Network security

advertisement
Network Security
0371410
Examination
Booklet
Contributed by:
Mr. Ahmed Al-Ghoul
1
1- A Self-Enforcing Protocol
(A) Makes it obvious to all parties involved in a transaction when a party
attempts to cheat.
(B) Uses an adjudicator to evaluate if any party to the transaction cheated
(C) Uses a trusted third party (TTP) to mediate the transaction between the
various parties
(D) Others
2- Disadvantages in using an arbitrated computer protocol.
(A) Two sides may not agree on a neutral third party.
(B) Arbitration causes a time in communication
(C) Secrecy becomes invulnerable,
(D) Others
3- One of Goals Of secure computing is :
(A) Confidentiality
(B) Interruption
(C) Modification
(D) Others
4-One of the following is threats to security in computing:
(A) Confidentiality
(B) Interruption
(C) Integrity
(D) Others
5- Circuit-level Gateway means :
(A) Stand-alone system
(B) Specialized function performed by an Application-level Gateway
(C) Sets up two TCP connections
(D) All
6- Fabrication:
(A) Counterfeit objects on a computing system.
(B) Changing the values in a database modifying a program so that it performs
an additional computation,
(C) An asset of the system becomes lost,
(D) Others
7- Integrity:
(A) Viewing, printing
(B) Separation and protection of the resources
(C) Access to computing resources without difficulties.
(D) Others
2
8- Trojan horse is -:
(A) A program that overtly does one thing while covertly doing another
(B) Can be used to spread infection from one computer to another.
(C) A program that has a secret entry point.
(D) Others
9- Storage media
(A) A collections of software, hardware
(B) The intruder may steal computer time just to do computing and he can
destroy software
(C) Effective security plans consider adequate backups of data and physical
protection for the media contains these backups.
(D) Others
10 - OS Controls:
(A) Limitations enforced By the OS to protect each user from other users
(B) Quality standards under which program is designed, coded, tested und
maintained
(C) Parts of the program that enforce security restriction such as access
limitation in a data base management system
(D) Others
11- Cipher text is:
(A) The encrypted form.
(B) A system of encryption and decryption
(C) Hidden writing.
(D) Others
12- Transient
(A) Runs when its attached program executes and terminates when its
attached program ends
(B) Locates itself in memory so that it can remain active even after its attached
program ends
(C) A class of malicious code that detonates when a specified condition occurs
(D) Others
13- Packet-filtering Router means:
(A) Applies a set of rules to each incoming IP packet and then forwards or
discards the packet
(B) Also called proxy server
(C) Acts as a relay of application-level traffic
(D) Others
14- Appended Viruses
(A) Virus code runs the original program but has control before and after its
execution.
3
(B) Virus code attaches itself to a program and is activated whenever the
program is run.
(C) Virus program replaces some of its target, integrating itself into the original
code of the target.
(D) Others
15 - Homes for Viruses
(A) Boot Sector Viruses
(B) Memory-Resident Viruses
(C) Other Homes (like Application)
(D) All
16 - Virus signatures are used by virus scanners to detect the virus in
(A) Storage Patterns
(B) Boot Sector
(C) Object code
(D) Others
17- Polymorphic Viruses using encryption contains three parts one of them:
(A) Encryption key
(B) Encrypted code
(C) Unencrypted object code of the decryption routine
(D) Others
18- Preventing Virus Infection:
(A) Use only commercial software acquired from reliable, well established
vendors
(B) Test all old software on an isolated computer
(C) Make many copies for your software
(D) Others
19-The Sources of Trapdoors are:
(A) Debug commands left is code before r testing
(B) Poor error checking
(C) A small amount of money is shaved from each computation
(D) Others
20 – The Causes of Trapdoors are:
(A) Forgets to remove them
(B) Intentionally leaves them for programmers
(C) Intentionally leaves them for users
(D) Others
4
21- The Basic Principles of Software Engineering is:
(A) Division of Labor
(B) Reuse of Code
(C) Use of Standard Pre-constructed Software tools
(D) All
22- Characteristics of a Module are:
(A) Unity
(B) Reuse of Code
(C) Organized Activity
(D) Others
23- Program correctness proofs are hindered by:
(A) Program translation is error prone
(B) The logical engines are slow
(C) Proofs of correctness have not been consistently and successfully applied to
large production systems
(D) all
24- Characteristics of Trusted Software are:
(A) Functional Correctness
(B) Enforcement of Integrity
(C) Limited Privilege
(D) all
25-
By Patents we mean :
(A) Protect inventions
(B) Algorithms are facts of nature
(C) Patent process is expensive
(D) Others
26-In the fire wall service control:
(A) Determines the types of Internet services that can be accessed, inbound or
outbound
(B) Determines the direction in which particular service requests are allowed to
flow
(C) Controls access to a service according to which user is attempting to access
it
(D) Others
27-Threats are categorized as:
(A) Passive or active
(B) Traffic
(C) Masquerade
(D) Others
5
28- Release of message contents means:
(A) Obtain information that is being transmitted.
(B) Telephone conversation, email message and transferred
(C) Attack that have a specific target
(D) Others
files.
29-The basic elements of model of access control are:
(A) Subject, Object, Access right
(B) Capability list, Object, Access right
(C) Centralized, Decentralized
(D) Others
30-In the boot sector viruses, virus:
(A) Gains control very early in the boot process before most detection tools
are active
(B) Gains control very early in the boot process after most detection tools are
active
(C) Gains control in AUTOEXEC.BAT batch file
(D) Others
31) By Salami Attack virus we mean:
(A) Control viruses
(B) A small amount of money is shaved from each computation
(C) Trapdoors persist
(D) Others
32) The main idea of peer review is:
(A) Each team member has a clear design document
(B) Team members review each others’ code
(C) All team members recognize that the product belongs to the group
(D) ALL the above
33) What is a network?
(A) A single main processor
(B) More than one independent processor.
(C) More users and computing systems have access
(D) Others
34) Complexity is one of network security problems that mean:
(A) Network may combine two or more dissimilar operating systems with
mechanisms for interhost connection
(B) Sensitive data
(C) Insertion of bogus messages
(D) Others
35) Authentication is:
(A) Modification
(B) Insertion
6
(C) Hard to assure identity of user on a remote system
(D) Others
36) Copyrights means:
(A) Protect expression of ideas
(B) Protect inventions
(C) Allows the distribution of the result of the secret
(D) Others
37) Trade Secret means:
(A) Information that gives one company a competitive edge over others
(B) Provides protection for the source code and not the algorithm
(C) Copy distributed that must be marked
(D) Others
38) Communication systems are used to transmit data, it concerns the following:
(A) Availability
(B) Security
(C) Integrity
(D) Others
39) Masquerade in communication systems means:
(A) This attack may have a specific target
(B) Takes place when one entity pretends to be different entity
(C) The message are delayed
(D) Others
40) Open design principle means:
(A) The security of system should not depend on keeping the design of its
mechanism secret
(B) Interfere with the work of users
(C) Security mechanisms should simple and small as possible.
(D) Others
41) One of the general techniques for Firewall Characteristics is :
(A) Packet-filtering routers
(B) Application-level gateways
(C) Circuit-level gateways
(D) Others
42) The behavior control allows:
(A) Controls how particular services are used
(B) Controls access to a service according to which user is attempting to access
it
(C) The types of Internet services that can be accessed
(D) Others
43) Filter packets going:
7
(A) In both directions
(B) In One direction
(C) In Parallel direction
(D) Others
44) The main disadvantages of packet-filtering Router:
(A) Simplicity
(B) Transparency to users
(C) Lack of Authentication
(D) Others
45) We can call the application-level Gateway:
(A) Stand-alone system
(B) Proxy server
(C) The SOCKS package
(D) Others
46-The primary choice for password storage:
A- Clear text
B- Encrypted password
C- Hash value of a password
D- All of the above
47-The best storage locations for passwords is.
A-Root or administrator readable only
B-Readable by anyone.
C- Any file
D- All of the above.
48- Client/Server Model A Network Access Server (NAS) operates as
A- Client to RADIUS.
B- User for RADIUS server.
C- Peer to RADIUS server.
D- None of the above
49- In RADIUS any user passwords are sent
A- encrypted.
B- Hashed.
C- In clear text.
D- None of the above.
50- In a computer protocol arbiter is a trustworthy third party who ensures
A- Fairness.
B- Truth.
C- Data.
D- People.
51- Low error propagation is one of the advantages of.
8
A- asymmetric
B- Block Ciphers
C- Stream Ciphers
D- none of the above.
52- Substitution ciphers.
A- The order of plaintext letters is rearranged during encryption.
B- Letters of the plaintext messages are replaced with other letters during the
encryption.
C- A & B.
D- None of the above.
53- One of the security Phases is Response, it means.
A-plans/processes that focus on security improvements.
B- proactive risk reduction
C- to take measures that allow recovery of assets or recovery from damage, and
minimize losses.
D- to take measures to detect whether an asset has been damaged, how, and who has
caused the damage.
54- Transient Viruses
A- Locates itself in memory so that it can remain active even after its attached
program ends
B-Runs when its attached program executes and terminates when its attached
program ends
C- A & B
D- none of the above
55- Appended Viruses
A- Virus code attaches itself to a program and is activated whenever the
program is run.
execution.
C- Virus program replaces some of its target, integrating itself into the original code
of the target.
D- A & C.
56- Virus attaches itself to memory resident code.
A- Virus gains control very early in the boot process before most detection tools are
active.
B- Virus is activated many times while the machine is running
C- Virus embeds itself in data files
D-None of the above.
57- The DBMS maintains the integrity by:
A- Applying field checks
9
B- Access control
C- Change log
D- All of the above
58-Interruption affects
A- availability
B- integrity
C- authenticity
D- none of the above
59-Modification affects
A- availability
B- integrity
C- authenticity
D- none of the above
60-Error detection and correction is one of the aspects of
A- availability
B- integrity
C- authenticity
D- none of the above
61-International Standards in Information Security are developed by the
A- IETF
B- ETSI
C- IEEE
D-ISO/IEC
62-
the above graph represent the.
A- Asymmetric Cryptosystem
B- symmetric Cryptosystem
C- Hash function
D- Web Access with SSL
63this picture represent
A- Arbitrated Protocols
B- Adjudicated Protocols.
C- A Hardware protocols.
D- Self-Enforcing Protocols.
10
11
Download