Top 50+ Solved Information Security MCQ Questions Answer
Q. This technology is used to measure and analyze human body characteristics forauthentication purposes.
a. Footprinting
b. Biometrics
c. JBOD
d. Anthropomorphism
Q. __________ is an electronic or paper log used to track computer activity.
a. Traceroute
b. Cookie
c. Weblog
d. Audit trail
Q. This is a series of messages sent by someone attempting to break into a computer to learn which computer network services the computer provides.
a. Bit robbing
b. Web services description language (WSDL)
c. Jabber
d. Port scan
Q. This is the name for a group of programmers who are hired to expose errors or securityholes in new software or to find out why a computer network's security is being broken.
a. ERM group
b. Computer emergency response tea
c. Tiger team
d. Silicone cockroach
Q. This is a mechanism for ensuring that only authorized users can copy or use specific software applications.
a. Authorized program analysis report
b. Private key
c. Service level agreement
d. Dongle
Q. This is a Peripheral Component Interconnect (PCI) card that offloads SSL processing tospeed up secure transactions on e-commerce Web sites.
a. PCMCIA card
b. Smart card
c. Server accelerator card
d. Network interface card
Q. ___________is a form of eavesdropping used to pick up telecommunication signals bymonitoring the electromagnetic fields produced by the signals.
a. Reverse engineering
b. Magneto resistive head technology
c. Van Eck phreaking
d. Electronic data processing (EDP)
Q. This enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
a. Security Identifier (SID)
b. Public key infrastructure (PKI)
c. Internet Assigned Numbers Authority (IANA)
d. Private Branch Exchange (PBX)
Q. This is an assault on the integrity of a security system in which the attacker substitutesa section of cipher text (encrypted text) with a different section that looks like (but is not the same as) the one removed.
a. Trojan horse
b. Hashing
c. Switching fabric
d. Cut and paste attack
Q. Which of the following is an advantage of anomaly detection?
a. Rules are easy to define.
b. Custom protocols can be easily analyzed.
c. The engine can scale as the rule set grows.
d. Malicious activity that falls within normal usage patterns is detecte
Q. A false positive can be defined as…
a. An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior.
b. An alert that indicates nefarious activity on a system that is not running on the network.
c. The lack of an alert for nefarious activity.
d. Both a. and b.
Q. This is an encryption/decryption key known only to the party or parties that exchangesecret messages.
a. E-signature
b. Digital certificate
c. Private key
d. Security token
Q. What is the purpose of a shadow honeypot?
a. To flag attacks against known vulnerabilities
b. To help reduce false positives in a signature-based IDS.
c. To randomly check suspicious traffic identified by an anomaly detection system.
d. To enhance the accuracy of a traditional honeypot.
Q. This is is the hiding of a secret message within an ordinary message and the extractionof it at its destination.
a. Secret key algorithm
b. Message queuing
c. Spyware
d. Steganography
Q. An IDS follows a two-step process consisting of a passive component and an activecomponent. Which of the following is part of the active component?
a. Inspection of password files to detect inadvisable passwords
b. Mechanisms put in place to reenact known methods of attack and record system responses
c. Inspection of system to detect policy violations
d. Inspection of configuration files to detect inadvisable settings