Network Security 0371410 Examination Booklet Contributed by: Mr. Ahmed Al-Ghoul 1 1- A Self-Enforcing Protocol (A) Makes it obvious to all parties involved in a transaction when a party attempts to cheat. (B) Uses an adjudicator to evaluate if any party to the transaction cheated (C) Uses a trusted third party (TTP) to mediate the transaction between the various parties (D) Others 2- Disadvantages in using an arbitrated computer protocol. (A) Two sides may not agree on a neutral third party. (B) Arbitration causes a time in communication (C) Secrecy becomes invulnerable, (D) Others 3- One of Goals Of secure computing is : (A) Confidentiality (B) Interruption (C) Modification (D) Others 4-One of the following is threats to security in computing: (A) Confidentiality (B) Interruption (C) Integrity (D) Others 5- Circuit-level Gateway means : (A) Stand-alone system (B) Specialized function performed by an Application-level Gateway (C) Sets up two TCP connections (D) All 6- Fabrication: (A) Counterfeit objects on a computing system. (B) Changing the values in a database modifying a program so that it performs an additional computation, (C) An asset of the system becomes lost, (D) Others 7- Integrity: (A) Viewing, printing (B) Separation and protection of the resources (C) Access to computing resources without difficulties. (D) Others 2 8- Trojan horse is -: (A) A program that overtly does one thing while covertly doing another (B) Can be used to spread infection from one computer to another. (C) A program that has a secret entry point. (D) Others 9- Storage media (A) A collections of software, hardware (B) The intruder may steal computer time just to do computing and he can destroy software (C) Effective security plans consider adequate backups of data and physical protection for the media contains these backups. (D) Others 10 - OS Controls: (A) Limitations enforced By the OS to protect each user from other users (B) Quality standards under which program is designed, coded, tested und maintained (C) Parts of the program that enforce security restriction such as access limitation in a data base management system (D) Others 11- Cipher text is: (A) The encrypted form. (B) A system of encryption and decryption (C) Hidden writing. (D) Others 12- Transient (A) Runs when its attached program executes and terminates when its attached program ends (B) Locates itself in memory so that it can remain active even after its attached program ends (C) A class of malicious code that detonates when a specified condition occurs (D) Others 13- Packet-filtering Router means: (A) Applies a set of rules to each incoming IP packet and then forwards or discards the packet (B) Also called proxy server (C) Acts as a relay of application-level traffic (D) Others 14- Appended Viruses (A) Virus code runs the original program but has control before and after its execution. 3 (B) Virus code attaches itself to a program and is activated whenever the program is run. (C) Virus program replaces some of its target, integrating itself into the original code of the target. (D) Others 15 - Homes for Viruses (A) Boot Sector Viruses (B) Memory-Resident Viruses (C) Other Homes (like Application) (D) All 16 - Virus signatures are used by virus scanners to detect the virus in (A) Storage Patterns (B) Boot Sector (C) Object code (D) Others 17- Polymorphic Viruses using encryption contains three parts one of them: (A) Encryption key (B) Encrypted code (C) Unencrypted object code of the decryption routine (D) Others 18- Preventing Virus Infection: (A) Use only commercial software acquired from reliable, well established vendors (B) Test all old software on an isolated computer (C) Make many copies for your software (D) Others 19-The Sources of Trapdoors are: (A) Debug commands left is code before r testing (B) Poor error checking (C) A small amount of money is shaved from each computation (D) Others 20 – The Causes of Trapdoors are: (A) Forgets to remove them (B) Intentionally leaves them for programmers (C) Intentionally leaves them for users (D) Others 4 21- The Basic Principles of Software Engineering is: (A) Division of Labor (B) Reuse of Code (C) Use of Standard Pre-constructed Software tools (D) All 22- Characteristics of a Module are: (A) Unity (B) Reuse of Code (C) Organized Activity (D) Others 23- Program correctness proofs are hindered by: (A) Program translation is error prone (B) The logical engines are slow (C) Proofs of correctness have not been consistently and successfully applied to large production systems (D) all 24- Characteristics of Trusted Software are: (A) Functional Correctness (B) Enforcement of Integrity (C) Limited Privilege (D) all 25- By Patents we mean : (A) Protect inventions (B) Algorithms are facts of nature (C) Patent process is expensive (D) Others 26-In the fire wall service control: (A) Determines the types of Internet services that can be accessed, inbound or outbound (B) Determines the direction in which particular service requests are allowed to flow (C) Controls access to a service according to which user is attempting to access it (D) Others 27-Threats are categorized as: (A) Passive or active (B) Traffic (C) Masquerade (D) Others 5 28- Release of message contents means: (A) Obtain information that is being transmitted. (B) Telephone conversation, email message and transferred (C) Attack that have a specific target (D) Others files. 29-The basic elements of model of access control are: (A) Subject, Object, Access right (B) Capability list, Object, Access right (C) Centralized, Decentralized (D) Others 30-In the boot sector viruses, virus: (A) Gains control very early in the boot process before most detection tools are active (B) Gains control very early in the boot process after most detection tools are active (C) Gains control in AUTOEXEC.BAT batch file (D) Others 31) By Salami Attack virus we mean: (A) Control viruses (B) A small amount of money is shaved from each computation (C) Trapdoors persist (D) Others 32) The main idea of peer review is: (A) Each team member has a clear design document (B) Team members review each others’ code (C) All team members recognize that the product belongs to the group (D) ALL the above 33) What is a network? (A) A single main processor (B) More than one independent processor. (C) More users and computing systems have access (D) Others 34) Complexity is one of network security problems that mean: (A) Network may combine two or more dissimilar operating systems with mechanisms for interhost connection (B) Sensitive data (C) Insertion of bogus messages (D) Others 35) Authentication is: (A) Modification (B) Insertion 6 (C) Hard to assure identity of user on a remote system (D) Others 36) Copyrights means: (A) Protect expression of ideas (B) Protect inventions (C) Allows the distribution of the result of the secret (D) Others 37) Trade Secret means: (A) Information that gives one company a competitive edge over others (B) Provides protection for the source code and not the algorithm (C) Copy distributed that must be marked (D) Others 38) Communication systems are used to transmit data, it concerns the following: (A) Availability (B) Security (C) Integrity (D) Others 39) Masquerade in communication systems means: (A) This attack may have a specific target (B) Takes place when one entity pretends to be different entity (C) The message are delayed (D) Others 40) Open design principle means: (A) The security of system should not depend on keeping the design of its mechanism secret (B) Interfere with the work of users (C) Security mechanisms should simple and small as possible. (D) Others 41) One of the general techniques for Firewall Characteristics is : (A) Packet-filtering routers (B) Application-level gateways (C) Circuit-level gateways (D) Others 42) The behavior control allows: (A) Controls how particular services are used (B) Controls access to a service according to which user is attempting to access it (C) The types of Internet services that can be accessed (D) Others 43) Filter packets going: 7 (A) In both directions (B) In One direction (C) In Parallel direction (D) Others 44) The main disadvantages of packet-filtering Router: (A) Simplicity (B) Transparency to users (C) Lack of Authentication (D) Others 45) We can call the application-level Gateway: (A) Stand-alone system (B) Proxy server (C) The SOCKS package (D) Others 46-The primary choice for password storage: A- Clear text B- Encrypted password C- Hash value of a password D- All of the above 47-The best storage locations for passwords is. A-Root or administrator readable only B-Readable by anyone. C- Any file D- All of the above. 48- Client/Server Model A Network Access Server (NAS) operates as A- Client to RADIUS. B- User for RADIUS server. C- Peer to RADIUS server. D- None of the above 49- In RADIUS any user passwords are sent A- encrypted. B- Hashed. C- In clear text. D- None of the above. 50- In a computer protocol arbiter is a trustworthy third party who ensures A- Fairness. B- Truth. C- Data. D- People. 51- Low error propagation is one of the advantages of. 8 A- asymmetric B- Block Ciphers C- Stream Ciphers D- none of the above. 52- Substitution ciphers. A- The order of plaintext letters is rearranged during encryption. B- Letters of the plaintext messages are replaced with other letters during the encryption. C- A & B. D- None of the above. 53- One of the security Phases is Response, it means. A-plans/processes that focus on security improvements. B- proactive risk reduction C- to take measures that allow recovery of assets or recovery from damage, and minimize losses. D- to take measures to detect whether an asset has been damaged, how, and who has caused the damage. 54- Transient Viruses A- Locates itself in memory so that it can remain active even after its attached program ends B-Runs when its attached program executes and terminates when its attached program ends C- A & B D- none of the above 55- Appended Viruses A- Virus code attaches itself to a program and is activated whenever the program is run. execution. C- Virus program replaces some of its target, integrating itself into the original code of the target. D- A & C. 56- Virus attaches itself to memory resident code. A- Virus gains control very early in the boot process before most detection tools are active. B- Virus is activated many times while the machine is running C- Virus embeds itself in data files D-None of the above. 57- The DBMS maintains the integrity by: A- Applying field checks 9 B- Access control C- Change log D- All of the above 58-Interruption affects A- availability B- integrity C- authenticity D- none of the above 59-Modification affects A- availability B- integrity C- authenticity D- none of the above 60-Error detection and correction is one of the aspects of A- availability B- integrity C- authenticity D- none of the above 61-International Standards in Information Security are developed by the A- IETF B- ETSI C- IEEE D-ISO/IEC 62- the above graph represent the. A- Asymmetric Cryptosystem B- symmetric Cryptosystem C- Hash function D- Web Access with SSL 63this picture represent A- Arbitrated Protocols B- Adjudicated Protocols. C- A Hardware protocols. D- Self-Enforcing Protocols. 10 11