Advanced System Security And Digital Forensics MCQ - QPkendra

home MCQ Questions & Answer


Question 1 : SSL stands for

  1. Simple socket layer
  2. Simple Secure layer
  3. Secure Socket Layer
  4. Socket Simple Layer
    

Question 2 : Edye works for a computer software company. As part of her job develops a computer program , then ownership of program belongs to

  1. Edye, as she develops the program
  2. Company, as it paid Edye to write the program
  3. Both of them
  4. Company Director
    

Question 3 : ____________ are unlike copyrights in that they protect inventions, tangible objects, or ways to make them, not works of the mind. It requires novelty.

  1. Copyright
  2. Patent
  3. Intellectual Property
  4. Trade Secret
    

Question 4 : When an attacker is able to eavesdrop on network traffic and identify the MAC address of a computer with network previleges. Which type of Wireless network threat would you classify this under?

  1. Identity Theft.
  2. Man in the middle attack
  3. Network Injection
  4. Accidental Association
    

Question 5 : _______________ is the central node of 802.11 wireless operations.

  1. WPA
  2. Access Point
  3. WAP
  4. Access Port
    

Question 6 : Cross-Site Request Forgery (CSRF) is an attack

  1. Is for sending multiple requests to server for some site
  2. that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated
  3. That pretends attacker as legitimate user
  4. That monitors network Traffic For communication on sites
    

Question 7 : What is the Necessity of Forensic Duplication?

  1. Performing analysis on duplicate copy is easy.
  2. Preserving the original digital evidences is important
  3. Performing analysis on original copy is time consuming.
  4. Performing analysis on original copy is easy
    

Question 8 : A ________ is a computer program that can infect other computer programs by modifying them in such a way as to include a copy of it

  1. email bombing
  2. salami attack
  3. computer virus
  4. logic bomb
    

Question 9 : The list of the DNS (Domain Name System) entries can be found in -

  1. /etc/groups
  2. /etc/hosts
  3. /etc/shadows
  4. /etc/passwd
    

Question 10 : Which of the following is not done by cyber criminals?

  1. Unauthorized account access
  2. Mass attack using Trojans as botnets
  3. Email spoofing and spamming
  4. Report vulnerability in any system
    

Question 11 : Protection is only provided at the _____ level

  1. lower
  2. central
  3. higher
  4. any level
    

Question 12 : What is the full form of MAC?

  1. Mandatory access control
  2. Medium access control
  3. Major account control
  4. Main access control
    

Question 13 : What is an indirect way to transmit information with no explicit reading of confidential information?

  1. Covert channels
  2. Backdoor
  3. Timing channels
  4. Overt channels
    

Question 14 : Performing a shoulder surfing in order to check other’s password is ____________ ethical practice.

  1. a good
  2. not so good
  3. very good social engineering practice
  4. a bad
    

Question 15 : ___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage.

  1. Base Signal Station
  2. Base Transmitter Station
  3. Base Transceiver Station
  4. Transceiver Station
    

Question 16 : A user intending to connect to one LAN may unintentionally lock onto a wireless access point from the neighboring network. Which type of Wireless network threat would you classify this under?

  1. Malicious Threat
  2. Network Injection
  3. Denial Of Service
  4. Accidental Association
    

Question 17 : What is ‘separation’ in security of Operating systems?

  1. To have separate login for different users
  2. To have Hard disk drive/partition for different users
  3. It means keeping one user’s objects separate from other users
  4. To have same objects for different users
    

Question 18 : Vulnerabilities and risks are evaluated based on their threats against which of the following?

  1. One or more of the CIA Triad principles
  2. Data usefulness
  3. Due care
  4. Extent of liability
    

Question 19 : Which of the following is NOT a valid access control mechanism?

  1. DAC (Discretionary Access Control)
  2. SAC (Subjective Access Control)
  3. MAC (Mandatory Access Control)
  4. RBAC (Role Based Access Control)
    

Question 20 : What is the software called that’s designed to exploit a computer user and is a broad term covering computer viruses, worms, Trojan, adware, etc.?

  1. Backdoors
  2. Key-logger
  3. Malware
  4. Spyware
    

Question 21 : A valid definition of digital evidence is:

  1. Data stored or transmitted using a computer
  2. Information of probative value
  3. Digital data of probative value
  4. Any digital evidence on a computer
    

Question 22 : An attack that relies on high volume of password guessing.

  1. Brute Force Attack
  2. Credential Stuffing Attack
  3. Skimming Attack
  4. Phishing Attack
    

Question 23 : What is the main concern of the Bell-LaPadula security model?

  1. confidentiality
  2. integrity
  3. authentication
  4. Accountability
    

Question 24 : From the following, which is not a common file permission?

  1. Write
  2. Execute
  3. Read
  4. Stop
    

Question 25 : What term describes the route that evidence takes from the time you find it until the case is closed or goes to court?

  1. Chain of Custody
  2. Law of probability
  3. Daubert path
  4. Separation of duties
    
  • chevron_left
  • 1
  • chevron_right