Top 50+ Solved Information Security MCQ Questions Answer
Q. This is a mode of operation for a block cipher, with the characteristic that each possibleblock of plaintext has a defined corresponding cipher text value and vice versa.
a. Foot printing
b. Hash function
c. Watermark
d. Electronic Code Book
Q. This is a trial and error method used to decode encrypted data through exhaustiveeffort rather than employing intellectual strategies.
a. Chaffing and winnowing
b. Cryptanalysis
c. Serendipity
d. Brute force cracking
Q. An intruder might install this on a networked computer to collect user ids andpasswords from other machines on the network.
a. Passphrase
b. Root kit
c. Ownership tag
d. Token
Q. This type of intrusion relies on the intruder's ability to trick people into breakingnormal security procedures.
a. Shoulder surfing
b. Hijacking
c. Brain fingerprinting
d. Social engineering
Q. The developers of an operating system or vendor application might issue this to preventintruders from taking advantage of a weakness in their programming.
a. Cookie
b. Key fob
c. Watermark
d. Patch
Q. This is an attack on a computer system that takes advantage of a particularvulnerability that the system offers to intruders.
a. Port scan
b. Denial of service
c. Exploit
d. Logic bomb
Q. This is a program in which harmful code is contained inside apparently harmlessprogramming or data.
a. Snort
b. Honeypot
c. Blue bomb
d. Trojan horse
Q. This is the modification of personal information on a Web user's computer to gainunauthorized information with which to obtain access to the user's existing accounts.
a. Identity theft
b. Cookie poisoning
c. Shoulder surfing
d. Relative identifier
Q. This type of attack may cause additional damage by sending data containing codes designed to trigger specific actions - for example, changing data or disclosing confidential information.
a. Buffer overflow
b. Block cipher
c. War dialing
d. Distributed denial-of-service attack
Q. This is the forging of an e-mail header so that the message appears to have originatedfrom someone or somewhere other than the actual source.
a. Foot printing
b. Non repudiation
c. E-mail spoofing
d. Finger
Q. This is a type of network security attack in which the intruder takes control of acommunication between two entities and masquerades as one of them.
a. Hijacking
b. Identity theft
c. Smurf attack
d. Tunneling
Q. This is a compromised Web site that is being used as an attack launch point in a denialof-service attack.
a. Bastion host
b. Packet monkey
c. Dongle
d. Zombie
Q. This electronic "credit card" establishes a user's credentials when doing business orother transactions on the Web and is issued by a certification authority.
a. Private key
b. Digital certificate
c. Smart card
d. Ownership tag
Q. What "layer" of an e-mail message should you consider when evaluating e-mailsecurity?
a. TCP/IP
b. SMTP
c. Body
d. All of the above