Explanation: UMTS uses Wideband CDMA (W-CDMA) to carry the radio transmissions. Therefore, it is also referred as W-CDMA. W-CDMA offers greater spectral efficiency and bandwidth to mobile network operators.

31. What is the chip rate of W-CDMA?
a) 1.2288 Mcps
b) 3.84 Mcps
c) 270.833 Ksps
d) 100 Mcps
Answer: b
Explanation: W-CDMA uses a chip rate of 3.84 Mcps. Chip rate is the product of symbol rate and spreading factor. If the symbol rate is 960 Kbps and spreading factor is 4 for W-CDMA, then the chip rate is 3.84 Mcps. The chip rate for Cdma2000 and GSM are 1.2288 Mcps and 27.0833 Ksps respectively.

32. W-CDMA works in FDD mode only.
a) True
b) False
Answer: b
Explanation: W-CDMA works in both FDD and TDD mode. W-CDMA developed for wide area cellular coverage uses FDD. And TDD is used by W-CDMA for indoor cordless type applications.

33. How much packet data rate per user is supported by W-CDMA if the user is stationary?
a) 2.048 Kbps
b) 100 Mbps
c) 2.048 Mbps
d) 1 Gbps
Answer: c
Explanation: If the user is stationary, W-CDMA supports packet data rates upto 2.048Mbps per user. Thus, it allows high quality data, multimedia, streaming audio video and broadcast type services to consumers. Future version of WCDMA will support stationary user data rates in excess of 8Mbps.

34. What is the minimum spectrum allocation required by W-CDMA?
a) 5 MHz
b) 20MHz
c) 1.25 MHz
d) 200 KHz
Answer: a
Explanation: W-CDMA/UMTS requires a minimum spectrum allocation of 5 MHz. Using this bandwidth, it has the capacity to carry over 100 simultaneous voice calls. It is able to carry data at speeds up to 2 Mbps in its original format. 20 MHz is the bandwidth defined for LTE. CdmaOne uses a bandwidth of 1.25 MHz. GSM’s bandwidth is 200 KHz.

35. W-CDMA requires a complete change of RF equipment at each base station.
a) True
b) False
Answer: a
Explanation: W-CDMA is designed to provide backward compatibility and interoperability for all GSM, IS-136/PDC, GPRS and EDGE equipment. But due to a wider air interface bandwidth of W-CDMA, it requires a complete change of RF-equipment at each base station.

36. How much increase in spectral efficiency is provided by W-CDMA in comparison to GSM?
a) Two times
b) Three times
c) No increase
d) Six times
Answer: d
Explanation: W-CDMA can provide at least six times an increase in spectral efficiency over GSM at system level. Such a wider bandwidth is chosen to higher data rates as low as 8 kbps to as high as 2 Mbps on a single 5 MHz W-CDMA radio channel.

37. What is the access point (AP) in a wireless LAN?
a) device that allows wireless devices to connect to a wired network
b) wireless devices itself
c) both device that allows wireless devices to connect to a wired network and wireless devices itself
d) all the nodes in the network
Answer: a
Explanation: Access point in a wireless network is any device that will allow the wireless devices to a wired network. A router is the best example of an Access Point.

38. In wireless ad-hoc network _________
a) access point is not required
b) access point is must
c) nodes are not required
d) all nodes are access points
Answer: a
Explanation: An ad-hoc wireless network is a decentralized kind of a wireless network. An access point is usually a central device and it would go against the rules of the ad-hoc network to use one. Hence it is not required.

39. Which multiple access technique is used by IEEE 802.11 standard for wireless LAN?
a) CDMA
b) CSMA/CA
c) ALOHA
d) CSMA/CD
Answer: b
Explanation: CSMA/CA stands for Carrier-sense multiple access/collision avoidance. It is a multiple access protocol used by IEEE 802.11 standard for wireless LAN. It’s based on the principle of collision avoidance by using different algorithms to avoid collisions between channels.

40. In wireless distribution system __________
a) multiple access point are inter-connected with each other
b) there is no access point
c) only one access point exists
d) access points are not required
Answer: a
Explanation: A Wireless Distribution System allows the connection of multiple access points together. It is used to expand a wireless network to a larger network.

41. A wireless network interface controller can work in _______
a) infrastructure mode
b) ad-hoc mode
c) both infrastructure mode and ad-hoc mode
d) WDS mode
Answer: c
Explanation: A wireless network interface controller works on the physical layer and the data link layer of the OSI model. Infrastructure mode WNIC needs access point but in ad-hoc mode access point is not required.

42. In wireless network an extended service set is a set of ________
a) connected basic service sets
b) all stations
c) all access points
d) connected access points
Answer: a
Explanation: The extended service set is a part of the IEEE 802.11 WLAN architecture and is used to expand the range of the basic service set by allowing connection of multiple basic service sets.

43. Mostly ________ is used in wireless LAN.
a) time division multiplexing
b) orthogonal frequency division multiplexing
c) space division multiplexing
d) channel division multiplexing
Answer: b
Explanation: In orthogonal frequency division multiplexing, digital data is encoded on multiple carrier frequencies. It is also used in digital television and audio broadcasting in addition to Wireless LANs.

44. Which one of the following event is not possible in wireless LAN?
a) collision detection
b) acknowledgement of data frames
c) multi-mode data transmission
d) connection to wired networks
Answer: a
Explanation: Collision detection is not possible in wireless LAN with no extensions. Collision detection techniques for multiple access like CSMA/CD are used to detect collisions in Wireless LANs.

45. What is Wired Equivalent Privacy (WEP)?
a) security algorithm for ethernet
b) security algorithm for wireless networks
c) security algorithm for usb communication
d) security algorithm for emails
Answer: b
Explanation: WEP is a security algorithm for wireless network which intended to provide data confidentiality comparable to that of traditional wired networks. It was introduced in 1997.

46. What is WPA?
a) wi-fi protected access
b) wired protected access
c) wired process access
d) wi-fi process access
Answer: a
Explanation: WPA or WiFi Protected Access is a security protocol used to provide users and firms with strong data security and protection for their wireless networks (WiFi) to give them confidence that only authorized users can access their network.

47. VPN is abbreviated as __________
a) Visual Private Network
b) Virtual Protocol Network
c) Virtual Private Network
d) Virtual Protocol Networking
Answer: c
Explanation: A Virtual Private Network i.e. VPN is a technique used in networking or other intermediate networks for connecting computers and making them isolated remote computer networks, maintaining a tunnel of security and privacy.

48. __________ provides an isolated tunnel across a public network for sending and receiving data privately as if the computing devices were directly connected to the private network.
a) Visual Private Network
b) Virtual Protocol Network
c) Virtual Protocol Networking
d) Virtual Private Network
Answer: d
Explanation: A Virtual Private Network i.e. VPN is a technique used in networking or other intermediate networks for connecting computers and making them isolated remote computer networks, maintaining a tunnel of security and privacy.

49. Which of the statements are not true to classify VPN systems?
a) Protocols used for tunnelling the traffic
b) Whether VPNs are providing site-to-site or remote access connection
c) Securing the network from bots and malwares
d) Levels of security provided for sending and receiving data privately
Answer: c
Explanation: VPN systems have specific protocols for tunnelling the traffic, secure remote access connectivity as well as make sure how many levels of security it is providing for private data communication.

50. What types of protocols are used in VPNs?
a) Application level protocols
b) Tunnelling protocols
c) Network protocols
d) Mailing protocols
Answer: a
Explanation: All VPNs are formed with a combination of tunnelling protocols as well as encryption techniques for maintaining privacy and security.

51. VPNs uses encryption techniques to maintain security and privacy which communicating remotely via public network.
a) True
b) False
Answer: a
Explanation: All VPNs are formed with a combination of tunnelling protocols as well as encryption techniques for maintaining privacy and security.

52. There are _________ types of VPNs.
a) 3
b) 2
c) 5
d) 4
Answer: b
Explanation: VPNs are of two types. These are remote access VPNs & Site-to-site VPNs. Remote Access VPNs are used for business & home users. Site-to-site VPNs are mainly used in companies and firms with different geographical locations.

53. Site-to-site VPNs are also known as ________
a) Switch-to-switch VPNs
b) Peer-to-Peer VPNs
c) Point-to-point VPNs
d) Router-to-router VPNs
Answer: d
Explanation: Site-to-site VPNs are also known as Router-to-router VPNs. They are mainly used in companies and firms with different geographical locations.

54. _________ type of VPNs are used for home private and secure connectivity.
a) Remote access VPNs
b) Site-to-site VPNs
c) Peer-to-Peer VPNs
d) Router-to-router VPNs
Answer: a
Explanation: Remote access VPN allows individual users to connect to private networks at home and access resources remotely.

55. Which types of VPNs are used for corporate connectivity across companies residing in different geographical location?
a) Remote access VPNs
b) Site-to-site VPNs
c) Peer-to-Peer VPNs
d) Country-to-country VPNs
Answer: b
Explanation: Site-to-site VPNs are also known as Router-to-router VPNs which are typically used in companies and firms for connecting remotely different branches with different geographical locations.

56. Site-to-Site VPN architecture is also known as _________
a) Remote connection based VPNs
b) Peer-to-Peer VPNs
c) Extranet based VPN
d) Country-to-country VPNs
Answer: c
Explanation: Site-to-site VPN architecture is also known as extranet based VPNs because these type of VPNs are typically used to connect firms externally between different branches of the same company.

57. There are ________ types of VPN protocols.
a) 3
b) 4
c) 5
d) 6
Answer: d
Explanation: There are six types of protocols used in VPN. These are Internet Protocol Security or IPSec, Layer 2 Tunnelling Protocol (L2TP), Point – to – Point Tunnelling Protocol (PPTP), Secure Sockets Layer (SSL), OpenVPN and Secure Shell (SSH).

58. For secure connection, Remote access VPNs rely on ___________ and ____________
a) IPSec, SSL
b) L2TP, SSL
c) IPSec, SSH
d) SSH, SSL
Answer: a
Explanation: A remote-access VPN typically depends on either Secure Sockets Layer (SSL) or IP Security (IPsec) for a secure connection over public network.

59. A ______ can hide a user’s browsing activity.
a) Firewall
b) Antivirus
c) Incognito mode
d) VPN
Answer: d
Explanation: VPNs are used for hiding user’s browsing activities and maintain anonymity. This also helps in preventing user’s personal browsing data leakage and protects the leakage of browsing habits.

60. __________ masks your IP address.
a) Firewall
b) Antivirus
c) VPN
d) Incognito mode
Answer: c
Explanation: VPNs are used for masking user’s IP address and maintain anonymity. This protects leakage of IP address that almost every website grabs when a user opens a website.

61. _________ are also used for hides user’s physical location.
a) Firewall
b) Antivirus
c) Incognito mode
d) VPN
Answer: d
Explanation: VPNs are used for hiding your physical location which helps in maintaining anonymity. Using IP address and browsing habits, link search, your physical location can be traced.

62. Using VPN, we can access _______________
a) Access sites that are blocked geographically
b) Compromise other’s system remotely
c) Hide our personal data in the cloud
d) Encrypts our local drive files while transferring
Answer: a
Explanation: With the help of VPN, users can access and connect to sites that are kept blocked by the ISPs based on a specific geographic location.

63. What are the different ways to intrude?
a) Buffer overflows
b) Unexpected combinations and unhandled input
c) Race conditions
d) All of the mentioned
Answer: d
Explanation: None.

64. What are the major components of the intrusion detection system?
a) Analysis Engine
b) Event provider
c) Alert Database
d) All of the mentioned
Answer: d
Explanation: None.

65. What are the different ways to classify an IDS?
a) anomaly detection
b) signature based misuse
c) stack based
d) all of the mentioned
Answer: d
Explanation: None.

66. What are the different ways to classify an IDS?
a) Zone based
b) Host & Network based
c) Network & Zone based
d) Level based
Answer: b
Explanation: None.

67. What are the characteristics of anomaly based IDS?
a) It models the normal usage of network as a noise characterization
b) It doesn’t detect novel attacks
c) Anything distinct from the noise is not assumed to be intrusion activity
d) It detects based on signature
Answer: a
Explanation: None.

68. What is the major drawback of anomaly detection IDS?
a) These are very slow at detection
b) It generates many false alarms
c) It doesn’t detect novel attacks
d) None of the mentioned
Answer: b
Explanation: None.

69. What are the characteristics of signature based IDS?
a) Most are based on simple pattern matching algorithms
b) It is programmed to interpret a certain series of packets
c) It models the normal usage of network as a noise characterization
d) Anything distinct from the noise is assumed to be intrusion activity
Answer: a
Explanation: None.

70. What are the drawbacks of signature based IDS?
a) They are unable to detect novel attacks
b) They suffer from false alarms
c) They have to be programmed again for every new pattern to be detected
d) All of the mentioned
Answer: d
Explanation: None.

71. What are the characteristics of Host based IDS?
a) The host operating system logs in the audit information
b) Logs includes logins,file opens and program executions
c) Logs are analysed to detect tails of intrusion
d) All of the mentioned
Answer: d
Explanation: None.

72. What are the drawbacks of the host based IDS?
a) Unselective logging of messages may increase the audit burdens
b) Selective logging runs the risk of missed attacks
c) They are very fast to detect
d) They have to be programmed for new patterns
Answer: a
Explanation: None.

73. What are the strengths of the host based IDS?
a) Attack verification
b) System specific activity
c) No additional hardware required
d) All of the mentioned
Answer: d
Explanation: None.

74. What are characteristics of stack based IDS?
a) They are integrated closely with the TCP/IP stack and watch packets
b) The host operating system logs in the audit information
c) It is programmed to interpret a certain series of packets
d) It models the normal usage of network as a noise characterization
Answer: a
Explanation: None.

75. What are characteristics of Network based IDS?
a) They look for attack signatures in network traffic
b) Filter decides which traffic will not be discarded or passed
c) It is programmed to interpret a certain series of packet
d) It models the normal usage of network as a noise characterization
Answer: a
Explanation: None.

76. What are strengths of Network based IDS?
a) Cost of ownership reduced
b) Malicious intent detection
c) Real time detection and response
d) All of the mentioned
Answer: d
Explanation: None.

1. Which of the following is a compliance standard?
a) PCI-DSS
b) HIPPA
c) GLBA
d) All of the mentioned
Answer: d
Explanation: A compliance standard can be any government regulatory framework.

2. Point out the correct statement.
a) The cloud service model you choose does not determine the variety of security features, compliance auditing, and other requirements
b) To determine the particular security mechanisms you need, you must perform a mapping of the particular cloud service model to the particular application you are deploying
c) A security control model includes the security that you normally use for your applications only
d) All of the mentioned
Answer: b
Explanation: These mechanisms must be supported by the various controls that are provided by your service provider, your organization, or a third party.

3. Which of the following is a key mechanism for protecting data?
a) Access control
b) Auditing
c) Authentication
d) All of the mentioned
Answer: d
Explanation: Whatever service model you choose should have mechanisms operating in all above mentioned areas that meet your security requirements.

4. How many security accounts per client is provided by Microsoft?
a) 1
b) 3
c) 5
d) 7
Answer: c
Explanation: On Amazon Web Service, you can create multiple keys and rotate those keys during different sessions.

5. Point out the wrong statement.
a) Securing data sent to, received from, and stored in the cloud is the single largest security concern
b) The problem with the data you store in the cloud is that it can be located anywhere in the cloud service provider’s system
c) One and only approach to isolating storage in the cloud from direct client access is to create layered access to the data
d) All of the mentioned
Answer: c
Explanation: The location of the proxy and the broker is not important.

6. Which of the following are a common means for losing encrypted data?
a) lose the keys
b) lose the encryption standard
c) lose the account
d) all of the mentioned
Answer: a
Explanation: Keys should have a defined life cycle.

7. Which of the following is the standard for interoperable cloud-based key management?
a) KMIP
b) PMIK
c) AIMK
d) None of the mentioned
Answer: a
Explanation: KMIP stands for Key Management Interoperability Protocol.

8. Which of the following was one of the weaker aspects of early cloud computing service offerings?
a) Logging
b) Integrity checking
c) Consistency checking
d) None of the mentioned
Answer: a
Explanation: Cloud service providers often have proprietary log formats.

9. Which of the following is one of the most actively developing and important areas of cloud computing technology?
a) Logging
b) Auditing
c) Regulatory compliance
d) None of the mentioned
Answer: c
Explanation: For any company with clients in multiple countries, the burden of regulatory compliance is onerous.

10. Amazon Web Services supports ________ Type II Audits.
a) SAS70
b) SAS20
c) SAS702
d) None of the mentioned
Answer: a
Explanation: Becoming a cloud service provider requires a large investment.

11. Which of the following service provider provides the least amount of built in security?
a) SaaS
b) PaaS
c) IaaS
d) All of the mentioned
Answer: c
Explanation: You get the least amount of built in security with an Infrastructure as a Service provider, and the most with a Software as a Service provider.

12. Point out the correct statement.
a) Different types of cloud computing service models provide different levels of security services
b) Adapting your on-premises systems to a cloud model requires that you determine what security mechanisms are required and mapping those to controls that exist in your chosen cloud service provider
c) Data should be transferred and stored in an encrypted format for security purpose
d) All of the mentioned
Answer: d
Explanation: When you identify missing security elements in the cloud, you can use mapping to work to close the gap.

13. Which of the following services that need to be negotiated in Service Level Agreements?
a) Logging
b) Auditing
c) Regulatory compliance
d) All of the mentioned
Answer: d
Explanation: Logging, auditing, and regulatory compliance are all features that require planning in cloud computing systems.

14. The following flowchart is intended to evaluate __________ in any cloud.

a) risk
b) errors
c) inconsistencies
d) none of the mentioned
Answer: a
Explanation: Your risks in any cloud deployment are dependent upon the particular cloud service model chosen and the type of cloud on which you deploy your applications.

15. Point out the wrong statement.
a) You can use proxy and brokerage services to separate clients from direct access to shared cloud storage
b) Any distributed application has a much greater attack surface than an application that is closely held on a Local Area Network
c) Cloud computing doesn’t have vulnerabilities associated with Internet applications
d) All of the mentioned
Answer: c
Explanation: Additional vulnerabilities arise from pooled, virtualized, and outsourced resources.

16. Which of the following area of cloud computing is uniquely troublesome?
a) Auditing
b) Data integrity
c) e-Discovery for legal compliance
d) All of the mentioned
Answer: d
Explanation: Storing data in the cloud is of particular concern.

17. Which of the following is the operational domain of CSA?
a) Scalability
b) Portability and interoperability
c) Flexibility
d) None of the mentioned
Answer: b
Explanation: CSA is an industry working group that studies security issues in cloud computing and offers recommendations to its members.

18. Which of the following is considered an essential element in cloud computing by CSA?
a) Multi-tenancy
b) Identity and access management
c) Virtualization
d) All of the mentioned
Answer: a
Explanation: Multi-tenancy adds a number of additional security concerns to cloud computing that need to be accounted for.

19. Which of the following is used for Web performance management and load testing?
a) VMware Hyperic
b) Webmetrics
c) Univa UD
d) Tapinsystems
Answer: b
Explanation: CA Cloud Insight is a cloud metrics measurement service.

20. Which of the following is application and infrastructure management software for hybrid multi-clouds?
a) VMware Hyperic
b) Webmetrics
c) Univa UD
d) Tapinsystems
Answer: c
Explanation: Tapinsystems is provisioning and management service.

21. Which of the following is done by Identity management?
a) controlling access to data in the cloud
b) maintaining user roles
c) preventing unauthorized uses
d) all of the mentioned
Answer: d
Explanation: Identity management is a primary mechanism for controlling access to data in the cloud, preventing unauthorized uses, maintaining user roles, and complying with regulations.

22. Point out the correct statement.
a) Identities are not tied to the concept of accounts and can be used for contacts or “ID cards”
b) Identities are important from a reliability standpoint
c) Presence is important in cloud computing because it adds context that can modify services and service delivery
d) All of the mentioned
Answer: c
Explanation: Identities can be used to authenticate client requests for services in a distributed network system.

23. Which of the following is required by Cloud Computing?
a) That you establish an identity
b) That the identity be authenticated
c) That the authentication be portable
d) All of the mentioned
Answer: d
Explanation: When applied to a number of users in a cloud computing system, these requirements describe systems that must provision identities.

24. Which of the following standard is the key to creating Single Sign-On (SSO) systems?
a) OpenID 2.0
b) CHAP
c) SMAL
d) None of the mentioned
Answer: a
Explanation: Some cloud service providers have adopted OpenID as a service.

25. Point out the wrong statement.
a) OpenID 2.0 is the standard associated with creating an identity
b) OpenID doesn’t specify the means for authentication of identity
c) OpenID provides access to important Web sites
d) None of the mentioned
Answer: d
Explanation: Authentication can be by a Challenge and Response Protocol (CHAP).

26. Which of the following is a complementary mechanism to OpenID and is used to create SSO systems?
a) OpenSSL
b) CHAP
c) SMAL
d) None of the mentioned
Answer: c
Explanation: Taken as a unit, OpenID and SAML are being positioned to be the standard authentication mechanism for clients accessing cloud services.

27. Which of the following entity queries the OpenID identity provider to authenticate the veracity of the OpenID credentials?
a) serving party
b) relieving party
c) relaying party
d) none of the mentioned
Answer: c
Explanation: The OpenID is presented to a service that provides access to the resource that is desired.

28. Which of the following provides a token service that can be used to present validated access to resources?
a) OAuth
b) OCheck
c) SAML
d) None of the mentioned
Answer: a
Explanation: OAuth is similar to OpenID.

29. Which of the following foundation offers .NET developers Visual Studio integration of WS-Federation and WS-Trust open standards?
a) Windows Workflow
b) Windows Identity
c) Windows compliance
d) None of the mentioned
Answer: b
Explanation: ASP.NET Web applications created with WIF integrate the Windows Communication Foundation SOAP service (WCF-SOAP) into a unified object model.

30. __________ allows users to authenticate their access to applications both locally and in the cloud with a claims-based identity.
a) AD FS
b) AC
c) SAS
d) None of the mentioned
Answer: a
Explanation: AD FS uses WS-Federation, WS-Trust, and SAML, which allows users to access a system based on IBM, Novel, SAP, and many other vendors.

31. Which of the following is policy based XML security service by Cisco?
a) Application Oriented Manager
b) Application Oriented Networking
c) Application Process Networking
d) All of the mentioned
Answer: b
Explanation: Cisco has a family of products that enforce rules and policies for the transmission of XML messaging.

32. Point out the wrong statement.
a) SOA eliminates the use of application boundaries, the traditional methods where security is at the application level aren’t likely to be effective
b) An atomic service cannot be decomposed into smaller services that provide a useful function
c) XML security service may be found in Citrix’s NetScaler 9.0
d) None of the mentioned
Answer: d
Explanation: Citrix NetScaler platforms ensure the best delivery, performance and security for any web, mobile and cloud application.

33. Which of the following is not an OASIS standard for SOA Security?
a) Security Assertion Markup Language
b) Synchronized Multimedia Integration Language
c) WS-SecureConversion
d) All of the mentioned
Answer: b
Explanation: SMIL (Synchronized Multimedia Integration Language), is a language that allows Web site creators to be able to easily define and synchronize multimedia applications.

34. Which of the following provides data authentication and authorization between client and service?
a) SAML
b) WS-SecureConversion
c) WS-Security
d) All of the mentioned
Answer: a
Explanation: The SAML technology is used as part of Single Sign-on Systems (SSO) and allows a user logging into a system from a Web browser to
have access to distributed SOA resources.

35. Point out the wrong statement.
a) To address SOA security, a set of OASIS standards have been created
b) WS-SecureConversion attaches a security context token to communications such as SOAP used to transport messages in an SOA enterprise
c) WS-Trust is an extension of SOA that enforces security by applying tokens such as Kerberos, SAML, or X.509 to messages
d) None of the mentioned
Answer: c
Explanation: WS-Security (WSS) is an extension of SOA that enforces security by applying tokens such as Kerberos, SAML, or X.509 to messages.

36. Which of the following is a web services protocol for creating and sharing security context?
a) WS-Trust
b) WS-SecureConversion
c) WS-SecurityPolicy
d) All of the mentioned
Answer: b
Explanation: WS-SecureConversion is meant to operate in systems where WS-Security, WS-Trust, and WS-Policy are in use.

37. Which of the following is part of a general WS-Policy framework?
a) WS-Trust
b) WS-SecureConversion
c) WS-SecurityPolicy
d) All of the mentioned
Answer: c
Explanation: WS-SecurityPolicy provides a set of network policies that extend WS-Security, WS-Trust, and WS-SecureConversion so messages complying to a policy must be signed and encrypted.

38. Which of the following extends WS-Security to provide a mechanism to issue, renew, and validate security tokens?
a) WS-Trust
b) WS-SecureConversion
c) WS-SecurityPolicy
d) All of the mentioned
Answer: a
Explanation: A Web service using WS-Trust can implement this system through the use of a Security Token Service (STS).

39. __________ is a mechanism for attaching security tokens to messages.
a) STT
b) STS
c) SAS
d) All of the mentioned
Answer: b
Explanation: STS stands for Security Token Service.

40. Providing XML Gateway SOA security requires a _________ so that encryption is enforced by digital signatures.
a) Public Key Infrastructure
b) Private Key Infrastructure
c) Hybrid Key Infrastructure
d) None of the mentioned
Answer: a
Explanation: Another approach to enforcing security in SOA is to use an XML gateway that intercepts XML messages transported by SOAP or REST.

1. Which of the following is not a transport layer vulnerability?
a) Mishandling of undefined, poorly defined
b) The Vulnerability that allows “fingerprinting” & other enumeration of host information
c) Overloading of transport-layer mechanisms
d) Unauthorized network access
Answer: d
Explanation: The different vulnerabilities of the Transport layer are mishandling of undefined, poorly defined, Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.

2. Which of the following is not session layer vulnerability?
a) Mishandling of undefined, poorly defined
b) Spoofing and hijacking of data based on failed authentication attempts
c) Passing of session-credentials allowing intercept and unauthorized use
d) Weak or non-existent authentication mechanisms
Answer: a
Explanation: Vulnerabilities of session layer of the OSI model are spoofing and hijacking of data based on failed authentication attempts, weak or non-existent authentication mechanisms, and the passing of session-credentials allowing intercept and unauthorized use.

3. Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a) Physical layer
b) Data-link Layer
c) Session layer
d) Presentation layer
Answer: c
Explanation: Session identification may be subject to spoofing may lead to data leakage which depends on failed authentication attempts and allow hackers to allow brute-force attacks on access credentials.

4. Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a) True
b) False
Answer: a
Explanation: Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets. This type of attacks is done in the transport layer of the OSI model.

5. Which of the following is not an example of presentation layer issues?
a) Poor handling of unexpected input can lead to the execution of arbitrary instructions
b) Unintentional or ill-directed use of superficially supplied input
c) Cryptographic flaws in the system may get exploited to evade privacy
d) Weak or non-existent authentication mechanisms
Answer: d
Explanation: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-directed use of superficially supplied input, and poor handling of unexpected input are examples of presentation layer flaws.

6. Which of the following is not a vulnerability of the application layer?
a) Application design bugs may bypass security controls
b) Inadequate security controls force “all-or-nothing” approach
c) Logical bugs in programs may be by chance or on purpose be used for crashing programs
d) Overloading of transport-layer mechanisms
Answer: d
Explanation: Application design flaws may bypass security controls, inadequate security controls as well as logical bugs in programs may be by chance or on purpose be used for crashing programs. These all are part of application layer vulnerability.

7. Which of the following is an example of Transport layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
Answer: b
Explanation: Overloading of transport-layer mechanisms is an example of transport layer vulnerability. Other examples of Transport layer vulnerability are mishandling of undefined, poorly defined, Vulnerability that allows “fingerprinting” & other enumeration of host information.

8. Which of the following is an example of session layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
Answer: a
Explanation: Weak or non-existent mechanisms for authentication is an example of session layer vulnerability. Other examples are spoofing and the hijacking of data based on failed-authentication attempts & passing of session-credentials allowing intercept and unauthorized use.

9. Which of the following is an example of presentation layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) highly complex application security controls
d) poor handling of unexpected input
Answer: d
Explanation: Poor handling of unexpected input is an example of presentation layer vulnerability. Cryptographic flaws may be exploited to circumvent privacy, unintentional use of superficially supplied input are some other examples of presentation layer vulnerability.

10. Which of the following is an example of application layer vulnerability?
a) Cryptographic flaws lead to the privacy issue
b) Very complex application security controls
c) MAC Address Spoofing
d) Weak or non-existent authentication
Answer: b
Explanation: Very complex application security controls can be an example of application layer vulnerability. Inadequate security controls, as well as logical bugs in programs, are some other examples of such type.

11. Cookies were originally designed for ____________
a) Client side programming
b) Server side programming
c) Both Client side programming and Server side programming
d) Socket programming
Answer: b
Explanation: Cookies were originally designed for server side programming, and at the lowest level, they are implemented as an extension to the HTTP protocol. They were introduced with the intention of providing a better user experience for the websites.

12. The Cookie manipulation is done using which property?
a) cookie
b) cookies
c) manipulate
d) manipulate cookie
Answer: a
Explanation: The cookie property sets or returns all name/value pairs of cookies in the current document. There are no methods involved: cookies are queried, set, and deleted by reading and writing the cookie property of the Document object using specially formatted strings.

13. Which of the following explains Cookies nature?
a) Non Volatile
b) Volatile
c) Intransient
d) Transient
Answer: d
Explanation: Cookies are transient by default; the values they store last for the duration of the web browser session but are lost when the user exits the browser. While the browsing session is active the cookie stores the user values in the user’s storage itself and accesses them.

14. Which attribute is used to extend the lifetime of a cookie?
a) Higher-age
b) Increase-age
c) Max-age
d) Lifetime
Answer: c
Explanation: If you want a cookie to last beyond a single browsing session, you must tell the browser how long (in seconds) you would like it to retain the cookie by specifying a max-age attribute. A number of seconds until the cookie expires. A zero or negative number will kill the cookie immediately.

15. Which of the following defines the Cookie visibility?
a) Document Path
b) LocalStorage
c) SessionStorage
d) All of the mentioned
Answer: d
Explanation: sessionStorage, localStorage and Document path all are used to store data on the client-side. Each one has its own storage and expiration limit. Cookie visibility is scoped by the document origin as Local Storage and Session Storage are, and also by document path.

16. Which of the following can be used to configure the scope of the Cookie visibility?
a) Path
b) Domain
c) Both Path and Domain
d) Server
Answer: d
Explanation: The Cookie visibility scope is configurable through cookie attributes path and domain. Domain attribute in the cookie is used to specify the domain for which the cookie is sent. Path includes the Path attribute in the cookie to specify the path for which this cookie is sent.

17. How can you set a Cookie visibility scope to local Storage?
a) /
b) %
c) *
d) #
Answer: a
Explanation: Setting the path of a cookie to “/” gives scoping like that of localStorage and also specifies that the browser must transmit the cookie name and value to the server whenever it requests any web page on the site.

18. Which of the following is a Boolean cookie attribute?
a) Bool
b) Secure
c) Lookup
d) Domain
Answer: b
Explanation: The final cookie attribute is a boolean attribute named secure that specifies how cookie values are transmitted over the network. By default, cookies are insecure, which means that they are transmitted over a normal, insecure HTTP connection. If a cookie is marked secure, however, it is transmitted only when the browser and server are connected via HTTPS or another secure protocol.

19. Which of the following function is used as a consequence of not including semicolons, Commas or whitespace in the Cookie value?
a) EncodeURIComponent()
b) EncodeURI()
c) EncodeComponent()
d) Encode()
Answer: a
Explanation: Cookie values cannot include semicolons, commas, or whitespace. For this reason, you may want to use the core JavaScript global function encodeURIComponent() to encode the value before storing it in the cookie.

20. What is the constraint on the data per cookie?
a) 2 KB
b) 1 KB
c) 4 KB
d) 3 KB
Answer: c
Explanation: Each cookie can hold up to only 4 KB. In practice, browsers allow many more than 300 cookies total, but the 4 KB size limit may still be enforced by some. Storage of a session has to be a minimum of 5MB.

21. In the above figure from left to right, the correct order of the shaded levels are
a) Network level, Application level, Transport level
b) Application level, Network level, Transport level
c) Transport level, Application level, Network level
d) Network level, Transport level, Application levelAnswer: d
Explanation: IP/IPSec is the Network level, SSL or TLS is the Transport Level, Kerberos and S/MIME are the Application level.

22. In the above figure, which of the above shaded block is transparent to end users and applications?
a) IP/IPSec
b) SSL
c) Kerberos
d) S/MIME
Answer: a
Explanation: IP/IPSec is the Network layer which is transparent to end users and applications.

23. In terms of Web Security Threats, “Impersonation of another user” is a Passive Attack.
a) True
b) False
Answer: b
Explanation: Passive attacks include eavesdropping on network traffic between browser and server and gaining access to information on a website that is supposed to be restricted. Active attacks include impersonating another user, altering messages in transit between client and server, altering information on a website.

24. Which one of the following is not a higher –layer SSL protocol?
a) Alert Protocol
b) Handshake Protocol
c) Alarm Protocol
d) Change Cipher Spec Protocol
Answer: c
Explanation: Three higher –layer protocols are defined as part of SSL: The Handshake Protocol, The Change Cipher Spec Protocol and The Alert Protocol.

25. Which one of the following is not a session state parameter?
a) Master Secret
b) Cipher Spec
c) Peer Certificate
d) Server Write Key
Answer: d
Explanation: Session state is defined by the following parameters – Session identifier, Peer certificate, Compression method, Cipher spec, Master secret, Is resumable. Server Write Key falls under Connection State.

26. In the SSL Protocol, each upper layer message if fragmented into a maximum of __________ bytes.
a) 2¹⁶
b) 2³²
c) 2¹⁴
d) 2¹²
Answer: c
Explanation: In the fragmentation process we obtain blocks of 2^14 bytes which is compressed in the next step.

27. The difference between HMAC algorithm and SSLv3 is that pad1 and pad2 are ________ in SSLv3 whereas ________ in HMAC.
a) NANDed, XORed
b) Concatenated, XORed
c) XORed, NANDed
d) XORed, Concatenated
Answer: b
Explanation: The pads are concatenated in SSLv3 and XORed in HMAC algorithm.

28. The full form of SSL is
a) Serial Session Layer
b) Secure Socket Layer
c) Session Secure Layer
d) Series Socket Layer
Answer: b
Explanation: SSL stands for Secure Sockets Layer.

29. After the encryption stage in SSL, the maximum length of each fragment is
a) 2¹⁴+1028
b) 2¹⁴+2048
c) 2¹⁶+1028
d) 2¹⁶+2048
Answer: b
Explanation: Encryption may not increase the content length by more than 1024 bytes, so the total length may not exceed 2¹⁴+2048.

30. Consider the following example –
Size of Plaintext – 48 bytes.
Size of MAC – 20 bytes.
Block Length – 8 bytes.
How many bytes of padding need to be added to the system?
a) 1
b) 2
c) 3
d) 4
Answer: c
Explanation: 48 + 20 = 68 bytes. 72 is the next multiple of 8 (Block Length). 72 – 68 = 4. But we need to compensate 1 byte for length of the padding. Therefore, we require only 3 Bytes padding.

31. Which protocol is used to convey SSL related alerts to the peer entity?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol
Answer: a
Explanation: The Alert protocol is used to convey SSL related alerts to the peer entity.

32. Which protocol consists of only 1 bit?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol
Answer: d
Explanation: The change cipher spec protocol is bit long.

33. Which protocol is used for the purpose of copying the pending state into the current state?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol
Answer: d
Explanation: The Change Cipher Spec Protocol is used for this action.

34. Which of the following are possible sizes of MACs?
i) 12 Bytes
ii) 16 Bytes
iii) 20 Bytes
iv) 24 Bytes
a) i and iii
b) ii only
c) ii and iii
d) ii iii and iv
Answer: c
Explanation: MACs can be 0, 16 or 20 Bytes.

35. In the alert protocol the first byte takes the value 1 or 2 which corresponds to _________ and _________ respectively.
a) Select, Alarm
b) Alert, Alarm
c) Warning, Alarm
d) Warning, Fatal
Answer: d
Explanation: The first byte takes the value warning(1) or fatal(2) to convey the severity of the message.

36. Secure shell (SSH) network protocol is used for __________
a) secure data communication
b) remote command-line login
c) remote command execution
d) all of the mentioned
Answer: d
Explanation: SSH provides high encryption and security features while communicating through a network. It is a cryptographic network protocol.

37. SSH can be used in only _____________
a) unix-like operating systems
b) windows
c) both unix-like and windows systems
d) none of the mentioned
Answer: c
Explanation: SSH isn’t confined to a certain network or operating system. It can be implemented over different networks and on different operating systems.

38. SSH uses ___________ to authenticate the remote computer.
a) public-key cryptography
b) private-key cryptography
c) any of public-key or private-key
d) both public-key & private-key
Answer: a
Explanation: Public encryption key is slower but more flexible. Every cryptographic security system requires a private key for private access and a public key for location.

39. Which standard TCP port is assigned for contacting SSH servers?
a) port 21
b) port 22
c) port 23
d) port 24
Answer: b
Explanation: Port 22 is used for contacting ssh servers, used for file transfers (scp, sftp) and also port forwarding.

40. Which one of the following protocol can be used for login to a shell on a remote host except SSH?
a) telnet
b) rlogin
c) both telnet and rlogin
d) none of the mentioned
Answer: c
Explanation: SSH is more secured then telnet and rlogin.

41. Which one of the following is a file transfer protocol using SSH?
a) SCP
b) SFTP
c) Rsync
d) All of the mentioned
Answer: d
Explanation: SCP (Secure copy protocol), SFTP (SSH File Transfer Protocol) and Rsync all are file transfer protocols which are used by SSH.

42. SSH-2 does not contain ______________
a) transport layer
b) user authentication layer
c) physical layer
d) connection layer
Answer: c
Explanation: SSH2 is a more secure, portable and efficient version of SSH that includes SFTP, which is functionally similar to FTP, but is SSH2 encrypted.

43. Which one of the following feature was present in SSH protocol, version 1?
a) password changing
b) periodic replacement of session keys
c) support for public-key certificates
d) none of the mentioned
Answer: d
Explanation: All of the mentioned features are provided by SSH-2 and that SSH-1 only provide strong authentication and guarantee confidentiality.

44. SCP protocol is evolved from __________ over SSH.
a) RCP protocol
b) DHCP protocol
c) MGCP protocol
d) GCP protocol
Answer: a
Explanation: RCP is the abbreviation for Rate Control Protocol is a congestion control algorithm for fast user response times.

45. Which one of the following authentication method is used by SSH?
a) public-key
b) host based
c) password
d) all of the mentioned
Answer: d
Explanation: SSH used public key authentication, Password authentication, Host based authentication, keyboard authentication and authentication of servers.

46. _______________deals with the protection of an individual’s information which is implemented while using the Internet on any computer or personal device.
a) Digital agony
b) Digital privacy
c) Digital secrecy
d) Digital protection
Answer: b
Explanation: Digital Privacy deals with the protection of an individual’s information which is implemented while using the Internet on any computer or personal device.

47. _______________ is a combined term which encompasses 3 sub-pillars; information privacy, individual privacy, and communication privacy.
a) Digital Integrity
b) Digital privacy
c) Digital secrecy
d) Digital protection
Answer: b
Explanation: Digital Privacy is a combined term which encompasses 3 sub-pillars; information privacy, individual privacy, and communication privacy where all of them deal with the protection of an individual’s information.

48. Which of the following do not comes under the three pillars of digital privacy?
a) Information privacy
b) Individual privacy
c) Communication privacy
d) Family privacy
Answer: d
Explanation: Digital Privacy encompasses 3 sub-pillars; information privacy, individual privacy, and communication privacy. Family privacy is not a part of its 3-pillars.

49. Which of the following is not an appropriate solution for preserving privacy?
a) Use privacy-focussed SE
b) Use private Browser-window
c) Disable cookies
d) Uninstall Antivirus
Answer: d
Explanation: Preserving data privacy needs some appropriate which are by using privacy-focussed search engines, using private browser window and by disabling cookies.

50. Which of the following is not an appropriate solution for preserving privacy?
a) Use privacy-focussed SE
b) Close all logical ports
c) Do not use malicious sites and torrent sites
d) Use VPN
Answer: b
Explanation: Closing of all logical ports is done to secure system from Trojans. Some appropriate way out for preserving privacy is by using VPNs, using private browser window & by disabling cookies also.

51. Which of the following is not a private Search-engine?
a) Yahoo
b) DuckDuckGo
c) StartPage
d) Wolfram Alpha
Answer: a
Explanation: Digital Privacy includes information privacy, individual privacy & communication privacy. One appropriate solution for preserving privacy is by using privacy-focussed search engines like DuckDuckGo, StartPage and Wolfram Alpha.

52. Which of the following is a private Search-engine and do not track our searching data?
a) Google
b) Search Encrypt
c) Bing
d) Yahoo
Answer: b
Explanation: Digital Privacy can be preserved in different ways. Few suitable solutions for preserving privacy are by using privacy-focussed search engines like Search Encrypt, DuckDuckGo, StartPage and Wolfram Alpha.

53. It is necessary to use ________________ for maintaining searched data privacy.
a) Private email services
b) Private search engines
c) Tor Browser
d) Private Browser window
Answer: b
Explanation: It is necessary to use private search engines for maintaining searched data privacy. They do not keep track of your searched terms or your browsing behaviour and habits. Examples are like Search Encrypt, DuckDuckGo, StartPage and Wolfram Alpha.

54. Which of the following browser is used for Privacy purpose?
a) Chrome
b) Firefox
c) Opera
d) Tor
Answer: d
Explanation: In the complex world where e-privacy is a concern, one should preserve their online privacy. Some appropriate measures for preserving privacy are by using browsers like Tor and by disabling cookies.

55. The Tor browser protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.
a) True
b) False
Answer: a
Explanation: The Tor browser protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.

56. The __________________ protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers. It gives three layers of anonymity.
a) Cookie removers
b) Private Search Engines
c) Tor browser
d) VPNs
Answer: c
Explanation: Privacy of data and communication is a major concern nowadays. The Tor browser protects your privacy by bouncing your connection and links around a distributed network over the globe run by volunteers.

57. Which of the following is not an example of privacy-browser?
a) Tor
b) Brave
c) Epic
d) Opera
Answer: d
Explanation: Digital Privacy gets eliminated if you are using usual browsers that do not have encrypted security measures to preserve your piracy. One appropriate solution for preserving privacy is by using browsers like Tor, Brave and Epic.

58. ____________ allow its users to attach to the internet via a remote or virtual server which preserves privacy.
a) Cookie removers
b) VPNs
c) Tor browser
d) Private Search Engines
Answer: b
Explanation: There is a suitable solution for preserving privacy is by using privacy-focussed search engines, and by using VPNs. VPNs allow its users to attach to the internet via a remote or virtual server which preserves privacy.

59. The ____________ transferred between your device & the server is securely encrypted if you are using VPNs.
a) data
b) virus
c) music files
d) document files
Answer: a
Explanation: VPNs allow its users to attach to the internet via a remote or virtual server which preserves privacy. The data transferred between your device & the server is securely encrypted if you are using VPNs.

60. The data transferred between your device & the server is securely _____________ if you’re using VPNs.
a) locked
b) sealed
c) packed
d) encrypted
Answer: d
Explanation: VPNs allow its users to attach to the internet via a remote or virtual server which preserves privacy. If you are using VPN, the data between your device & the server gets securely transmitted.

61. Which of the following is not an appropriate way to compromise web servers?
a) Misconfiguration in OS
b) Using network vulnerabilities
c) Misconfiguration in networks
d) Bugs in OS which allow commands to run on web servers
Answer: b
Explanation: Websites get hosted on web servers. Web servers are actually computers running that makes us available & accessible files (web pages) through the internet. Various ways that can help compromise a web server are a misconfiguration of network or OS, bugs in web server’s OS etc.

62. Which of the following is not an appropriate method of defacing web server?
a) Fetching credentials through MiTM
b) Brute-forcing Admin Password
c) IP address spoofing
d) DNS Attack through cache poisoning
Answer: c
Explanation: Various ways which can help a hacker deface the web server. These are by fetching credentials through MiTM, brute-forcing administrator password, DNS attack through cache poisoning, FTP server intrusion and many more.

63. Which of the following is not an appropriate method of defacing web server?
a) Mail server intrusion
b) Web application bugs
c) Web shares misconfiguration
d) Sessions hijacking
Answer: d
Explanation: Defacing the web server can be done in various ways by fetching credentials through brute-forcing administrator password, through cache poisoning, mail server intrusion, web app bugs and many more.

64. _________ is one of the most widely used web server platforms.
a) IIS
b) IAS
c) ISS
d) AIS
Answer: a
Explanation: Websites get hosted on web servers. Web servers are actually computers running that makes us available & accessible files (web pages) through the internet. IIS is one of the most widely used web server platforms.

65. IIS stands for __________________
a) Interconnected Information Server
b) Interconnected Information Services
c) Internet Information Server
d) Internet Information Services
Answer: d
Explanation: Web servers are actually computers running that makes us available & accessible files (web pages) through the internet. The most widely used web server platform is the IIS (Internet Information Services).

66. ____________ is a tiny script that if uploaded to a web server can give hacker complete control of a remote PC.
a) Spyware
b) ASP Trojan
c) Web ransomware
d) Stuxnet
Answer: b
Explanation: ASP Trojan is a tiny script that if uploaded to a web server can give hacker complete control of remote PC. ASP Trojan can be easily attached to web applications creating a backdoor in web server hacking.

67. ____________ logs all the visits in log files which is located at <%systemroot%>\logfiles.
a) IIS
b) Microsoft Server
c) Linux
d) IAS
Answer: a
Explanation: Internet Information Services logs all the visits in log files which are located at <%systemroot%>\logfiles. IIS (Internet Information Services) is one of the most widely used web server platforms.

68. Which of the following is not a web server attack type?
a) DOS attack
b) Website Defacement using SQLi
c) Directory Traversal
d) Password guessing
Answer: d
Explanation: The web servers are actually computers running that makes us available & accessible files (web pages) through the internet. Different web server attack types are through DOS attack, website defacement using SQLi and directory traversal.

69. ______________ tool clears the log entries in the IIS log files filtered by an IP address.
a) CleanIISLoging
b) CleanLogger
c) CleanIISLog
d) ClearIISLog
Answer: c
Explanation: IIS (Internet Information Services) is one of the most widely used web server platform. IIS logs all the visits in log files which are located at <%systemroot%>\logfiles. CleanIISLog tool clears the log entries in the IIS log files filtered by an IP address.

70. CleanIISLog is not a hacking tool.
a) True
b) False
Answer: b
Explanation: CleanIISLog tool is used to clear the log entries in the IIS log files filtered by an IP address. It is a hacking tool which can help in easily remove all traces of her log file from the server.

71. Which of the following is not an appropriate countermeasure for web server hacking?
a) Patch updates need to be done regularly
b) Not to use default configurations
c) Use IDS and firewalls with signature updates
d) Use low-speed internet
Answer: d
Explanation: To protect against web server hacking, one need to patch updates regularly, not to use default configurations, use IDS and firewalls with signature updates.

72. Which of the following is not an appropriate countermeasure for web server hacking?
a) Using OS or antivirus without updates
b) Scan web server applications for vulnerabilities
c) Using secure protocols
d) Follow strict access control policy
Answer: a
Explanation: For defending against web server hacking, one needs to scan web server applications for vulnerabilities, make use of secure protocols, and follow strict access control policy.

73. _____________ attack is the exploitation of the web-session & its mechanism that is usually managed with a session token.
a) Session Hacking
b) Session Hijacking
c) Session Cracking
d) Session Compromising
Answer: b
Explanation: Session Hijacking attack is the exploitation of the web-session & its mechanism that is usually managed with a session token. Mostly it is called TCP session hijacking that deals with a security attack on any target victim’s session over a protected network.

74. The most commonly used session hijacking attack is the _______________
a) IP hacking
b) IP spooling
c) IP spoofing
d) IP tracking
Answer: c
Explanation: Session Hijacking is the utilization of a valid system session  which is usually managed with a token. The most commonly used session hijacking attack is IP spoofing.

75. ________________ are required because HTTP uses a lot of diverse TCP connections, so, the web server needs a means to distinguish every user’s connections.
a) Internet
b) Network
c) Hijacking
d) Sessions
Answer: d
Explanation: Sessions are required because HTTP uses a lot of diverse TCP connections, so, the web server needs the means to distinguish every user’s connections. Session hijacking attack is the exploitation of the web-session & its mechanism that is usually managed with a session token.

76. Since most _______________________ occur at the very beginning of the TCP session, this allows hackers to gain access to any system.
a) authentications
b) breaches
c) integrations
d) associations
Answer: a
Explanation: TCP session hijacking that deals with a security attack on any target victim’s session over a protected network. Since most authentications occur at the very beginning of the TCP session, this allows hackers to gain access to any machine.

77. _______________ is done only after the target user has connected to the server.
a) Server hacking
b) Banner grabbing
c) Cracking
d) Hijacking
Answer: d
Explanation: Hijacking is done only after the target user has connected to the server. Session hijacking attack is the misuse of the web-session that is usually handled with a session token.

78. In _______________ attack, the attacker doesn’t actively take over another user to perform the attack.
a) phishing
b) spoofing
c) hijacking
d) vishing
Answer: b
Explanation: In a spoofing attack, the attacker doesn’t actively take over another user to perform the attack. The most commonly used session hijacking attack is IP spoofing.

79. There are ___________ types of session hijacking.
a) 2
b) 3
c) 4
d) 5
Answer: a
Explanation: The session hijacking is a form of web attack usually managed with a session token. There are two types of session hijacking. These are active and passive session hijacking.

80. With ___________________ attack, an attacker hijacks a session but do not alter anything. They just sit back and watch or record all the traffic and data being sent forth.
a) network session hijacking
b) passive session hijacking
c) active session hijacking
d) social-networking session hijacking
Answer: b
Explanation: There are 2 types of session hijacking viz. active and passive session hijacking. With a passive session hijacking attack, an attacker hijacks a session but do not alter anything. They just sit back and watch or record all the traffic and data being sent forth.

81. In an _________________ attack, an attacker finds an active session & takes over that session.
a) network session hijacking
b) passive session hijacking
c) active session hijacking
d) social-networking session hijacking
Answer: c
Explanation: There are 2 types of session hijacking. These are active and passive session hijacking. In an active session hijacking attack, an attacker finds an active session & takes over that session.

82. Session hijacking takes place at ____________ number of levels.
a) five
b) four
c) three
d) two
Answer: d
Explanation: Session Hijacking works based on the principle of system’s sessions. Session hijacking takes place at two levels. These are network level and application level hijacking.

83. The ______________ hijacking is implemented on the data flow of protocol shared by all web applications.
a) network level
b) physical level
c) application level
d) data level
Answer: a
Explanation: TCP session hijacking that deals with a security attack on any target victim’s session over a protected network. The network hijacking is implemented on the data flow of protocol shared by all web applications.

84. Which of the following example do not comes under network level session hijacking.
a) TCP/IP Hijacking
b) RST Hijacking
c) Domain Hijacking
d) Blind Hijacking
Answer: c
Explanation: The network hijacking is implemented on the data flow of protocol shared by all web applications. Examples of network level hijacking are TCP/IP hijacking, RST hijacking, blind hijacking UDP hijacking etc.

85. In ___________________ session hijacking, hackers gain session ID for taking control of existing session or even create a new unauthorized session.
a) network level
b) physical level
c) application level
d) data level
Answer: b
Explanation: These are network level and application level hijacking. In application level session hijacking, hackers gain session ID for taking control of existing session or even create a new unauthorized session.

86. Which of them is not a session hijacking tool?
a) Juggernaut
b) IP watcher
c) Wireshark
d) Paros HTTP Hijacker
Answer: c
Explanation: The session depicts the time period in which communication of 2 computer systems takes place. Some of the sessions hijacking tools are Jiggernaut, IP watcher and Paros HTTP Hijacker.

87. Which of the following is a session hijacking tool?
a) T-Sight
b) Wireshark
c) Maltego
d) Nessus
Answer: a
Explanation: The session remains valid up to the ending of any communication. Some of the sessions hijacking tools are T-Sight, Jiggernaut, IP watcher and Paros HTTP Hijacker.

88. Hjksuite Tool is a collection of programs for hijacking. It contains a library called hjklib which can help in implementing TCP/IP stack-over hijacking.
a) True
b) False
Answer: a
Explanation: Hjksuite tool is a collection of programs used for session hijacking. It contains a library called hjklib which can help in implementing TCP/IP stack-over hijacking.

1. _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction.
a) Network Security
b) Database Security
c) Information Security
d) Physical Security
Answer: c
Explanation: Information Security (abbreviated as InfoSec) is a process or set of processes used for protecting valuable information for alteration, destruction, deletion or disclosure by unauthorised users.

2. From the options below, which of them is not a threat to information security?
a) Disaster
b) Eavesdropping
c) Information leakage
d) Unchanged default password
Answer: d
Explanation: Disaster, eavesdropping and information leakage come under information security threats whereas not changing the default password of any system, hardware or any software comes under the category of vulnerabilities that the user may pose to its system.

3. From the options below, which of them is not a vulnerability to information security?
a) flood
b) without deleting data, disposal of storage media
c) unchanged default password
d) latest patches and updates not done
Answer: a
Explanation: Flood comes under natural disaster which is a threat to any information and not acts as a vulnerability to any system.

4. _____ platforms are used for safety and protection of information in the cloud.
a) Cloud workload protection platforms
b) Cloud security protocols
c) AWS
d) One Drive
Answer: a
Explanation: Nowadays data centres support workloads from different geographic locations across the globe through physical systems, virtual machines, servers, and clouds. Their security can be managed using Cloud workload protection platforms which manage policies regarding security of information irrespective of its location.

5. Which of the following information security technology is used for avoiding browser-based hacking?
a) Anti-malware in browsers
b) Remote browser access
c) Adware remover in browsers
d) Incognito mode in a browser
Answer: b
Explanation: Cyber-criminals target browsers for breaching information security. If a user establishes a remote browsing by isolating the browsing session of end user, cyber-criminals will not be able to infect the system along with browser with malware, ultimately reducing the attack surface area.

6. The full form of EDR is _______
a) Endpoint Detection and recovery
b) Early detection and response
c) Endpoint Detection and response
d) Endless Detection and Recovery
Answer: c
Explanation: It is a collective name for tools that monitor networks & endpoints of systems and record all the activities for further reporting, analysis & detection in a central database. Analyzing the reports generated through such EDR tools, loopholes in a system or any internal, as well as external breaching attempts can be detected.

7. _______ technology is used for analyzing and monitoring traffic in network and information flow.
a) Cloud access security brokers (CASBs)
b) Managed detection and response (MDR)
c) Network Security Firewall
d) Network traffic analysis (NTA)
Answer: d
Explanation: Network traffic analysis (NTA) is an approach of information security for supervising the traffic in any network, a flow of data over the network as well as malicious threats that are trying to breach the network. This technological solution also helps in triage the events detected by Network Traffic Analysing tools.

8. Compromising confidential information comes under _________
a) Bug
b) Threat
c) Vulnerability
d) Attack
Answer: b
Explanation: Threats are anything that may cause damage or harm to a computer system, individual or any information. Compromising of confidential information means extracting out sensitive data from a system by illegal manner.

9. Lack of access control policy is a _____________
a) Bug
b) Threat
c) Vulnerability
d) Attack
Answer: c
Explanation: Access control policies are incorporated to a security system for restricting of unauthorised access to any logical or physical system. Every security compliance program must need this as a fundamental component. Those systems which lack this feature is vulnerable.

10. Possible threat to any information cannot be ________________
a) reduced
b) transferred
c) protected
d) ignored
Answer: d
Explanation: When there lies a threat to any system, safeguards can be implemented, outsourced, distributed or transferred to some other system, protected using security tools and techniques but cannot be ignored.

11. Risk management is one of the most important jobs for a
a) Client
b) Investor
c) Production team
d) Project manager
Answer: d
Explanation: Risk management involves anticipating risks that might affect the project schedule or the quality of the software being developed, and then taking action to avoid these risks.

12. Which of the following risk is the failure of a purchased component to perform as expected?
a) Product risk
b) Project risk
c) Business risk
d) Programming risk
Answer: a
Explanation: Risks that affect the quality or performance of the software being developed.

13. Which of the following term is best defined by the statement: “There will be a change of organizational management with different priorities.”?
a) Staff turnover
b) Technology change
c) Management change
d) Product competition
Answer: c
Explanation: None.

14. Which of the following term is best defined by the statement: “The underlying technology on which the system is built is superseded by new technology.”?
a) Technology change
b) Product competition
c) Requirements change
d) None of the mentioned
Answer: a
Explanation: Technology changes are common in the competitive environment of software engineering.

15. What assess the risk and your plans for risk mitigation and revise these when you learn more about the risk?
a) Risk monitoring
b) Risk planning
c) Risk analysis
d) Risk identification
Answer: a
Explanation: None.

16. Which of the following risks are derived from the organizational environment where the software is being developed?
a) People risks
b) Technology risks
c) Estimation risks
d) Organizational risks
Answer: d
Explanation: These risks are at management level.

17. Which of the following risks are derived from the software or hardware technologies that are used to develop the system?
a) Managerial risks
b) Technology risks
c) Estimation risks
d) Organizational risks
Answer: b
Explanation: The risks associated with technology might affect the product development.

18. Which of the following term is best defined by the statement: “Derive traceability information to maximize information hiding in the design.”?
a) Underestimated development time
b) Organizational restructuring
c) Requirements changes
d) None of the mentioned
Answer: c
Explanation: Tracing the requirements can help us understand the risk.

19. Which of the following strategies means that the impact of the risk will be reduced?
a) Avoidance strategies
b) Minimization strategies
c) Contingency plans
d) All of the mentioned
Answer: b
Explanation: None.

20. Risk management is now recognized as one of the most important project management tasks.
a) True
b) False
Answer: a
Explanation: None.