Question 1 : Which of the following is NOT TRUE relating to rule-based detection system?
It detects deviation from previous usage patterns.
It uses historical audit records.
It defines thresholds.
It makes use of expert system.
Question 2: Demilitarized zone (DMZ) can be found in which firewall configuration?
screened host firewall, single-homed bastion
screened host firewall, dual-homed bastion
Single bastion T
screened subnet firewall
Question 3: Asymmetric cryptography ensures that:
encryption and authentication can take place without sharing private keys.
encryption of the secret key is performed with the fastest algorithm available.
encryption occurs only when both parties have been authenticated.
confidentiality is provided using public key.
Question 4: A computer virus has the following parts:
Idle, Spread & Infect
Dormant, Propagation, Triggering & Execution
Infect, Spread & Trigger
Infection mechanism, Trigger & Payload
Question 5: Which of the following is TRUE relating to security service?
Denial of service is an example of security service.
Security services implement security policies.
Security services are services designed to detect, prevent or recover from an attack.
It includes notarization service.
Question 6: Which of the following is an example of a passive attack?
sniffing of message
masquerade
replay attack
denial of service
Question 7: The followings are steps to perform digital envelope:
Compute the hash value H of the message; Sign H using sender's private key; Send out the message
Compute the hash value H of the message; Sign H using receiver's public key; Send out the message
Compute the session key; Encrypt the session key with the receiver's private key; Encrypt the message with the session key; Append the encrypted session key to the ciphertext; Send out the message
Compute the session key; Encrypt the message with the session key; Encrypt the session key with the receiver's public key, Append the encrypted session key to the ciphertext; Send out the message
Question 8: The salt used in the UNIX password system is _______.
to increase the length of the password
to allow the user to change the password
to store the password file
to enable ease of encryption
Question 9: Which of the following is FALSE relating to RC4 algorithm?
It is based on stream cipher
Both the key size must be 128 bits
It is also used in the Wired Equivalent Privacy (WEP) protocol and the WiFi Protected Access (WPA) protocol
It makes use of permutation operation
Question 10: In the following viruses, which one can hide itself from detection by antivirus software?
parasitic virus
stealth virus
boot sector virus
macro virus
Question 11: Which of the following is FALSE relating to firewall?
Bastion host executes a secure version of its operating systems.
Tiny fragment attack is an attack that deter the firewall from properly inspecting the headers.
A stateful inspection firewall reviews the same packet information as a packet filtering firewall, but also records information about TCP connections.
Most packet filter firewalls support advanced user authentication mechanisms.
Question 12: Which of the following in NOT TRUE related to intrusion detection systems?
Intrusion detection is based on the assumption that the behaviour of the intruder differs from that of a legitimate user.
False positive means that intruders are not identified as intruders
Intrusion detection enables the collection of information about intrusion techniques
Honeypots are designed to encourage the attacker to stay on the system long enough for administrators to respond.
Question 13: Fabrication is a security attack against ________.
integrity
non-repudiation
authentication
modification
Question 14: The following is associated with public key certificates.
Public key certificates are encrypted by the certificate authority (CA)'s secret key.
Public key certificate consists of information such as User ID, public and private keys.
Certificates can only be issued by a third party.
Public key certificates are used in network applications such as SSL and S/MIME.
Question 15: Which of the following is FALSE?
Between internal and external firewalls are one or more networked devices in a region referred to as a DMZ (demilitarized zone) network.
Asymmetric key cryptography can use private key to encrypt the message and public key to decrypt the encrypted message.
The objective of the digital immune system is to provide rapid response time so that viruses can be stamped out almost as soon as they are introduced.
A hash code can be computed from the source message, encrypted using asymmetric encryption and a secret key, and appended to the message
Question 16: Which of the following is NOT one of the properties of hash function?
It produces a fixed size length.
From the hash value, it is not possible to find its original message.
It is possible to find an alternative message with the same hash value as a given message.
Message can be of variable length.
Question 17: Which of the following is FALSE relating to malware software?
Malicious software is software that is intentionally included or inserted in a system for a harmful purpose.
A virus is a program that can replicate itself and send copies from computer to computer across network connections
Flooders are types of malware that are used to attack networked computer systems with a large volume of traffic
Logic Bomb is one of the oldest types of malware program.
Question 18: If a user wish to obtain a certificate from a trusted CA (Certificate Authority), the user must present proof of identity and a:
Private key
Public key
Session key
Secret key
Question 19: Which one of the following default policy would permit those packets stated in the policy rule of the firewall?
Discard
Forward
Block
Allow
Question 20: Ali needs to send a private e-mail to Farida. Ali does not want anyone to have the ability to read the e-mail except for Farida. Which tenet of information security is concerned about?
Authentication
Integrity
Confidentiality
Non repudiation.