Advanced System Security And Digital Forensics MCQ - QPkendra
Question 1 : SSL stands for
- Simple socket layer
- Simple Secure layer
- Secure Socket Layer
- Socket Simple Layer
Question 2 : Edye works for a computer software company. As part of her job develops a computer program , then ownership of program belongs to
- Edye, as she develops the program
- Company, as it paid Edye to write the program
- Both of them
- Company Director
Question 3 : ____________ are unlike copyrights in that they protect inventions, tangible objects, or ways to make them, not works of the mind. It requires novelty.
- Intellectual Property
- Trade Secret
Question 4 : When an attacker is able to eavesdrop on network traffic and identify the MAC address of a computer with network previleges. Which type of Wireless network threat would you classify this under?
- Identity Theft.
- Man in the middle attack
- Network Injection
- Accidental Association
Question 5 : _______________ is the central node of 802.11 wireless operations.
- Access Point
- Access Port
Question 6 : Cross-Site Request Forgery (CSRF) is an attack
- Is for sending multiple requests to server for some site
- that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated
- That pretends attacker as legitimate user
- That monitors network Traffic For communication on sites
Question 7 : What is the Necessity of Forensic Duplication?
- Performing analysis on duplicate copy is easy.
- Preserving the original digital evidences is important
- Performing analysis on original copy is time consuming.
- Performing analysis on original copy is easy
Question 8 : A ________ is a computer program that can infect other computer programs by modifying them in such a way as to include a copy of it
- email bombing
- salami attack
- computer virus
- logic bomb
Question 9 : The list of the DNS (Domain Name System) entries can be found in -
Question 10 : Which of the following is not done by cyber criminals?
- Unauthorized account access
- Mass attack using Trojans as botnets
- Email spoofing and spamming
- Report vulnerability in any system
Question 11 : Protection is only provided at the _____ level
- any level
Question 12 : What is the full form of MAC?
- Mandatory access control
- Medium access control
- Major account control
- Main access control
Question 13 : What is an indirect way to transmit information with no explicit reading of confidential information?
- Covert channels
- Timing channels
- Overt channels
Question 14 : Performing a shoulder surfing in order to check other’s password is ____________ ethical practice.
- a good
- not so good
- very good social engineering practice
- a bad
Question 15 : ___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage.
- Base Signal Station
- Base Transmitter Station
- Base Transceiver Station
- Transceiver Station
Question 16 : A user intending to connect to one LAN may unintentionally lock onto a wireless access point from the neighboring network. Which type of Wireless network threat would you classify this under?
- Malicious Threat
- Network Injection
- Denial Of Service
- Accidental Association
Question 17 : What is ‘separation’ in security of Operating systems?
- To have separate login for different users
- To have Hard disk drive/partition for different users
- It means keeping one user’s objects separate from other users
- To have same objects for different users
Question 18 : Vulnerabilities and risks are evaluated based on their threats against which of the following?
- One or more of the CIA Triad principles
- Data usefulness
- Due care
- Extent of liability
Question 19 : Which of the following is NOT a valid access control mechanism?
- DAC (Discretionary Access Control)
- SAC (Subjective Access Control)
- MAC (Mandatory Access Control)
- RBAC (Role Based Access Control)
Question 20 : What is the software called that’s designed to exploit a computer user and is a broad term covering computer viruses, worms, Trojan, adware, etc.?
Question 21 : A valid definition of digital evidence is:
- Data stored or transmitted using a computer
- Information of probative value
- Digital data of probative value
- Any digital evidence on a computer
Question 22 : An attack that relies on high volume of password guessing.
- Brute Force Attack
- Credential Stuffing Attack
- Skimming Attack
- Phishing Attack
Question 23 : What is the main concern of the Bell-LaPadula security model?
Question 24 : From the following, which is not a common file permission?
Question 25 : What term describes the route that evidence takes from the time you find it until the case is closed or goes to court?
- Chain of Custody
- Law of probability
- Daubert path
- Separation of duties