Sis - Drugi Kolokvijum

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Mladjalug96
M
Mladjalug96
Community Contributor
Quizzes Created: 2 | Total Attempts: 15,195
| Attempts: 7,603 | Pitanja: 185
Please wait...

Question 1 / 185
0 %
0/100
Score 0/100
1. Prilikom instaliranja antivirus programa preporuka je da se instalira:

Explanation

The recommendation for installing an antivirus program is to install only one reliable antivirus program. This is because having multiple antivirus programs can cause conflicts and slow down the computer's performance. Additionally, a single reliable antivirus program is usually sufficient to provide effective protection against viruses and other malware.

Submit
Please wait...
About This Quiz
Sis - Drugi Kolokvijum - Quiz

Tell us your name to personalize your report, certificate & get on the leaderboard!
2. U modelu sigurnosti sa više nivoa odrediti stepen tajnosti (1 najviši, 4 najniži):
Submit
3. Koji programski jezik je osetljiv na prekoračenje bafera?

Explanation

C/C++ je programski jezik koji je osetljiv na prekoračenje bafera. Prekoračenje bafera je situacija u kojoj se podaci upisuju izvan granica određenog bafera, što može dovesti do rušenja programa ili izvršavanja zlonamernog koda. C/C++ jezici omogućavaju direktno upravljanje memorijom, što znači da programer ima veću odgovornost za upravljanje baferima i sprečavanje prekoračenja.

Submit
4. Najbolja preventivna zaštita od zlonamernog koda je:

Explanation

The best preventive protection against malicious code is real-time protection. Real-time protection refers to the continuous monitoring and scanning of a computer system for any potential threats or malicious activities. It actively detects and blocks any suspicious files or programs in real-time, preventing them from causing harm to the system. This is considered the most effective method of protection as it provides immediate defense against emerging threats. Scanning the computer on demand, regular disk defragmentation, and blocking internet connections are not specifically focused on preventing malicious code and may not be as effective in providing comprehensive protection.

Submit
5. # u konfiguracijskoj datoteci aide.conf znači:

Explanation

The given answer "komentar" suggests that in the configuration file aide.conf, the line is a comment and does not have any effect on the execution of commands. It is not a command to be checked or skipped.

Submit
6. Mrežna barijera (firewall) posle filtriranja paketa, paket koji ne zadovoljava ni jedno od definisanih pravila za kontrolu pristupa:

Explanation

After filtering the packets, if a packet does not meet any of the defined access control rules, the firewall will discard or reject it.

Submit
7. Salami Attack predstavlja:

Explanation

Salami Attack predstavlja seriju malih beznačajnih napada koji se mnogo puta ponavljaju. Ovaj tip napada se koristi za krađu ili prevaru putem malih, neprimetnih transakcija koje pojedinačno ne izazivaju sumnju, ali kada se svi ti mali delovi slože, mogu prouzrokovati značajnu štetu. Napadači koriste ovu taktiku kako bi izbegli otkrivanje i prouzrokovali finansijsku ili druge vrste štete.

Submit
8. Autentifikacija lozinkom je odluka na osnovu nečega:

Explanation

The correct answer is "što korisnik zna." This is because password authentication is based on something that the user knows, in this case, the password. It is a common method used to verify the identity of a user by requiring them to enter a secret password that only they should know.

Submit
9. Segmentacija i straničenje su metode koje se koriste za zaštitu:

Explanation

Segmentacija i straničenje su metode koje se koriste za zaštitu memorije. Segmentacija podrazumeva podelu memorije na segmente kako bi se omogućila zaštita i izolacija različitih delova memorije. Straničenje, s druge strane, podrazumeva podelu memorije na stranice radi efikasnijeg upravljanja memorijom. Obe metode pomažu u sprečavanju neovlašćenog pristupa ili oštećenja memorije, čime se poboljšava sigurnost i stabilnost sistema.

Submit
10. Izabrati tačan iskaz:

Explanation

IPSec is a network protocol suite that provides security services for IP (Internet Protocol) communications. It offers encryption to protect the confidentiality of data, integrity to ensure that the data has not been tampered with during transmission, and authentication to verify the identity of the communicating parties. Therefore, the correct statement is "IPSec nudi šifrovanje, integritet i autentifikaciju" which translates to "IPSec offers encryption, integrity, and authentication."

Submit
11. Potpuno automatizovan javni Tjuringov test za razlikovanje čoveka od računara tj. test koji čovek može da prođe sa lakoćom dok računar ne može da ga prođe sa verovatnoćom većom od one koja bi se postigla nasumičnim pogađanjem naziva se

Explanation

The given correct answer is "CAPTCHA." CAPTCHA is a completely automated public Turing test used to distinguish between humans and computers. It is a test that humans can easily pass while computers cannot pass it with a probability greater than random guessing. CAPTCHA is commonly used to prevent automated bots from accessing certain websites or performing certain actions, as it requires users to complete a challenge that is difficult for computers to solve but relatively easy for humans.

Submit
12. Uobičajeno, zlonamerni programi se dele na osnovu:

Explanation

Zlonamerni programi se obično klasifikuju prema principu širenja i delovanja, što znači da se razlikuju na osnovu načina na koji se šire i kako utiču na sistem. Ova klasifikacija omogućava razumevanje različitih strategija i taktika koje zlonamerni programi koriste, kao i njihovih karakteristika i sposobnosti. Na osnovu principa širenja i delovanja, moguće je razviti odgovarajuće mere zaštite i neutralisanja ovih programa.

Submit
13. Izabrati tačan iskaz:

Explanation

SSL (Secure Socket Layer) is a cryptographic protocol that provides encryption, integrity, and authentication. Encryption ensures that the communication between the client and the server is secure and cannot be intercepted by unauthorized parties. Integrity ensures that the data transmitted remains unchanged and has not been tampered with during transmission. Authentication verifies the identity of the server, ensuring that the client is communicating with the intended and trusted server. Therefore, the correct statement is that SSL offers encryption, integrity, and authentication.

Submit
14. Koja distribucija Linuxa nema root nalog?

Explanation

The correct answer is "sve distribucije imaju root nalog" which translates to "all distributions have a root account" in English. This means that all Linux distributions have a root account, which is the superuser account that has complete control over the system.

Submit
15. Autentifikacija (samo) smart karticom je odluka na osnovu nečega:

Explanation

The correct answer is "što korisnik ima" because authentication with a smart card is based on something that the user possesses, in this case, the smart card itself.

Submit
16. U praksi, u kodovima se pojavljuje bar jedna greška na svakih:

Explanation

In practice, it is common to encounter at least one error in every 2000 lines of code. This suggests that errors are expected to occur relatively frequently in code, and developers should be prepared to debug and fix them. The other options (1500, 2500, and 1000 lines of code) imply either a higher or lower error rate, which is not consistent with the given statement.

Submit
17. Izbaciti uljeza:

Explanation

The given list consists of various software tools used for debugging and reverse engineering. OllyDbg, IDA Pro, and Soft ICE are well-known and widely used tools in the field. However, "Komodo" is not typically associated with debugging or reverse engineering. It is primarily a multi-language integrated development environment (IDE) used for software development. Therefore, it can be considered an outlier or "uljez" in this context, making it the correct answer to be eliminated from the list.

Submit
18. Zlonamerni program koji ima osobinu da može da se širi kroz mrežu bez potrebe za asistencijom korisnika naziva se:

Explanation

The correct answer is "crv" because it refers to a malicious program that can spread through a network without the need for user assistance. The word "crv" is derived from the term "worm" in Serbian, which is commonly used to describe this type of program.

Submit
19. Skup metoda za ograničavanje korišćenja digitalnih sadržaja u cilju zaštite autorskih prava skraćeno se zapisuje:

Explanation

The correct answer is DRM. DRM stands for Digital Rights Management, which is a method used to restrict the use of digital content in order to protect copyright. It involves technologies and techniques that control the access, copying, distribution, and usage of digital content such as music, movies, ebooks, and software. DRM is commonly used by content creators and distributors to prevent unauthorized copying and sharing of their intellectual property, ensuring that they can monetize their work and protect their rights.

Submit
20. Dvo faktorska autentifikacija zahteva:

Explanation

The correct answer is "bilo koje 2 od 3 stavke (nešto što znate/imate/jeste)". This means that any combination of two out of the three factors (something you know, something you have, something you are) can be used for two-factor authentication. It allows flexibility in choosing the most convenient and secure combination of factors for authentication purposes.

Submit
21. Windows Defender je:

Explanation

Windows Defender is an antivirus program. It is a built-in security feature in Windows operating systems that helps protect against viruses, malware, and other malicious software. It scans for and removes threats, provides real-time protection, and regularly updates its virus definitions to stay up-to-date with the latest threats.

Submit
22. Za prikupljanje naizgled nebitnih podataka sa više različitih izvora koji objedinjeni daju konkretnu informaciju koristi se:

Explanation

The correct answer is "salami attack". A salami attack is a type of cyber attack where small, seemingly insignificant pieces of data are stolen or manipulated over a period of time. These small pieces of data are often not noticeable, but when combined, they can provide valuable information or resources to the attacker. This method is used to avoid detection and raise minimal suspicion.

Submit
23. Keylogger je:

Explanation

A keylogger is a type of malicious software or hardware that is used by hackers to intercept and record keystrokes on a computer. It is designed to capture sensitive information such as passwords, credit card numbers, and other personal data. This information can then be used by the hacker for unauthorized access or identity theft. Therefore, the correct answer is "hakerska komponenta za presretanje lozinki" which translates to "hacker component for intercepting passwords".

Submit
24. Koliko osnovnih tipova mrežnih barijera postoji:

Explanation

There are three basic types of network barriers.

Submit
25. Autentifikacija pomoću smart kartice gde se dodatno zahteva i ukucavanje PIN koda je autentifikacija na osnovu nečega što:

Explanation

The correct answer is "korisnik ima i zna" because authentication using a smart card requires the user to possess (ima) the physical card and know (zna) the associated PIN code. This combination of something the user possesses and something the user knows provides an additional layer of security for authentication.

Submit
26. Granične adrese koje koristi jedan korisnik/proces kod istoimene metode mogu da budu:

Explanation

The possible boundary addresses that can be used by a user/process for the same method can either be both static or both dynamic at the same time. This means that either both the starting and ending addresses are static or both are dynamic.

Submit
27. Sigurnost operativnog sistema opšte namene se najefikasnije realizuje kroz:

Explanation

The most effective way to ensure the security of a general-purpose operating system is through a secure kernel. The kernel is the core component of the operating system that manages the system's resources and provides essential services to other parts of the system. By securing the kernel, it becomes more difficult for malicious actors to exploit vulnerabilities and gain unauthorized access to the system. This is because the kernel acts as a gatekeeper, controlling access to system resources and enforcing security policies.

Submit
28. Očitavanje SMART kartice je moguće prisluškivati:

Explanation

The correct answer states that it is possible to eavesdrop on the reading of a SMART card by placing an electromagnetic radiation eavesdropper near the card reader. This implies that the data being transmitted between the card and the reader can be intercepted and accessed by unauthorized individuals using this method.

Submit
29. Ukoliko se poseduje samo exe fajl a postoji namera (potreba) da se analizira i izmeni kod neophodan alat je:

Explanation

If one only has an exe file and there is a need to analyze and modify the code, the necessary tools are a disassembler and a debugger. A disassembler is used to convert the machine code into assembly language, allowing for a better understanding of the code structure and logic. A debugger, on the other hand, is used to execute the code step by step, allowing for the identification of bugs and the ability to modify the code during runtime. Using both tools together provides a comprehensive approach to analyzing and modifying the code in the given scenario.

Submit
30. U koliko u listi za kontrolu pristupa ne postoji ni jedno pravilo koje odgovara pristiglom paketu:

Explanation

If there is no rule in the access control list that matches the incoming packet, the packet will be discarded.

Submit
31. Koji program ovde ne pripada:

Explanation

The given options are all names of computer programs or viruses, except for "Brain." Brain does not belong in this list because it is not a program or virus; it is a term commonly used to refer to the human brain or intelligence. The other options, Code red, Morris Warm, and SQL Slammer, are all well-known computer programs or viruses.

Submit
32. Prilikom slanja podataka iz html forme, može se reći da:

Explanation

When sending data from an HTML form, it can be said that the method GET reveals the data. This means that when using the GET method, the data entered in the form will be visible in the URL of the webpage. This can be seen in the browser's address bar, making it less secure for sending sensitive or confidential information. On the other hand, the method POST does not reveal the data in the URL, providing a more secure way of sending data. However, the answer does not mention that it depends on the web browser, as different browsers may have different default methods for form submission.

Submit
33. Na kraju svih pravila liste za kontrolu pristupa postoji implicitna (nevidljiva) stavka:

Explanation

At the end of all access control lists, there is an implicit (invisible) item called "Deny all". This means that any access requests that have not been explicitly allowed will be denied. This is a default setting to ensure that only authorized access is granted and any unauthorized access attempts are rejected.

Submit
34. Mrežna barijera se realizuje

Explanation

The correct answer is "može biti i softver i hardver". This means that a network barrier can be implemented using both hardware and software. This suggests that there are different ways to create a network barrier, and it can be achieved through a combination of hardware and software components.

Submit
35. Napad zlonamernim programima koji koriste ljudske slabosti naziva se:

Explanation

The correct answer is "društveni inženjering" which translates to "social engineering" in English. Social engineering refers to the tactics used by malicious programs to exploit human vulnerabilities in order to gain unauthorized access to systems or sensitive information. This can include techniques such as phishing, impersonation, or manipulation to deceive individuals into revealing confidential information or performing actions that compromise security.

Submit
36. Salt je:

Explanation

Salt je slučajna vrednost koja se dodaje na lozinku radi povećanja sigurnosti. Kada se korisnikova lozinka unese, dodaje se salt vrednost na lozinku pre nego što se izračuna njen heš. Ovo sprečava napadače da koriste prethodno izračunate heš vrednosti ili tabele heševa za dešifrovanje lozinke. Salt se čuva zajedno sa heš vrednošću u bazi podataka kako bi se mogao koristiti prilikom provere unete lozinke.

Submit
37. Autentifikacija pomoću otiska prsta je odluka na osnovu nečega:

Explanation

The correct answer is "što korisnik jeste" which translates to "what the user is" in English. This refers to the authentication method using fingerprint, where the user's identity is verified based on their unique fingerprint pattern. Unlike the other options which involve knowledge or possession, this method relies on the inherent physical characteristic of the user.

Submit
38. Zlonamerni računarski kod koji može da se integriše na postojeći program ili fajl i da se na taj način prenosi sa računara na računar naziva se:

Explanation

The correct answer is "virus." A virus is a malicious computer code that can be integrated into an existing program or file and spread from one computer to another. It is designed to cause harm, such as corrupting or deleting files, stealing personal information, or disrupting system operations. Viruses can be transmitted through various means, such as email attachments, infected websites, or shared files. Once a computer is infected, the virus can replicate itself and spread to other computers, potentially causing widespread damage.

Submit
39. Који модел PKI (Public Key Infrastructure) се користи код савремених Интернет претраживача:

Explanation

The given answer, "олигархијски модел" (oligarchic model), suggests that modern internet browsers use an oligarchic model for PKI (Public Key Infrastructure). This means that a small group of powerful entities control the issuance and management of digital certificates, which are used to verify the authenticity of websites and establish secure connections. In this model, the trust and security of the PKI system are concentrated in the hands of a few major players, rather than being distributed among a larger network of entities.

Submit
40. Zlonamerni programi koji se šire tako što navedu korisnike da pokrenu (najčešće) besplatne aplikacije za koje se kasnije pokaže da imaju funkciju različitu od očekivane nazivaju se:

Explanation

The correct answer is "trojanski konj" because it refers to malicious programs that are disguised as legitimate software or files. These programs trick users into downloading and running them, often by masquerading as free applications. Once installed, trojans can perform unauthorized actions on the user's device, such as stealing personal information or granting remote access to hackers. The term "trojanski konj" is derived from the story of the Trojan Horse, where Greek soldiers hid inside a wooden horse to gain access to the city of Troy.

Submit
41. Operativni sistem od poverenja ne mora da obezbedi:

Explanation

An operating system of trust does not necessarily need to provide a graphical interface. While a graphical interface can enhance user experience and make it easier to interact with the system, it is not a fundamental requirement for an operating system to be considered trustworthy. The other options listed, such as DAC access control, authentication/authorization, and MAC access control, are all important security features that an operating system of trust should provide.

Submit
42. Zlonamerni softver koji nenamenski troši sistemske resurse naziva se:

Explanation

The correct answer is "rabbit" because it refers to malicious software that consumes system resources unnecessarily. This type of software is often used to slow down or disrupt computer systems. Unlike trapdoors, trojans, and worms, rabbits do not typically have a specific malicious purpose but rather cause harm by consuming resources.

Submit
43. Single sign on je postupak kojim se obezbeđuje:

Explanation

Single sign on (SSO) je postupak koji omogućava korisniku da se prijavi samo jednom, a sve ostale naknadne prijave se automatski obavljaju. Ovo omogućava korisniku da pristupa različitim sistemima i aplikacijama bez potrebe za ponovnim unošenjem korisničkog imena i lozinke. SSO poboljšava korisničko iskustvo, povećava produktivnost i smanjuje rizik od zaboravljanja lozinki ili njihovog kompromitovanja.

Submit
44. Metode za zaštitu od kompromitujućeg elmg zračenja (KEMZ) obuhvataju:

Explanation

The correct answer is "filtriranje visoko frekv. komponenti napajanja" because high frequency components in power supply can contribute to compromising electromagnetic radiation. By filtering out these high frequency components, the method helps to protect against compromising electromagnetic radiation.

Submit
45. Ispravke, zakrpe i nove verzije softvera:

Explanation

The given answer states that software updates and patches fix known issues but may introduce new vulnerabilities. This means that while they address existing problems, they also have the potential to create new ones. This highlights the trade-off between fixing current issues and the risk of unintentionally introducing new flaws in the software.

Submit
46. Izabrati tačan iskaz:

Explanation

The correct answer is "i ACL lista i C lista su izvedene iz Lampsonove kontrolne matrice" which translates to "both ACL list and C list are derived from Lampson's access control matrix." This statement indicates that both ACL list and C list are derived from Lampson's control matrix, implying that they are both related to the access control mechanism proposed by Lampson.

Submit
47. Šta ne spada u osnovne zadatke NGSCB (Next Generation Secure Computing Base):

Explanation

DRM (Digital Rights Management) does not fall under the basic tasks of NGSCB (Next Generation Secure Computing Base). NGSCB focuses on strong process isolation, testing, secure data storage, and secure data transmission. DRM, on the other hand, is a technology used to protect digital content and enforce copyright restrictions. While DRM can contribute to secure computing, it is not a fundamental aspect of NGSCB.

Submit
48. AIDE naredba inicijalizacije sistema je:

Explanation

The correct answer is "$aide -c /etc/aide/aide.conf.autogenerated -i". This is the correct command for initializing the AIDE system. It specifies the configuration file to use (-c /etc/aide/aide.conf.autogenerated) and the option to initialize the database (-i).

Submit
49. Ukoliko je neprivilegovani korisnik Windows sistema George kome je dato pravo upisa u direktorijum C:\1 član grupe CannibalCorpse kojoj je dato pravo Read and Execute za taj direktorijum, da li korisnik može da upiše fajl u taj direktorijum?

Explanation

Based on the given information, the non-privileged user George, who has been given write permission to the directory C:\1, is a member of the CannibalCorpse group that has been given only Read and Execute permission for that directory. Therefore, George cannot write a file in that directory because he does not have the necessary write permission.

Submit
50. Nakon izvršenja koda: @echo off :a ping localhost>>a.txt goto :a dešava se:

Explanation

The given code is an infinite loop that continuously pings the localhost and appends the output to the "a.txt" file. This creates a Denial of Service (DOS) attack as it overwhelms the system with excessive network traffic and consumes its resources, causing it to become unresponsive or crash.

Submit
51. U Linux OS pravo 654 odgovara:

Explanation

The given answer "rw-r-xr--" represents the file permissions for the Linux OS. Each group of three characters (r, w, x) represents the permissions for the owner, group, and others respectively. In this case, the owner has read and write permissions, the group has read and execute permissions, and others have only read permissions.

Submit
52. Jedno od mogućih rešenja za single sign on je:

Explanation

A possible solution for single sign-on is a smart card. Smart cards are a secure and convenient way to authenticate users and grant them access to multiple systems and applications with just one login. They store encrypted credentials and can be easily plugged into a device or used wirelessly for authentication. By using a smart card, users can securely access various resources without the need to remember multiple usernames and passwords.

Submit
53. Koji se zlonamerni program ne zahteva nosioca?

Explanation

A worm is a type of malicious program that does not require a carrier or host file to spread and infect other systems. Unlike viruses, worms are standalone programs that can replicate and spread independently by exploiting vulnerabilities in computer networks or by using various communication channels. Therefore, a worm is the correct answer as it does not need a carrier to propagate itself.

Submit
54. Zlonamerni program koji se ugrađuje u neki koristan program i aktivira se kada se ispune odgovarajući uslovi naziva se:

Explanation

A logička bomba refers to a malicious program that is embedded within a useful program and is triggered when specific conditions are met. Unlike viruses or worms, which can spread and replicate themselves, a logička bomba is designed to remain dormant until a specific event or trigger occurs. Once activated, it can cause damage to the system or data. Therefore, a logička bomba is the correct answer in this context.

Submit
55. Nedostatak fizičke podele resursa je to što:

Explanation

The answer "je skupo i nepraktično" suggests that the lack of physical resource partitioning is expensive and impractical. This means that implementing a system without dividing resources can be costly and not efficient in terms of resource allocation. It implies that without proper resource division, there may be wastage of resources and inefficiencies in their utilization.

Submit
56. AIDE naredba provere sistema je:

Explanation

The correct answer is "$aide -c /etc/aide/aide.conf.autogenerated -C" because this command is used to run the AIDE (Advanced Intrusion Detection Environment) system check. It specifies the configuration file to be used (-c /etc/aide/aide.conf.autogenerated) and performs a check of the file integrity database (-C). This command helps to ensure the security and integrity of the system by comparing the current state of files with a previously generated database.

Submit
57. U listama za kontrolu pristupa mrežne barijere paketi mogu da se filtriraju na osnovu:

Explanation

In network access control lists, packets can be filtered based on the source and destination IP addresses and ports. This means that the firewall can examine the source and destination IP addresses and the specific ports being used in order to determine whether to allow or block the packet. This is a common method of filtering traffic and controlling access to a network. MAC addresses and domains are not typically used for packet filtering in this context, and the physical layer protocol is not relevant for this type of filtering.

Submit
58. Autentifikacija koja zahteva sve tri stavke (nešto što se zna, ima i jeste) naziva se

Explanation

The correct answer is "trofaktorska" because it refers to authentication that requires three elements (something you know, something you have, and something you are). This type of authentication provides a higher level of security compared to single-factor or two-factor authentication methods.

Submit
59. Једна од непожељних особина генератора псеудо случајних бројева је:

Explanation

The correct answer is "периодичност" (periodicity). This refers to the undesirable characteristic of pseudo-random number generators where the sequence of generated numbers repeats after a certain period. This can be problematic for certain applications, such as generating one-time passwords (OTP) for encryption, as it increases the likelihood of predicting future numbers in the sequence based on previous numbers.

Submit
60. Čemu služi komanda sudo -u wcoyote jed /home

Explanation

The command "sudo -u wcoyote jed /home" is used to execute the command "jed /home" as the user "wcoyote". The "sudo" command allows the user to run commands with the privileges of another user, in this case, "wcoyote". So, the correct answer is that the user who runs the command executes "jed /home" as the user "wcoyote".

Submit
61. Šta se dešava sa RAM memorijom po isključenju računara?

Explanation

After the computer is shut down, there may still be residual charges in the RAM memory for a short period of time. These residual charges can be used to retrieve sensitive data that was stored in the RAM before the computer was turned off.

Submit
62. U praksi, kao najprihvatljivije rešenje za izbor lozinki pokazao se izbor:

Explanation

The most acceptable solution for password selection has been found to be based on phrases. This means that creating passwords using phrases or combinations of words is considered to be a good practice. This is because phrases are easier to remember compared to random combinations of characters, and they also tend to be more secure as they are longer and can include a mix of uppercase and lowercase letters, numbers, and special characters.

Submit
63. U praksi, biometrijsku autentifikaciju je najbolje vršiti pomoću:

Explanation

Biometrijska autentifikacija je najbolje vršiti pomoću otiska prsta jer otisak prsta je jedinstven za svaku osobu i teško ga je falsifikovati. Osim toga, otisak prsta je lako dostupan i jednostavan za skeniranje i upoređivanje sa bazom podataka. Karakteristike irisa takođe mogu biti korisne za biometrijsku autentifikaciju, ali skeniranje irisa zahteva posebne uređaje i može biti komplikovano za korišćenje u svakodnevnoj praksi. Geometrija dlana može biti korisna, ali nije toliko precizna kao otisak prsta.

Submit
64. Da bi se postavio IDS zasnovan na anomalijama neophodno je:

Explanation

In order to set up an anomaly-based IDS (Intrusion Detection System), it is necessary to first define the "normal" behavior of the system being protected. This involves understanding the typical patterns and activities that occur within the system under normal circumstances. By establishing this baseline, the IDS can then effectively identify any deviations or anomalies that may indicate potential attacks or security breaches. Defining priorities for protection and establishing a database of known attacks are also important steps in setting up an IDS, but they are not specifically related to the initial definition of normal behavior.

Submit
65. ! u konfiguracijskoj datoteci aide.conf znači:

Explanation

In the configuration file aide.conf, the phrase "da se naredba posle nje ne proverava" means that the command following it will not be checked. This suggests that the configuration file has a specific rule or setting that allows certain commands to be skipped or ignored during the checking process.

Submit
66. Slučajna vrednost (salt) koja se pridružuje lozinkama je:

Explanation

The random value (salt) that is associated with passwords is public. This means that it is not kept secret and can be known by anyone.

Submit
67. Sadržaj SMART kartice je moguće očitati

Explanation

The content of a SMART card can be read either through direct contact or via radio waves. This means that the information stored on the card can be accessed by physically connecting a card reader to the card's contacts or by using radio frequency identification (RFID) technology to wirelessly communicate with the card.

Submit
68. Buffer overflow može da se zloupotrebi (između ostalog):

Explanation

Buffer overflow može da se zloupotrebi ubacivanjem zlonamernog koda. Buffer overflow je sigurnosna ranjivost koja se javlja kada se prekorači ograničena memorija bafera i podaci se preplave u susedne memorijske lokacije. Ovo omogućava napadaču da ubaci zlonamerni kod u preplavljeni bafer i izvrši ga. Ova ranjivost nije ograničena na određeni operativni sistem ili dostupnost izvornog koda softvera, već može biti iskorišćena na različitim platformama i aplikacijama.

Submit
69. Za prisluškivanje naponskih nivoa provodnika:

Explanation

The correct answer states that voltage levels can be reconstructed without direct contact with the cable by measuring electromagnetic radiation. This suggests that it is possible to determine the voltage levels of a conductor without physically touching or connecting to it, by using the electromagnetic signals emitted by the cable.

Submit
70. Zlonamerni programi koji omogućavaju neautorizovan pristup sistemu nazivaju se:

Explanation

The correct answer is "trapdoor (backdoor)". Trapdoor or backdoor programs are malicious software that allow unauthorized access to a system. These programs are designed to bypass normal authentication and security measures, giving attackers a secret entry point into the system. They can be used to steal sensitive information, control the system remotely, or launch further attacks.

Submit
71. Maskiranje koda je tehnika koja se koristi da:

Explanation

Maskiranje koda je tehnika koja se koristi kako bi se kod učinio teško razumljivim. Ovo se može postići korišćenjem različitih tehnika kao što su enkripcija, obfuscation ili kompilacija u mašinski jezik. Cilj maskiranja koda je otežavanje razumevanja i analize koda od strane neovlašćenih osoba, što može pomoći u zaštiti intelektualne svojine ili otežavanju pronalaženja sigurnosnih propusta.

Submit
72. Jedna od prednosti segmentacije memorije kao metode zaštite je:

Explanation

Segmentation of memory allows for different levels of protection for different segments. This means that different segments can have different levels of access control and security measures in place. This can be beneficial in scenarios where different parts of the memory need different levels of protection based on their importance or sensitivity. It provides flexibility in implementing security measures and allows for a more tailored approach to memory protection. This advantage of segmentation does not require tracking changes in segment size, does not require significant involvement from the operating system, and does not require changing the location of the segment.

Submit
73. Pravo x nad direktorijumom u Linux OS znači:

Explanation

The correct answer is "pozicioniranje, prikazivanje dugog listinga i pretraživanje". This means that having "pravo x nad direktorijumom" in Linux OS allows the user to navigate to and view the contents of the directory, display a long listing of the directory's contents, and search for specific files or directories within it.

Submit
74. Nakon izvršenja koda: @echo off :a dir>>a.txt goto :a :

Explanation

After executing the given code, the file "a.txt" does not change in size.

Submit
75. Na sigurnost operativnog sistema opšte namene broj linija programskog koda kernela utiče na sledeći način:

Explanation

A smaller number of lines of code reduces the possibility of errors and makes it easier to solve problems and vulnerabilities.

Submit
76. Korisnički softver se često plasira na tržište po sledećem principu:

Explanation

The correct answer suggests that software is developed quickly to be presented to customers as soon as possible, and any mistakes or errors are fixed later. This approach allows companies to reduce costs by minimizing investment in post-release bug fixes.

Submit
77. CAPTCHA je:

Explanation

The correct answer is "test za restrikciju pristupa za automatizovane sisteme" which translates to "a test for restricting access for automated systems." This suggests that CAPTCHA is a method used to verify that the user accessing a system is not a robot or automated program. It presents challenges or puzzles that are difficult for automated systems to solve but can be easily completed by humans. By successfully completing the CAPTCHA, the user proves that they are a human and not a malicious software or automated program trying to gain unauthorized access.

Submit
78. Čemu služi komanda chattr -i  /etc/passwd?

Explanation

The chattr -i command in Linux is used to remove the immutable attribute from a file, which means it allows modifications to be made to the file. In this case, the command chattr -i /etc/passwd would allow users with the appropriate permissions to modify the contents of the /etc/passwd file.

Submit
79. Idealna biometrija ne podrazumeva:

Explanation

Ideal biometrics does not require the mandatory use of passwords because biometric authentication relies on unique physical or behavioral characteristics of an individual, such as fingerprints or facial recognition, to verify their identity. The use of passwords is an additional layer of security that is not necessary in an ideal biometric system.

Submit
80. Stalno ažuriranje IDS-a zasnovanog na potpisu je:

Explanation

Updating a signature-based IDS is necessary because signatures are used to identify known patterns of malicious activity. Without regular updates, the IDS would not be able to detect new and emerging threats, leaving the system vulnerable. Regular updates ensure that the IDS has the latest signatures to effectively identify and block potential attacks, making it an essential practice for maintaining the security of the system.

Submit
81. Sigurnosni protokol koji je zasnovan na poverenju u treću stranu je

Explanation

Kerberos is a security protocol that is based on the concept of trusting a third party. It provides authentication and secure communication between clients and servers in a network. Kerberos uses a ticket-based system where clients request tickets from a trusted authentication server to access services on a network. These tickets are then presented to the desired server for authentication. By using this trusted third party, Kerberos ensures secure and reliable communication between entities in a network.

Submit
82. U modelu sigurnosti sa više nivoa:

Explanation

In the given security model with multiple levels, each object is assigned a degree of confidentiality. This means that every object in the system is given a specific level of importance or sensitivity, regardless of its type. This ensures that every object is protected and classified according to its level of confidentiality, allowing for proper access control and security measures to be implemented.

Submit
83. Kod challenge-response autentifikacije, ukoliko Boban želi da autentifikuje Anu on joj šalje:

Explanation

In the challenge-response authentication, Boban sends Ana a random value. This random value is used to verify Ana's identity. By sending a random value, Boban ensures that the authentication process is secure and cannot be easily replicated by an attacker. The random value adds an additional layer of security to the authentication process, making it more difficult for unauthorized individuals to gain access.

Submit
84. Logičke bombe su posebna vrsta:

Explanation

Logičke bombe su posebna vrsta trojanskog konja. Trojanski konj je zlonamjerni softver koji se maskira kao legitimni program kako bi prevario korisnike i omogućio napadačima pristup njihovim računalima ili podacima. Logičke bombe su programi koji se aktiviraju u određenim uvjetima ili događajima, često uzrokujući štetu ili blokiranje sustava. Stoga, odgovor "trojanskog konja" je točan jer logičke bombe spadaju u tu kategoriju zlonamjernog softvera.

Submit
85. Kod obavezne kontrole pristupa ko određuje prava pristupa objektu?

Explanation

The correct answer is "administrator sistema". The question is asking who determines the access rights to an object, and the most logical answer is the system administrator. The system administrator is responsible for managing user accounts, setting permissions, and controlling access to various resources and objects within the system. They have the authority to grant or revoke access privileges based on the user's role and responsibilities.

Submit
86. Kod loših softverskih rešenja i softvera sa propustima, ako postoji jaka kriptografska zaštita u pozadini

Explanation

The given answer states that strong cryptography cannot provide security for user data in the case of poor software. This is because even if the encryption is strong, if the software itself has vulnerabilities or flaws, it can still be exploited by attackers to gain access to the encrypted data. Therefore, the security of user data relies not only on strong cryptography but also on the overall quality and security of the software implementation.

Submit
87. Faza prepoznavanja je faza kod:

Explanation

The correct answer is "autentifikacije koja se zasniva na nečemu što jeste." This refers to authentication based on something you are, such as biometric data like fingerprints or facial recognition.

Submit
88. Prednosti metode za detekciju zlonamernih programa koja se zasniva na praćenju promena je to što:

Explanation

The advantage of the method for detecting malicious programs based on monitoring changes is that it can detect previously unknown malicious programs. This means that even if a malicious program has not been identified or added to a database of known threats, this method can still identify and detect it. This is a valuable feature as it allows for proactive detection and protection against emerging threats. Additionally, this method does not require the involvement of the user, making it a convenient and efficient way to detect and mitigate the risks posed by malicious programs.

Submit
89. Šta od sledećeg ne prati stanje konekcije?

Explanation

A stateless packet filter does not keep track of the connection state. It examines each packet individually based on predetermined rules, such as source and destination IP addresses, ports, and protocols. It does not maintain any information about previous packets or connections. This makes it less resource-intensive and faster than stateful packet filters, which keep track of the connection state and can make decisions based on the entire communication session. Proxi server and NAT, on the other hand, can both keep track of connection states.

Submit
90. Koju od dole navedenih usluga ne pruža mrežna barijera?

Explanation

The correct answer is "sprečavanje prekoračenja bafera" (prevention of buffer overflow). This is because a network barrier, such as a firewall or proxy server, is not responsible for preventing buffer overflow. Buffer overflow is a programming vulnerability that occurs when a program writes data outside the bounds of a buffer, potentially leading to security breaches or crashes. It is the responsibility of the software developers to implement measures to prevent buffer overflow, not the network barrier.

Submit
91. Sesijski ključ je:

Explanation

The correct answer is "simetrični ključ samo za jednu komunikaciju" because a sesijski ključ refers to a symmetric key that is used only for one communication session. This means that the key is generated for a specific session and is not used for any other communication.

Submit
92. Тајност комуникација је:

Explanation

The correct answer is "загарантовано право" (guaranteed right). This means that the secrecy of communication is a right that is ensured or guaranteed.

Submit
93. Open source code u odnosu na softver zatvorenog koda u pogledu ukupne sigurnosti:

Explanation

Open source code and closed source code provide equal solutions in terms of overall security.

Submit
94. Informacije o promeni sistema AIDE skladišti:

Explanation

The correct answer is "prvo u bazu aide.db.new ali se potom mora ručno iskopirati u aide.db". This means that the changes in the AIDE system storage are first made in the aide.db.new database, but then they need to be manually copied into the aide.db database. This suggests that the changes are not automatically reflected in the main database and require a manual step for them to take effect.

Submit
95. Koje od sledećih svojstava nije poželjno za sigurnosni protokol:

Explanation

The correct answer is that it is not desirable for a security protocol to be as complicated and computationally complex as possible. This is because overly complex protocols can be more difficult to implement correctly and can introduce more opportunities for vulnerabilities and errors. It is generally preferred for security protocols to be simple and efficient, while still providing the necessary level of security.

Submit
96. Bitno svojstvo IDS-a zasnovanog na potpisu je:

Explanation

The correct answer is "brzo i jednostavno otkrivanje već poznatih napada." This is because IDS (Intrusion Detection System) based on signatures is designed to quickly and easily detect known attacks. It does this by comparing network traffic or system activity against a database of known attack signatures. When a match is found, the IDS raises an alert to notify the administrator. This approach is efficient for detecting known attacks but may not be effective in detecting unknown or novel attacks.

Submit
97. Kada se matrica kontrole pristupa podeli na kolone:

Explanation

When the access control matrix is divided into columns, it results in access control lists (ACLs). ACLs are used to specify the permissions and restrictions for different users or groups on a system or network resource. Each column in the matrix represents a specific resource or object, and the rows represent different users or groups. By dividing the matrix into columns, it allows for easier management and assignment of access rights to specific resources.

Submit
98. NGSCB je deo operativnog sistema koji:

Explanation

The correct answer states that NGSCB supports the hardware technology of TCG members. This means that NGSCB is designed to work with the hardware technology provided by the Trusted Computing Group (TCG). It does not specify that NGSCB is implemented in Linux OS, uses symmetric cryptography, or is intended only for closed systems.

Submit
99. Teoretski, biometrisku autentifikaciju je najbolje vršiti pomoću:

Explanation

Biometric authentication is best performed using iris characteristics because the iris is a unique and stable feature of an individual's eye. Iris recognition technology analyzes the patterns in the colored part of the eye to create a biometric template that can be used for identification purposes. Unlike fingerprints or palm geometry, the iris remains unchanged throughout a person's lifetime, making it a reliable and secure method of authentication.

Submit
100. PGP koristi:

Explanation

PGP (Pretty Good Privacy) koristi simetrične algoritme za brzu i efikasnu enkripciju podataka. Također koristi asimetrične algoritme za sigurnu razmjenu ključeva između pošiljaoca i primatelja. Kompresija se također koristi kako bi se smanjila veličina podataka i poboljšala brzina prijenosa. Kombinacija ovih tehnika pruža visoku razinu sigurnosti i učinkovitosti u zaštiti privatnosti podataka.

Submit
101. Mrežna barijera koja može da spreči širenje zlonamernog softvera:

Explanation

An application proxy is a type of network barrier that can prevent the spread of malicious software. It acts as an intermediary between a client and a server, inspecting and filtering network traffic at the application layer. By analyzing the content and behavior of the traffic, an application proxy can detect and block any malicious software attempting to enter the network. Unlike a packet filter or a stateful packet filter, an application proxy offers more advanced security features and can provide better protection against sophisticated threats.

Submit
102. Da bi se otežao BOBE ("break once, break everywhere") napad koristi se:

Explanation

Metamorphic software is used to complicate the BOBE (break once, break everywhere) attack. Metamorphic software is capable of automatically changing its code structure and behavior while maintaining its original functionality. This makes it difficult for attackers to analyze and understand the software, as it constantly evolves and adapts. By using metamorphic software, the effectiveness of the BOBE attack is reduced, as it becomes harder for attackers to find and exploit vulnerabilities in the software.

Submit
103. Sigurnost podataka koji se nalaze na Smart karticama se postiže:

Explanation

Data security on smart cards is achieved through encryption. Encryption is the process of converting data into a form that cannot be easily understood by unauthorized individuals. By encrypting the data on smart cards, it becomes unreadable to anyone who does not have the necessary decryption key. This ensures that the data remains secure and protected from unauthorized access or tampering.

Submit
104. Jedan od nedostataka segmentacije memorije kao metode zaštite je to što:

Explanation

Segmentation of memory as a protection method can lead to memory fragmentation. Memory fragmentation occurs when memory is divided into small, non-contiguous segments, leading to inefficient memory utilization. This can result in wasted memory space and reduced performance.

Submit
105. Autorizacija je proces kojim se ispituje:

Explanation

The correct answer is "prava korisnika koji pristupa sistemu." Authorization is the process of determining the privileges or rights that a user has when accessing a system. It involves verifying and granting access based on the user's identity and the permissions they have been assigned. This ensures that users only have access to the resources and actions that they are authorized to use, protecting the system from unauthorized access or misuse.

Submit
106. Visokofrekventno elektromagnetno zračenje računara:

Explanation

The given answer states that high-frequency electromagnetic radiation from computers can carry enough information to compromise a system. This means that even though it may be considered as "white noise" and not carry useful information, it still has the potential to be used maliciously to gain unauthorized access or compromise the security of a system. It suggests that careful software design is necessary to control and mitigate the risks associated with this type of radiation.

Submit
107. Prednosti antivirusa koji detektuje zlonamerne programe na osnovu potpisa su:

Explanation

Antivirus programs that detect malicious software based on signatures have the advantage of easily and quickly detecting known malicious code with minimal user involvement. They are sensitive to suspicious actions of programs and can identify malware based on a set of rules. Additionally, they require a small signature database that covers a large number of malicious code, making them fast. They can also easily detect variations and new versions of malicious code based on known signatures.

Submit
108. Timestamp je podatak koji se koristi u bezbednosnim protokolima:

Explanation

The timestamp is used in security protocols to prevent a replay attack, where an attacker intercepts and retransmits a previously valid message. By including a timestamp in the message, the recipient can verify that the message is not a replayed one, as the timestamp will be different. This helps ensure the integrity and authenticity of the communication, as any attempt to resend a message will be detected and rejected.

Submit
109. Jedan (od nekoliko) preduslova za postojanje tajnog kanala je da:

Explanation

The correct answer states that one of the prerequisites for the existence of a secret channel is that the receiver and transmitter share some common resources. This means that in order for the secret channel to function properly, both the receiver and transmitter need to have access to and utilize the same resources. These shared resources could include hardware, software, or any other components necessary for the communication between the two parties. By sharing these resources, the receiver and transmitter can establish and maintain the secret channel effectively.

Submit
110. Samomodifikujući kod:

Explanation

The correct answer is "ima sposobnost da menja svoju izvršnu verziju nakon svakog izvršavanja". This means that self-modifying code has the ability to change its executable version after each execution. This characteristic allows the code to adapt and evolve based on its own behavior and the environment in which it is running. By modifying its executable version, the code can improve its performance, fix bugs, or add new features dynamically.

Submit
111. Kod diskrecione kontrole pristupa ko određuje prava pristupa objektu?

Explanation

The correct answer is "vlasnik objekta" (owner of the object). In the context of discretionary access control, the owner of an object has the authority to determine the access rights for that object. This means that the owner has the power to grant or deny access to other users or entities. The owner's decisions regarding access rights are independent of the operating system, system administrator, or any other external factors.

Submit
112.
  • Dat je primer liste za kontrolu pristupa u pseudo kodu:
  • 10 allow from 192.168.1.10
  • 20 deny from 192.168.1.0 /24
  • 30 deny all
  • Šta će se desiti sa paketom sa sledeće adrese?
  • 192.168.1.10

Explanation

The packet with the address 192.168.1.10 will be forwarded because it matches the rule 10 which allows access from that specific IP address.

Submit
113. Metamorfični zlonamerni program:

Explanation

The correct answer is "menja svoj oblik ali zadržava funkcionalnost pre nego što inficira novi sistem". This means that a metamorphic malware changes its shape but retains its functionality before infecting a new system. This type of malware is capable of modifying its code and structure, making it difficult to detect and analyze by antivirus software. By changing its form, the malware can evade detection and continue to spread to other systems while maintaining its harmful capabilities.

Submit
114. Kada se matrica kontrole pristupa podeli na vrste:

Explanation

When the access control matrix is divided into types, it allows for the creation of lists of shared rights (CL). This means that by dividing the matrix into types, a list of shared rights can be obtained.

Submit
115. DRM:

Explanation

The correct answer is "u nekim slučajevima koristi neetičke rootkit alate" which translates to "in some cases, it uses unethical rootkit tools." This suggests that DRM (Digital Rights Management) may employ certain methods that are considered unethical, such as using rootkit tools. Rootkit tools are often associated with malicious intent, as they allow unauthorized access and control over a computer system. Therefore, the use of these tools in DRM can be seen as a questionable practice.

Submit
116. Zbog načina na koji mrežna barijera pregleda stavke iz liste za kontrolu pristupa preporučljivo je praviti listu na sledeći način:

Explanation

The correct answer states that rules should be arranged from more specific to more general. This is because the network barrier checks the items in the access control list in the order they are listed. By starting with more specific rules, it ensures that those rules are evaluated first and take precedence over more general rules.

Submit
117. Kod velikih sistema direktna primena Lampsonove matrice je:

Explanation

The correct answer is "složena i spora za izvršenje" which translates to "complex and slow to execute" in English. This suggests that the direct application of Lampson's matrix in large systems is complicated and time-consuming.

Submit
118. Primenom disasemblera od binarnog koda dobija se:

Explanation

When disassembling binary code, the result obtained is an imprecise assembly code. Disassembling involves converting machine code back into assembly code, but the process is not perfect and can result in some loss of information or accuracy. Therefore, the correct answer is "neprecizan asemblerski kod" which translates to "imprecise assembly code" in English.

Submit
119. Izabrati tačan iskaz:

Explanation

SSL (Secure Sockets Layer) is a protocol that provides secure communication over the internet. It operates at the socket level, which means it is implemented as part of the user space. This allows applications to use SSL to establish secure connections between client and server. By operating at the socket level, SSL can encrypt the data transmitted between the two endpoints, ensuring confidentiality and integrity. Therefore, the statement "SSL postoji na socket nivou (deo je korisničkog prostora)" is correct.

Submit
120. Mane antivirusa koji detektuje zlonamerne programe na osnovu potpisa su:

Explanation

Antivirus software that detects malicious programs based on signatures cannot detect new and variable malware programs. This is because the signature database can become large, which slows down the system.

Submit
121. TCP protokol ne bi trebao da se koristi za autentifikaciju jer:

Explanation

The correct answer is "upotreba IP adrese za autentifikaciju ima ozbiljne sigurnosne nedostatke" (the use of IP address for authentication has serious security vulnerabilities). This is because IP addresses can be easily spoofed or manipulated, making it unreliable for authenticating users or devices. Attackers can impersonate legitimate IP addresses, bypassing any authentication measures based on IP addresses. Therefore, using IP addresses for authentication can compromise the security of the system.

Submit
122. Ako administrator mrežne barijere želi da dopusti web servis klijentima, standardno treba da napravi pravilo:

Explanation

The correct answer is "Koje propušta odredišni port web servisa 80". This rule allows the network barrier administrator to allow access to the web service for clients by allowing traffic on the destination port 80, which is the default port for HTTP communication. This rule specifically targets the destination port of the web service, ensuring that any incoming traffic on port 80 is allowed.

Submit
123. Model granične adrese je model koji se koristi za

Explanation

The correct answer is "zaštitu memorije". The given question is in Croatian and it asks for the explanation of the correct answer. The phrase "zaštitu memorije" translates to "memory protection" in English. In computer systems, the memory protection model is used to ensure that processes or programs do not interfere with each other's memory space, preventing unauthorized access or modification of memory locations. This helps in maintaining the stability and security of the system.

Submit
124. Ticket Granting Ticket (TGT) je pojam vezan za sledeći protokol:

Explanation

Kerberos is the correct answer because Ticket Granting Ticket (TGT) is a concept associated with the Kerberos protocol. Kerberos is a network authentication protocol that uses tickets to authenticate users and provide secure communication over a non-secure network. The TGT is obtained by the client after successfully authenticating to the Key Distribution Center (KDC) and is used to request service tickets for accessing different resources within the network. Therefore, the TGT is specific to the Kerberos protocol and not related to TCP, IPSec, or SSL.

Submit
125.
  • Dat je primer liste za kontrolu pristupa u pseudo kodu:
  • 10 allow from 10.0.0.0 /8
  • 20 allow from 192.168.1.0 /24
  • 30 deny all
  • Šta će se desiti sa paketom sa sledeće adrese?
  • 192.168.1.12

Explanation

The packet with the address 192.168.1.12 will be forwarded according to rule 20, which allows traffic from the subnet 192.168.1.0/24.

Submit
126.
  • Dat je primer liste za kontrolu pristupa u pseudo kodu:
  • 10 allow from 192.168.1.0 /24
  • 20 deny from 192.168.1.100
  • 30 deny all
  • Šta će se desiti sa paketom sa sledeće adrese?
  • 192.168.2.10

Explanation

The packet with the address 192.168.2.10 will be discarded because of rule 30, which denies all packets.

Submit
127. IKE (Internet Key Exchange) i ESP/AH (Encapsulating Security Payload/Authentication Header) su dve celine:

Explanation

IKE (Internet Key Exchange) and ESP/AH (Encapsulating Security Payload/Authentication Header) are two components of the IPsec (Internet Protocol Security) protocol. IPsec is a suite of protocols used to secure internet communications at the network layer. IKE is responsible for establishing secure communication channels and negotiating encryption keys between two parties. ESP/AH are used for providing data integrity, authentication, and confidentiality of IP packets. Therefore, the correct answer is IPsec protocol.

Submit
128. Nedostatak IDSa za detekciju anomalija je to što

Explanation

An IDS (Intrusion Detection System) is designed to detect and respond to potential security breaches or unauthorized access to a computer network. However, one drawback of IDS is that it can generate too many false alarms. This means that the system may mistakenly identify normal network activities as suspicious or malicious, leading to unnecessary alerts and potentially overwhelming the security team. This can be problematic as it may cause the team to overlook genuine threats or waste time and resources investigating false positives. Therefore, the excessive generation of false alarms is a limitation of IDS for anomaly detection.

Submit
129. Izabrati tačan iskaz:

Explanation

The correct answer is "straničenje deli memoriju na segmente fiksne veličine a segmentacija na segmente promenljive veličine." This statement correctly explains that paging divides memory into fixed-size segments, while segmentation divides memory into variable-size segments.

Submit
130. Prednost mrežne barijere tipa packet filter je:

Explanation

The correct answer is "ne usporava saobraćaj (efikasnost)". This means that the advantage of a packet filter network barrier is that it does not slow down traffic, thus maintaining efficiency.

Submit
131. Cilj savršene sigurnosti unazad (PFC) je:

Explanation

The goal of perfect forward secrecy (PFS) is to prevent unauthorized individuals from decrypting previously exchanged messages, even if they later obtain the secret key. This means that even if an attacker gains access to the secret key, they will not be able to decrypt past communications. PFS provides an additional layer of security by ensuring that past messages remain confidential, even in the event of a compromised key.

Submit
132. Čemu služi komanda iptables -A FORWARD -d 172.16.32.2 --dport http -j DROP ?

Explanation

The given command "iptables -A FORWARD -d 172.16.32.2 --dport http -j DROP" is used to block the passage of packets from the address 172.16.32.2 to port 80 on the server they are intended for. This means that any HTTP traffic from the specified address to the specified port on the destination server will be denied or blocked.

Submit
133. Izabrati tačan iskaz:

Explanation

IPSec postoji na mrežnom nivou (deo je operativnog sistema) znači da IPSec funkcioniše na nivou operativnog sistema, što znači da je deo same infrastrukture mreže. To omogućava da IPSec obezbedi sigurnu komunikaciju na mrežnom nivou, štiteći podatke koji se prenose između različitih uređaja. Ova opcija je tačna jer IPSec zaista postoji na mrežnom nivou i integrisan je u operativni sistem.

Submit
134. Kod operativnih sistema opšte namene preporučljivo je da aktivnosti i mehanizmi od značaja za sigurnost budu implementirani na:

Explanation

It is recommended that activities and mechanisms related to security in general-purpose operating systems should be implemented in a single layer in order to simplify and expedite analysis and correction. This approach allows for easier identification and resolution of security vulnerabilities, as well as faster response to potential threats. By consolidating security measures into a single layer, it also reduces complexity and potential conflicts between different security mechanisms.

Submit
135. Smart kartica obezbeđuje:

Explanation

The smart card provides triple authentication, meaning it requires three forms of verification to grant access or authentication. This level of security helps ensure that only authorized individuals can access the system or information protected by the smart card.

Submit
136. Timestamp:

Explanation

The given correct answer states that a timestamp is a piece of data that represents the current time and is used in security protocols. This means that a timestamp is used to record and track the timing of events in order to ensure the security and integrity of communication. It is an important component in security protocols as it helps in preventing replay attacks and maintaining synchronization between different systems.

Submit
137. Hardware-based debugging (HardICE):

Explanation

The correct answer states that "Hardware-based debugging (HardICE)" is a debugger whose activities are difficult to detect. This means that HardICE is a type of debugger that operates at the hardware level and makes it challenging for other programs or systems to identify its presence or activities.

Submit
138. U biometrijskim sistemima prilikom autentifikacije (verifikacije) :

Explanation

In biometric systems, there are two phases of authentication (verification). This means that during the process of verifying someone's identity using biometric data, there are two distinct stages or steps involved. The question does not provide any information about the specific phases or what they entail, but it states that there are two phases in total.

Submit
139. Ako je IDS detektovao napad koji se desio taj događaj se označava kao:

Explanation

If the IDS (Intrusion Detection System) has detected an attack correctly, it means that it has correctly identified the occurrence of an actual attack. This is referred to as a True Positive (TP) in the context of IDS. True Positive means that the system has correctly identified the presence of a positive condition, in this case, the detection of an attack.

Submit
140. Ako je u konfiguracijskoj datoteci aide.conf zadato pravilo: low=s+shal+c i ako je primenjeno na datoteku primer, i ako istoj datoteci promenimo prava:

Explanation

The given answer states that AIDE will register the change without specifying and providing information about mtime. This suggests that AIDE will detect and record the modification made to the file "primer" in the configuration file "aide.conf", but it will not include details about the modification time (mtime).

Submit
141. Reverzni inženjering je tehnika koja se koristi za:

Explanation

Reverzni inženjering se koristi za analizu exe fajlova. Ova tehnika omogućava da se prouči izvršni fajl i razume njegova struktura, funkcionalnost i algoritmi koje koristi. Analiza exe fajlova može biti korisna za otkrivanje sigurnosnih propusta, pronalaženje grešaka ili optimizaciju performansi. Kroz reverzni inženjering, istraživači mogu dobiti dublji uvid u rad programa i identifikovati njegove karakteristike i funkcionalnosti.

Submit
142.
  • Dat je primer liste za kontrolu pristupa u pseudo kodu:
  • 10 allow from 192.168.1.0 /24
  • 20 deny from 192.168.2.10
  • 30 deny all
  • Šta će se desiti sa paketom sa sledeće adrese?
  • 192.168.2.20

Explanation

The packet with the address 192.168.2.20 will be discarded because of the rule 30, which denies all access.

Submit
143. Jedan od osnovnih problema koje operativni sistem treba da reši je efikasna podela resursa računara. Podela kod koje samo jedan korisnik/proces u jednom trenutku može da koristi resurs naziva se:

Explanation

The given correct answer is "privremena". This answer is correct because it accurately describes the situation where only one user/process can use a resource at a time. This type of resource allocation is temporary and allows exclusive access to the resource for the user/process currently using it.

Submit
144. Фејстелова шифра (мрежа) представља:

Explanation

The correct answer is "једно идејно решење блоковске шифре" which translates to "an conceptual solution for a block cipher". This means that the Feistel cipher (network) represents a conceptual solution for a block cipher, indicating that it is a specific approach or design for implementing a block cipher algorithm.

Submit
145. TCB (Trusted Computing Base) je:

Explanation

TCB (Trusted Computing Base) refers to a set of protective mechanisms implemented in an operating system that are believed to provide security requirements. These mechanisms are designed to ensure the security and integrity of the system, protecting it from unauthorized access and malicious activities. The TCB is responsible for maintaining the security of critical operations and is considered a trusted component within the operating system. It includes various security measures, such as access control, authentication, encryption, and auditing, that work together to provide a secure computing environment.

Submit
146.
  • Dat je primer liste za kontrolu pristupa u pseudo kodu:
  • 10 deny from 192.168.0.0 /24
  • 20 allow from 192.168.0.10
  • 30 deny all
  • Šta će se desiti sa paketom sa sledeće adrese?
  • 192.168.0.10

Explanation

The packet with the address 192.168.0.10 will be discarded because of rule 10, which denies access from the IP range 192.168.0.0/24.

Submit
147. Liste za kontrolu pristupa mrežne barijere se koriste za filtriranje paketa tako što se:

Explanation

The correct answer states that access control lists for network barriers are used to filter packets by sequentially checking rules and searching for the first match with the packet parameters, after which the rest of the list is ignored. This means that the firewall or network device will stop evaluating the rules once it finds a match, improving efficiency and performance.

Submit
148. Kada je reč o autentifikaciji s javnim ključem nije bezbedno:

Explanation

When it comes to public key authentication, it is not secure to encrypt and then sign using a random value. This is because an attacker could potentially intercept the message, modify the encrypted part, and then re-sign it using the same random value. On the other hand, encrypting and then signing using a timestamp provides a higher level of security. This ensures that the message remains intact and unmodified during transit, as the timestamp can be verified to ensure the message was not tampered with.

Submit
149. ChallengeResponse je:

Explanation

ChallengeResponse je protokol za autentifikaciju.

Submit
150. Debugger je alat koji:

Explanation

A debugger is a tool that allows for tracking the execution of a program and analyzing the resources it uses. It helps in identifying and fixing bugs or errors in the program while it is running. It does not enable an attacker to intentionally implement bugs in binary files or provide dynamic tracking of source code without a binary file.

Submit
151. Nedostatak metamorfičnog softvera je:

Explanation

The lack of metamorphic software makes it difficult to track and correct any potential errors.

Submit
152.
  • Dat je primer liste za kontrolu pristupa u pseudo kodu:
  • 10 deny from 192.168.1.0 /24
  • 20 allow from 192.168.1.10
  • 30 deny all
  • Šta će se desiti sa paketom sa sledeće adrese?
  • 192.168.1.10

Explanation

The packet with the address 192.168.1.10 will be discarded because of rule 10 in the access control list.

Submit
153. Pri analizi paketa pristiglog na mrežnu barijeru dolazi do poklapanja sa jednim od pravila liste za konrolu pristupa. Koje su dalje akcije mrežne barijere?

Explanation

The network barrier executes the action associated with the rule that matches the packet and ignores the rest of the list.

Submit
154. Jedan od osnovnih problema koje operativni sistem treba da reši je efikasna podela resursa računara. Podela kod koje svi korisnici/procesi mogu da koriste sve resurse ali su podaci razumljivi samo vlasniku dok su za ostale nerazumljivi naziva se:

Explanation

The term "kriptografska" refers to a type of resource allocation where all users/processes can access the resources, but the data is only understandable to the owner and not to others. This implies that the data is encrypted or encoded in a way that only the owner can decrypt or decode it. This ensures that the data remains confidential and secure, providing an effective solution for resource division in an operating system.

Submit
155. Model sigurnosti sa više nivoa je pojam koji se odnosi na uvođenje:

Explanation

The correct answer is "različitih stepena tajnosti resursa" because the concept of a multi-level security model refers to the implementation of different levels of confidentiality for resources. This means that different resources within the system will have varying degrees of secrecy or sensitivity, and access to these resources will be restricted based on their level of confidentiality.

Submit
156. Kod protokola Kerberos tačno je:

Explanation

The correct answer states that Kerberos is based on a symmetric crypto system. This means that the same key is used for both encryption and decryption. In Kerberos, the client and the server share a secret key, which is used to authenticate and encrypt the communication between them. This eliminates the need for a trusted third party and ensures secure communication between the client and the server.

Submit
157. Koju vrstu napada sprečavamo komandom? iptables  -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST -i public_interface -m limit --limit 1/s  -j ACCEPT

Explanation

The given command is used to prevent a port scan attack. It adds a rule to the iptables FORWARD chain that matches TCP packets with certain TCP flags (SYN, ACK, FIN, RST) and limits the rate of these packets to 1 per second. If the limit is not exceeded, the packets are accepted. This prevents an attacker from scanning multiple ports quickly, as the rate is limited to 1 per second. Therefore, the correct answer is "Port scan."

Submit
158. Višestruko prepisivanje sadržaja diska različitim podacima se primenjuje:

Explanation

Multiple users sharing the same memory space can lead to potential security risks, as one user may be able to access and manipulate another user's data. By implementing double overwriting of disk contents with different data, the data becomes comprehensible only to the owner, ensuring the protection of sensitive information. This technique prevents the creation of secret channels and safeguards the data from unauthorized access when multiple users are using the same memory space.

Submit
159. Količnik broja stvarnih upada koje je IDS detektovao i zbira pravih alarma i lažnih alarma (TP / (TP + FP)) označava se kao:

Explanation

The correct answer is "tačnost" because the given formula (TP / (TP + FP)) represents the accuracy of the IDS (Intrusion Detection System). It calculates the ratio of true positives (TP) to the sum of true positives and false positives (TP + FP). Accuracy is a measure of how well the IDS is able to correctly detect actual intrusions and differentiate them from false alarms.

Submit
160. Koja se od navedenih tehnika je najmanje efikasna za sprečavanje reverznog inženjeringa?

Explanation

Encrypting the source code is the least effective technique for preventing reverse engineering because once the code is decrypted, it can be easily analyzed and understood. Other techniques like antidisassembly, antidebugging, and code obfuscation make it more difficult for reverse engineers to understand and modify the code, providing better protection against reverse engineering.

Submit
161. Modeli sigurnosti:

Explanation

The correct answer is "samo daju preporuke za dodatna ograničenja". This is because the other options in the given statements describe security models that provide detailed specifications, introduce clearly defined constraints, and give strict instructions for implementing additional measures. However, the correct answer states that security models only provide recommendations for additional constraints, suggesting that they do not impose strict requirements or provide detailed specifications.

Submit
162. Page table koristi operativni sistem da bi:

Explanation

Page table koristi operativni sistem da bi povezao stranice u koje je upisan neki podatak ili program.

Submit
163. Detekcija potpisa kao metoda za otkrivanje zlonamernih programa se zasniva na:

Explanation

The detection of signatures relies on searching for similarities with known malicious programs. This means that the system compares the characteristics and patterns of a file or program with a database of known malware signatures. If a match is found, it indicates the presence of a malicious program. This method is effective in identifying and blocking known threats but may not be as effective against new or unknown malware.

Submit
164. Izbaciti uljeza:

Explanation

TCP stands for Transmission Control Protocol, which is a widely used protocol for transmitting data over the internet. It provides reliable, ordered, and error-checked delivery of data packets between applications on different devices. In the given list, Kerberos, SSL, and IPSec are all security protocols used for authentication and encryption, while TCP is not primarily a security protocol. Therefore, TCP can be considered the odd one out or the "uljez" in this context.

Submit
165. Mrežna barijera tipa application proxy:

Explanation

A network barrier of type application proxy analyzes the complete packet and remembers the connection state. This means that it not only examines the headers of the packet but also analyzes the entire content of the packet. Additionally, it keeps track of the connection state, which allows it to maintain information about the ongoing connection.

Submit
166. Detekcija anomalija kao metoda za otkrivanje zlonamernih programa se zasniva na:

Explanation

Anomaly detection as a method for detecting malicious programs is based on the detection of unusual behavior. It involves monitoring and analyzing the actions and activities of a system or program, and identifying any deviations from normal patterns or expected behavior. By detecting these anomalies, it is possible to identify potential threats or malicious activities that may be indicative of a malicious program. This approach is effective because it does not rely solely on known patterns or signatures of malicious programs, but instead focuses on identifying any abnormal or suspicious behavior.

Submit
167. Reverzni inženjering je proces u kome se:

Explanation

Reverzni inženjering je proces kojim se rekonstruišu asemblerske instrukcije na osnovu binarne datoteke. Ovaj proces se koristi kako bi se razumela struktura i funkcionalnost nekog softvera ili hardvera. Kroz reverzni inženjering, moguće je analizirati binarni kod i dekompajlirati ga nazad u asemblerski kod radi daljeg proučavanja ili modifikacije.

Submit
168. Mrežna barijera tipa stateful packet filter:

Explanation

The correct answer is "analizira zaglavlja paketa i prati stanje konekcije." This means that the stateful packet filter analyzes the headers of packets and also keeps track of the connection state. It not only examines the basic information in the packet headers but also maintains information about the ongoing connections, such as the source and destination IP addresses, port numbers, and sequence numbers. This allows the stateful packet filter to make more informed decisions about allowing or blocking packets based on the connection state.

Submit
169. Prednost IDS zasnovanog na anomalijama je to što:

Explanation

An IDS based on anomalies can detect unknown attacks because it analyzes network traffic and behavior patterns to identify deviations from normal activity. Unlike signature-based IDS, which rely on known attack patterns and require regular updates to detect new threats, anomaly-based IDS can detect novel attacks that have not been previously identified. This makes it a valuable tool for detecting emerging threats and zero-day attacks. Additionally, anomaly-based IDS can be implemented easily and do not require frequent updates, making them convenient for deployment.

Submit
170. Detekcija promena kao metoda za otkrivanje zlonamernih programa se zasniva na:

Explanation

The correct answer is "praćenju promena u fajlovima" because detecting changes in files can help identify malicious programs. By monitoring file modifications, it becomes possible to detect any unauthorized alterations or additions made by malware. This method allows for the identification of potential threats and the implementation of appropriate security measures to prevent further damage.

Submit
171. Količnik ispravno detektovanih legitimnih aktivnosti upada i zbira stvarno negativnih i propuštenih alarma (TN / (TN + FN)) koje detektuje IDS označava se kao:

Explanation

not-available-via-ai

Submit
172. Odabrati tačan (jedan) iskaz za C liste važi:

Explanation

The correct statement for C list is that it is easy to change permissions in relation to users. This means that the permissions can be easily modified or updated for different users based on their specific needs or roles. This flexibility allows for efficient management of user access to resources and ensures that the appropriate level of permissions is granted to each user.

Submit
173. Ukoliko paket ne zadovoljava ni jedno od pravila u iptables lancu, šta se dešava sa paketom?

Explanation

If the packet does not meet any of the rules in the iptables chain, the default policy is applied.

Submit
174. Mrežna barijera tipa packet filter:

Explanation

A packet filter network barrier analyzes only the headers of the packets but does not keep track of the connection state. This means that it examines the source and destination IP addresses, port numbers, and other header information to make decisions about allowing or blocking the packets, but it does not maintain any information about the ongoing connection.

Submit
175. Odabrati tačan (jedan) iskaz za ACL važi:

Explanation

The correct statement for ACL (Access Control List) is that protection is data-oriented. This means that the access control is based on the data being protected, and different users or groups may have different levels of access to different data. This approach allows for more granular control over who can access what data, ensuring that sensitive information is only accessible to authorized individuals.

Submit
176. Mrežna barijera koja ima filter paketa sa uspostavljanjem stanja (statefull firewall):

Explanation

A stateful firewall with packet filtering analyzes the complete content of packets, including both the header and the payload. It also remembers discarded packets and returns them to the sender. Additionally, it remembers connection establishment requests during a session.

Submit
177. Ako je IDS propusti da detektuje napad koji se desio taj događaj se označava kao:

Explanation

If IDS fails to detect an attack that actually occurred, it is considered a false negative (FN). This means that the IDS did not raise an alert or identify the attack, even though it should have. False negatives can be problematic as they indicate a potential security breach that went unnoticed, leaving the system vulnerable to further attacks.

Submit
178. Količnik broja stvarnih upada koje je IDS detektovao i zbira pravih alarma i propuštenih alarma (TP / (TP + FN)) označava se kao:

Explanation

The correct answer is "osetljivost" because the given formula (TP / (TP + FN)) calculates the sensitivity or recall rate. It represents the proportion of actual positive cases that are correctly identified by the IDS (Intrusion Detection System). This measure is important in evaluating the effectiveness of the IDS in detecting real attacks and minimizing false negatives.

Submit
179. Kada IDS tekuću legitimnu aktivnost prepozna kao napad, taj događaj se označava kao:

Explanation

When an IDS identifies a legitimate activity as an attack, it is referred to as a False Positive (FP). This means that the IDS has generated an alert or alarm for an activity that is not actually malicious or harmful. False positives can occur due to various reasons such as misconfiguration of the IDS, incorrect rules or signatures, or anomalies in network traffic. False positives can be problematic as they can lead to unnecessary investigations and wasted resources.

Submit
180. Ako je IDS korektno registruje legitimnu aktivnost taj događaj se označava kao:

Explanation

If IDS correctly registers legitimate activity, it means that it correctly identifies it as not being malicious or harmful. Therefore, it is considered a true negative.

Submit
181. Monitor referenci je:

Explanation

The correct answer is "deo sigurnog jezgra koji je zadužen za kontrolu pristupa." This means that the monitor referenci is a part of the secure kernel that is responsible for access control. It is in charge of managing and regulating the access to resources and ensuring that only authorized entities can access them. This helps to maintain the security and integrity of the system by preventing unauthorized access and potential security breaches.

Submit
182. Količnik ispravno detektovanih legitimnih aktivnosti upada i zbira stvarno negativnih i lažnih alarma (TN / (TN + FP)) koje detektuje IDS označava se kao:

Explanation

The correct answer is "određenost" because it refers to the ratio of true negatives (TN) to the sum of true negatives and false positives (TN + FP) detected by the IDS (Intrusion Detection System). This ratio measures the ability of the IDS to accurately detect legitimate activities and differentiate them from false alarms. It is a statistical measure that indicates the specificity or precision of the IDS in identifying true negatives.

Submit
183. Jedan od osnovnih problema koje operativni sistem treba da reši je efikasna podela resursa računara. Podela kod koje se različitim korisnicima/procesima dodeljuju različiti resursi naziva se:

Explanation

The given correct answer is "fizička". This is because the question asks about the type of resource allocation where different users/processes are assigned different resources. "Fizička" refers to physical resource allocation, where physical resources such as memory, CPU, and storage are assigned to different users/processes. This ensures efficient resource allocation and prevents conflicts or bottlenecks in resource usage.

Submit
184. Jedan od osnovnih problema koje operativni sistem treba da reši je efikasna podela resursa računara. Podela kod koje se različitim korisnicima/procesima dodeljuju određeni delovi resursa naziva se

Explanation

The given answer, "logička," is correct because it refers to the division of resources in a way that is logical or based on logical criteria. This type of resource allocation ensures that different users or processes are assigned specific portions of resources based on their needs and priorities.

Submit
185. Поступак којим се отворени текст записује у облику бинарног низа назива се:

Explanation

The correct answer is "кодовање" which translates to "encoding" in English. Encoding is the process of converting open text into a binary format.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jan 16, 2018
    Quiz Created by
    Mladjalug96
Cancel
  • All
    All (185)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Prilikom instaliranja antivirus programa preporuka je da se instalira:
U modelu sigurnosti sa više nivoa odrediti stepen tajnosti (1...
Koji programski jezik je osetljiv na prekoračenje bafera?
Najbolja preventivna zaštita od zlonamernog koda je:
# u konfiguracijskoj datoteci aide.conf znači:
Mrežna barijera (firewall) posle filtriranja paketa, paket koji ne...
Salami Attack predstavlja:
Autentifikacija lozinkom je odluka na osnovu nečega:
Segmentacija i straničenje su metode koje se koriste za...
Izabrati tačan iskaz:
Potpuno automatizovan javni Tjuringov test za razlikovanje čoveka od...
Uobičajeno, zlonamerni programi se dele na osnovu:
Izabrati tačan iskaz:
Koja distribucija Linuxa nema root nalog?
Autentifikacija (samo) smart karticom je odluka na osnovu nečega:
U praksi, u kodovima se pojavljuje bar jedna greška na svakih:
Izbaciti uljeza:
Zlonamerni program koji ima osobinu da može da se širi kroz...
Skup metoda za ograničavanje korišćenja digitalnih sadržaja...
Dvo faktorska autentifikacija zahteva:
Windows Defender je:
Za prikupljanje naizgled nebitnih podataka sa više različitih...
Keylogger je:
Koliko osnovnih tipova mrežnih barijera postoji:
Autentifikacija pomoću smart kartice gde se dodatno zahteva i...
Granične adrese koje koristi jedan korisnik/proces kod istoimene...
Sigurnost operativnog sistema opšte namene se najefikasnije...
Očitavanje SMART kartice je moguće prisluškivati:
Ukoliko se poseduje samo exe fajl a postoji namera (potreba) da se...
U koliko u listi za kontrolu pristupa ne postoji ni jedno pravilo koje...
Koji program ovde ne pripada:
Prilikom slanja podataka iz html forme, može se reći da:
Na kraju svih pravila liste za kontrolu pristupa postoji implicitna...
Mrežna barijera se realizuje
Napad zlonamernim programima koji koriste ljudske slabosti naziva se:
Salt je:
Autentifikacija pomoću otiska prsta je odluka na osnovu nečega:
Zlonamerni računarski kod koji može da se integriše na...
Који модел PKI (Public Key Infrastructure) се...
Zlonamerni programi koji se šire tako što navedu...
Operativni sistem od poverenja ne mora da obezbedi:
Zlonamerni softver koji nenamenski troši sistemske resurse...
Single sign on je postupak kojim se obezbeđuje:
Metode za zaštitu od kompromitujućeg elmg ...
Ispravke, zakrpe i nove verzije softvera:
Izabrati tačan iskaz:
Šta ne spada u osnovne zadatke NGSCB (Next Generation Secure...
AIDE naredba inicijalizacije sistema je:
Ukoliko je neprivilegovani korisnik Windows sistema George kome je...
Nakon izvršenja koda: @echo off :a ping localhost>>a.txt...
U Linux OS pravo 654 odgovara:
Jedno od mogućih rešenja za single sign on je:
Koji se zlonamerni program ne zahteva nosioca?
Zlonamerni program koji se ugrađuje u neki koristan program i...
Nedostatak fizičke podele resursa je to što:
AIDE naredba provere sistema je:
U listama za kontrolu pristupa mrežne barijere paketi mogu da se...
Autentifikacija koja zahteva sve tri stavke (nešto što...
Једна од непожељних особина...
Čemu služi komanda sudo -u wcoyote jed /home
Šta se dešava sa RAM memorijom po isključenju...
U praksi, kao najprihvatljivije rešenje za izbor lozinki...
U praksi, biometrijsku autentifikaciju je najbolje vršiti...
Da bi se postavio IDS zasnovan na anomalijama neophodno je:
! u konfiguracijskoj datoteci aide.conf znači:
Slučajna vrednost (salt) koja se pridružuje lozinkama je:
Sadržaj SMART kartice je moguće očitati
Buffer overflow može da se zloupotrebi (između ostalog):
Za prisluškivanje naponskih nivoa provodnika:
Zlonamerni programi koji omogućavaju neautorizovan pristup sistemu...
Maskiranje koda je tehnika koja se koristi da:
Jedna od prednosti segmentacije memorije kao metode zaštite je:
Pravo x nad direktorijumom u Linux OS znači:
Nakon izvršenja koda: @echo off :a dir>>a.txt goto :a :
Na sigurnost operativnog sistema opšte namene broj linija...
Korisnički softver se često plasira na tržište po sledećem...
CAPTCHA je:
Čemu služi komanda chattr -i  /etc/passwd?
Idealna biometrija ne podrazumeva:
Stalno ažuriranje IDS-a zasnovanog na potpisu je:
Sigurnosni protokol koji je zasnovan na poverenju u treću stranu je
U modelu sigurnosti sa više nivoa:
Kod challenge-response autentifikacije, ukoliko Boban želi da...
Logičke bombe su posebna vrsta:
Kod obavezne kontrole pristupa ko određuje prava pristupa objektu?
Kod loših softverskih rešenja i softvera sa propustima,...
Faza prepoznavanja je faza kod:
Prednosti metode za detekciju zlonamernih programa koja se zasniva na...
Šta od sledećeg ne prati stanje konekcije?
Koju od dole navedenih usluga ne pruža mrežna barijera?
Sesijski ključ je:
Тајност комуникација је:
Open source code u odnosu na softver zatvorenog koda u pogledu ukupne ...
Informacije o promeni sistema AIDE skladišti:
Koje od sledećih svojstava nije poželjno za sigurnosni protokol:
Bitno svojstvo IDS-a zasnovanog na potpisu je:
Kada se matrica kontrole pristupa podeli na kolone:
NGSCB je deo operativnog sistema koji:
Teoretski, biometrisku autentifikaciju je najbolje vršiti...
PGP koristi:
Mrežna barijera koja može da spreči širenje zlonamernog...
Da bi se otežao BOBE ("break once, break everywhere") napad...
Sigurnost podataka koji se nalaze na Smart karticama se postiže:
Jedan od nedostataka segmentacije memorije kao metode zaštite...
Autorizacija je proces kojim se ispituje:
Visokofrekventno elektromagnetno zračenje računara:
Prednosti antivirusa ...
Timestamp je podatak koji se koristi u bezbednosnim protokolima:
Jedan (od nekoliko) preduslova za postojanje tajnog kanala je da:
Samomodifikujući kod:
Kod diskrecione kontrole pristupa ko određuje prava pristupa objektu?
Dat je primer liste za kontrolu pristupa u pseudo kodu: ...
Metamorfični zlonamerni program:
Kada se matrica kontrole pristupa podeli na vrste:
DRM:
Zbog načina na koji mrežna barijera pregleda stavke iz liste za...
Kod velikih sistema direktna primena Lampsonove matrice je:
Primenom disasemblera od binarnog koda dobija se:
Izabrati tačan iskaz:
Mane antivirusa koji detektuje zlonamerne programe na osnovu potpisa...
TCP protokol ne bi trebao da se koristi za autentifikaciju jer:
Ako administrator mrežne barijere želi da dopusti web servis...
Model granične adrese je model koji se koristi za
Ticket Granting Ticket (TGT) je pojam vezan za sledeći protokol:
Dat je primer liste za kontrolu pristupa u pseudo kodu: ...
Dat je primer liste za kontrolu pristupa u pseudo kodu: ...
IKE (Internet Key Exchange) i ESP/AH (Encapsulating Security...
Nedostatak IDSa za detekciju anomalija je to što
Izabrati tačan iskaz:
Prednost mrežne barijere tipa packet filter je:
Cilj savršene sigurnosti unazad (PFC) je:
Čemu služi komanda iptables -A FORWARD -d 172.16.32.2 --dport http...
Izabrati tačan iskaz:
Kod operativnih sistema opšte namene preporučljivo je da...
Smart kartica obezbeđuje:
Timestamp:
Hardware-based debugging (HardICE):
U biometrijskim sistemima prilikom autentifikacije (verifikacije) :
Ako je IDS detektovao napad koji se desio taj događaj se označava...
Ako je u konfiguracijskoj datoteci aide.conf zadato pravilo:...
Reverzni inženjering je tehnika koja se koristi za:
Dat je primer liste za kontrolu pristupa u pseudo kodu: ...
Jedan od osnovnih problema koje operativni sistem treba da reši...
Фејстелова шифра (мрежа) представља:
TCB (Trusted Computing Base) je:
Dat je primer liste za kontrolu pristupa u pseudo kodu: ...
Liste za kontrolu pristupa mrežne barijere se koriste za filtriranje...
Kada je reč o autentifikaciji s javnim ključem nije bezbedno:
ChallengeResponse je:
Debugger je alat koji:
Nedostatak metamorfičnog softvera je:
Dat je primer liste za kontrolu pristupa u pseudo kodu: ...
Pri analizi paketa pristiglog na mrežnu barijeru dolazi do poklapanja...
Jedan od osnovnih problema koje operativni sistem treba da reši...
Model sigurnosti sa više nivoa je pojam koji se odnosi na...
Kod protokola Kerberos tačno je:
Koju vrstu napada sprečavamo komandom? ...
Višestruko prepisivanje sadržaja diska različitim podacima se...
Količnik broja stvarnih upada koje je IDS detektovao i zbira pravih...
Koja se od navedenih tehnika je najmanje efikasna za sprečavanje...
Modeli sigurnosti:
Page table koristi operativni sistem da bi:
Detekcija potpisa kao metoda za otkrivanje zlonamernih programa se...
Izbaciti uljeza:
Mrežna barijera tipa application proxy:
Detekcija anomalija kao metoda za otkrivanje zlonamernih programa se...
Reverzni inženjering je proces u kome se:
Mrežna barijera tipa stateful packet filter:
Prednost IDS zasnovanog na anomalijama je to što:
Detekcija promena kao metoda za otkrivanje zlonamernih programa se...
Količnik ispravno detektovanih legitimnih aktivnosti upada i zbira...
Odabrati tačan (jedan) iskaz za C liste važi:
Ukoliko paket ne zadovoljava ni jedno od pravila u iptables lancu,...
Mrežna barijera tipa packet filter:
Odabrati tačan (jedan) iskaz za ACL važi:
Mrežna barijera koja ima filter paketa sa uspostavljanjem stanja...
Ako je IDS propusti da detektuje napad koji se desio taj događaj se...
Količnik broja stvarnih upada koje je IDS detektovao i zbira pravih...
Kada IDS tekuću legitimnu aktivnost prepozna kao napad, taj događaj...
Ako je IDS korektno registruje legitimnu aktivnost taj događaj se...
Monitor referenci je:
Količnik ispravno detektovanih legitimnih aktivnosti upada i zbira...
Jedan od osnovnih problema koje operativni sistem treba da reši...
Jedan od osnovnih problema koje operativni sistem treba da reši...
Поступак којим се отворени текст...
Alert!

Advertisement