NSCF Quiz
NSCF Quiz
Q.1: A multinational corporation, GlobalTech Inc., faced significant challenges in securing its
internal communications across its global branches. With a vast network spanning multiple
countries, the corporation is vulnerable to cyber threats, including data interception,
unauthorized access, and man-in-the-middle attacks. GlobalTech Inc. required a robust solution
to secure its network communications at the IP layer to ensure confidentiality, integrity, and
authentication of data packets transmitted across its networks. The primary challenge for
GlobalTech Inc. is to implement a security solution that could:
Secure data transmission across different geographical locations.
Provide flexibility in applying security policies.
Ensure compatibility with existing network infrastructure.
Offer scalability to accommodate future growth.
Q.3: E-ShopNow, a rapidly growing e-commerce platform, experienced a surge in traffic and
transactions due to its expanding product range and customer base. While business growth was
promising, the platform faced increasing cybersecurity threats, including data breaches, man-
in-the-middle (MITM) attacks, and customer data theft. Recognizing the critical need to protect
user data and transactions, E-ShopNow sought to implement robust security measures at the
transport layer. E-ShopNow's challenges were multifaceted:
Ensuring Data Confidentiality and Integrity: Protecting sensitive customer information,
such as credit card details and personal data, during transmission.
Building Trust with Customers: Demonstrating a commitment to security to maintain and
grow customer trust and loyalty.
Regulatory Compliance: Meeting stringent data protection regulations to avoid legal
penalties and reputational damage.
Seamless Integration: Upgrading security without disrupting the existing user experience or
platform performance.
Q.4: FinBank, a leading financial institution, observed an exponential increase in mobile
banking usage among its customers. While this digital shift improved convenience and
operational efficiency, it also exposed the bank and its users to advanced cyber threats,
including sophisticated man-in-the-middle (MITM) attacks, data breaches, and interception of
financial transactions. FinBank's legacy encryption protocols were becoming inadequate in
safeguarding sensitive data exchanges, necessitating a more robust security solution to protect
its mobile banking application. FinBank faced several critical challenges:
Advanced Threat Landscape: The bank needed to protect against advanced cyber threats
that could compromise the confidentiality and integrity of sensitive financial transactions.
Performance and Compatibility: Implementing stronger security measures without
compromising the mobile application’s performance or user experience.
Regulatory Compliance: Adhering to strict financial industry regulations and data
protection standards.
Customer Trust: Ensuring that the enhanced security measures bolstered customer
confidence in using the mobile banking application.
Q.6: FinDataCorp, a leading financial data analysis company, manages sensitive financial
information and provides insights to clients worldwide. With the increasing sophistication of
cyber threats and stringent data protection regulations, the company faced significant
challenges in ensuring the security and privacy of the financial data it processed and stored.
FinDataCorp's primary challenges were multifaceted:
Data Security: Ensuring the confidentiality and integrity of sensitive financial data both in
transit and at rest.
Regulatory Compliance: Complying with international financial data protection standards
and regulations, such as GDPR and PCI DSS.
Scalability and Performance: Implementing a robust encryption solution that could scale
without compromising system performance or user access times.
Key Management: Safeguarding encryption keys while ensuring they were accessible for
legitimate processing and analysis needs.
Q.7: A financial institution is deploying a new application for online transactions that require
high levels of data integrity, confidentiality, and flow control to ensure that transactions are
processed reliably and securely.
As a network specialist, you are asked to recommend Transport Layer protocols and
mechanisms to meet the application’s requirements. Consider the following:
Which Transport Layer protocol(s) would you recommend for the online transaction
system, and why?
Discuss how your chosen protocol(s) ensures data integrity, confidentiality, and flow
control during a transaction process.
Describe any potential issues that might arise with your chosen protocol(s) in terms of
performance (e.g., latency, throughput) and how you would address these issues to maintain
a balance between security and performance.
Q.8: A rapidly growing e-commerce company with a global customer base plans to significantly
expand its operations. The company operates a centralized data center in North America and
plans to open two new data centers in Europe and Asia to improve website performance and
reliability for its international customers. The network infrastructure must be designed to
support seamless data synchronization across data centers, manage large volumes of web traffic,
and provide high resilience against failures or cyber-attacks.
As a senior network engineer, you are tasked with designing a network topology that ensures
high availability, low latency communication between data centers, and scalability to
accommodate future growth. Additionally, the company requires the implementation of robust
security measures to protect sensitive customer data during transmission across the network.
Case Study question are as follows:
Describe the network topology you would recommend for connecting the three data centers.
Include how you would implement redundancy to ensure high availability.
Propose an IP addressing scheme that facilitates efficient routing and data synchronization
between the data centers while considering future expansion.
Which routing protocols would you implement within and between the data centers to
support the company’s requirements for scalability, security, and performance? Justify your
choices.
How would these protocols optimize the path selection process to ensure low latency and
high resilience in case of link or node failures?
Discuss the security measures and protocols you would implement to protect data in transit
between the data centers against interception and tampering.
How would you ensure the integrity and confidentiality of sensitive customer data as it
traverses the network?
Identify potential challenges your network design might face in terms of scaling,
performance, or security.
Provide solutions or strategies to mitigate these challenges, ensuring the network remains
robust and efficient as the company grows.
Q.9: A leading e-commerce platform experiences significant growth in user traffic, resulting in
increased load times and occasional downtime during peak shopping periods. The platform
operates on a microservices architecture, with different services handling user authentication,
product catalog management, order processing, and payment transactions. The company aims
to enhance the user experience by optimizing application performance, ensuring high
availability, and securing sensitive customer data.
As the chief architect, you are tasked with designing an optimization strategy for the application
layer that addresses the current performance bottlenecks, improves fault tolerance, and
strengthens security measures to protect user data. Case Study question are as follows:
Identify potential causes of the increased load times and downtime during peak periods.
Propose a detailed strategy for optimizing the performance of the e-commerce platform's
application layer. Consider aspects like service scaling, load balancing, and caching
mechanisms.
How would you modify the existing microservices architecture to handle the increased
traffic more efficiently while maintaining or improving response times?
Describe the techniques and technologies you would implement to ensure high availability
and fault tolerance of the e-commerce platform. Discuss how you would manage service
failures to minimize impact on user experience.
How would you design the system to automatically handle spikes in traffic, such as during
sales events or promotional campaigns, without manual intervention?
Given the sensitive nature of customer data (e.g., personal information and payment
details), outline the security protocols and measures you would put in place at the
application layer to prevent data breaches and ensure data privacy.
Discuss the role of encryption, secure APIs, and access control in your security strategy.
How would you ensure compliance with international data protection regulations (e.g.,
GDPR, CCPA)?
Explain how you would implement monitoring tools and practices to continuously assess
the performance of the e-commerce platform. Include metrics and KPIs that are crucial for
identifying issues and areas for improvement.
Describe the process for regularly updating the platform’s application layer, considering
new features, security patches, and performance enhancements. How would you ensure
these updates do not disrupt the platform’s operation?
Assignment#2
Network Security and Cyber Forensics (CSPC-306)
1. Could you elucidate the concept of a virtual cluster number within the context of file system
architectures?
2. What should you consider when determining which data acquisition method to use?
3. Could you provide a detailed elucidation of the concept known as cybercrime? What are
the different roles of computers with respect to cybercrime?
5. What are the steps involved in computer evidence handling? Explain in detail.
6. A desperate employee calls because she has accidentally deleted crucial files from her hard
drive and can’t retrieve them from the Recycle Bin. What are your options? Write one to
two pages explaining your capabilities and listing the questions you must ask her about her
system.
7. A bank has hired your firm to investigate employee fraud. The bank uses four 20 TB
machines on a LAN. You can talk to the network administrator, who knows where the data
is stored. What diplomatic strategies should you use? Which acquisition method should you
use? Write a two-page report outlining the problems you expect to encounter, explaining
how to rectify them, and describing your solution. Be sure to address any customer privacy
issues.
8. Your mentor has asked you to research current acquisition tools. Using your preferred
Internet search engine and the vendors, prepare a report containing the following
information for each tool (minimum 5) and stating which tool you would prefer to use:
Forensics vendor name
Acquisition tool name and latest version number
Features of the vendor’s product
With this data collected, prepare a spreadsheet listing vendors in the rows. For the
column headings, list the following features:
Raw format
Proprietary format
AFF format
Other proprietary formats the tool can read
Compression of image files
Remote network acquisition capabilities
Method used to validate (MD5, SHA-1, and so on)
9. As part of the duties of a digital forensics examiner, creating an investigation plan is a
standard practice. Write a paper that describes how you would organize an investigation for
a potential fraud case. In addition, list methods you plan to use to validate the data collected
from drives and files, such as Word and Excel, with hashes. Specify the hash algorithm you
plan to use, such as MD5 or SHA-1.
10. In an ongoing investigation, several graphics files were transmitted via e-mail from an
unknown source to a suspect. The lead investigator gives you these graphics files and tells
you that at least four messages should be embedded. Use your problem-solving and
brainstorming skills to determine a procedure to follow. Write a short report outlining what
to do.
Date 27-FEB-2024
Student Roll No: Student Name:
3. In IPSec the size of the window is determined by the receiver with a default value of
__________
4. When an IP datagram carries an ESP header and trailer in tunnel mode, the value of the
protocol field in the IP new header and IP old header are _____________ and
_______________ respectively.
6. Which of the following message is not a part of the Phase II of handshake protocol in
SSL.
a. CleintHelloDone
b. Certificate
c. ServerKeyExchange
d. CertificateVerify
9. After Phase I of handshake protocol in SSL, the client and server know the following:
a. The version of SSL
b. The compression method
c. The two random numbers for key generation
d. The algorithms for key exchange, message authentication, and encryption
10. In IKE phase 1 main mode, initial two message in preshared secret-key method are used
for
a. Share Nonces
b. Remove Clogging Attack
c. SA Negotiation
d. None of These
13. Which of the following is not a part of Client Hello message in SSL Protocol
a. Half Key
b. Compression Method
c. Random Number
d. Certificate
14. Which of the following is false with respect to SSL and TLS.
a. The generation of cryptographic secrets is more complex in SSL than in TLS.
b. TLS supports all of the alerts defined in SSL except for NoCertificate.
c. In SSL, the hash used in the CertificateVerify message is the two-step hash of the
handshake messages plus a pad and the master secret.
d. TLS uses the data-expansion function to calculate two hashes used for the Finished
message
16. The _______ mode is normally used when we need host-to-host (end-to-end) protection
of data
a. Tunnel
b. Transport
c. either (a) or (b)
d. neither (a) nor (b)
17. Which protocol is used for the purpose of copying the pending state into the current state?
a. Alert Protocol
b. Handshake Protocol
c. Change Cipher Spec Protocol
d. None of These
18. In Handshake Protocol phase II, there is no requirement for Server Key Exchange in
a. RSA
b. Anonymous DH
c. Fixed DH
d. Ephemeral DH
19. Hashing in IPSEC is based on the total packet. However, only ___________________
fields of the IP header are included in the calculation of the message digest (authentication
data).
Q1: The Temporal Key Integrity Protocol (TKIP) enhances WEP by introducing several new features.
Which of the following is NOT one of these features?
A) A per-packet key mixing function to combat weak key attacks.
B) The use of a 48-bit Initialization Vector to prevent replay attacks.
C) A cryptographic message integrity code (MIC) to protect against forgeries.
D) Utilizing the RC4 cipher for encryption to maintain backward compatibility.
Q2: Which of the following best describes the key management process in the 802.1x protocol?
A) The Group Key Handshake is used to derive and distribute Pairwise Master Keys (PMKs).
B) The Pre-shared Key (PSK) is used to authenticate messages in the four-way handshake.
C) The RADIUS server distributes the Pairwise Master Key (PMK) to the Access Point (AP), which then
initiates the four-way handshake.
D) All keys are derived locally at the client and then transmitted to the server for validation.
Q3: What method is specifically mentioned as a cybercrime against property through deception and
data manipulation?
A) Salami slicing attack B) Data diddling
C) Trojan horse deployment D) Both A and B
Q4: What type of cybercrime involves unauthorized access and modification of network or personal
data?
A) Cyber vandalism B) Cyber espionage
C) Cyber squatting D) Cyber defamation
Q5: Which tool is commonly used by cybercriminals to execute attacks without the victim's
knowledge?
A) Virus B) Worm
C) Trojans D) Ransomware
Q6: What type of cybercrime involves the use of internet services to exploit or harass individuals
online?
A) Cyber espionage B) Data diddling
C) Cyber warfare D) Cyber stalking
Q7: Which phishing attack targets high-level executives within an organization to steal sensitive
information?
A) Deceptive phishing B) Spear phishing
C) Whaling D) Clone phishing
Q8: Which method is specifically used to combat 'Rootkit' installations on computer systems?
A) Isolating the infected system from the network
B) Regularly updating firewall rules
C) Scanning emails for suspicious links
D) Educating users about the dangers of phishing
Q15: Which method of data acquisition is particularly useful when dealing with large storage devices
or when time is limited?
A) Disk-to-image file acquisition B) Logical or sparse acquisition
C) Disk-to-disk copy D) Creating a full forensic clone
Q16: In the context of RAID data acquisitions, which RAID level is known for providing increased
storage without redundancy?
A) RAID 0 B) RAID 1
C) RAID 5 D) RAID 6
Q17: Which tool is specifically mentioned as allowing for disk-to-image copies and supports
segmenting the image file?
A) FTK Imager Lite B) Linux dd command
C) Mini-WinFE D) ProDiscover
Q18: What is the primary function of the Linux command 'dd' when used in data acquisitions?
A) To create a compressed backup of the data.
B) To create a raw format file from a disk or data.
C) To encrypt data during the acquisition process.
D) To analyze data before acquisition.
Q19: Which acquisition method is most suitable when only specific files relevant to an investigation
need to be preserved?
A) Full disk-to-disk copy B) Sparse data copy
C) Logical disk-to-data file acquisition D) Creating a disk-to-image file
Q20: What is the primary challenge when acquiring data from RAID configurations?
A) The inability to compress data during acquisition
B) Compatibility issues with non-Windows operating systems
C) RAID systems do not support modern forensic tools
D) The large volume of data and complex configurations
Name………………….. Roll No…………………..
5. Which step involves ensuring the integrity and authenticity of collected forensic data?
a. Approaching digital forensics cases b. Using Autopsy to validate data
c. Recovering passwords d. Examining encrypted files
6. Identifying unknown file formats involves analyzing:
(a)File headers (b)File names
(c)File extensions (d)File contents
8. You are a computer forensic examiner and want to determine when a user deleted a file
contained in a Windows XP Recycle Bin. In what file is the date and time information
about the file deletion contained?
a. Index.dat b. Link file
b. INFO2 d. Deleted.ini
11. A ____________________ acquisition method not only captures specific files but
also collects fragments of unallocated (deleted) data.
a. Sparse b. Live
c. Static d. Logical
13. ______________ partitions data and parity among all N+1 disks, instead of storing
data in N-disks and parity in one disk.
a. Block interleaved parity b. Block interleaved distributed parity
c. Bit parity d. Bit interleaved parity
15. Which of the following is the file extensions for metadata in AFF.
a. .afd b. .afm
d. Both of These d. None of These
16. Which of the following is not valid method of data acquiring data for forensics
analysis
a. disk-to-image file b. disk-to-disk copy,
c. disk-to-data file d. sparse data copy of a folder or file
e. None of These
18. Which of the following protocol is used for authentication between STA and
Authentication Server.
a. Extensible Authentication Protocol
b. Remote Authentication Dial-In User Service
c. Both of These
d. None of These
19. Which of the following services is not provided by Temporal Key Integrity Protocol
a. Confidentiality b. Message authentication
b. Replay Protection d. None of These
20. Key material are sent in which of the following operational phase of IEEE 80.2.11i
a. Discovery Phase b. Authentication Phase
b. Key Generation and Confirmation Phase d. None of These