Computer Network Security MCQ

1. _________ operates in the transport mode or the tunnel mode.

A) IPSec
B) SSL
C) PGP
D) none of the above
2. IKE creates SAs for _____.
A) SSL
B) PGP
C) IPSec
D) VP
3. ______ provides either authentication or encryption, or both, for packets at the IP level.
A) AH
B) ESP
C) PGP
D) SSL
4. One security protocol for the e-mail system is _________.
A) IPSec
B) SSL
C) PGP
D) none of the above
5. Typically, ______ can receive application data from any application layer protocol, but the protocol is
normally HTTP.
A) SSL
B) TLS
C) either (a) or (b)
D) both (a) and (b)
6. IKE is a complex protocol based on ______ other protocols.
A) two
B) three
C) four
D) five
7. IPSec defines two protocols: _______ and ________.
A) AH; SSL
B) PGP; ESP
C) AH; ESP
D) all of the above
8. In the ______ mode, IPSec protects information delivered from the transport layer to the network
layer.
A) transport
B) tunnel
C) either (a) or (b)
D) neither (a) nor (b)
9. ______ is the protocol designed to create security associations, both inbound and outbound.
A) SA
B) CA
C) KDC
D) IKE

10. A _______network is used inside an organization.

A) private
B) public
C) semi-private
D) semi-public
11. SSL provides _________.
A) message integrity
B) confidentiality
C) compression
D) all of the above
12. The Internet authorities have reserved addresses for _______.
A) intranets
B) internets
C) extranets
D) none of the above
13. An _________ is a network that allows authorized access from outside users.
A) intranet
B) internet
C) extranet
D) none of the above
14. _________ is a collection of protocols designed by the IETF (Internet Engineering Task Force) to
provide security for a packet at the network level.
A) IPSec
B) SSL
C) PGP
D) none of the above
15. IKE uses _______.
A) Oakley
B) SKEME
C) ISAKMP
D) all of the above
16. IPSec uses a set of SAs called the ________.
A) SAD
B) SAB
C) SADB
D) none of the above
17. An ________ is a private network that uses the Internet model.
A) intranet
B) internet
C) extranet
D) none of the above
18. ______ is actually an IETF version of _____.
A) TLS; TSS
B) SSL; TLS
C) TLS; SSL
D) SSL; SLT
19. In ______, there is a single path from the fully trusted authority to any certificate.
A) X.509
B) PGP
C) KDC
D) none of the above
20. The combination of key exchange, hash, and encryption algorithms defines a ________ for each SSL
session.
A) list of protocols
B) cipher suite
C) list of keys
D) none of the above
21. A ______ provides privacy for LANs that must communicate through the global Internet.
A) VPP
B) VNP
C) VNN
D) VPN
22. _______ uses the idea of certificate trust levels.
A) X.509
B) PGP
C) KDC
D) none of the above
23. IPSec in the ______ mode does not protect the IP header.
A) transport
B) tunnel
C) either (a) or (b)
D) neither (a) nor (b)
24. ________ provides privacy, integrity, and authentication in e-mail.
A) IPSec
B) SSL
C) PGP
D) none of the above
25. In _____, there can be multiple paths from fully or partially trusted authorities.
A) X.509
B) PGP
C) KDC
D) none of the above
26. ______ provides authentication at the IP level.
A) AH
B) ESP
C) PGP
D) SSL
27. In _______, the cryptographic algorithms and secrets are sent with the message.
A) IPSec
B) SSL
C) TLS
D) PGP
28. ______ is designed to provide security and compression services to data generated from the
application layer.
A) SSL
B) TLS
C) either (a) or (b)
D) both (a) and (b)
29. _______ provide security at the transport layer.
A) SSL
B) TLS
C) either (a) or (b)
D) both (a) and (b)
30. The _______ mode is normally used when we need host-to-host (end-to-end) protection of data.
A) transport
B) tunnel
C) either (a) or (b)
D) neither (a) nor (b)
31. In the _______ mode, IPSec protects the whole IP packet, including the original IP header.
A) transport
B) tunnel
C) either (a) or (b)
D) neither (a) nor (b)
32. ______ was invented by Phil Zimmerman.
A) IPSec
B) SSL
C) PGP
D) none of the above
33. A _______ layer security protocol provides end-to-end security services for applications.
A) data link
B) network
C) transport
D) none of the above
34. In PGP, to exchange e-mail messages, a user needs a ring of _______ keys.
A) secret
B) public
C) either (a) or (b)
D) both (a) and (b)
35. Encryption Strength is based on
a) strength of algorithm
b) secrecy of key
c) length of key
d) all of the above
36. Why did SSL certificate require in HTTP?
a) for making security weak
b) for making information movefaster
c) for encrypted data sent overhttp protocol
d) for sending and receivingemails unencrypted
37. The full form of Malware is
a) malfunctioned software
b) multipurpose software
c) malicious software
d) malfunctioning of security
38. Which of the following is not a type of symmetric-key cryptography technique?
a) caesar cipher
b) data encryption standard (des)
c) diffie hellman cipher
d) playfair cipher
39. If a website uses a cookie, or a browser contains the cookie, then every time you visit that website,
the browser transfersthe cookie to that website.
a) true
b) false
40. Which of the following is a non-technical type of intrusion or attack technique?
a) reverse engineering
b) malware analysis
c) social engineering
d) malware writing
41. In RSA, Ф(n) = in terms of p and q
a) (p)/(q)
b) (p)(q)
c) (p-1)(q-1)
d) (p+1)(q+1)
42. SSL primarily focuses on
a) integrity and authenticity
b) integrity and non-repudiation
c) authenticity and privacy
d) confidentiality and integrity

43. Which of them is an example of grabbing email information?

a) cookie stealing
b) reverse engineering
c) port scanning
d) banner grabbing
44. What is the block size of RC6 Feistel block cipher?
a) 5013 bits
b) 128 bits
c) 596 bits
d) 1768 bits
45. USENET falls under which category of public key sharing?
a) public announcement
b) publicly available directory
c) public-key authority
d) public-key certificates
46. Elliptic curve cryptography follows the associative property
a) true
b) false
47. The value of 52003 mod 7 is(use fermat's theorem)
a) 3
b) 4
c) 8
d) 9
48. Who created PGP?
a) phil zimmermann
b) tim berners-lee
c) marc andreessen
d) ken thompson
49. What is the PGP stand for?
a) permuted gap permission
b) permuted great privacy
c) pretty good privacy
d) none of the mentioned
50. What is the key size allowed in PGP?
a) 1024-1056
b) 1024-4056
c) 1024-4096
d) 1024-2048

51. Which of them is not an ideal way ofspreading the virus?

a) infected website
b) e-mails
c) official antivirus cds
d) usbs
52. What are email security services?
a) confidentiality
b) authentication
c) non- repudation of origin
d) all of the above
53. Which of them is not an ideal way of spreading the virus?
a) infected website
b) e-mails
c) official antivirus cds
d) usbs
54. How many real and imaginary roots does the equation y2=x3-4x have
a) 2 real, 1 imaginary
b) all real
c) all imaginary
d) 2 imaginary, 1 real
55. PGP offers___________block ciphers for message encryption?
a) triple-des
b) cast
c) idea
d) all of the above
56. S/MIME stands for_________ .
a) standard multipurpose internet mail extensions.
b) secure multipurpose internet mail extensions.
c) secure multipurpose international mail extensions
d) standard multipurpose international mail extensions.
57. If the data stored in the __________is not encrypted, then after cookie stealing, attackers can see
information such as username and password stored by the cookie.
a) memory
b) quarantine
c) cookies
d) hard drive

58. The stored cookie which contains all your personal data about that website can be stolen away by
________using or trojans.
a) attackers, malware
b) hackers, antivirus
c) penetration testers, malware
d) penetration testers, virus
59. A computer _______is a malicious code which self-replicates by copying itself to other programs.
a) program
b) virus
 c) application
d) worm
60. _______ mointors user activity on internet and transmit that information in the background to
someone else
a) malware
b) spyware
c) adware
d) none of these
61. Firewall examines each________that are entering or leaving the internal network
a) emails users
b) updates
c) connections
d) data packets
62. Packet filtering firewalls are deployed on
a) routers
b) switches
c) hubs
d) repeaters
63. A firewall protects which of the following attacks?

a) phishing
b) dumpster diving
c) denial of service
d) shoulder surfing
64. Which of the following is not a software firewall?
a) windows firewall
b) outpost firewall pro
c) endian firewall
d) linksys firewall

65. There are types of computer virus.

a) 5
b) 7
c) 10
d) 12
66. Firewall is type of------
a) virus
b) security threat
c) worm
 d) none of these
67. SFTP is abbreviated as
a) secure file transfer protocol
b) secured file transfer protocol
c) secure folder transfer protocol
d) secure file transferring protocol
68. An attempt to make a computer resource unavailable to its intended users is called
a) denial-of-service attack
b) virus attack
c) worms attack
d) botnet process
69. PGP is used in
a) browser security
b) email security
c) ftp security
d) wifi security
70. Which of them is not a proper method for email security?
a) use strong password
b) use email encryption
c) spam filters and malware scanners
d) click on unknown links to explore
71. Is used for hiding the payment information from the merchant.
a) set
b) ssl
c) shttp
d) tsp
72. The cryptography algorithms used in S/MIME are .
a) ide
b) rc4
c) rsa,des-3
d) rc5

73. In tunnel mode, IPSec protects the

a) entire ip packet
b) ip header
c) ip payload
d) ip trailer
74. In S/MIME,MLA stands for .
a) mailing list agent.
b) multipurpose list agent.
c) mail lock agent.
 d) message link agent
75. PGP makes use of which cryptographic algorithm?
a) des
b) aes
c) rsa
d) rabin
76. IPSec is designed to provide security at which layer.
a) transport layer
b) network layer
c) application layer
d) session layer
77. Which component is included in IP security?
a) authentication header (AH)
b) encapsulating security payload
c) internet key exchange
d) all of the mentioned
78. Which of the following is not a strong security protocol?
a) https
b) ssl
c) smtp
d) sftp
79. PGP security system uses
a) public key cryptosystem
b) private key cryptosystem
c) public & private key cryptosystem
d) none of the mentioned

80. Knapsack problem can be solved by

a) public key cryptosystem
b) public key system
c) private & public key system
d) none of the mentioned
81. Merkle hellman is a symmetric cryptosystem.
a) true
b) false
82. In a trapdoor function, the functions are easy to go in
a) one direction
b) two directions
c) all directions
d) none of the mentioned
83. Extensions were added in which version?
a) 1
b) 2
c) 3
d) 4
84. The subject unique identifier of the X.509 certificates was added in which version?
a) 1
b) 2
c) 3
d) 4

85. Which of the following is not an element/field of the X.509 certificates?

a) Issuer Name
b) Serial Modifier
c) Issuer unique Identifier
d) Signature
86. Suppose that A has obtained a certificate from certification authority X1 and B has obtained
certificate authority from CA X2. A can use a chain of certificates to obtain B’s public key. In notation of
X.509, this chain is represented in the correct order as –
a) X2 X1 X1 B
b) X1 X1 X2 A
c) X1 X2 X2 B
d) X1 X2 X2 A
87. Certificates generated by X that are the certificates of other CAs are Reverse Certificates.
a) True
b) False
c) May be
d) Can’t say
88. It is desirable to revoke a certificate before it expires because
a) the user is no longer certified by this CA
b) the CA’s certificate is assumed to be compromised
c) the user’s private key is assumed to be compromised
d) all of the mentioned
89. CRL stands for
a) Cipher Reusable List
b) Certificate Revocation Language
c) Certificate Revocation List
d) Certificate Resolution Language
90. Which of the following is not a part of an Extension?
a) Extension Identifier
b) Extension value
c) Extension value
d) All of the mentioned constitute the Extension
91. X.509 certificate recommends which cryptographic algorithm?
a) RSA
b) DES
c) AES
d) Rabin
92. Number of phases in the handshaking protocol?
a. 2
b. 3
c. 4
d. 5
93. In the Handshake protocol action, which is the last step of the Phase 2 : Server Authentication and Key
Exchange?
a) server_done
b) server_key_exchange
c) certificate_request
d) crtificate_verify
94. The DSS signature uses which hash algorithm?
a) MD5
b) SHA-2
c) SHA-1
d) Does not use hash algorithm
95. The certificate_request massage includes two parameters, one of which is-
a) certificate_extension
b) certificate_creation
c) certificate_exchange
d) certificate_type
96. In the handshake protocol which is the message type first sent between client and server ?
a) server_hello
b) client_hello
c) hello_request
d) certificate_request
97. In the SSLv3 the padding bits are ____________ with the secret key.
a) Padded
b) XORed
c) Concatenated
d) ANDed
98. We encounter the record_overflow error when the payload length exceeds –
a) 214 + 1024
b) 216 + 1024
c) 214 + 2048
d) 216 + 2048
99. In TLS padding cann be upto a maximum of –
a) 79 bytes
b) 127 bytes
c) 255 bytes
d) none of the mentioned
100. An HTTP connection uses port _________ whereas HTTPS uses port ____________ and invokes SSL.
a) 40; 80
b) 60; 620
c) 80; 443
d) 620; 80