Network Security MCQ Quiz - Objective Question with Answer for Network Security - Download Free PDF
Last updated on Dec 9, 2024
Latest Network Security MCQ Objective Questions
Network Security Question 1:
What key(s) are used by the sender of an encrypted message in an asymmetric-key cipher?
Answer (Detailed Solution Below)
Network Security Question 1 Detailed Solution
The correct answer is option 2.
Concept:
The two keys are called the “public key” and the “private key” of the user. The sender uses a public key to encrypt the message. The recipient uses its private key to decrypt the message.
Asymmetric encryption is also called public-key encryption, but it actually relies on a key pair. Two mathematically related keys, one called the public key and another called the private key, are generated to be used together. The private key is never shared; it is kept secret and is used only by its owner. The public key is made available to anyone who wants it. Because of the time and amount of computer processing power required, it is considered mathematically infeasible for anyone to be able to use the public key to re-create the private key, so this form of encryption is considered very secure.
Hence the correct answer is the public key of the receiver.
Network Security Question 2:
The process of converting plain text to cipher text is called _______.
Answer (Detailed Solution Below)
Network Security Question 2 Detailed Solution
Key Points
- Encryption is the process of converting plain text into a coded format, known as ciphertext, to prevent unauthorized access.
- It is a crucial aspect of data security, ensuring that sensitive information remains confidential during transmission or storage.
- Encryption algorithms use keys to transform data, and the same or a different key is used to decrypt the information back to its original form.
- Types of encryption include symmetric encryption, where the same key is used for both encryption and decryption, and asymmetric encryption, which uses a pair of keys (public and private).
- Common encryption standards include AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adleman), and DES (Data Encryption Standard).
Additional Information
- Decryption is the reverse process of encryption, converting ciphertext back into readable plain text using a key.
- Encryption is widely used in various applications, including online banking, email communications, and securing personal data on devices.
- The strength of encryption depends on the algorithm used and the length of the encryption key; longer keys generally provide stronger security.
Network Security Question 3:
Symmetric encryption is also known as:
Answer (Detailed Solution Below)
Network Security Question 3 Detailed Solution
Key Points
- Conventional encryption is another term for symmetric encryption.
- In symmetric encryption, the same key is used for both encryption and decryption of data.
- This method is known for being fast and efficient, making it suitable for encrypting large amounts of data.
- However, it requires secure key management to ensure that the encryption key is not compromised.
- Examples of symmetric encryption algorithms include AES (Advanced Encryption Standard), DES (Data Encryption Standard), and 3DES (Triple DES).
Additional Information
- Public-key encryption (Option 1) is another term for asymmetric encryption, where different keys are used for encryption and decryption.
- Asymmetric encryption (Option 2) involves a pair of keys: a public key for encryption and a private key for decryption.
- Hybrid encryption (Option 4) combines both symmetric and asymmetric encryption techniques to leverage the advantages of each.
- Symmetric encryption is generally faster than asymmetric encryption but requires secure key distribution and management.
Network Security Question 4:
Symmetric Key Cryptography uses stream cipher to encrypt the information. One of example of stream cipher:
Answer (Detailed Solution Below)
Network Security Question 4 Detailed Solution
The correct answer is option 2.
Concept:
Symmetric Key Cryptography uses a stream cipher to encrypt the information. One example of stream cipher is RC4.
Stream cipher:
A stream cipher is an encryption technique that encrypts and decrypts a set quantity of data using a symmetric key. In contrast to an asymmetric cipher key, a symmetric cipher key is an encryption tool that may be used for both encryption and decryption.
Rivest Cipher 4:
- Rivest Cipher 4, often known as RC4, is a stream cipher that was developed in 1987. A stream cipher is a sort of encryption algorithm that encrypts data one byte at a time.
- RC4 is a stream cipher that has been used in the Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocols, the IEEE 802.11 wireless LAN standard, and the Wi-Fi Security Protocol WEP (Wireless Equivalent Protocol).
Hence the correct answer is RC4.
Additional Information
- Secure hashing algorithm (SHA) is an acronym for secure hashing algorithm. SHA is a hashing algorithm that is based on MD5. It is used to hash data and certificates. Using bitwise operations, modular additions, and compression functions, a hashing algorithm compresses the input data into a smaller form that cannot be comprehended.
- Blowfish is the first symmetric encryption algorithm created by Bruce Schneier in 1993. Symmetric encryption uses a single encryption key to both encrypt and decrypt data.
Network Security Question 5:
Keyloggers are a form of _____.
Answer (Detailed Solution Below)
Network Security Question 5 Detailed Solution
The correct answer is option 4.
Concept:
Keyloggers, also known as keystroke loggers, are software applications or hardware devices that record the activity (keys tapped) on a keyboard. Keyloggers are a type of spyware in which users are unaware that their actions are being recorded.
Spyware:
Spyware is a type of malicious software or malware that is installed on a computing device without the end user's knowledge.
Characteristics:
- Keyloggers may be used for a number of objectives, including fraudulently gaining access to your private information and monitoring staff actions. Some keyloggers may also record your screen at random intervals; these are known as screen recorders.
- Keylogger software normally saves your keystrokes in a tiny file that may be viewed later or automatically sent to the person watching your activity.
- A keylogger is a malicious computer application that records everything you write on the keyboard and learns the keystroke pattern, including words, characters, and symbols, and then sends all of the recorded information to hostile hackers.
Hence the correct answer is Spyware.
Top Network Security MCQ Objective Questions
In computing, ________ is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Answer (Detailed Solution Below)
Network Security Question 6 Detailed Solution
Download Solution PDFThe correct answer is option 4) i.e. Firewall.
- A firewall is a type of computer-security system.
- A firewall controls the flow of data from one computer or network to another and they are mainly intended to protect an individual computer system or a network from being accessed by an intruder, especially via the Internet.
Note:
- Cookies are small files that are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client computer.
- Spam is an undesired or illegal email message.
- Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information.
A computer virus is a
Answer (Detailed Solution Below)
Network Security Question 7 Detailed Solution
Download Solution PDFThe correct answer is Software.
- A computer virus is a malicious software that, when executed replicates itself by modifying other computer programs.
- The full form of VIRUS is Vital Information Resources Under Seize because they replicate and multiply and use up computer memory processing power with fake repetitive commands. It causes the system to become slow and keeps hanging.
What is the term for a cyber-security attack that targets multiple interconnected devices simultaneously to create a large- scale attack network?
Answer (Detailed Solution Below)
Network Security Question 8 Detailed Solution
Download Solution PDFThe correct answer is Botnet attack.
Key Points
- Botnet is a network of computers that have been infected with malware and are controlled by a single attacker. The attacker can use the botnet to launch a variety of attacks, including DDoS attacks.
- DDoS attack is a cyber-security attack that targets a website or server with a flood of traffic. This traffic can overwhelm the website or server, making it unavailable to legitimate users.
- Zero-day attack is an attack that exploits a vulnerability in software that the software vendor is not aware of. This means that there is no patch available to fix the vulnerability, making it very difficult to defend against.
- A spear phishing attack is a targeted attack that is designed to trick the victim into clicking on a malicious link or opening an infected attachment.
- Therefore, the term for a cyber-security attack that targets multiple interconnected devices simultaneously to create a large-scale attack network is botnet attack.
Additional Information
Here are some ways to protect yourself from botnet attacks:
- Keep your software up to date. Software vendors often release patches to fix security vulnerabilities.
- Use a firewall. A firewall can help to block malicious traffic from reaching your computer.
- Use antivirus software. Antivirus software can help to detect and remove malware from your computer.
- Be careful about what websites you visit and what links you click on.
- Do not open attachments from unknown senders.
Which type of virus attaches with EXE files and the resulting infected EXE file attacks other EXE files and infects them ?
Answer (Detailed Solution Below)
Network Security Question 9 Detailed Solution
Download Solution PDFThe type of virus that attaches to EXE files and infects other EXE files is a type of Parasitic virus, also known as an executable virus or file infecting virus.
Boot sector viruses infect the boot sector of storage devices such as hard drives and floppy disks.
Stealth viruses use various techniques to hide themselves from detection by antivirus software and other system tools.
Memory resident viruses, as the name suggests, reside in a computer's memory and can infect other files that are loaded into memory. However, they do not typically infect EXE files specifically.
Hence, the correct answer is option 1.
Knowing the password of a user for hacking is called?
Answer (Detailed Solution Below)
Network Security Question 10 Detailed Solution
Download Solution PDFThe correct answer is Spoofing.
Key Points
- Spoofing occurs in cybersecurity when fraudsters pretend to be someone or something else in order to gain someone's trust. Typically, the goal is to gain access to systems, steal data, steal money, or spread malware.
Additional Information
- Cyber Stalking-
- The repeated use of electronic communications to harass or frighten someone is known as cyber stalking. For example by sending threatening emails.
- Sneaking-
- Sneak means done without warning in an unknown, secret or quiet manner.
- Spamming-
- Spamming is the practic of sending unsolicited bulk messages via electronic messaging systems such as e-mail and other digital delivery systems and broadcast media.
Which of the following is an attack in which the user receives the unwanted amount of e-mails?
Answer (Detailed Solution Below)
Network Security Question 11 Detailed Solution
Download Solution PDFImportant Points
Email bomb
It is an attack on your inbox that involves sending massive amounts of emails to your address. Sometimes these messages are complete gibberish, but more often they’ll be confirmation emails for newsletters and subscriptions.
Additional Information
Spoofing
It is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server.
Smurf Attack
It is a form of a DDoS attack that causes packet flood on the victim by exploiting/abusing ICMP protocol. When deployed, large packets are created using a technique called “spoofing”. The phony source address that is now attached to these packets becomes the victim, as their IP is flooded with traffic. The small ICMP packet generated by the tool causes big trouble for a victim, hence the name Smurf.
Ping storm
It is a condition in which the Internet ping program is used to send a flood of packets to a server to test its ability to handle a high amount of traffic or, maliciously, to make the server inoperable
Hence Option 1 is correct
Which of the following is a malicious software that, on execution, runs its own code and modifies other computer programs?
Answer (Detailed Solution Below)
Network Security Question 12 Detailed Solution
Download Solution PDFVirus
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code
Important Point:
- Spam is any kind of unwanted, unsolicited digital communication, often an email, that gets sent out in bulk. Spam is a huge waste of time and resources.
- Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information. Spyware is classified as a type of malware.
- Adware, or advertising supported software, is software that displays unwanted advertisements on user computer
Unsolicited electronic messages sent for marketing purposes are called______.
Answer (Detailed Solution Below)
Network Security Question 13 Detailed Solution
Download Solution PDFThe correct answer is spam.
Key Points
- Any unwanted, uninvited digital communication transmitted in bulk is referred to as spam.
- Spam is frequently transmitted by email.
- But it can also be sent through social media, text messages, and phone calls.
- Cybercriminals send phishing emails to a large number of recipients in an effort to "hook" a select few recipients.
- Phishing emails con people into disclosing private data like credit card numbers or website logins.
Additional Information
- Virus:
- A computer virus is a form of malware that accompanies another program and has the ability to multiply and propagate once it has been run on a machine.
- Unzip:
- Extraction of the files from a single-file zip archive or other comparable file archive is known as unzipping.
- URL:
- URL stands for Uniform Resource Locator.
- A URL is nothing more than the Web address of a specific, particular resource.
Symmetric encryption is also known as:
Answer (Detailed Solution Below)
Network Security Question 14 Detailed Solution
Download Solution PDFKey Points
- Conventional encryption is another term for symmetric encryption.
- In symmetric encryption, the same key is used for both encryption and decryption of data.
- This method is known for being fast and efficient, making it suitable for encrypting large amounts of data.
- However, it requires secure key management to ensure that the encryption key is not compromised.
- Examples of symmetric encryption algorithms include AES (Advanced Encryption Standard), DES (Data Encryption Standard), and 3DES (Triple DES).
Additional Information
- Public-key encryption (Option 1) is another term for asymmetric encryption, where different keys are used for encryption and decryption.
- Asymmetric encryption (Option 2) involves a pair of keys: a public key for encryption and a private key for decryption.
- Hybrid encryption (Option 4) combines both symmetric and asymmetric encryption techniques to leverage the advantages of each.
- Symmetric encryption is generally faster than asymmetric encryption but requires secure key distribution and management.
Dynamic packet filters firewall are fourth generation firewalls that work at
Answer (Detailed Solution Below)
Network Security Question 15 Detailed Solution
Download Solution PDFFourth Generation Firewalls are also known as stateful firewalls. The most important upgrade from First Generation Firewalls is the ability to keep track of the TCP connection state. Greatly prevents hackers access, also these firewalls are able to determine if packets are a part of a new connection or existing connection, relying on a three-way handshake with TCP.
Additional Information
TCP (Transmission Control Protocol):
- TCP (Transmission control protocol) is a connection-oriented reliable transport protocol. It provides a process to process communications using port numbers.
UDP (User datagram protocol):
- UDP (User datagram protocol) is called a connectionless, unreliable transport protocol.
- UDP protocol encapsulates and decapsulates messages in an IP datagram.
Application Layer Protocol:-
- In the Internet protocol stack, when data is sent from device A to device B, the 5th layer to receive data at B is the Application layer.
- It consists of protocols that focus on process-to-process communication across an IP network and provides a firm communication interface and end-user services.
Session Layer Protocol:-
- The Session Layer is the 5th layer of the OSI model.
- The session layer controls the dialogues (connections) between computers. It establishes, manages, and terminates the connections between the local and remote applications.