P.D.E.

A’s
Prof Ramkrishna More Arts,Commerce and Science College,Akurdi Pune-44

Introduction to Cyber Security

Practice MCQ Questions with Solutions
Module 4: System and Application Security
1. When an attempt is to make a machine or network resource unavailable to its intended users,
the attack is called
a) denial-of-service attack
b) slow read attack
c) spoofed attack
d) starvation attack
Answer:a
2. The code segment that misuses its environment is called a
a) internal thief
b) trojan horse
c) code stacker
d) none of the mentioned
Answer:b

3. The internal code of any software that will set of a malicious function when specified
conditions are met, is called
a) logic bomb
b) trap door
c) code stacker
d) none of the mentioned
Answer:a

4. The pattern that can be used to identify a virus is known as

a) stealth
b) virus signature
c) armoured
d) multipartite
Answer:b
5. Which one of the following is a process that uses the spawn mechanism to revage the system
performance?
a) worm
b) trojen
c) threat
d) virus
Answer:a

6. What is a trap door in a program?

a) a security hole, inserted at programming time in the system for later use
b) a type of antivirus
c) security hole in a network
d) none of the mentioned
Answer:a

7. Which one of the following is not an attack, but a search for vulnerabilities to attack?
a) denial of service
b) port scanning
c) memory access violation
d) dumpster diving
Answer:b

8. File virus attaches itself to the

a) source file
b) object file
c) executable file
d) all of the mentioned
Answer:c

9. Multipartite viruses attack on

a) files
b) boot sector
c) memory
d) all of the mentioned
Answer:d

10. In asymmetric encryption

a) same key is used for encryption and decryption
b) different keys are used encryption and decryption
c) no key is required for encryption and decryption
d) none of the mentioned
Answer:b

11. In computer security, ………. means that computer system assets can be modified only by
authorized parities.
A) Confidentiality
B) Integrity
C) Availability
D) Authenticity
Answer:- B) Integrity
12. In computer security, ……… means that the information in a computer system only be
accessible for reading by authorized parities.
A) Confidentiality
B) Integrity
C) Availability
D) Authenticity
Answer:- A) Confidentiality

13. The type of threats on the security of a computer system or network are ……………………..
i) Interruption ii) Interception iii) Modification
iv) Creation v) Fabrication
A) i, ii, iii and iv only
B) ii, iii, iv and v only
C) i, ii, iii and v only
D) All i, ii, iii, iv and v
Answer:- C) i, ii, iii and v only

14. Which of the following is independent malicious program that need not any host program?
A) Trap doors
B) Trojan horse
C) Virus
D) Worm
Answer:- D) Worm

15. The ……….. is code that recognizes some special sequence of input or is triggered by being
run from a certain user ID of by unlikely sequence of events.
A) Trap doors
B) Trojan horse
C) Logic Bomb
D) Virus
Answer:- A) Trap doors
16. The …………….. is code embedded in some legitimate program that is set to “explode”
when certain conditions are met.
A) Trap doors
B) Trojan horse
C) Logic Bomb
D) Virus
Answer:- C) Logic Bomb
17. Which of the following malicious program do not replicate automatically?
A) Trojan Horse
B) Virus
C) Worm
D) Zombie
Answer:- A) Trojan Horse

18. …………… programs can be used to accomplish functions indirectly that an unauthorized
user could not accomplish directly.
A) Zombie
B) Worm
C) Trojan Horses
D) Logic Bomb
Answer:- C) Trojan Horses

19. State whether true of false.

i) A worm mails a copy of itself to other systems.
ii) A worm executes a copy of itself on another system.
A) True, False
B) False, True
C) True, True
D) False, False
Answer:- C) True, True

20. A ………….. is a program that can infect other programs by modifying them, the
modification includes a copy of the virus program, which can go on to infect other programs.
A) Worm
B) Virus
C) Zombie
D) Trap doors
Answer:- B) Virus
21. First model design for the information security is _______
a. Bell-lapadula model
b. Biba Model
c. Clark-Wilson Model
d. Chinese Wall model
Ans:A
22.The main important thing about Biba model is _________
a. Confidentiality
b. Integrity
c. Availability
d. Preventing the data
Ans:B

23.Ability to read information, access the information from company you want only once is the
goal of ___________
a. Bell-lapadula model
b. Biba Model
c. Clark-Wilson Model
d. Chinese Wall model
Ans:D

24.The Clark-Wilson model includes ___________ of the data for security.

a. Confidentiality
 b. Integrity
c. Availability
d. Preventing the data
Ans:A

25.What are the priority for security level_____

a. Unclassified data>Secrete > Confidential>Top secret.
b. Secrete > Confidential> Unclassified data>Top secrete
c. Top secrete > Secrete > Confidential >Unclassified data.
d. Unclassified data>Confidential>Secrete>Top secrete
Ans:C
26) …………… is to protect data and passwords.
A) Encryption
B) Authentication
C) Authorization
D) Non-repudiation

Ans:-A

27.) The primary goal of the ………………….. protocol is to provide a private channel between
communicating application, which ensures privacy of data authentication of the partners, and
integrity.
A) SSL
B) ESP
C) TSL
D) PSL
Ans:-A

28) The ……………. is used to provide integrity check, authentication and encryption to IP
datagram.
A) SSL
B) ESP
C) TSL
D) PSL
Ans:-B

29) In ……………………. mode, a common technique in packet-switched networks consists of

wrapping a packet in a new one.
A) Tunneling
B) Encapsulation
C) Both A and B
D) None of the above
Ans:-C
 30) At the lower layer of SSL, a protocol for transferring data using a variety of predefined
cipher and authentication combinations called the ……………….
A) SSL handshake protocol
B) SSL authentication protocol
C) SSL record protocol
D) SSL cipher protocol
Ans:-C

31) On the upper layer of SSL, a protocol for initial authentication and transfer of encryption
keys, called the …………………
A) SSL handshake protocol
B) SSL authentication protocol
C) SSL record protocol
D) SSL cipher protocol
Ans:-A

32) What is used for database security ?

[A] data encryption
[B] a view
[C] finger print
[D] all of the above
Ans:-D

33) Prevention of access to the database by unauthorized users is referred to as

[A] Integrity [B] Productivity [C] Security [D] Reliability
Ans:-C

34)Authentication refers to :

[A] methods of restricting user access to system [B] controlling access to portions of database [C]
controlling the operation on the data [D] all of the above
Ans:-D
35)Data integrity means :

[A] providing first access to stored data [B] ensuring correctness and consistency of data [C]
providing data sharing [D] none of the above
Ans:-B
36. Operating system security is the process of ensuring OS integrity, confidentiality and
____________.
a) Threats b) virus c) techniques d) availability

Ans: d
37. In computer security a __________ is a weakness which allows an attacker to reduce a
systems information assurance.
a) Vulnerability b) integrity c) hacking d) risk

Ans: a
38. __________ is an exampleof vulnerabilities.
a) The personnel b) Hardware c) Software d) All of the above

Ans: d
39. ________ is a common type of software flaws that lead to vulnerabilities.
a) SQL injection b) social engineering c) management d) firewalls

Ans: a
40. Microsoft no longer provides updates for __________ operating system.
a)Windows XP b) Apple c) Linux d) Windows NT

Ans : a

41. Which of the following malicious program do not replicate automatically?

a) Trojan Horse b) Viruss c) Worm d) Zombie
Ans: a
42. ___________ is the most vulnerable OS.
a) Windows 8 b) Windows vista c) Mac OS X d) Linux

Ans :-c
43. ___________ Software is a computer software used to prevent , detect and remove
malicious software.
a) Antivirus b) OS c) virus d) none of the above
Ans : a
44. __________ is an example of virus.
a) Hacking b) Sunday c) Avast d) all of the above
Ans : b
45. __________ is an utility to check the integrity of windows 7 OS.
a) Patches b) antivirus c) system file checker d) Avast
Ans : c
46. File virus attaches itself to the
 a) source fileb) object filec) executable filed) all of the above
Ans: c
47. ________ may be classified as Vulnerability
a) Security b) computer security c) security risk d) attacker
Ans : c
48. Top Vulnerabilities to unix system are __________.
a) Send mail b) SSH c) SNMP d) all of the above
Ans : d
49. ________ is an example of antivirus software.
a) W97M b) Quick Heal c) Cascade d) none of the above
Ans : b
50. A secret word or number used to gain access to a computer system is called …………
a) Passwordb) Active numberc) Vaccined) Code number
Ans: a
51. _________ scans your computer and provides a list of updates.
a) Linux updates b) patches c) windows updates d) none of the above
Ans : c

52) In IEEE 802.11 a BSS without an AP is called an ________

a) An Infrastructure Network
b) An adhoc architecture
c) Either a) or b)
d) neither a) or b)
ans :-b)
53) In Bluetooth ,multiple ___form network called a_____
a) Piconet :Bluenet
b) Scatternet:piconet
c) Piconet:Scatternet
d) Bluenet:Scatternet
ans :-c)

54) In IEEE 802.11 a station with ______mobility can move from one BSS to another,
but the movement is confined inside one ESS.
a) ESS – transition
b) No-transition
c) BSS-transition
d) None of the above
ans :-c)

55) In IEEE 802.11 a __is made of stationary or mobile wireless stations and an optional
central base station known as the access point (AP)
 a) BSS
b) CSS
c) ESS
d) None of the above
ans :-a)

56) A Bluetooth network is called a ______.

a) Scatternet
b) Bluenet
c) Piconet
d) None of the above
ans :-c)

57) A Bluetooth network consists of primary devices and upto ___ secondary devices.
a) One; seven
b) One ; Five
c) Five ; Three
d) Two ; Six
ans :-a)

58) In IEEE 802.11 a BSS with an AP is sometimes refered to as

a) An infrastructure network
b) An ad_hoc architecture
c) Either (a) or (b)
d) Neither (a) nor (b)
ans :-a)

59) In IEEE 802.11 the mac layer frame has ____ fields.
a) Four
b) Six
c) Five
d) None of the above
ans :-d)

60) In IEEE 802.11 communication between two stations in two different BSSs usually
occurs via two ___
a) ESSs
b) Aps
c) BSSs
d) None of the above
ans :-b)
 61) Bluetooth is a ____ technology that connects devices in small area
a) VLAN
b) Wired LAN
c) Wireless LAN
d) None of the above
ans :-c)

62.S/MIME stands for ____________.

a. standard multipurpose internet mail extensions.
b. secure multipurpose internet mail extensions.
c. secure multipurpose international mail extensions.
d. standard multipurpose international mail extensions.
Answer: B.

63) _________ uniquely identifies the MIME entities uniquely with reference to multiple
contexts.
a. Content description.
b. Content -id.
c. Content type.
d. Content transfer encoding.
Answer: B.

64) The processed S/MIME along with security related data is called as ________.
a. public key cryptography standard.
b. private key cryptography standard.
c. S/MIME.
d. MIME.
Answer: A.

65) In S/MIME,MLA stands for __________.

a. mailing list agent.
b. multipurpose list agent.
c. mail lock agent.
d. message link agent.
Answer: A.
66) The cryptography algorithms used in S/MIME are _________.
a. IDEA.
b. RC4.
c. RSA,DES-3.
d. RC5.
Answer: C

67) Pretty good privacy (PGP) is used in

a) browser security
b) email security
c) FTP security
d) none of the mentioned
Answer:b
68) Pretty good privacy (PGP) security system uses
a) Public key cryptosystem
b) Private key cryptosystem
c) Both of the mentioned
d) None of the mentioned
Answer: c
69) PGP offers _____ block ciphers for message encryption.
a) Triple-DES
b) CAST
c) IDEA
d) All of the mentioned
Answer: d
70) One security protocol for the e-mail system is ___
a) IPSec
b) SSL
c) PGP
d) None of the above
Answer: c
71) In PGP, to exchange e-mail messages, a user needs a ring of _______ keys
a)secret
b) public
c) either a or b
d) both a and b
Answer: b
72.Which of the following is desktop security management technique?
a) Passwords
 b) Firewall
c) Virus protection
d) All of the above
Answer: d