Dsg Security Partners Test

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Abani_Padhi
A
Abani_Padhi
Community Contributor
Quizzes Created: 1 | Total Attempts: 60
Questions: 50 | Attempts: 60
SettingsSettingsSettings
Please wait...
Create your own Quiz
Dsg Security Partners Test - Quiz

.

Questions and Answers
  • 1. 

    In TCP protocol header “checksum” is of _____________

    • A.

      8 bit

    • B.

      16 bit

    • C.

      64 bit

    • D.

      32

    Correct Answer
    B. 16 bit
    Explanation
    The TCP protocol header includes a field called "checksum" which is used for error detection. The checksum field is 16 bits in size. This means that it can store a value ranging from 0 to 65535. The purpose of the checksum is to ensure the integrity of the data being transmitted over the network. By calculating and verifying the checksum, the receiver can detect if any errors have occurred during transmission. The larger the size of the checksum field, the more possible values it can represent, allowing for a higher level of error detection.

    Rate this question:

  • 2. 

    MTU is specified by  __________

    • A.

      IP Datagram Size

    • B.

      Hardware Technology

    • C.

      TCP Segment Size

    • D.

      None of the above

    Correct Answer
    C. TCP Segment Size
    Explanation
    The Maximum Transmission Unit (MTU) is specified by the TCP Segment Size. MTU refers to the maximum size of a packet or frame that can be transmitted over a network. In the case of TCP, data is divided into segments before transmission, and the size of these segments is determined by the TCP Segment Size. Therefore, the TCP Segment Size directly affects the maximum size of the packets that can be transmitted, thus determining the MTU.

    Rate this question:

  • 3. 

    Flow control takes place at which layer?

    • A.

      Physical Layer

    • B.

      Transport Layer

    • C.

      Datalink Layer

    • D.

      Network Layer

    Correct Answer
    B. Transport Layer
    Explanation
    Flow control takes place at the Transport Layer. This layer is responsible for ensuring reliable and error-free delivery of data between the source and destination. Flow control mechanisms regulate the rate of data transmission, preventing the sender from overwhelming the receiver with data. It manages the flow of data packets, ensuring that the receiver can handle the incoming data at a pace it can process. This helps in avoiding congestion and data loss in the network.

    Rate this question:

  • 4. 

    What happens if a DHCP client that already has a valid lease starts up after a power-down or reboot?

    • A.

      Goes to INIT State and broadcasts a DHCPDISCOVER message

    • B.

      Sends a DHCPINFORM message to server

    • C.

      Goes to INIT State and broadcasts a DHCPDISCOVER message to original DHCPServer

    • D.

      Sends a DHCPREQUEST message to Server

    Correct Answer
    D. Sends a DHCPREQUEST message to Server
    Explanation
    When a DHCP client that already has a valid lease starts up after a power-down or reboot, it sends a DHCPREQUEST message to the DHCP server. This message is used by the client to request the renewal of its lease from the server. By sending this message, the client informs the server that it wants to continue using the same IP address and other network configuration settings. The server will then respond to the request by either renewing the lease or providing a new lease to the client.

    Rate this question:

  • 5. 

    Which of the following statements is true about 10.0.0.1 IP address sending gratuitous arp?

    • A.

      Target IP will be Broadcast and Target mac address will be broadcast

    • B.

      Target IP will be 10.0.0.1 and Target Mac address will be its own mac address

    • C.

      Sender IP and Target IP address will be same

    • D.

      None of the above

    Correct Answer
    C. Sender IP and Target IP address will be same
    Explanation
    In gratuitous ARP, the sender sends an ARP request packet with its own IP address as both the source and destination IP address. This is done to update the ARP cache of other devices in the network. Therefore, the statement "Sender IP and Target IP address will be the same" is true.

    Rate this question:

  • 6. 

    Which Transport layer protocol is used by DNS?

    • A.

      TCP

    • B.

      UDP

    • C.

      Both TCP and UDP

    • D.

      NBNS

    Correct Answer
    C. Both TCP and UDP
    Explanation
    DNS (Domain Name System) uses both TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) as transport layer protocols. TCP is used for zone transfers and for maintaining a connection during a DNS query that requires a large response. UDP is used for regular DNS queries, where a quick and lightweight communication is needed. The choice between TCP and UDP depends on the specific DNS operation being performed.

    Rate this question:

  • 7. 

    In DNS Which record type is associated with Service Locator ?

    • A.

      AAAA Record

    • B.

      SRV Record

    • C.

      TXT Record

    • D.

      PTR Record

    Correct Answer
    B. SRV Record
    Explanation
    The SRV (Service Locator) record is associated with DNS. It is used to specify the location of services, such as servers for specific protocols, within a domain. SRV records contain information about the target server's hostname, port number, priority, and weight. This allows clients to easily locate and connect to the appropriate servers for specific services.

    Rate this question:

  • 8. 

    In DNS which records must be registered at the TLD name server?

    • A.

      NS Record

    • B.

      A Record

    • C.

      CNAME Record

    • D.

      SOA Record

    Correct Answer
    A. NS Record
    Explanation
    The NS (Name Server) record must be registered at the TLD (Top-Level Domain) name server. This record specifies the authoritative name servers for a particular domain. It indicates which name servers are responsible for handling DNS queries for that domain. By registering the NS record at the TLD name server, the domain owner ensures that the correct name servers are associated with their domain and can properly handle DNS requests.

    Rate this question:

  • 9. 

    In which mode of  FTP, the client initiates both the control and data connections.

    • A.

      Active and Passive mode

    • B.

      Active Mode

    • C.

      Passive Mode

    • D.

      Non of the above mentioned

    Correct Answer
    C. Passive Mode
    Explanation
    Passive mode is the correct answer because in this mode, the client initiates both the control and data connections. In passive mode, the client sends a PASV command to the server, which responds with an IP address and port number. The client then connects to that IP address and port number to establish the data connection. This mode is commonly used when the client is behind a firewall or NAT router, as it allows the client to establish the data connection without any issues.

    Rate this question:

  • 10. 

    HTTP options are supported from which version of HTTP?

    • A.

      HTTP 1.0

    • B.

      HTTP 1.1

    • C.

      HTTP 0.9

    • D.

      HTTP 2.0

    Correct Answer
    B. HTTP 1.1
    Explanation
    HTTP options are supported from HTTP 1.1 version onwards. This means that the HTTP OPTIONS method, which allows a client to request information about the communication options available for a target resource, was introduced in HTTP 1.1. In previous versions like HTTP 1.0 and HTTP 0.9, the OPTIONS method was not available. HTTP 2.0 also supports the OPTIONS method, but it was first introduced in HTTP 1.1.

    Rate this question:

  • 11. 

    What does server mean if it sends HTTP status code 304?

    • A.

      Object moved Temporarily

    • B.

      See Others

    • C.

      Not Modified

    • D.

      Temporary Redirect

    Correct Answer
    C. Not Modified
    Explanation
    When a server sends an HTTP status code 304, it means that the requested resource has not been modified since the last time it was accessed. This status code is used to indicate that the client's cached version of the resource is still valid and can be used instead of requesting the entire resource again. It helps to reduce bandwidth usage and improve performance by allowing the client to use its cached copy of the resource.

    Rate this question:

  • 12. 

    Which of the following is not a valid HTTP method?

    • A.

      GET

    • B.

      DELETE

    • C.

      PUSH

    • D.

      TRACE

    Correct Answer
    C. PUSH
    Explanation
    The HTTP method "PUSH" is not a valid HTTP method. The valid HTTP methods are GET, DELETE, and TRACE. The PUSH method does not exist in the HTTP specification and is not recognized by servers or browsers.

    Rate this question:

  • 13. 

    Which response code is sent by the server in response to PUT or POST request?

    • A.

      203

    • B.

      200

    • C.

      201

    • D.

      204

    Correct Answer
    C. 201
    Explanation
    The correct answer is 201. When a server receives a PUT or POST request, it can respond with a 201 status code, which indicates that the request was successful and a new resource has been created as a result. This status code is commonly used in RESTful APIs to indicate that a new resource has been successfully created and is available at the provided URL.

    Rate this question:

  • 14. 

    HTTP is a stateless protocol.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    HTTP is actually a stateless protocol, meaning that it does not retain any information about previous requests or sessions. Each request is treated as an independent transaction, and the server does not store any information about the client between requests. This allows for scalability and simplicity in the design of web applications. However, there are mechanisms such as cookies and session management techniques that can be used to maintain state in HTTP applications.

    Rate this question:

  • 15. 

    In tunnel mode IPsec protects the :

    • A.

      Entire IP Packet

    • B.

      IP Header

    • C.

      IP Payload

    • D.

      None of the Mentioned

    Correct Answer
    A. Entire IP Packet
    Explanation
    In tunnel mode IPsec, the entire IP packet is protected. This means that not only the IP payload (the data being transmitted), but also the IP header (which contains important information about the packet) are encrypted and authenticated. This ensures the confidentiality, integrity, and authenticity of the entire packet during transmission.

    Rate this question:

  • 16. 

    The _______ mode is normally used when we need host-to-host (end-to-end) protection of data.

    • A.

      Transport Mode

    • B.

      Tunnel Mode

    • C.

      Either (A) or (B)

    • D.

      Neither (A) nor (B)

    Correct Answer
    A. Transport Mode
    Explanation
    The Transport Mode is the correct answer because it provides host-to-host protection of data. In this mode, only the payload (data) of the IP packet is encrypted, while the IP header remains intact. This allows for end-to-end protection of the data, ensuring that it is secure during transmission between the source and destination hosts. Tunnel Mode, on the other hand, is used for securing communication between networks rather than individual hosts.

    Rate this question:

  • 17. 

    In the IP Header, If the value in protocol field is 51, the protocol used is ____.

    • A.

      ESP

    • B.

      AH

    • C.

      ICMP

    • D.

      IGMP

    Correct Answer
    B. AH
    Explanation
    In the IP Header, if the value in the protocol field is 51, the protocol used is AH.

    Rate this question:

  • 18. 

    In main mode exchange, NAT discovery takes place in which exchange?

    • A.

      I exchange (1st and 2nd message).

    • B.

      II exchange (3rd and 4th message).

    • C.

      III exchange (5th and 6th message).

    • D.

      NAT discovery does not happen on phase 1.

    Correct Answer
    B. II exchange (3rd and 4th message).
  • 19. 

    How many IKE SAs are possible between two gateway IP address?

    • A.

      Two Unidirectional SAs

    • B.

      One Unidirectional SA

    • C.

      Two Bidirectional SAs

    • D.

      One Bidirectional SA

    Correct Answer
    D. One Bidirectional SA
    Explanation
    The correct answer is "One Bidirectional SA." In the context of IKE (Internet Key Exchange), an SA (Security Association) is a one-way logical connection that provides security services between two IP addresses. A bidirectional SA allows for secure communication in both directions, meaning that it can handle traffic going from one gateway IP address to another and vice versa. Therefore, only one bidirectional SA is needed between two gateway IP addresses to establish secure communication.

    Rate this question:

  • 20. 

    In quick mode (phase 2), key exchange is performed due to which of the following option?

    • A.

      ESP

    • B.

      AH

    • C.

      NAT-T

    • D.

      PFS

    Correct Answer
    D. PFS
    Explanation
    In quick mode (phase 2), key exchange is performed to establish a new session key for secure communication between two parties. Perfect Forward Secrecy (PFS) is a feature that ensures that even if the long-term secret key is compromised in the future, the session keys derived from it will remain secure. Therefore, PFS is the correct option for key exchange in quick mode.

    Rate this question:

  • 21. 

    Two connected routers are configured with RIP routing. What will be the result when a router receives a routing update that contains a higher-cost path to a network already in its routing table?

    • A.

      The updated information will be added to the existing routing table.

    • B.

      The update will be ignored and no further action will occur.

    • C.

      The updated information will replace the existing routing table entry.

    • D.

      The existing routing table entry will be deleted from the routing table and all routers will exchange routing updates to reach convergence.

    Correct Answer
    B. The update will be ignored and no further action will occur.
    Explanation
    When a router receives a routing update that contains a higher-cost path to a network already in its routing table, the update will be ignored and no further action will occur. This is because RIP (Routing Information Protocol) uses a distance-vector algorithm, where routers exchange routing updates based on the number of hops to reach a network. If a higher-cost path is received, it is considered less favorable and therefore ignored. The router will continue to use the existing routing table entry for that network.

    Rate this question:

  • 22. 

    How many port states do we have in STP?

    • A.

      3

    • B.

      4

    • C.

      5

    • D.

      6

    Correct Answer
    C. 5
    Explanation
    In STP (Spanning Tree Protocol), there are five port states. These port states include Blocking, Listening, Learning, Forwarding, and Disabled. These states determine the role and functionality of each port in the STP network. The Blocking state is used to prevent loops, the Listening state prepares to forward data, the Learning state populates the MAC address table, the Forwarding state forwards data, and the Disabled state indicates that the port is not participating in the STP. Therefore, the correct answer is 5.

    Rate this question:

  • 23. 

    What is data encryption standard (DES)?

    • A.

      Block cipher

    • B.

      Stream Cipher

    • C.

      Bit Cipher

    • D.

      None of the above

    Correct Answer
    A. Block cipher
    Explanation
    DES, which stands for Data Encryption Standard, is a block cipher. A block cipher is a type of encryption algorithm that operates on fixed-size blocks of data. In the case of DES, the block size is 64 bits. It encrypts data by dividing it into blocks and applying a series of mathematical transformations to each block. DES has been widely used for secure communication and data protection, although it has been largely replaced by more advanced encryption algorithms due to its relatively small key size and vulnerability to attacks.

    Rate this question:

  • 24. 

    What does byte 1 and 2 represent in SSL/TLS record header?

    • A.

      Header Length

    • B.

      Record Type

    • C.

      Version

    • D.

      Data Length

    Correct Answer
    C. Version
    Explanation
    Bytes 1 and 2 in the SSL/TLS record header represent the version of the SSL/TLS protocol being used. The version information is crucial for both the client and server to ensure compatibility and establish a secure connection. It allows the communicating parties to understand and interpret the data exchanged between them correctly. By examining the version bytes, the client and server can determine if they support the same SSL/TLS protocol version and proceed accordingly with the handshake process.

    Rate this question:

  • 25. 

    A SSL Connection failed with Alert Code 44. What could be the reason?

    • A.

      Received an unsupported certificate type.

    • B.

      Received a certificate that was revoked by its signer.

    • C.

      Received a certificate has expired or is not currently valid.

    • D.

      Certificate is Unknown

    Correct Answer
    B. Received a certificate that was revoked by its signer.
    Explanation
    If a SSL connection fails with Alert Code 44, it means that the certificate received during the connection process has been revoked by its signer. This could happen if the certificate authority (CA) or the entity that issued the certificate has deemed it invalid or compromised after it was issued. This could be due to various reasons such as suspicion of unauthorized use, security breaches, or expiration of the certificate.

    Rate this question:

  • 26. 

    Find the incorrect TCP flag from the options listed Below.

    • A.

      ECN

    • B.

      CWN

    • C.

      URG

    • D.

      PSH

    Correct Answer
    B. CWN
  • 27. 

    Original TCP header is also included along with the Pseudo header and data while calculating TCP Checksum.

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    The statement is true because when calculating the TCP checksum, the original TCP header, along with the pseudo header and data, is included. The TCP checksum is used to ensure the integrity of the TCP segment during transmission. By including the original TCP header, any changes or errors in the header can be detected, providing a more accurate checksum calculation.

    Rate this question:

  • 28. 

    What is the maximum data that can be transmitted during TCP three way handshake?

    • A.

      1460 bytes

    • B.

      1500 bytes

    • C.

      536 bytes

    • D.

      None of the above

    Correct Answer
    D. None of the above
    Explanation
    The maximum data that can be transmitted during TCP three-way handshake is actually 0 bytes. The three-way handshake is the process of establishing a TCP connection between two devices, and it involves the exchange of SYN and ACK packets. During this process, no actual data is transmitted, as the purpose is to synchronize sequence numbers and establish the connection. Therefore, none of the options provided (1460 bytes, 1500 bytes, or 536 bytes) are correct.

    Rate this question:

  • 29. 

    In VPNs, the term "tunnelling" refers to :

    • A.

      An optional feature that increases network performance it it turned on.

    • B.

      The encapsulation packets inside packets of different protocol to create and maintain the virtual circuit.

    • C.

      The Method a system administrator uses to detect hackers on the network.

    • D.

      A Marketing strategy that involves selling VPN products for very low prices in return for expensive services contracts.

    Correct Answer
    B. The encapsulation packets inside packets of different protocol to create and maintain the virtual circuit.
    Explanation
    In VPNs, "tunnelling" refers to the process of encapsulating packets inside packets of a different protocol to create a virtual circuit. This allows for secure communication over an untrusted network by creating a private and encrypted connection between the sender and receiver. Tunnelling ensures that the original packets are protected and remain confidential during transmission.

    Rate this question:

  • 30. 

    What are the main benefit of VPNs compared to dedicated networks utilizing frame relay, leased lines and traditional dial-up ?

    • A.

      Better network performance

    • B.

      Less downtime on average

    • C.

      Reduced Cost

    • D.

      Improved Security

    Correct Answer
    C. Reduced Cost
    Explanation
    VPNs offer reduced cost compared to dedicated networks utilizing frame relay, leased lines, and traditional dial-up. This is because VPNs utilize existing internet connections instead of requiring expensive dedicated lines. By using VPNs, organizations can avoid the costs associated with purchasing and maintaining dedicated network infrastructure. Additionally, VPNs eliminate the need for long-distance charges that are often incurred with traditional dial-up connections. Therefore, organizations can achieve cost savings by implementing VPNs as opposed to dedicated networks.

    Rate this question:

  • 31. 

    Which of the following elements of PKI are found in a browser's trusted root CA?

    • A.

      Private Key

    • B.

      Symmetric Key

    • C.

      Recovery Key

    • D.

      Public Key

    Correct Answer
    D. Public Key
    Explanation
    A browser's trusted root CA contains the public keys of trusted certificate authorities. These public keys are used to verify the authenticity and integrity of digital certificates issued by the certificate authorities. The private key, symmetric key, and recovery key are not typically found in a browser's trusted root CA as they are used for different purposes such as encryption, decryption, and data recovery.

    Rate this question:

  • 32. 

    Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?

    • A.

      HTTPS

    • B.

      SSH

    • C.

      IPV4

    • D.

      ICMP

    Correct Answer
    D. ICMP
    Explanation
    ICMP (Internet Control Message Protocol) should be blocked at the network perimeter to prevent host enumeration by sweep devices. ICMP is commonly used for network diagnostics and troubleshooting, but it can also be exploited by attackers to gather information about hosts on a network. By blocking ICMP, sweep devices will not receive responses from hosts, making it more difficult for them to determine which hosts are active on the network. Blocking ICMP helps to enhance network security and prevents potential attacks that rely on host enumeration.

    Rate this question:

  • 33. 

    Centrally authenticating multiple systems and applications against a federated user database is an example of:

    • A.

      Smart Card

    • B.

      Common access card

    • C.

      Single Sign on

    • D.

      Access Control List

    Correct Answer
    C. Single Sign on
    Explanation
    Centrally authenticating multiple systems and applications against a federated user database refers to the concept of Single Sign-On (SSO). SSO allows users to access multiple systems and applications with just one set of login credentials, eliminating the need for separate authentication for each system. This enhances user convenience and productivity while maintaining security. Therefore, the given correct answer is Single Sign-On.

    Rate this question:

  • 34. 

    Which of the following is the primary purpose of using a digital signature? (Select TWO).

    • A.

      Encryption

    • B.

      Integrity

    • C.

      Confidentiality

    • D.

      Non-repudiation

    • E.

      Availability

    Correct Answer(s)
    B. Integrity
    D. Non-repudiation
    Explanation
    The primary purpose of using a digital signature is to ensure the integrity of a digital document or message, meaning that it has not been tampered with or altered during transmission. Digital signatures also provide non-repudiation, meaning that the sender cannot deny having sent the document or message. Encryption, confidentiality, and availability are not the primary purposes of using a digital signature.

    Rate this question:

  • 35. 

    When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user.Which of the following BEST describes this type of attack?

    • A.

      Spim

    • B.

      DDoS

    • C.

      Spoofing

    • D.

      DoS

    Correct Answer
    D. DoS
    Explanation
    This type of attack is a Denial of Service (DoS) attack. In this scenario, a single external user is executing a search string that causes the company's online store to crash. A DoS attack aims to disrupt or disable the targeted system or network, making it unavailable to its intended users. The attacker overwhelms the system with excessive traffic or resource consumption, causing it to crash or become unresponsive.

    Rate this question:

  • 36. 

    Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?

    • A.

      ARP Poisoning

    • B.

      MAC Spoofing

    • C.

      PWWN Spoofing

    • D.

      DNS Poisoning

    Correct Answer
    A. ARP Poisoning
    Explanation
    ARP Poisoning is a technique used to redirect network traffic through a malicious machine by sending false hardware address updates to a switch. By poisoning the Address Resolution Protocol (ARP) cache of a target machine, the attacker can associate their own MAC address with the IP address of another machine on the network. This causes the switch to send traffic intended for the other machine to the attacker's machine instead, allowing them to intercept and manipulate the traffic. MAC Spoofing, PWWN Spoofing, and DNS Poisoning are unrelated techniques and do not involve redirecting traffic through a malicious machine.

    Rate this question:

  • 37. 

    Public keys are used for which of the following?

    • A.

      Decrypting Wireless messages

    • B.

      Decrypting the hash of an electronic signature

    • C.

      Bulk encryption of IP based email traffic

    • D.

      Encrypting web browser traffic

    Correct Answer
    B. Decrypting the hash of an electronic signature
    Explanation
    Public keys are used for decrypting the hash of an electronic signature. In public key cryptography, a sender uses their private key to create a hash of a message, which is then encrypted using their public key. The recipient can then decrypt the hash using the sender's public key and compare it to the original message to verify the integrity and authenticity of the message.

    Rate this question:

  • 38. 

    A security administrator wants to prevent users in sales from accessing their servers after 6:00 p.m., and prevent them from accessing accounting's network at all times.Which of the following should the administrator implement to accomplish these goals? (Select TWO).

    • A.

      Separation Duties

    • B.

      Time of Day restriction

    • C.

      Access Control List

    • D.

      Mandatory Access Control

    • E.

      Single Sign on

    Correct Answer(s)
    B. Time of Day restriction
    C. Access Control List
    Explanation
    The security administrator should implement the "Time of Day restriction" to prevent users in sales from accessing their servers after 6:00 p.m. This feature allows the administrator to set specific time periods during which users are allowed or denied access to certain resources. Additionally, the administrator should also implement an "Access Control List" (ACL) to prevent users in sales from accessing accounting's network at all times. An ACL is a set of rules that determine the permissions and restrictions for accessing network resources, and can be used to limit access between different network segments or user groups.

    Rate this question:

  • 39. 

    A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed.The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last month.Which of the following is MOST likely causing the disconnections?

    • A.

      An attacker inside the company is performing a bluejacking attack on the user's laptop.

    • B.

      Another user's Bluetooth device is causing interference with the Bluetooth on the laptop.

    • C.

      The new access point was mis-configured and is interfering with another nearby access point.

    • D.

      The attacker that breached the nearby company is in the parking lot implementing a war driving attack.

    Correct Answer
    C. The new access point was mis-configured and is interfering with another nearby access point.
    Explanation
    The most likely cause of the frequent disconnections is that the newly installed access point was misconfigured, causing interference with another nearby access point. This interference could be due to overlapping channels or other configuration issues that are causing conflicts between the two access points. The fact that the user's interface is 802.11n capable suggests that it is capable of connecting to the access point, but the frequent disconnections indicate a problem with the configuration rather than a problem with the user's device.

    Rate this question:

  • 40. 

    Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?

    • A.

      Encryption Methods

    • B.

      Power Levels

    • C.

      SSID

    • D.

      Radio Frequency

    Correct Answer
    B. Power Levels
    Explanation
    The security administrator should look at power levels first when implementing an AP to gain more coverage. Power levels determine the strength of the wireless signal and can be adjusted to increase the coverage area. By optimizing the power levels, the administrator can ensure that the AP provides sufficient coverage without causing interference or overlapping with other APs. Once the power levels are set appropriately, other factors like encryption methods, SSID, and radio frequency can be considered to enhance security and optimize performance.

    Rate this question:

  • 41. 

    Which of the following is a security threat that hides itself within another piece of executable software?

    • A.

      Botnet

    • B.

      Logic Bomb

    • C.

      Trojan

    • D.

      Worm

    Correct Answer
    C. Trojan
    Explanation
    A Trojan is a type of security threat that disguises itself within another piece of executable software. It appears harmless or even desirable to the user, but once executed, it can perform malicious activities without the user's knowledge or consent. This can include stealing sensitive information, damaging files, or giving unauthorized access to the attacker. Unlike a virus or worm, a Trojan does not replicate itself but relies on the user to unknowingly execute it. Therefore, a Trojan is an effective tool for hackers to gain unauthorized access and control over a victim's computer.

    Rate this question:

  • 42. 

    Which of the following standards encodes messages blocks of 64-bit and uses 56 bits for the encryption key?

    • A.

      SHA

    • B.

      AES

    • C.

      DES

    • D.

      Blowfish

    Correct Answer
    C. DES
    Explanation
    DES (Data Encryption Standard) is a symmetric encryption algorithm that encodes message blocks of 64 bits and uses a 56-bit encryption key. It is a widely used encryption standard that was developed in the 1970s and has been widely adopted for various applications. DES operates on a Feistel network structure and uses a combination of substitution and permutation techniques to encrypt and decrypt data. Despite its widespread usage in the past, DES is now considered to be relatively weak due to advances in computing power and the availability of more secure encryption algorithms.

    Rate this question:

  • 43. 

    Which of the following algorithms have the smallest key space?

    • A.

      IDEA

    • B.

      SHA-1

    • C.

      AES

    • D.

      DES

    Correct Answer
    D. DES
    Explanation
    DES (Data Encryption Standard) has the smallest key space among the given algorithms. This means that DES has the fewest possible combinations of keys that can be used for encryption and decryption. The key space of DES is 56 bits, which is relatively small compared to the key spaces of IDEA (128 bits), SHA-1 (160 bits), and AES (128, 192, or 256 bits depending on the key size). A smaller key space makes DES more vulnerable to brute-force attacks, where an attacker systematically tries all possible keys until the correct one is found.

    Rate this question:

  • 44. 

    Which of the following describes the difference between a secure cipher and a secure hash?

    • A.

      A hash produces a variable output for any input size, a cipher does not.

    • B.

      A cipher produces the same size output for any input size, a hash does not.

    • C.

      A cipher can be reversed, a hash cannot

    • D.

      A hash can be reversed, a cipher cannot.

    Correct Answer
    C. A cipher can be reversed, a hash cannot
    Explanation
    A cipher can be reversed, meaning that it is possible to decrypt the encrypted message and retrieve the original plaintext. On the other hand, a hash cannot be reversed. A hash function is a one-way function that takes an input and produces a fixed-size output, known as a hash value or digest. It is practically infeasible to retrieve the original input from the hash value. Therefore, the difference between a secure cipher and a secure hash lies in their reversibility.

    Rate this question:

  • 45. 

    Which of the following would allow for secure key exchange over an unsecured network without a pre-shared key?

    • A.

      3DES

    • B.

      AES

    • C.

      DH

    • D.

      MD5

    Correct Answer
    C. DH
    Explanation
    DH (Diffie-Hellman) is a key exchange protocol that allows two parties to establish a shared secret key over an unsecured network. It does not require a pre-shared key, making it suitable for secure key exchange in scenarios where parties have not previously communicated. 3DES, AES, and MD5 are encryption algorithms, but they do not provide a secure key exchange mechanism on their own. Therefore, DH is the correct choice for secure key exchange over an unsecured network without a pre-shared key.

    Rate this question:

  • 46. 

    IKE uses _______.

    • A.

      Oakley

    • B.

      SKEME

    • C.

      ISAKMP

    • D.

      All of these

    Correct Answer
    D. All of these
    Explanation
    IKE (Internet Key Exchange) is a protocol used in IPsec (Internet Protocol Security) to establish a secure communication channel between two devices. It allows the devices to negotiate and exchange cryptographic keys, which are used to encrypt and authenticate the data being transmitted. Oakley, SKEME, and ISAKMP are all key exchange protocols that can be used in the IKE process. Therefore, the correct answer is "All of these" as all three protocols can be used by IKE.

    Rate this question:

  • 47. 

    IPSec does not provide:

    • A.

      Integrity

    • B.

      Confidentiality

    • C.

      QOS

    • D.

      Access Control

    Correct Answer
    C. QOS
    Explanation
    IPSec is a protocol suite used for securing internet communications. It provides integrity, ensuring that the data has not been tampered with during transmission, and confidentiality, encrypting the data to prevent unauthorized access. However, IPSec does not directly provide Quality of Service (QoS) mechanisms. QoS is a set of techniques used to prioritize and manage network traffic to ensure reliable and efficient delivery of data. While IPSec can work alongside QoS mechanisms, it does not inherently include QoS features itself.

    Rate this question:

  • 48. 

    IKE is one of the IPSec components used to provide confidentiality and integrity:

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    IKE (Internet Key Exchange) is a key management protocol used in IPSec (Internet Protocol Security) to establish secure communication channels. While IPSec does provide confidentiality and integrity, IKE itself is not responsible for these functions. Instead, IKE is used to negotiate and establish the shared security parameters, such as encryption algorithms and keys, between the communicating parties. Therefore, the correct answer is false.

    Rate this question:

  • 49. 

    With IPSec, transport mode is more commonly used when compared to tunnel mode as the packets are encapsulated and gateways are responsible for maintaining security association information:

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    In contrast to the statement, tunnel mode is more commonly used with IPSec instead of transport mode. In tunnel mode, the entire IP packet is encapsulated within another IP packet, adding an extra layer of security. This mode is often used when connecting two networks, where the gateways handle the encapsulation and security association information. Transport mode, on the other hand, only encrypts the payload of the IP packet, making it suitable for end-to-end communication within a network.

    Rate this question:

  • 50. 

    Which of the below statements is false while comparing IKEv1 and IKEv2

    • A.

      Which of the below statements is false while comparing IKEv1 and IKEv2

    • B.

      IKEv2 exchanges more number of messages than IKEv1

    • C.

      IKEv1 provides no authentication as in IKEv2

    • D.

      IKEv2 is reliable as all messages are acknowledged

    Correct Answer
    B. IKEv2 exchanges more number of messages than IKEv1
    Explanation
    IKEv2 exchanges fewer number of messages than IKEv1.

    Rate this question:

Related Topics

Recent Quizzes

Private Security And Investigative Services Act Private Security And Investigative Services Act
Cloud Security Quiz #1001 (Sanjay Jha | ProProfs) Cloud Security Quiz #1001 (Sanjay Jha | ProProfs)
Knowledge Check - Day 2 Knowledge Check - Day 2
Mobile Device Security Quiz Mobile Device Security Quiz
Cyprus Securities and Exchange Commission Quiz Cyprus Securities and Exchange Commission Quiz
ICT Safety and Security Quiz - Part 2 ICT Safety and Security Quiz - Part 2
SY0-501 - Chapter 1 Mastering Security Basics SY0-501 - Chapter 1 Mastering Security Basics
SOA Security Test SOA Security Test
National Security Advisor Quiz National Security Advisor Quiz

Featured Quizzes

Which Sonic Character Are You Quiz? Which Sonic Character Are You Quiz?
What is my Korean name quiz What is my Korean name quiz
What Video Game Should I Play? What Video Game Should I Play?
Which Phobia Do I Have? Which Phobia Do I Have?
Diabetes Foot Care Tips Quiz: Trivia! Diabetes Foot Care Tips Quiz: Trivia!
Uncover Your True Personality: Take the 'What Am I?' Quiz Uncover Your True Personality: Take the 'What Am I?' Quiz

Popular Topics

+ Show more
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.