SHA-1 produces __________ bit of hash.
1.128
2.160
3.150
4.112
What are characteristics of Network based IDS?
1.They look for attack signatures in network traffic
2.Filter decides which traffic will not be discarded or passed
3.It is programmed to interpret a certain series of packet
4. It models the normal usage of network as a noise characterization
What is known as a sandbox?
1.It is a program which can be molded to do the desired task
2. It is a program that is controlled or emulated section of OS
3.It is a special mode of antivirus
4.None of the mentioned
What is the best practice in the firewall domain environment?
1. Create two domain trusted and untrusted domain
2. Create strong policy in firewall to support different types of users
3.Create a Demilitarized zone
4.Create two DMZ zones with one untrusted domain
Which is not a valid port scan type?
1. ACK scanning
2. Window scanning
3.IGMP scan
4.FIN scanning
How do viruses avoid basic pattern match of antivirus?
1.They are encrypted
2. They act with special permissions
3.They modify themselves
4.None of the mentioned
How does an antivirus of today identify viruses?
1. Previously known patterns
2.It can detect unknown patterns
3.It can take high priority to increase scanning speed
4.None of the mentioned
MD5 produces __________ bits hash data.
1.128
2.150
3.160
4.112
The time for the disk arm to move the heads to the cylinder containing the desired sector is called ______
1.disk time
2.seek time
3.arm time
4.sector time
What are characteristics of stack based IDS?
1.They are integrated closely with the TCP/IP stack and watch packets
2.The host operating system logs in the audit information
3.It is programmed to interpret a certain series of packets
4.It models the normal usage of network as a noise characterization
What are strengths of Network based IDS?
1.Cost of ownership reduced
2.Malicious intent detection
3.Real time detection and response
4. All of the mentioned
What are the characteristics of anomaly based IDS?
1. It models the normal usage of network as a noise characterization
2.It doesn’t detect novel attacks
3.Anything distinct from the noise is not assumed to be intrusion activity
4. It detects based on signature
What are the characteristics of signature based IDS?
1.Most are based on simple pattern matching algorithms
2.It is programmed to interpret a certain series of packets
3.It models the normal usage of network as a noise characterization
4.Anything distinct from the noise is assumed to be intrusion activity
What are the different ways to classify an IDS?
1. anomaly detection
2.signature based misuse
3. stack based
4.All of the Mentioned
What are the different ways to classify an IDS?
1. anomaly detection
2.signature based misuse
3. stack based
4.All of the Mentioned
What are the different ways to intrude?
1.Buffer overflows
2.Unexpected combinations and unhandled input
3.Race conditions
4.All of the Mentioned
What are the drawbacks of signature based IDS?
1.They are unable to detect novel attacks
2.They suffer from false alarms
3.They have to be programmed again for every new pattern to be detected
4.All of the Mentioned
What are the drawbacks of the host based IDS?
1. Unselective logging of messages may increase the audit burdens
2. Selective logging runs the risk of missed attacks
3.They are very fast to detect
4.They have to be programmed for new patterns
What are the major components of the intrusion detection system?
1. Analysis Engine
2.Event provider
3.Alert Database
4.All of the Mentioned
What are the strengths of the host based IDS?
1. Attack verification
2.System specific activity
3.No additional hardware required
4.All of the Mentioned
What are the two features of a tripwire file system?
1.It is a tool to monitor file systems
2.It is used to automatically take corrective action
3. It is used to secure UNIX system
4.None of the mentioned
What are zombie systems?
1.Are specific system which are designed to attack by manufacturer
2.They are network of known hacking group
3.These systems are previously compromised independent systems
4.None of the mentioned
What is a Hash Function?
1. It creates a small flexible block of data
2. It creates a small,fixed block of data
3.It creates a encrypted block of data
4.None of the mentioned
What is are two safe computing practices?
1. Not to open software from unknown vendors
2.Open and execute programs in admin level/root
3.Open and execute programs in presence of antivirus
4.None of the mentioned
What is breach of availability?
1.This type of violation involves unauthorized reading of data
2.This violation involves unauthorized modification of data
3.This violation involves unauthorized destruction of data
4.This violation involves unauthorized use of resources
What is cipher-block chaining?
1.Data is logically ‘ANDed’ with previous block
2.Data is logically ‘ORed’ with previous block
3.Data is logically ‘XORed’ with previous block
4.None of the mentioned
What is known as a DOS attack?
1. It is attacked to block traffic of network
2.It is attacked to harm contents stored in HDD by worm spawn processes
3.It is an attempt to make a machine or network resource unavailable
4. none of the mentioned
What is known as masquerading?
1.When one participant in communication pretends to be someone else
2.When attacker modifies data in communication
3.When attack is of fraudulent repeat of a valid data
4.When attack gains access to remote systems
What is not a role of encryption?
1.It is used to protect data from unauthorized access during transmission
2.It is used to ensure user authentication
3. It is used to ensure data integrity
4.It is used to ensure data corruption doesn’t happens
What is not an encryption standard?
1.AES
2.TES
3.Triple DES
4.DES
What is not an important part of security protection?
1.Large amount of RAM to support antivirus
2.Strong passwords
3.Audit log periodically
4. Scan for unauthorized programs in system directories
What is port scanning?
1.It is a software used to scan system for attack
2.It is a software application designed to probe a server or host for open ports
3.It is software used to scan system for introducing attacks by brute force
4.None of the mentioned
What is the major drawback of anomaly detection IDS?
1. These are very slow at detection
2. It generates many false alarms
3. It doesn’t detect novel attacks
4.None of the mentioned
What is the preferred way of encryption?
1.pre shared secret key
2.using key distribution center (KDC)
3.public key-encryption
4.symmetric key
What is the role of Key Distribution Center?
1.It is used to distribute keys to everyone in world
2.It intended to reduce the risks inherent in exchanging keys
3.All of the mentioned
4.None of the mentioned
What is theft of service?
1.This type of violation involves unauthorized reading of data
2.This violation involves unauthorized modification of data
3.This violation involves unauthorized destruction of data
4.This violation involves unauthorized use of resources
What is trap door?
1.IT is trap door in WarGames
2.It is a hole in software left by designer
3.It is a Trojan horse
4.It is a virus which traps and locks user terminal
What is Trojan horse?
1.It is a useful way to encrypt password
2.It is a user which steals valuable information
3.It is a rogue program which tricks users
4. It’s a brute force attack algorithm
What is used to protect network from outside internet access?
1.A trusted antivirus
2.A trusted antivirus
3.Firewall to separate trusted and untrusted network
4.Deny users access to websites which can potentially cause security leak
Which algorithm of disk scheduling selects the request with the least seek time from the current head positions?
1.SSTF scheduling
2.FCFS scheduling
3.SCAN scheduling
4.LOOK scheduling
Which direction access cannot happen using DMZ zone by default?
1.Company computer to DMZ
2.Internet to DMZ
3. Internet to company computer
4.Company computer to internet
Which is not a port scan type?
1.TCP scanning
2.SYN scanning
3.UDP scanning
4.SYSTEM Scanning
Which mechanism is used by worm process?
1. Trap door
2.Fake process
3. Spawn Process
4.VAX process
Which of the following is not a characteristic of a virus?
1.Virus destroy and modify user data
2. Virus is a standalone program
3. Virus is a code embedded in a legitimate program
4. Virus cannot be detected
Which of the following is not a stream cipher?
1. Two fish
2.RC5
3.RC4
4.TBONE
Which one of the following is not a secondary storage?
1. Magnetic disks
2.Magnetic tapes
3.RAM
4.None of the mentioned
Which private network uses storage protocol rather than networking protocol?
1. storage area network
2.local area network
3. wide area network
4.None of the mentioned
Which two of the following are authentication algorithms?
1.MAC
2.AES
3.DAS
4.Digital-signature
Who unleashed famous worm attack in 1988 which effected UNIX systems and caused losses in millions?
1.Robert Morris
2.Bob Milano
3. Mark zuckerberg
4.Bill Gates
With regard to DOS attack what is not true from below options?
1.We can stop DOS attack completely
2. By upgrading OS vulnerability we can stop DOS attack to some extent
3.DOS attack has to be stopped at network level
4.Such attack can last for hours