→Telegram Channel 

→Telegram Group
 COMPUTER SYSTEM SECURITY 2020-21

COMPUTER SYSTEM SECURITY

Computer System Security
Course Outcome ( CO)
At the end of course , the student will be
able to understand
CO 1 To discover software bugs that pose cyber security threats and to explain how to fix the bugs to
mitigate such threats
CO 2 To discover cyber attack scenarios to web browsers and web servers and to explain how to
mitigate such threats

CO 3
To discover and explain mobile software bugs posing cyber security threats, explain and
recreate exploits, and to explain mitigation techniques

CO 4 To articulate the urgent need for cyber security in critical computer systems, networks, and
world wide web, and to explain various threat scenarios

CO 5 To articulate the well known cyber attack incidents, explain the attack scenarios, and explain
mitigation techniques

DETAILED SYLLABUS

Unit Topic

Computer System Security Introduction: Introduction, What is computer security and what to
learn? , Sample Attacks, The Marketplace for vulnerabilities, Error 404 Hacking digital India
I part 1 chase.
Hijacking & Defense: Control Hijacking ,More Control Hijacking attacks integer overflow
,More Control Hijacking attacks format string vulnerabilities, Defense against Control Hijacking
- Platform Defenses, Defense against Control Hijacking - Run-time Defenses, Advanced
Control Hijacking attacks.
Confidentiality Policies: Confinement Principle ,Detour Unix user IDs process IDs and
II privileges, More on confinement techniques ,System call interposition ,Error 404 digital
Hacking in India part 2 chase , VM based isolation ,Confinement principle ,Software fault
isolation , Rootkits ,Intrusion Detection Systems

Secure architecture principles isolation and leas: Access Control Concepts , Unix and
windows access control summary ,Other issues in access control ,Introduction to browser
III isolation .
Web security landscape : Web security definitions goals and threat models , HTTP content
rendering .Browser isolation .Security interface , Cookies frames and frame busting, Major web
server threats ,Cross site request forgery ,Cross site scripting ,Defenses and protections against
XSS, Finding vulnerabilities ,Secure development.
Basic cryptography: Public key cryptography ,RSA public key crypto ,Digital signature Hash
functions ,Public key distribution ,Real world protocols ,Basic terminologies ,Email security
IV certificates ,Transport Layer security TLS ,IP security , DNS security.

Internet Infrastructure: Basic security problems , Routing security ,DNS revisited ,Summary
V of weaknesses of internet security ,.Link layer connectivity and TCP IP connectivity , Packet
filtering firewall ,Intrusion detection.

1 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

COMPUTER SYSTEM SECURITY

Solved MCQ
Content Page
1. Unit-I ………………………...………………………………………….…………3

2. Unit-II ………………………………………………...….…………......…………17

3. Unit-III……………………………………………….….……..……....…... …….27

4. Unit-IV …………………………..…….…..………….……………….………….42

5. Unit-V ………………………………………….................................……………48

2 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

1. Unit-I
1. What was the percentage increase in Zero Day Answer: (d)
Vulnerabilities in the year 2015? 6. Which of the following is considered legal?
a. 4% a. Hacking a social media account and
b. 50% sending a private message
c. 100% b. Hacking a bank account and siphoning
d. 125% funds
Answer: (d) c. Hacking a company’s security system
2. What hacking attacks were mentioned in the with permission from the management
lesson? d. All of the above
a. Hacking in French Election Answer: (c)
b. ATM Hacking in India
c. Denial of Service attack in Turkish Bank 7. What is the cost of launching Denial of Service
d. All of the above attack on a website?
Answer: (d) a. $20/hr
3. Identify the software whose vulnerability is b. $100/day
exploited the most? c. $300/mont
a. Android d. Both A and B
b. Browser Answer: (d)
c. Adobe Flash Player 8. Which of the following is not an advantage of
d. Microsoft Office studying Cyber Security?
Answer: (b) Browser a. It gives you the ability to hack a
computer system
4. The computer vulnerabilities and exploits b. It allows you to know the ways through
databases are maintained by _________. which cyberspace can be breached
a. Kaspersky Lab c. Both A and B
b. Symantec Corporation d. None of the above
c. MITRE Corporation Answer: (d)
d. None of the above
Answer: (c) 9. Which of the following is correct for silent
5. Which of the following is/are correct with banker?
respect to Ransomware? a. It is a trojan horse
a. It is a form of Malware b. It records keystrokes, captures screens
and steals confidential banking
b. It encrypts the whole hard drive of the
credentials and sends them to a remote
computer, essentially locking the user attacker
out of the entire system. c. Both A and B
d. None of the above
c. It locks the system’s screen or locks the
users’ files unless a ransom is paid. Answer: (c) Both A and B
d. All of the above

3 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

10. Which of the following is not a part of Security 14. Which of the following is to be done to avoid
System Centric Design? limitations in threat models?
a. Policy a. Making more explicit and formalized
b. Agreement threat models to understand possible
c. Mechanisms weaknesses
d. Threat Models b. Making simpler and more general threat
Answer: (b) models
c. Making less assumptions to design a
11. Which of the following is not a goal in the better threat model
security system design? d. All of the above
a. Vulnerability Answer: (d)
b. Confidentiality 15. The storm botnet was used for ______.
c. Integrity a. Phishing
d. Availability b. Spamming
Answer: (a)
c. Hacking
d. None of the above
12. Which of the following is most important in
Answer(b)
design of secure system?
16. What is a typical cost of launching Denial
a. Assessing vulnerability
b. Changing or Updating System of Service attack on a website?
according to vulnerability a. $20/hr
c. Both A and B b. $100/day
d. None of the above c. $300/month
Answer: (c) d. Both A and B
Answer (d)
13. Which of the following is correct with respect
17. Which of the following is correct for silent
to Penetration testing?
banker?
a. It is an internal inspection of
a. It is a trojan horse
Applications and Operating systems
b. It records keystrokes, captures
for security flaws.
b. It is an authorized simulated cyber- screens and steals confidential
attack on a computer system, banking credentials and sends them
performed to evaluate the security of to a remote attacker
the system c. Both A and B
c. It is hacking a security system of an d. None of the above
organization. Answer(c)
d. All of the above
18. What is Stuxnet?
Answer: (b)
a. A trojan horse

4 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

b. A malicious computer worm 23. What is a price for selling windows OS

c. A botnet vulnerability in the black market?
d. A ransomware a. $60K – $100K
Answer (b) b. $60k – $120K
19. Which of the following it was incorrect for c. $6000 – $12000
Target company attack? d. None of the above
a. It is an example of server-side attack Answer (b)
b. More than 140 million credit card 24. _________ are attempts by individuals to
information was stolen in the attack obtain confidential information from you
c. The attack happened in 2011 by falsifying their identity.
d. None of the above a. Computer viruses
Answer (c) b. Phishing scams
20. What is meant by marketplace for c. Phishing trips
vulnerability? d. Spyware scams
a. A market vulnerable to attacks Answer (b)
b. A market consisting of vulnerable 25. Which of the following is correct for
consumers MITM?
c. A market to sell and purchase a. It stands for Man-In-The-Middle
vulnerabilities attack
d. All of the above b. It happens when a communication
Answer (c) between the two systems is intercepted
21. Identify the correct bug bounty program by an outside entity
name. c. It can happen in any form of online
a. Google Vulnerability Program communication, such as email, social
b. Microsoft Bug Bounty Program media, web surfing, etc
c. Mozilla Bounty Program d. All of the above
d. Pwn2Own competition Answer (d)
Answer (d) 26. Which of the following describes
22. What is a typical reward amount for monitoring software installed without your
Pwn2Own competition? consent?
a. $15000 a. Malware
b. $1500 b. Adware
c. $150 c. Spyware
d. $15 d. Ransomware
Answer (a) Answer (c)

5 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

27. Which type of cyber-attack is commonly a. Network Mapper

performed through emails? b. New Mappping
a. Trojans c. Network Manager
b. Worms d. Network Mac Address
c. Ransomware Answer: (a)
d. Phishing 32. __________ is a popular tool used for
Answer (d) discovering networks as well as in security
auditing.
28. What is the price for selling Firefox or
Safari browser vulnerability in the black a. Ettercap
market? b. Metasploit
a. $60K – $100K c. Nmap
b. $60k – $120K d. Burp Suit
c. $60K – $150K Answer: (c)
d. $60000 – $15000 33. Which of this Nmap do not check?
Answer (c)
29. If you share too much information on social a. services different hosts are offering
media, what may you by at risk of? b. on what OS they are running
a. Identity Theft c. what kind of firewall is in use
b. Ransomware d. what type of antivirus is in use
c. Malware
d. Adware Answer: (d)
Answer (a) 34. Wireshark is a ____________ tool.

30. ________ framework made cracking of a. network protocol analysis

vulnerabilities easy like point and click. b. network connection security
c. connection analysis
a. .Net d. defending malicious packet-filtering
b. Metasploit Answer: (a)
c. Zeus
d. Ettercap 35. _________ is the world’s most popular
Answer: (b) vulnerability scanner used in companies for
checking vulnerabilities in the network.
31. Nmap is abbreviated as____ a. Wireshark
b. Nessus

6 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Snort a. Vulnerabilities without risk

d. WebInspect b. Vulnerabilities without attacker
Answer: (b) c. Vulnerabilities without action
36. ________ is a debugger and exploration d. Vulnerabilities no one knows
tool. Answer: Option (a)
a. Netdog 41. ________ is a piece of software or a
b. Netcat segment of command that usually take
c. Tcpdump advantage of a bug to cause unintended
d. BackTrack actions and behaviors.
Answer: (b) a. Malware
37. _______ is a popular command-line packet b. Trojan
analyser. c. Worms
a. Wireshark d. Exploit
b. Snort Answer: (d)
c. Metasploit 42. What is Probe?
d. Tcpdump a. A probe is an attempt to gain access
Answer: (d) to a computer and its files through a
38. __________ is a weakness that can be known or probable weak point in
exploited by attackers. the computer system.
a. System with Virus b. It is a method of checking if the
b. System with vulnerabilities computer is connected to a network.
c. System without firewall c. A technique used to gain information
d. System with a strong password about a computer system on a network
Answer: (b) and the services running on its open
ports.
39. __________ is the cyclic practice for d. A which is used to scan network.
identifying & classifying and then solving
the vulnerabilities in a system. Answer: (a)
a. Bug protection 43. A security device which installed between
b. Bug bounty two networks (internal network to outside
c. Vulnerability measurement network) for controlling the flow of traffic
d. Vulnerability management into and out-of network
Answer: (d) a. Proxy Server
40. ____________ is a special type of b. Hub
vulnerability that doesn’t possess risk. c. Firewall

7 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

d. Network Switch a. Network Intrusion Deletion System

(NIDS) mode
Answer: (c) b. Network Illusion Detection System
(NIDS) mode
44. Firewall remembers the information about c. Network Intrusion Destination System
the prevously passed packets (NIDS) mode
a. Stateful Firewalls d. Network Intrusion Detection System
b. StateDown FireWire (NIDS) mode
c. Stateless Firewall
d. Stateful FireWire Answer: (d)
Answer: (a) 49. What is IPS in network security?
45. ___________ is method of connecting a. Illusion Prevention System (IPS)
multiple computers to the Internet using b. Intrusion Prevention System (IPS)
one IP address c. Intrusion Private System (IPS)
a. DNS d. Illusion Prevention Service (IPS)
b. FTP Answer: (b)
c. NAT 50. Network layer firewall works as a________
d. DHCP a. Frame filter
Answer: (c) b. Packet filter
46. Full Form of NAT c. Content filter
a. Netwrok Access Transmision d. Virus filter
b. Network Address Translation Answer: (b)
c. Netwrok Access Translation
d. Network Address Translation 51. Network layer firewall has two sub-
Answer: (b) categories as ______
a. State full firewall and stateless
47. Snort can be configured to run in ______ firewall
modes b. Bit oriented firewall and byte
a. Three oriented firewall
b. Four c. Frame firewall and packet firewall
c. Five d. Network layer firewall and session
d. Two layer firewall
Answer: (a) Answer: (a)
48. One of the Snort mode is 52. A DoS attack coming from a large number
of IP addresses, making it hard to manually

8 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

filter or crash the traffic from such sources 56. Which among the following is the least
is known as a _____________ strong security encryption standard?

a. GoS attack a. WEP

b. PDoS attack b. WPA
c. DoS attack c. WPA2
d. DDoS attack d. WPA2
Answer: (d) Answer: (a)
53. _____________ is hiding of data within 57. _____________ will encrypt all your
data, where we can hide images, text, and system files and will ask you to pay a
other messages within images, videos, ransom in order to decrypt all the files and
music or recording files. unlock the system.
a. Cryptography a. Scareware
b. Tomography b. Ransomware
c. Steganography c. Adware
d. Chorography d. Spyware
Answer: (c) Answer: (b)
54. In Steganography People will normally
think it as a normal/regular file and your 58. ______________ are special malware
secret message will pass on without any programs written to spy your mobile
_______________ phones and systems.
a. Suspicion a. Scareware
b. decryption b. Ransomware
c. encryption c. Adware
d. cracking d. Spyware
Answer: (a) Answer: (d)
55. ______________ Attacks always need 59. An attacker may use automatic brute
physical access to the system that is having forcing tool to compromise your
password file or the hacker needs to crack ____________
the system by other means. a. username
a. online b. employee ID
b. offline c. system / PC name
c. password d. password
d. non-electronic Answer: (d)
Answer: (b)

9 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

60. ____________ is a code injecting method a. Trojan

used for attacking the database of a system b. Virus
/ website c. Worm
d. mail Bomb
a. HTML injection Answer: (b)
b. SQL Injection 65. _______ is a harmful code embedded
c. Malicious code injection inside a seemingly harmless program
d. XML Injection a. Trojan Horse
Answer: (b) b. Virus
61. When there is an excessive amount of data c. Worm
flow, which the system cannot handle, d. Email Bomb
_____ takes place. Answer: (a)
a. Database crash attack 66. Programmers add ______________for
b. DoS (Denial of Service) attack maintenance hooks and troubleshooting
c. Data overflow Attack a. Spyware
d. Buffer Overflow attack b. Virus
Answer: (d) c. Malware
62. Which of this is an example of physical d. Backdoors
hacking? Answer: (d)
a. Remote Unauthorised access 67. In which of the following, a person is
b. Inserting malware loaded USB to a constantly followed/chased by another
system person or group of several peoples?
c. SQL Injection on SQL vulnerable site
d. DDoS (Distributed Denial of Service) a. Phishing
attack b. Bulling
Answer: (b) c. Stalking
63. Which method of hacking will record all d. Identity theft
your keystrokes? Answer: c

a. Keyhijacking 68. Which one of the following can be

b. Keyjacking considered as the class of computer threats?
c. Keylogging
d. Keyboard monitoring a. Dos Attack
Answer: (c) b. Phishing
64. _____is Self-replicating in nature. c. Soliciting

10 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

d. Both A and C 73. It can be a software program or a hardware

Answer: a device that filters all data packets coming
through the internet, a network, etc. it is
69. Which of the following is considered as the known as the_______:
unsolicited commercial email? a. Antivirus
a. Virus b. Firewall
b. Malware c. Cookies
c. Spam d. Malware
d. All of the above Answer: b
Answer: c 74. Which of the following refers to stealing
70. Which of the following usually observe one's idea or invention of others and use it
each activity on the internet of the victim, for their own benefits?
gather all information in the background, a. Piracy
and send it to someone else? b. Plagiarism
a. Malware c. Intellectual property rights
b. Spyware d. All of the above
c. Adware Answer: d
d. All of the above
Answer: b 75. Read the following statement carefully and
71. _______ is a type of software designed to find out whether it is correct about the
help the user's computer detect viruses and hacking or not?
avoid them. It can be possible that in some cases, hacking a
a. Malware computer or network can be legal.
b. Adware
c. Antivirus a. No, in any situation, hacking cannot
d. Both B and C be legal
Answer: c b. It may be possible that in some
72. Which one of the following is a type of cases, it can be referred to as a legal
antivirus program? task
a. Quick heal Answer: b
b. Mcafee 76. Which of the following refers to exploring
c. Kaspersky the appropriate, ethical behaviors related to
d. All of the above the online environment and digital media
Answer: d platform?
a. Cyber low

11 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

b. Cyberethics Answer: b
c. Cybersecurity 81. In ethical hacking and cyber security, there
d. Cybersafety are _______ types of scanning:
Answer: b

77. Which of the following refers to the a. 1

violation of the principle if a computer is b. 2
no more accessible? c. 3
a. Access control d. 4
b. Confidentiality Answer: c
c. Availability 82. Which of the following is not a type of
d. All of the above scanning?
Answer: c a. Xmas Tree Scan
78. Which one of the following refers to the b. Cloud scan
technique used for verifying the integrity of c. Null Scan
the message? d. SYN Stealth
a. Digital signature Answer: b
b. Decryption algorithm 83. In system hacking, which of the following
c. Protocol is the most crucial activity?
d. Message Digest a. Information gathering
Answer: d b. Covering tracks
c. Cracking passwords
79. Which one of the following usually used in d. None of the above
the process of Wi-Fi-hacking? Answer: c
a. Aircrack-ng
b. Wireshark 84. Which of the following are the types of
c. Norton scanning?
d. All of the above a. Network, vulnerability, and port
Answer: a scanning
80. Which of the following port and IP address b. Port, network, and services
scanner famous among the users? c. Client, Server, and network
a. Cain and Abel d. None of the above
b. Angry IP Scanner Answer: a
c. Snort 85. Which one of the following is actually
d. Ettercap considered as the first computer virus?

12 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. Sasser d. All of the above

b. Blaster Answer: d
c. Creeper 90. Which one of the following is also referred
d. Both A and C to as malicious software?
Answer: c a. Maliciousware
86. To protect the computer system against the b. Badware
hacker and different kind of viruses, one c. Ilegalware
must always keep _________ on in the d. Malware
computer system. Answer: d
a. Antivirus 91. Hackers usually used the computer virus
b. Firewall for ______ purpose.
c. Vlc player a. To log, monitor each and every user's
d. Script stroke
Answer: b b. To gain access the sensitive
87. Code Red is a type of ________ information like user's Id and
a. An Antivirus Program Passwords
b. A photo editing software c. To corrupt the user's data stored in the
c. A computer virus computer system
d. A video editing software d. All of the above
Answer: c Answer: d
92. In Wi-Fi Security, which of the following
88. Which of the following can be considered protocol is more used?
as the elements of cyber security? a. WPA
a. Application Security b. WPA2
b. Operational Security c. WPS
c. Network Security d. Both A and C
d. All of the above Answer: b
Answer: d 93. The term "TCP/IP" stands for_____
a. Transmission Contribution protocol/
89. Which of the following are famous and internet protocol
common cyber-attacks used by hackers to b. Transmission Control Protocol/
infiltrate the user's system? internet protocol
a. DDos and Derive-by Downloads c. Transaction Control protocol/ internet
b. Malware & Malvertising protocol
c. Phishing and Password attacks

13 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

d. Transmission Control Protocol/ b. It is a device installed at the

internet protocol boundary of an incorporate to
Answer: b protect it against the unauthorized
94. The response time and transit time is used access.
to measure the ____________ of a c. It is a kind of wall built to prevent
network. files form damaging the corporate.
a. Security d. None of the above.
b. Longevity 98. When was the first computer virus created?
c. Reliability a. 1970
d. Performance b. 1971
Answer: d c. 1972
95. Which of the following factor of the d. 1969
network gets hugely impacted when the Answer: b
number of users exceeds the network's 99. Which of the following is considered as the
limit? world's first antivirus program?
a. Reliability a. Creeper
b. Performance b. Reaper
c. Security c. Tinkered
d. Longevity d. Ray Tomlinson
Answer: d Answer: b
96. In the computer networks, the encryption 100. Which one of the following principles
techniques are primarily used for of cyber security refers that the security
improving the ________ mechanism must be as small and simple as
a. Security possible?
b. Performance a. Open-Design
c. Reliability b. Economy of the Mechanism
d. Longevity c. Least privilege
Answer: a d. Fail-safe Defaults
Answer: b
97. Which of the following statements is 101. Which of the following principle of
correct about the firewall? cyber security restricts how privileges are
a. It is a device installed at the boundary initiated whenever any object or subject is
of a company to prevent unauthorized created?
physical access. a. Least privilege
b. Open-Design

14 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Fail-safe Defaults a. Trojan Horse

d. None of the above b. Worm
Answer: c c. Trap Door
102. Which of the following can also d. Virus
consider as the instances of Open Design? Answer: b
a. CSS 106. Which of the following usually
b. DVD Player considered as the default port number of
c. Only A apache and several other web servers?
d. Both A and B a. 20
103. Which one of the following principles b. 40
states that sometimes it is become more c. 80
desirable to rescored the details of intrusion d. 87
that to adopt more efficient measure to Answer: c
avoid it? 107. DNS translates a Domain name into
a. Least common mechanism _________
b. Compromise recording a. Hex
c. Psychological acceptability b. Binary
d. Work factor c. IP
Answer: b d. URL
Answer: d
104. Which of the following statements is 108. Which one of the following systems
true about the VPN in Network security? cannot be considered as an example of the
a. It is a type of device that helps to operating systems?
ensure that communication between a a. Windows 8
device and a network is secure. b. Red Hat Linux
b. It is usually based on the IPsec( IP c. BSD Linux
Security) or SSL (Secure Sockets d. Microsoft Office
Layer) Answer: d
c. It typically creates a secure, encrypted 109. In the CIA Triad, which one of the
virtual "tunnel" over the open internet following is not involved?
d. All of the above a. Availability
Answer: d b. Confidentiality
105. Which of the following is a type of c. Authenticity
independent malicious program that never d. Integrity
required any host program? Answer: c

15 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

110. In an any organization, company or 113. Which one of the following is

firm the policies of information security considered as the most secure Linux
come under__________ operating system that also provides
a. CIA Triad anonymity and the incognito option for
b. Confidentiality securing the user's information?
c. Authenticity a. Ubuntu
d. None of the above b. Tails
Answer: a c. Fedora
111. Why are the factors like d. All of the above
Confidentiality, Integrity, Availability, and Answer: b
Authenticity considered as the 114. Which type following UNIX account
fundamentals? provides all types of privileges and rights
a. They help in understanding the which one can perform administrative
hacking process functions?
b. These are the main elements for any a. Client
security breach b. Guest
c. They help to understand the c. Root
security and its components in a better d. Administrative
manner Answer: d
d. All of the above
Answer: c 115. Which of the following is considered
112. In order to ensure the security of the as the first hacker's conference?
data/ information, we need to a. OSCON
____________ the data: b. DEVON
a. Encrypt c. DEFCON
b. Decrypt d. SECTION
c. Delete Answer: c
d. None of the above
Answer: a

16 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Unit-II

1. According to the CIA Triad, which of the d. Non-repudiation

below-mentioned element is not considered Answer: b
in the triad? 5. When you use the word _____ it means you
a. Confidentiality are protecting your
b. Integrity data from getting disclosed.
c. Authenticity a. Confidentiality
d. Availability b. Integrity
Answer: c c. Authentication
d. Availability
2. CIA triad is also known as ________ Answer: a
a. NIC (Non-repudiation, Integrity, 6. When integrity is lacking in a security
Confidentiality) system, _________
b. AIC (Availability, Integrity, occurs.
Confidentiality) a. Database hacking
c. AIN (Availability, Integrity, Non- b. Data deletion
repudiation) c. Data tampering
d. AIC (Authenticity, Integrity, d. Data leakage
Confidentiality) Answer: c
Answer: b 7. Why these 4 elements (confidentiality,
3. _______ of information means, only integrity, authenticity & availability) are
authorised users are considered fundamental?
capable of accessing the information. a. They help understanding hacking
a. Confidentiality better
b. Integrity b. They are key elements to a security
c. Non-repudiation breach
d. Availability c. They help understands security and
Answer: a its components better
4. ______ means the protection of data from d. They help to understand the cyber-
modification by crime better
unknown users. Answer: c
a. Confidentiality 8. This helps in identifying the origin of
b. Integrity information and authentic
c. Authentication user. This referred to here as __________

17 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. Confidentiality
b. Integrity 13. Compromising confidential information
c. Authenticity comes under _________
d. Availability a. Bug
Answer: c b. Threat
9. Data ___________ is used to ensure c. Vulnerability
confidentiality. d. Attack
a. Encryption Answer: b
b. Locking 14. Which of the following are not security
c. Deleting policies?
d. Backup a. Regulatory
Answer: a b. Advisory
10. Data integrity gets compromised when c. Availability
_____ and _____ are taken control off. d. User Policies
a. Access control, file deletion Answer: c
b. Network, file permission 15. Examples of User Policies is/are:
c. Access control, file permission a. Password Policies
d. Network, system b. Internet Usage
Answer: c c. System Use
11. _______ is the practice and precautions d. All of the above
taken to protect valuable information from
unauthorised access, recording, disclosure 16. _____ Policy ensures that the organization
or destruction. is maintaining
a. Network Security standards set by specific industry regulation.
b. Database Security a. Regulatory
c. Information Security b. Advisory
d. Physical Security c. Availability
Answer: c d. User Policies
12. From the options below, which of them is Answer: a
not a threat to information security? 17. ______ Policy is like standards rules and
a. Disaster regulations set by the management to
b. Eavesdropping advise their employees on their activity or
c. Information leakage behavior
d. Unchanged default password a. Regulatory
Answer: d b. Advisory

18 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Availability 22. If communication between 2 people is

d. User Policies overheard by a third person without
Answer: b extraction of any data, it is called as:
18. What defines the restrictions on employees a. Release of Message Content-Passive
such as usage? Attack
a. Regulatory b. Traffic analysis -Passive Attacks
b. Advisory c. Release of Message Content- Active
c. Availability Attacks
d. User Policies d. Traffic analysis -Active Attacks
Answer: d Answer: d
19. Which of the following attack can actively
modify communications or data? 23. No modification of data is a characteristic
a. Both Active and Passive Attacks of
b. Neither Active and Passive Attacks a. Active Attack
c. Active Attacks b. Passive Attack
d. Passive Attacks Answer: a
Answer: c
20. Release of Message Content and Traffic 24. ______ means when an attacker pretends
analysis are type of : to be authentic user
a. Both Active and Passive Attacks a. Masquerade
b. Neither Active and Passive Attacks b. Replay
c. Active Attacks c. Modification
d. Passive Attacks d. Traffic analysis
Answer: d Answer: a
21. If communication between 2 people is 25. ___________ attack is when original data
overheard by a third person without is modified and malicious data is inserted
manipulation of any data, it is called as: a. Masquerade
a. Release of Message Content-Passive b. Replay(Rewrite)
Attack c. Modification
b. Traffic analysis -Passive Attacks d. Traffic analysis
c. Release of Message Content- Active Answer: b
Attacks 26. When original data is changed to make it
d. Traffic analysis -Active Attacks non-meaningful by attacker it is known as
Answer: a a. Masquerade
b. Replay

19 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Modification of Messages c. Network Security

d. Traffic analysis d. Information Hiding
Answer: c Answer: a
27. Which is the type of attack when Network 32. A unique piece of information that is used
is made unavailable for user in encryption.
a. Masquerade a. Cipher
b. Replay b. Plain Text
c. Modification c. Key
d. Denial of Service d. Cipher
Answer: d Answer: c
28. Modification of Data is done in: 33. Assurance that authentic user is taking part
a. Both Active and Passive Attacks in communication is:
b. Neither Active and Passive Attacks a. Authentication
c. Active Attacks b. Authorization
d. Passive Attacks c. Access Control
Answer: a d. Auditing
29. The information that gets transformed in Answer: a
encryption is 34. AT M pin while withdrawing money is an
a. Plain text example of using:
b. Parallel text a. Authentication
c. Encrypted text b. Authorization
d. Decrypted text c. Access Control
Answer: a d. Auditing
Answer: b
30. The process of transforming plain text into 35. Study of creating a d using encryption and
unreadable text. decryption
a. Decryption techniques.
b. Encryption a. Cipher
c. Network Security b. Cryptography
d. Information Hiding c. Encryption
Answer: b d. Decryption
31. A process of making the encrypted text Answer: b
readable again. 36. An attack in which the user receives
a. Decryption unwanted amount of emails.
b. Encryption a. Smurfing

20 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

b. Denial of service d. all the connected devices to the

c. E-mail bombing network
d. Ping storm Answer: b
Answer: c 41. Cryptanalysis is used __________
37. The process of disguising plaintext in such a. to find some insecurity in a
a way that itssubstance gets hidden (into cryptographic scheme
what is known as cipher-text) iscalled b. to increase the speed
_________________ c. to encrypt the data
d. to make new ciphers
a. cryptanalysis Answer: a
b. decryption 42. Conventional cryptography is also known
c. reverse engineering as _____________ or symmetric-key
d. encryption encryption.
Answer: d a. secret-key
38. In _____________________ same keys are b. public key
implemented for encrypting as well as c. protected key
decrypting the information. d. primary key
a. Symmetric Key Encryption Answer: a
b. Asymmetric Key Encryption 43. _____________________ is the art &
c. Asymmetric Key Decryption science of cracking the
d. Hash-based Key Encryption cipher-text without knowing the key.
Answer: a a. Cracking
39. The procedure to add bits to the last block b. Cryptanalysis
is termed as__________ c. Cryptography
a. decryption d. Crypto-hacking
b. hashing Answer: b
c. tuning
d. padding 44. In _____________ a sequence of actions is
Answer: d carried out on this block after a block of
40. In asymmetric key cryptography, the plain-text bits is chosen for generating a
private key is kept by______ block of cipher-text bits.
a. sender a. Block Cipher
b. receiver b. One-time pad
c. sender and receiver c. Hash functions
d. Vigenere Cipher

21 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Answer: a b. Integer overflow can compromise a

program's reliability and security
45. Which of the following programming c. Both A and B
languages have common buffer overflow d. None of the above
problem in the development of Answer :- c
applications? 49. A string which contains ___________
parameter/s, is called ______ string.
a. C, Ruby a. Format, text
b. C, C++ b. Text, format
c. Python, Ruby c. text and format, format
d. C, Python d. None of the above
Answer: - b Answer- b
50. If we talk about control hijacking, which of
46. Which type of buffer overflows are the following is true ?
common among attackers?
a. Memory-based a. In Buffer overflow attacks, stack
b. Queue-based based attacks are more common than
c. Stack-based heap based attack.
d. Heap-based b. Integer overflow attacks is not a
Answer: - c type of control hijacking.
c. Format string vulnerabilities are used
47. In ___________ attack, malicious code is to prevent control hijacking.
pushed into _______. d. All of the above
Answer :- b
a. buffer-overflow, stack
b. buffer-overflow, queue 51. If we mark the stack and heap segement as
c. buffer-overflow,memory-card non executable,
d. buffer-overflow,external drive a. No code will execute.
Answer:- a b. return-oriented programming will also
48. In case of integer overflow, Which of the not be able to exploit it.
following option/s is/are true? c. we can prevent overflow code
a. It is a result of an attempt to store a execution.
value greater than the maximum value d. All of the above.
an integer can store
Answer :- c

22 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Answer :- d
52. If we talk about Return Oriented 55. The below function is part of a program
Programming, which of the following that is running on a 32-bit x86 system; the
statement is true ? compiler does not change the order of
a. It is a computer security exploit variables on the stack.
technique that allows an attacker to void function(char *input) {
execute code in the presence of int i = 1;
security defences such as DEP and char buffer[8];
code signing int j = 2;
b. These types of attacks arise when an strcpy(buffer,input);
adversary manipulates the call stack printf(“%x %x %s\n”,i,j,buffer);
by taking advantage of a bug in the }
program, often a buffer overflow.
c. Return-oriented programming is an What is the minimum length of a string passed
advanced version of a stack smashing to the function through the input parameter
attack. that can crash the application?
d. All of the above a. 10
b. 11
Answer :- d c. 12
d. 13
53. An hardware device's interrupt request Answer:(c)
invokes ____ , which handles this interrupt. 56. Applications developed by programming
languages like ____ and ______ have this
a. Instruction Set Randomization common buffer-overflow error.
b. Information Storage and Retrieval a. C, Ruby
c. Interrupt Service Routine b. C, C++
d. Intermediate Session Routing c. Python, Ruby
d. C, Python
Answer :- c Answer(b)
54. Which of the following is a method of 57. _____________ buffer overflows, which
randomization? are more common among attackers.
a. ASLR a. Memory-based
b. Sys-call randomization b. Queue-based
c. Memory randomization c. Stack-based
d. All of the above. d. Heap-based

23 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Answer(c ) that will exceed the value of 65,535, the

58. Malicious code can be pushed into the result will be:
_________ during ______________ attack. a. Buffer Overflow
a. stack, buffer-overflow b. Integer Overflow
b. queue, buffer-overflow c. Stack Overflow
c. memory-card, buffer-overflow d. Heap Overflow
d. external drive, buffer-overflow Answer(b)
Answer( a) 62. Integer overflow bugs in programs are
difficult to track down and may lead to fatal
59. Which of the following string library errors or exploitable vulnerabilities.
functions is unsafe for buffer? a. True
a. gets (char * str) b. False
b. strcat (char * destination, const char * Answer(a)
source) 63. One way of detecting integer overflows is
c. strcpy (char * destination, const char * by using a modified compiler to insert
source) runtime checks.
d. All of the above a. True
Answer(d) b. False
Answer(a)
60. Which of the following statements is 64. A format string is a ____ string that
correct with respect to integer overflow? contains ___ and ____ parameters.
a. Format, text, ASCII
a. It is a result of an attempt to store a b. Text, ASCII, format
value greater than the maximum value c. ASCII, text, format
an integer can store d. None of the above
b. Integer overflow can compromise a Answer(c)
program’s reliability and security 65. Which of the following is not a format
c. Both A and B function in C?
d. None of the above a. fprintf()
Answer(c ) b. vsfprint()
c. vfprintf()
61. If an integer data type allows integers up to d. vsprintf()
two bytes or 16 bits in length (or an Answer(b
unsigned number up to decimal 65,535), 66. What is the purpose of format functions?
and two integers are to be added together

24 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. They are used to convert simple C data a. adding runtime code

types to a string representation b. adding vulnerabilities
b. They allow to specify the format of the c. adding buffer
representation d. None of the above
c. They process the resulting string Answer(a)
(output to stderr, stdout, syslog, …)
d. All of the above 71. Which of the following is an example of

Answer(d) automated tool for software audit in

67. The behaviour of the _______ is controlled prevention of control hijacking attacks?
by the ________ a. Coverity
a. format function, format string b. Prefix/Prefast
b. format string, format function c. Both A and B
c. Both A and B d. None of the above
d. None of the above Answer(c)
Answer(a)
72. Overflow code execution can be
prevented by:
68. Identify whether the following code has
format string vulnerability or not. char a. halting the process
tmpbuf[512]; snprintf (tmpbuf, sizeof b. fixing bugs
(tmpbuf), “foo: %s”, user); tmpbuf[sizeof c. adding more memory
(tmpbuf) – 1] = ’\0’; syslog d. marking the stack and heap

(LOG_NOTICE, tmpbuf); segments as non-executable

Answer(d)
a. No
b. Yes
73. Arbitrary programs can be best generated
Answer(b)
using only the existing code ______.
69. Which of the following is an example of
a. return oriented programming
control hijacking?
b. object oriented programming
a. Buffer overflow attacks c. functional programming
b. Integer overflow attacks d. logical programming
Answer(a)
c. Format string vulnerabilities
d. All of the above 74. Which of the following is correct for
Answer (d) Return Oriented Programming?

70. The overflows exploits can be detected by a. It is a computer security exploit

______. technique that allows an attacker to

25 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

execute code in the presence of
security defences such as DEP and
code signing
b. These types of attacks arise when an
adversary manipulates the call stack
by taking advantage of a bug in the
program, often a buffer overflow.
c. Return-oriented programming is an
advanced version of a stack smashing
attack.
d. All of the above
Answer(d)
78. _____ is only applied to images for
which the dynamic-relocation flag is set.
a. ASLR
b. ISR
c. Sys-call randomization
d. None of the above
Answer(a)
79. Which of the following mark memory
regions as non-executable, such that an
attempt to execute machine code in these
regions will cause an exception?

75. In ASLR, an attacker cannot jump a. Return Oriented Programming

directly to execute function. b. Data Execution Prevention
c. Randomization
a. True
d. None of the above
b. False
Answer(b)
Answer(a)
80. In the context of cyber security, PTE
76. In the context of cyber security, what
stands for:
does ISR stands for?
a. Process Table Entries
a. Information Storage and Retrieval
b. Public Test Environment
b. Intermediate Session Routing
c. Path Terminating Equipment
c. Instruction Set Randomization
d. Page Table Entry
d. Interrupt Service Routine
Answer(d)
Answer(c)

77. Which of the following is not a method

of randomization?

a. ASLR
b. ISR
c. Sys-call randomization
d. Memory randomization
Answer(d)

26 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Unit-III

1. A ______ may at any time be idle, or uid and the saved uid are assigned
to the user ID of the owner of the
have one or more _______ executing on
file
its behalf. c. Both A and B
d. None of the above
a. subject, principals
Answer(d)
b. principal, subjects
c. subject, objects
6. Which of the following is a way to escape
d. principal, objects
Answer(b) jail as root?

2. Which of the following is correct with

a. Reboot system
respect to objects? b. Send signals to chrooted process
c. Create devices that lets you
access raw disk
a. An object is anything on which a
d. A and C
subject can perform operations
Answer(d)
(mediated by rights)
b. Objects are usually passive
7. Chroot jail is ______ partitioning and
c. Both A and B
d. Only A FreeBSD jail is _______ partitioning
Answer(c)
a. Weak, Strong
b. Strong, Weak
3. Subjects can also be objects with ______
c. Weak, Weak
operation(s) d. Strong,Strong
Answer(a)
a. Kill
8. Which of the following is incorrect with
b. Suspend and Resume
c. Resume and Kill respect to FreeBSD jail?
d. Kill, Suspend and Resume
Answer(d)
a. It can only bind to sockets with
specified IP address and
4. The read bit allows one to show file
authorized ports
names in the directory. b. It can communicate with
processes inside and outside of
jail
a. True
c. Root is limited (example: cannot
b. False
load kernel modules)
Answer(a)
d. None of the above
Answer(b)
5. When a process is created by fork:
9. Identify the correct statement for
paravirtualization.
a. It inherits three user IDs from its
parent process a. Paravirtualization is where
b. It keeps its three user IDs unless software is used to simulate
the set-user-ID bit of the file is hardware for guest operating
set, in which case the effective system to run in.

27 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

b. Paravirtualization is where a type-2 d. None of the above

hypervisor is used to partially allow Answer(a)
access to the hardware and partially
to simulate hardware in order to 13. Which of the following uses a call back
allow you to load full operating
mechanism in the kernel module to
system
c. Both A and B redirect system calls?
d. Paravirtualization is where the
a. systrace
guest operating system runs on
b. ptrace
the hypervisor, allowing for
c. ostia
higher performance and
d. NetBSD
efficiency.
Answer(b) ptrace
Answer(d)
14. NaCl stands for –
10. Which of the following is incorrect for a. Narrow Cluster
b. Native Cluster
System call interposition?
c. Narrow Client
d. Native Client
a. It tracks all the system service Answer(d) Native Client
requests of processes.
b. Each system request can be 15. Which of the following is the best possible
modified or denied.
c. It is impossible to implement name for backdoor virus?
tools to trace, monitor, or a. stealth
virtualize processes.
d. None of the above. b. Hidden key
Answer(c) c. Rootkit
d. Worm
11. ptrace is a system call found in _____ and Answer(c)
several ______like operating systems. 16. Binary rootkits and library rootkits are the
a. Mac examples of –
b. Unix
c. Windows
d. None of the above a. Kernel mode rootkits
Answer(b) b. User mode rootkits
c. Firmware rootkits
12. Which of the following is a computer d. None of the above
security utility which limits an Answer:- b
application’s access to the system by 17. Which of the following is not an attack
enforcing access policies for system tool?
calls? a. Password cracker

a. systrace b. Network sniffer

b. NetBSD c. Autorooter
c. ptrace
d. Rootkit Revealer
28 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Answer:- d c. Logs are analysed to detect trails of

intrusion
d. All of the mentioned
18. Which of the following is incorrect for Answer:- d
knark? 22. What are strengths of the host-based IDS?
a. It hides/unhides files or directories a. Attack verification
b. It hides TCP or UDP connections b. System specific activity
c. It is a user-mode rootkit c. No additional hardware required
d. None of the above d. All of the mentioned
Answer:- c Answer:-d
19. Which of the following is the best 23. What of the following best characteristics
characteristic of anomaly-based IDS? stack based IDS ?
a. They are integrated closely with the
a. It models the normal usage of TCP/IP stack and watch packets
network as a noise characterization b. The host operating system logs in the
b. It doesn’t detect novel attacks audit information
c. Anything distinct from the noise is not c. It is programmed to interpret a certain
assumed to be intrusion activity series of packets
d. It detects based on signature d. It models the normal usage of network
Answer:- a as a noise characterization
20. What are drawbacks of signature-based Answer:- a
IDS? 24. Which of the following is correct for
a. They are unable to detect novel attacks compartmentalization?
b. They suffer from false alarms a. Break large monolithic over-
c. They have to be programmed again for privileged software into smaller
every new pattern to be detected components.
d. All of the mentioned b. Develop “fault compartments”, that
Answer:- d each fail individually
21. What of the following is a characteristic of c. The goal is that when one
Host based IDS? compartment fails, the others can still
function
a. The host operating system logs in d. All of the above
the audit information Answer:- d
b. Logs includes logins, file opens and 25. Which of the following is correct for
program executions principle of least privilege?

29 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. Enforce minimal privileges for 29. Which of the following permission types a
intended purpose. UNIX file can be assigned?
b. Drop privileges when you no longer a. Read
need them. b. Write
c. Both A and B c. Execute
d. None of the above d. All of the above
Answer:- c
Answer: (d)
26. ______ uses a typical Unix approach with 30. Which of the following information is
a large monolithic server and is known for contained in the access tokens?
the high complexity and previous security a. The security identifier (SID) for the
vulnerabilities. user’s account
b. A list of the privileges held by either
a. Sendmail the user or the user’s groups
b. Qmail c. The SID for the primary group
c. Both A and B d. All of the above
d. None of the above Answer(d)
Answer:- a
31. An access token that has been created to
27. In android process isolation, which process capture the security information of a client
only run as root? process, allowing a server to “impersonate”
a. Zygote the client process in security operations.
b. Ping a. Primary Token
c. Both A and B b. Process Token
d. None of the above c. Personalized Token
Answer:- c d. Impersonation Token
28. Which of the following is not a level of Answer (d)
access control on UNIX systems? 32. Which of the following is not a common
a. User password myth?
b. Administrator a. The best length of password is 8
c. Group characters
d. Other b. Replacing characters with numbers is
Answer (b) good (e.g. J0hn_Sm1th)
c. Passwords can include spaces

30 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

d. None of the above

Answer (c) 37. Which of the following is a vulnerability in
33. Which of the following is one of the web browser?
technically simplest processes of gaining a. Cross Site Scripting
access to any password-protected system? b. Implementation bugs
a. Clickjacking c. Both A and B
b. Brute force attack d. Buffer overflow
c. Eavesdropping
d. Waterhole Answer(c)
Answer (b) 38. The _______ is an object in web browser.
34. A _______________ is a process of a. Frames
breaking a password protected system or b. DOM
server by simply & automatically entering c. Cookies
every word in a dictionary as a password. d. All of the above
a. Dictionary attack
b. Phishing attack Answer (d)
c. Social engineering attack 39. Which of the following is not a component
d. MiTM attack of security policy?
a. Frame – Frame relationships
Answer(a) b. Frame – principal relationships
c. Principal – Principal relationships
35. Brute force attack is usually _________ d. None of the above
a. fast
b. inefficient Answer(c)
c. slow 40. Chromium browser has the module
d. complex to understand ________ in separate protection domains
a. Rendering engine
Answer(c) b. Browser kernel
36. Which of the following is not an advantage c. Browser process
of dictionary attack? d. Both A and B
a. Very fast Answer (d)
b. Time-saving 41. Which of the following is not a task
c. Easy to perform assigned to browser kernel?
d. Very tough and inefficient a. HTML parsing
Answer(d) b. Window management

31 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Password database c. It is impossible to implement tools to

d. Download manager trace, monitor, or virtualize
42. The percentage of phishing in sampling of processes.
2015 security incidents is ______. d. None of the above.
a. 8.9% Answer:-(c)
b. 4.9% 46. Which of the following is a computer
c. 2.9% security utility which limits an application's
d. 0.9% access to the system by enforcing access
Answer (c) policies for system calls?
43. Chroot jail is used to _______ process and a. systrace
its children by ________ to the supplied b. NetBSD
directory name. c. ptrace
a. isolate, changing the root directory d. None of the above
b. change, the name Answer:- (a)
c. execute, renaming it 47. One of the name of backdoor virus is _____
d. All of the above . once access is enabled, it may hide ___
Answer:- (b) a. Stealth, files
44. Taliking about FreeBSD jail, which of the b. Rootkit,traces of unauthorized
following is true ? access
a. It can only bind to sockets with c. Hidden Key,unauthorized access
specified IP address and authorized d. Worm,unauthorized access
ports Answer:- (b)
b. It can communicate with processes 48. A Password cracker is a attack tool. Which
inside and outside of jail of the following is also a type of attack tool
c. Root is limited (example: cannot load ?
kernel modules) a. Rootkit Revealer
d. None of the above b. Network sniffer
Answer :-(b) c. TDSSKiller
45. Which of the following is incorrect for d. All of the above
System call interposition?
a. It tracks all the system service requests Answer:- (b)
of processes. 49. knark hides or unhides files or directories.
b. Each system request can be modified It ?
or denied.

32 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. uses system call redirection to hide its d. Chrome

presence. Answer: a
b. hides TCP or UDP connections. 54. As per the lecture, for maximum security,
c. is a loadable kernel module. passwords should be made up of:
d. All of the above a. Lower case letters only
Answer:- (d) b. Memorable names and dates
50. Which of following is true for signature- c. Upper case and lower-case letters,
based IDS? numbers and non letter characters
a. They can esily detect known attacks. d. Upper case and lower-case letters,
b. They can detect new attacks for which numbers and symbols
no pattern is there. Answer: d
c. They have high false positive rates. 55. When accessing a website, which icon can
d. All of the mentioned be seen in the address bar to indicate that
Answer:- (a) the website is secure?
51. If we talk about stack based IDS, Which of a. An arrow
the following is/are correct ? b. A padlock
a. They are integrated with the TCP/IP c. A house
stack. d. A shield
b. They pulls the packet from stack Answer: b
before OS 56. If you share too much information on social
c. Both (a). and (b). media, what may you be at most risk of?
d. None of the above a. Phishing
Answer:- (c ) b. Malware
52. Which of the following browsers is the c. Identity theft
least capable of detecting mixed content? d. Ransomware
a. IE Answer: c
b. Firefox 57. Cookies were originally designed for
c. Safari a. Client-side programming
d. Chrome b. Server-side programming
Answer: Safari c. Both Client-side programming and
53. Which of the following browsers displays Server-side programming
mixed-content dialog to user? d. None of the mentioned
a. IE Answer: b
b. Firefox
c. Safari

33 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

58. What is the constraint on the data per 62. SQL injection is an attack in which
cookie? _________ code is inserted into strings that
a. 16 KB are later passed to an instance of SQL
b. 8 KB Server.
c. 4 KB a. malicious
d. 2 KB b. redundant
Answer: c c. clean
59. Which of the following is the maximum d. non malicious
number of cookies that a browser can Answer: a
store? 63. Point out the wrong statement:
a. 10 Cookies / Site a. SQL injection vulnerabilities occur
b. 20 Cookies / Site whenever input is used in the
c. 30 Cookies / Site construction of an SQL query without
d. None of the above being adequately constrained or
Answer: b sanitized
60. Which of the following is a use of cookies? b. SQL injection allows an attacker to
access the SQL servers and execute
a. User Authentication SQL code under the privileges of the
b. Personalization user used to connect to the database
c. User Tracking c. The use of PL-SQL opens the door
d. All of the above to SQL injection vulnerabilities
Answer: d d. None of the mentioned statements is
61. If we set the secure attribute of the cookie wrong
equals to true, then which of the following Answer: c
is correct?
a. The browser will only send cookie 64. A Web site that allows users to enter text,
back over HTTPS such as a comment or a name, and then
b. The browser will only send cookie stores it and later display it to other users, is
back over HTTP potentially vulnerable to a kind of attack
c. The browser will send cookie back called a ___________attack.
over both HTTPS & HTTP a. Two-factor authentication
d. None of the above b. Cross-site request forgery
Answer: d c. Cross-site scripting
d. Cross-site scoring scripting
Answer: b

34 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

65. Many applications use ___________ where 69. Attack which forces a user(end user)to
two independent factors are used to identify execute unwanted actions on a web
a user. application in which he/she
a. Two-factor authentication is currently authenticated…
b. Cross-site request forgery a. Cross-site scoring scripting
c. Cross-site scripting b. Cross-site request forgery
d. Cross-site scoring scripting c. Cross-site scripting
Answer: a d. Two-factor authentication
66. Which of the following is a good way to Answer: b
prevent SQL injection? 70. Even with two-factor authentication, users
a. Use parameterized / prepared SQL are vulnerable to which attacks.
b. Use ORM framework a. Man-in-the-middle
c. Both A and B b. Cross attack
d. None of the above c. scripting
Answer: c d. Radiant
67. which attacks, the attacker manage’s to Answer: a
take control of the application to execute an 71. which factor uses in many applications,
SQL query created by the attacker… where two independent factors are used to
a. SQL injection identify a user…
b. Direct a. Cross-site scripting
c. SQL b. Cross-site request forgery
d. Application c. Two-factor authentication
Answer: a d. Cross-site scoring scripting
68. A Web site that allows users to enter text, Answer: c
such as a comment or a name, and then 72. The system that allows the user to be
stores it and laterdisplays it to other users, authenticated once and multiple
is potentially vulnerable to a kind of attack applications can then verify the user’s
what attack is it… identity through an authentication service
a. Cross-site scoring scripting without requiring reauthentication…
b. Cross-site request forgery a. OpenID
c. Cross-site scripting b. Sign-on system
d. Two-factor authentication c. Security Assertion Markup Language
Answer: c d. Virtual Private Database
Answer: b

35 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

73. which database is a standard for c. authentication

exchanging authentication and d. Authorization security
authorization information between different Answer: a
security domains, to provide cross- 77. If a DNS server accepts and uses the wrong
organization … details from a host that has no authority
a. OpenID giving that information, then this technique
b. Security Assertion Markup Language is called …?
c. Sign-on system a. DNS hijacking
d. Virtual Private Database b. DNS lookup
Answer: c c. DNS spoofing
74. which id standard is an alternative for d. All of the above
single sign-on across organizations, and has Answer: c
seen increasing acceptance in recent 78. block cypher used by PGP to encrypts
years… data…
a. OpenID a. international data encryption
b. Single-site system algorithm
c. Security Assertion Markup Language b. internet data encryption algorithm
d. Virtual Private Database c. private data encryption algorithm
Answer: a d. All of the above
75. which database allows a system Answer: c
administrator to associate a function with a 79. Pretty good privacy PGP(Pretty Good
relation the function returns a predicate that Privacy) is used in…
must be added to any query that uses the a. browser security
relation… b. email security
a. OpenID c. FTP security
b. Security Assertion Markup Language d. none of the mentioned
c. Single-site system Answer: b
d. Virtual Private Database 80. The extensible authentication protocol is an
Answer: d authentication framework used in…
76. VPD(virtual private database) provides a. wired local area network
authorization at the level of specific tuples, b. wireless networks
or rows, of a relation, and is therefore said c. wired personal area network
to be a mechanism… d. all of the above
a. row-level authorization Answer: b
b. Column-level authentication

36 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

81. What is used to carry traffic of one protocol b. Password-method authentication

over the network that does not support that c. Two-method authentication
protocol directly… d. Two-factor authentication
a. Tunnelling Answer: d
b. Trafficking 86. Where the security enforcement is needed
c. Transferring firstly…
d. Switching a. Scripting
Answer: a b. Application
82. In which Mode the authentication header is c. Assigning Roles
inserted immediately after the IP header… d. Administration
a. Tunnel Answer: b
b. Transport 87. Which database allows a system
c. Authentication administrator to associate a function with a
d. Both A and B relation…
Answer: a a. Virtual database
83. Which of the following is an extension of b. Private database
an enterprise private intranet across a c. Custom database
public Network that creates a secure private d. Virtual Private Database(VPD)
connection… Answer: d
a. VNP 88. Applications create queries dynamically,
b. VSPN can be considered as a risk source of …
c. VSN a. Active attacks
d. VPN b. Passive attacks
Answer: d c. Forgery
84. What term is considered as a basis for most d. Injection
robust authentication schemes… Answer: d
a. Registration 89. Which of the following should be stored in
b. Identification the cookie?
c. Encryption a. Session ID
d. Refine information b. Account Privileges
Answer: c c. UserName
85. A method that uses two independent d. Password
pieces/processes of information to identify Answer: a
a user is known as… 90. In which of the following exploits does an
a. Authentication through encryption attacker insert malicious code into a link

37 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

that appears to be from a trustworthy b. Cookie

source? c. Referrer Header
a. Cross-Site Scripting d. None of the above
b. Buffer over flows Answer: d
c. Command injection 95. The main risk to a web application in a
d. Path traversal attack cross site scripting attack is …
Answer: a
91. Failing to properly validate uploaded files a. Compromise of users
could result in: b. Loss of data integrity
a. Arbitrary code execution c. Destruction of data
b. Inadequate caching headers d. None of the above
c. Distributed Denial of Service Attack Answer: a
against clients
d. None of the above 96. Which cookie flag, when set, will prevent
Answer: a their transmission over non secure channel?
92. What does “White List” data validation a. Secure
means? b. Domain
a. Data is validated against a list of c. Expires
values that are known to be valid d. Static
b. Data is validated against a list of Answer: a
values that are known to be invalid 97. Cross Site Scripting is an attack against
c. Both of the above a. Client (Browser)
d. None of the above b. Database
Answer: a c. Web Application
93. Which languages are vulnerable to Cross d. Web Server
Site Scripting attacks ? Answer: a
a. Java 98. Which of the following is appropriate for
b. ASP.Net customer emails regarding a limited time
c. Perl promotional offer?
d. All of the above a. Request that the user authenticate
Answer: d him/herself by replying to the email
94. Out of the following which can be with their account credentials.
considered as user input for which b. Personalized greeting line
validation is not required
a. Host Header

38 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Providing easy access to the b. Can be placed anywhere in the web

customer's account via a “Click Here” root as long as there are no links to
style link them
d. Sending the email from a domain set c. Should be completely removed from
up specifically for the special offer the server
Answer: b d. Can be placed anywhere after
99. Out of the following which one can be changing the extension
considered as a possible solutions for SQL Answer: c
injection vulnerability? 103. Implementing Access Control based
a. Data Validation on a hard coded IP address
b. Secure Cookies a. Can be done as it as an internal IP
c. Encryption b. Can be done for internet facing servers
d. Comprehensive exception handling as there are no chances of IP conflicts
Answer: a c. Is a good security practice
100. What is the common cause of buffer d. Is a bad security practice
over flows, cross-site scripting, SQL Answer: d
injection and format string attacks?
a. Unvalidated input 104. How can we prevent dictionary attacks
b. Lack of authentication on password hashes ?
c. Improper error handing a. Hashing the password twice
d. Insecure configuration management b. Encrypting the password using the
Answer: a private key
101. What is the preferred medium for c. Use an encryption algorithm you
backing up log files ? wrote your self so no one knows how
a. Print the logs to a paper it works
b. Create a copy of data in your d. Salting the hash
laptop/desktop Answer: b
c. Copy the files to CD-R's 105. Web server will log which part of a
d. None of the above GET request?
Answer: c a. Hidden tags
102. Temporary files b. Query Strings
a. Should be placed securely in a folder c. Header
called “temp” in the web root d. Cookies
Answer: b

39 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

106. _________ is an attack which forces Answer:- d

an end user to execute unwanted actions on 110. To prevent CSRF, _______ validation
a web application in which he/she is should be used.
currently authenticated. a. Referrer
a. Two-factor authentication b. Origin
b. Cross-site request forgery c. Either A or B
c. Cross-site scripting d. None of the above
d. Cross-site scoring scripting
Answer:- b Answer:- c
111. What of the following is a website
107. _____ of home users that have vulnerability?
broadband router with a default or no a. SQL Injection
password (according to the lecture) b. CSRF
c. Cross Side Scripting
a. 85% d. All of the above
b. 64% Answer: - d
c. 50% 112. What happens when an application
d. 45% takes user inputted data and sends it to a
Answer:- c web browser without proper validation and
108. Which of the following is a common escaping?
source blocking? a. Security Misconfiguration
a. Buggy User agents b. Cross Site Scripting
b. User preference in browser c. Insecure Direct Object References
c. Network stripping by local machine d. Broken Authentication and Session
d. All of the above Management
Answer:- d Answer:- b

109. Which of the following is a reason for 113. A Web site that allows users to enter
mounting CSRF attack? text, such as a comment or a name, and
a. Network Connectivity then stores it and later display it to other
b. Read Browser State users, is potentially vulnerable to a kind of
c. Write Browser State attack called a ___________________
d. All of the above attack.

40 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. Two-factor authentication c. Using table indirection

b. Cross-site request forgery d. Using GET/POST parameters
c. Cross-site scripting Answer:- a
d. Cross-site scoring scripting 118. Which of the following is an advanced
Answer:- c anti – XSS tool?
114. _________ is a method of injecting a. Dynamic Data Tainting
malicious code. b. Static Analysis
a. Stored XSS c. Both A and B
b. Reflected XSS d. None of the above
c. DOM based attack Answer:- c
d. All of the above 119. Which of the following is a part of
Answer:- d output filtering / encoding?
115. In cross-site scripting where does the a. Remove / encode (X) HTML special
malicious script execute? chars
a. On the web server b. Allow only safe commands
b. In the user’s browser c. Both A and B
c. On the attacker’s system d. None of the above
d. In the web app model code Answer:- c
Answer:- b 120. Identify the correct statement with
116. Which of the following is the best way respect to ASP.NET output filtering?
to prevent a DOM-based XSS attack? a. Validate request
a. Set the HttpOnly flag in cookies b. Javascript as scheme in URI
b. Ensure that session IDs are not c. Javascript On{event} attributes
exposed in a URL (handlers)
c. Ensure that a different nonce is d. All of the above
created for each request Answer:- d
d. Validate any input that comes
from another Web site

Answer:- d
117. Which of the following is the best way
to prevent malicious input exploiting your
application?
a. Input validation using an allow List
b. Using encryption

41 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Unit-IV
1. Which of the following is false for RSA Answer:- d
algorithm :- 5. Some of cryptography protocols are :-
a. Security of RSA depends on problem of a. SSL
factoring large number b. SET
b. In software, RSA is 100 times slower c. IPSec
than DES d. All of the above
c. In hardware, RSA is 10 times slower Answer:- d
than DES 6. Which of the following is true of
d. RSA can be faster than the symmetric SSL(Secured Socket Layer) :-
algorithm a. Client authentication is compulsary
Answer:-c b. It is developed by Netscape
2. Which of the follwoing is true :- c. Connection is need not be encrypted
a. The receiver can verify signature d. All of the above
using public key Answer:- b
b. Public key is used to encrypt the 7. The OSI model has :-
message a. 8 Layers
c. Message is send without any key b. IP Sec protocol in network layer
d. public key cryptography is symmetric c. SSL protocol in application layer
cryptography d. All of the above
Answer:-a Answer:- b
3. A cryptographic hash functions are : 8. In OSI Model :-
a. Easy to compute a. routing takes place in network layer
b. Used in creating digital fingerprint b. Physical layer transmits and
c. Both 1 and 2 receives unstructured raw data
d. None of the above c. HTTP is application level protocol
Answer:- c d. All of the above
4. In public key distribution :- Answer:- d
a. Public keys are published in a database 9. A public key certificate contains :-
b. Receiver decrypts the message using a. Private and public key of the entity
their private key being certified
c. Sender gets receiver’s public key from b. Digital signature algorithm id
databse c. Identity of the receiver
d. All of the above d. Both 1 and 2

42 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Answer:- d c. Public key is needed for DNSSEC

d. None of the above
Answer:- c
10. In HTTP model, content being sent might 16. Which one is DES?
be changed by a third person a. Block cipher
a. True b. Bit cipher
b. False c. Stream clipher
Answer:- a d. None of the above
11. The TLS is developed by Microsoft Answer a
a. True
b. False 17. Encryption system is?
Answer:- b a. Symmetric key encryption
12. Which of the following is false :- algorithm
a. There are 13 root servers in the world b. not an encryption algorithm
b. DoS attack was performed on them in c. Asymmetric key encryption
2007 algorithm
c. Both 1 and 2 d. None of the above
d. None of the above Answer a
Answer:- c
13. DNS cache poisoning is 18. Which one is not a RC5 operation?
a. Entering false information into DNS a. RC5-CipherText Stealing
cache b. RC5-Cipher Block Chaining
b. Also known as DNS spoofing c. RC5-Cipher Padding
c. where raffic goes to wrong website d. RC5 block cipher
d. All of the above Answer : c
Answer:- d 19. An asymmetric-key cipher uses
14. DNS servers generally use UDP protocol a. 1 Key
a. True b. 2 Key
b. False c. 3 Key
Answer:- a d. 4 Key
15. Which of the following is wrong :- Answer - b
a. DNSSEC provides mechanism to 20. Which one of the following protocol is
authenticate servers and requests used to secure HTTP connection?
b. DNSSEC protects from data a. Resource reservation protocol
spoofing b. Transport layer security (TSL)

43 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. Xplicit congestion notification 25. Encryption algorithm is used to

(ECN) transforms plaintext
d. Stream control transmission into……………………….
protocol (SCTP) a. Simple Text
Answer - b b. Cipher Text
c. Empty Text
21. Cryptography term is used to d. None of the above
transforming messages to make them Answer : d
secure and to prevent from
a. Change 26. What is cipher in Cryptography ?
b. Defend a. Algorithm for performing
c. Idle encryption
d. Attacks b. Algorithm for performing
Answer : d decryption
c. Encrpted Messages
22. Shift cipher is also referred to as the d. Both algorithm for
a. Caesar cipher performing encryption and
b. cipher text Decryption and encrypted
c. Shift cipher message
d. None of the above Answer - d
Answer: a 27. Which clipher is used for providing voice
23. Which one is the Heart of Data privacy in GSM cellular telephone
Encryption Standard (DES)? protocol
a. DES function a. b5/4 cipher
b. Encryption b. A5/2 cipher
c. Rounds c. b5/6 cipher
d. Cipher d. b5/8 cipher
Answer - a Answer - b
28. The message before being transformed, is
24. DES stands for………………… a. Simple Text
a. Data Encryption Slots b. Cipher Text
b. Data Encryption Subscription c. Empty Text
c. Data Encryption Standard d. plain text
d. Data Encryption Solutions Answer :d
Answer – c

44 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

29. Data Encryption Standard (DES), was 33. In symmetric-key cryptography both
designed by party used
a. intel a. same keys
b. IBM b. multi keys
c. HP c. different keys
d. Sony d. two keys
Answer :b Answer a
34. In symmetric-key cryptography, the key
30. In Asymmetric-key Cryptography, locks and unlocks the box is
although Rivest, Shamir, and Adelman a. same
(RSA) can be used to encrypt and decrypt b. shared
actual messages, it is very slow if the c. private
message is d. public
a. short Answer a
b. long 35. The keys used in cryptography are
c. flat a. secret key
d. thin b. private key
Answer b c. public key
d. different key
31. In symmetric-key cryptography, the key Answer d
used by the sender and the receiver is 36. Data Encryption Standard (DES) is an
a. shared example of
b. different a. complex block cipher
c. two keys are used b. cryptography
d. same keys are used c. Electronic Cipher Book
Answer a d. Electronic Code Book
32. In Rotation Cipher, keyless rotation the Answer a
number of rotations is 37. The relationship between a character in
a. jammed the plaintext to a character is
b. idle a. many-to-one relationship
c. rotating b. one-to-many relationship
d. fixed c. many-to-many relationship
Answer d d. one-to-one relationship
Answer b

45 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

38. Cryptography, a word with Greek origins, d. Intel

means Answer a
a. corrupting data
b. secret writing 43. ECB stands for
c. open writing a. Electronic Control Book
d. closed writing b. Electronic Code Book
Answer b c. Electronic Cipher Book
39. A transposition cipher reorders d. Electronic Cryptography Book
(permutes) symbols in a Answer b
a. block of packets 44. The cipher which uses the exclusive-or
b. block of slots operation as defined in computer science
c. block of signals is called
d. block of symbols a. caesar cipher
Answer d b. xor cipher
40. The Cipher Feedback (CFB) mode was c. cipher
created for those situations in which we d. cipher text
need to send or receive R bits of Answer b
a. frames
b. pixels 45. The cryptography can provide
c. data a. entity authentication
d. encryption b. nonrepudiation of messages
Answer c c. confidentiality
41. In Cryptography, when text is treated at d. authentication
the bit level, each character is replaced by Answer d
a. 4 bits 46. The shift ciphers sometimes referred to as
b. 6 bits the
c. 8 bits a. caesar cipher
d. 10 b its b. julia cipher
Answer c c. plain cipher
42. The Advanced Encryption Standard d. XOR cipher
(AES) was designed by Answer a
a. National Institute of Standards and 47. RSA stands for
Technology a. Rivest, Shamir, and Adleman
b. IBM b. Roger, Shamir, and Adrian
c. HP c. Robert, Shamir, and Anthoney

46 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

d. Rivest, Shaw, and Adleman

Answer a
48. The Data Encryption Standard (DES) was
designed by
a. Microsoft
b. Apple
c. IBM
d. HP
Answer c
49. In asymmetric key cryptography, the
private key is kept by __________
a. sender
b. receiver
c. sender and receiver
d. all the connected devices to
the network
Answer b
50. Which one of the following algorithm is
not used in asymmetric-key
cryptography?
a. rsa algorithm
b. diffie-hellman algorithm
c. electronic code book
algorithm
d. dsa algorithm
Answer c

47 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

Unit-V
c. Network
1. In TCP, sending and receiving data is d. Presentation
done as Answer:- d
a. Stream of bytes 6. _____ is a library for formatting raw
b. Sequence of characters packets with arbitrary IP headers.
c. Lines of data a. Libnet
d. Packets b. HeadLib
Answer:- b c. IPLib
2. TCP groups a number of bytes together d. None of the above
into a packet called Answer:- a
a. Packet 7. Which of the following is correct for
b. Buffer Transmission Control Protocol?
c. Segment a. Connection Oriented
d. Stack b. Preserves order
Answer:- c c. Both A and B
d. None of the above
3. Which of these is not applicable for IP Answer:- c
protocol?
a. Is connectionless 8. Which of the following is a basic security
b. Offer reliable service problem?
c. Offer unreliable service a. Network packets pass by
d. None of the mentioned untrusted hosts
Answer:- b b. TCP state easily obtained by
4. Which of the following is a function of IP eavesdropping
Protocol? c. Denial of service vulnerabilities
a. Error reporting d. All of the above
b. Fragmentation and Reassembly Answer:- d
c. Routing 9. Which protocol ensures reliable delivery?
d. All of the above a. TCP
Answer:- d b. UDP
5. Which of the following is not a layer of c. Both A and B
TCP protocol stack? d. None of the above
a. Application Answer:- a
b. Transport

48 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

d. Non-distance vector
10. Which protocol uses window flow
system? Answer:- b
a. UDP 15. In OSPF, a ……… link is a network with
b. TCP several routers attached to it.
c. FTP a. Point-to-point
d. None of the above b. Transient
Answer:- b c. Stub
11. Which of the following is not a routing d. Multipoint
protocol? Answer:- b
a. OSPF 16. Which of the following are the solutions
b. BGP to network security?
c. ARP i) Encryption ii) Authentication
d. MGP iii) Authorization iv) Non-repudiation
Answer:- d a. i, ii and iii only
12. What is full form of ARP? b. ii, iii and iv only
a. Address Resolution Protocol c. i, iii and iv only
b. Allied Resolution Protocol d. All i, ii, iii and iv
c. Address Resolution Process Answer:- d
d. Address Rectification Protocol 17. …………… is to protect data and
Answer:- a passwords.
13. ROA stands for – a. Encryption
a. Route Organization b. Authentication
Administration c. Authorization
b. Route Organization d. Non-repudiation
Authorization Answer:- a
c. Rules of Authorization 18. The following protocols and systems are
d. Rules of Administration commonly used to provide various
Answer:- b degrees of security services in a computer
14. The Open Shortest Path First (OSPF) network.
protocol is an intra domain routing i) IP filtering
protocol based on ________ routing. ii) Reverse Address Translation
a. Distance vector iii) IP Security Architecture (IPsec)
b. Link state iv) Firewalls
c. Path vector v) Socks

49 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

a. i, ii, iii and iv only 23. In ………………. Mode, the

b. i, iii, iv and v only authentication header is inserted
c. ii, iii, iv and v only immediately after the IP header.
d. All i, ii, iii, iv and v a. Tunnel
Answer:- b b. Transport
19. A firewall is installed at the point where c. Authentication
the secure internal network and untrusted d. Both A and B
external network meet which is also Answer:- a
known as ……………… 24. State true or false.
a. Chock point i) Socks are a standard for circuit-level
b. meeting point gateways.
c. firewall point ii) NAT is used for the small number of hosts
d. secure point in a private network.
Answer:- a a. True, False
20. Which of the following is/are the types of b. False, True
firewalls? c. True, True
a. Packet Filtering Firewall d. False, False
b. Dual Homed Gateway Firewall Answer:- c
c. Screen Host Firewall 25. A ………………. is an extension of an
d. All of the above enterprise’s private intranet across a
Answer:- d public Network such as the Internet,
21. The components of IP security includes creating a secure private connection.
a. Authentication Header (AH) a. VNP
b. Encapsulating Security Payload (ESP) b. VPN
c. Internet Key Exchange (IKE) c. VSN
d. All of the above d. VSPN
Answer:- d Answer:- b
22. ………………….. is used to carry traffic 26. The primary goal of the
of one protocol over the network that does ………………….. protocol is to provide
not support that protocol directly. a private channel between communicating
a. Tunneling application, which ensures privacy of data
b. Transferring authentication of the partners, and
c. Trafficking integrity.
d. Switching a. SSL
Answer:- a b. ESP

50 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. TSL b. SSL authentication protocol

d. PSL c. SSL record protocol
Answer:- a d. SSL cipher protocol
27. The ……………. is used to provide Answer:- c
integrity check, authentication and 31. While initiating SSL session, the client
encryption to IP datagram. code recognizes the SSL request and
a. SSL establishes a connection through TCP
b. ESP Part …………….. to the SSL code on the
c. TSL server.
d. PSL a. 420
Answer:- b b. 1032
28. In ……………………. mode, a common c. 443
technique in packet-switched networks d. 322
consists of wrapping a packet in a new Answer:- c
one. 32. On the upper layer of SSL, a protocol for
a. Tunneling initial authentication and transfer of
b. Encapsulation encryption keys, called the
c. Both A and B …………………
d. None of the above a. SSL handshake protocol
Answer:- c b. SSL authentication protocol
29. The …………………………. Is a c. SSL record protocol
collection of protocols designed by d. SSL cipher protocol
Internet Engineering Task Force(IETF) to Answer:- a
provide security for a packet at the 33. State whether the following statement are
Network level. true.
a. IPsec i) An application-level gateway is often
b. Netsec referred to as a proxy.
c. Packetsec ii) In proxy, a direct connection is established
d. Protocolsec between the client and destination server.
Answer:- a a. True, False
30. At the lower layer of SSL, a protocol for b. False, True
transferring data using a variety of c. True, True
predefined cipher and authentication d. False, False
combinations called the ………………. Answer:- a
a. SSL handshake protocol

51 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

34. In packet-filtering router, the following 38. Network layer firewall works as a
information can be external from the ________
packet header. a. frame filter
i) Source IP address b. packet filter
ii) Destination IP address c. signal filter
iii) TCP/UDP source port d. content filter
iv) ICMP message type Answer: b
v) TCP/UDP destination port 39. Network layer firewall has two sub-
a. i, ii, iii and iv only categories called ____________
b. i, iii, iv and v only a. stateful firewall and stateless firewall
c. ii, iii, iv and v only b. bit oriented firewall and byte oriented
d. All i, ii, iii, iv and v firewall
Answer:- d c. frame firewall and packet firewall
35. . …………….. mode is used whenever d. network firewall and data firewall
either end of a security association is Answer: a
gateway. 40. WPA2 is used for security in _______
a. Tunnel a. ethernet
b. Encapsulating b. bluetooth
c. Transport c. wi-fi
d. Gateway d. e-mail
Answer:- a
36. IPSec is designed to provide security at Answer: c
the _________ 41. An attempt to make a computer resource
a. transport layer unavailable to its intended users is called
b. network layer ______
c. application layer a. denial-of-service attack
d. session layer b. virus attack
Answer: b c. worms attack
37. In tunnel mode, IPSec protects the d. botnet process
______ Answer: a
a. Entire IP packet 42. Extensible authentication protocol is
b. IP header authentication framework frequently used
c. IP payload in ______
d. IP trailer a. wired personal area network
Answer: a b. wireless networks

52 University Academy
 COMPUTER SYSTEM SECURITY 2020-21

c. wired local area network Answer: b

d. wired metropolitan area network 47. Network layer firewall has two sub-
Answer: b categories as _________
43. Pretty good privacy (PGP) is used in a. State full firewall and stateless firewall
______ b. Bit oriented firewall and byte oriented
a. browser security firewall
b. email security c. Frame firewall and packet firewall
c. FTP security d. Network layer firewall and session layer
d. wifi security firewall
Answer: b Answer: a
48. A firewall is installed at the point where
44. PGP encrypts data by using a block the secure internal network and untrusted
cipher called ______ external network meet which is also
a. international data encryption known as __________
algorithm a. Chock point
b. private data encryption algorithm b. Meeting point
c. internet data encryption algorithm c. Firewall point
d. local data encryption algorithm d. Secure point
Answer: a Answer: a

45. When a DNS server accepts and uses 49. Which of the following is / are the types
incorrect information from a host that has of firewall?
no authority giving that information, then a. Packet Filtering Firewall
it is called _________ b. Dual Homed Gateway Firewall
a. DNS lookup c. Screen Host Firewall
b. DNS hijacking d. Dual Host Firewall
c. DNS spoofing Answer: a
d. DNS authorizing 50. A proxy firewall filters at _________
Answer: c a. Physical layer
46. Network layer firewall works as a b. Data link layer
__________ c. Network layer
a. Frame filter d. Application layer
b. Packet filter Answer: d
c. Content filter
d. Virus filter

53 University Academy
→Telegram Channel 
→Telegram Group