Network Security Trivia Quiz Questions! Trivia

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By MrsQ
M
MrsQ
Community Contributor
Quizzes Created: 5 | Total Attempts: 3,229
| Attempts: 1,111
SettingsSettings
Please wait...
  • 1/58 Questions

    Most network threats originate from which of the following?

    • Inside the company
    • Script kiddies
    • Back doors
    • Industrial spies
Please wait...
About This Quiz

Dive into the 'Network Security Trivia Quiz' to explore key concepts such as nonrepudiation, internal threats, and packet filtering. This quiz assesses your understanding of network security mechanisms and threats, enhancing your skills in protecting networks against various types of cyber attacks.

Network Security Trivia Quiz Questions! Trivia - Quiz

Quiz Preview

  • 2. 

    What are some of the reasons for network attacks?

    • Industrial espionage

    • Revenge

    • Financial gain

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    The correct answer is "all of the above" because network attacks can occur for various reasons, including industrial espionage, revenge, and financial gain. Industrial espionage involves stealing valuable information or trade secrets from competing organizations. Revenge attacks are motivated by personal vendettas or grievances against individuals or organizations. Financial gain is a common motive for network attacks, as hackers may seek to steal sensitive financial information or engage in ransomware attacks to extort money. Therefore, all of these reasons can contribute to network attacks.

    Rate this question:

  • 3. 

    The capability to prevent one participant in an electronic transaction from denying that it performed an action is called ____________.

    • Plausible deniability

    • Integrity

    • Nonrepudiation

    • Undeniability

    Correct Answer
    A. Nonrepudiation
    Explanation
    Nonrepudiation refers to the ability to prevent a participant in an electronic transaction from denying that they performed a certain action. It ensures that the actions and transactions carried out by a participant cannot be denied or disputed later on. This capability is crucial in maintaining trust and accountability in electronic transactions, as it provides evidence and proof of the actions performed by the participants involved.

    Rate this question:

  • 4. 

    Servers with outside access to the public should be located on __________. (Choose all that apply)

    • Their own subnet

    • A DMZ

    • An internal LAN

    • A network perimeter

    Correct Answer(s)
    A. Their own subnet
    A. A DMZ
    Explanation
    Servers with outside access to the public should be located on their own subnet and a DMZ. By placing these servers on their own subnet, they can be isolated from the rest of the network, providing an extra layer of security. Placing them in a DMZ (Demilitarized Zone) further enhances their security by creating a separate network segment that acts as a buffer between the internal LAN and the public internet. This allows for controlled access to the servers while minimizing the risk of unauthorized access to the internal network.

    Rate this question:

  • 5. 

    Packet filters can block or allow transmission of packets based on which of the following criteria?  (Choose all that apply)

    • Port number

    • Open ports

    • Time of access attempts

    • IP address

    Correct Answer(s)
    A. Port number
    A. Time of access attempts
    A. IP address
    Explanation
    Packet filters can block or allow transmission of packets based on the port number, time of access attempts, and IP address. The port number is used to identify specific applications or services running on a device, and packet filters can block or allow packets based on the port number being used. The time of access attempts refers to the specific time when a connection attempt is made, and packet filters can block or allow packets based on the time of access. The IP address is a unique identifier assigned to each device on a network, and packet filters can block or allow packets based on the source or destination IP address.

    Rate this question:

  • 6. 

    An attacker who causes harm to systems in support of some principle is categorized as which of the following?

    • Cracker

    • Hacker

    • Industrial spy

    • Cyberterrorist

    Correct Answer
    A. Cyberterrorist
    Explanation
    A cyberterrorist is an attacker who causes harm to systems in support of some principle. Unlike a cracker or hacker who may exploit vulnerabilities for personal gain or curiosity, a cyberterrorist's motivation is driven by political, ideological, or religious reasons. Their goal is to create fear, disrupt critical infrastructure, or cause harm to individuals or organizations to advance their agenda.

    Rate this question:

  • 7. 

    An IP address combined with a TCP/IP port number is called which of the following?

    • Network address

    • Socket

    • Script

    • Port ID

    Correct Answer
    A. Socket
    Explanation
    An IP address combined with a TCP/IP port number is called a socket. A socket is a unique combination of an IP address and a port number that allows communication between different devices on a network. It acts as an endpoint for sending and receiving data over a network. Sockets are essential for establishing network connections and enabling the exchange of information between devices.

    Rate this question:

  • 8. 

    Firewall enforcement of policies is handled primarily through setting up packet-filtering rules, a set of which is contained in the _____________.

    • Routing table

    • Rule base

    • Access control list

    • Packet filter

    Correct Answer
    A. Access control list
    Explanation
    Firewall enforcement of policies is primarily done through setting up packet-filtering rules. These rules are contained in an access control list (ACL), which is a set of rules that determines what traffic is allowed or denied based on specific criteria such as source and destination IP addresses, ports, and protocols. The ACL acts as a filter, allowing or blocking packets based on the defined rules, thus enforcing the firewall policies.

    Rate this question:

  • 9. 

    Name four goals of network security

  • 10. 

    An uninterruptible power supply is a component of _____________ security.

    • Virtual

    • Auditing

    • Physical

    • Password

    Correct Answer
    A. Physical
    Explanation
    An uninterruptible power supply (UPS) is a device that provides emergency power to a load when the input power source fails. It acts as a backup power source, ensuring that critical systems and equipment remain operational during power outages or fluctuations. Therefore, a UPS is a component of physical security, as it helps protect against power disruptions that could potentially compromise the security and functionality of physical infrastructure and systems.

    Rate this question:

  • 11. 

    The Stuxnet worm was designed to ____________>

    • Shut down Internet DNS servers

    • Disrupt computer-controlled industrial operations

    • Steal financial information

    • Be used by script kiddies

    Correct Answer
    A. Disrupt computer-controlled industrial operations
    Explanation
    The correct answer is "disrupt computer-controlled industrial operations". This is because Stuxnet was a highly sophisticated computer worm that specifically targeted and disrupted the operations of industrial control systems, particularly those used in nuclear facilities. It was not designed to shut down Internet DNS servers, steal financial information, or be used by script kiddies.

    Rate this question:

  • 12. 

    A packet filtering device evaluates data in the payload and compares it with a predefined set of rules.

    • True

    • False

    Correct Answer
    A. False
    Explanation
    A packet filtering device does not evaluate data in the payload and compare it with a predefined set of rules. Instead, it examines the header information of each packet and makes filtering decisions based on criteria such as source and destination IP addresses, port numbers, and protocol types. So, the statement is false.

    Rate this question:

  • 13. 

    Which of the following malware is designed to replicate itself?

    • Worm

    • Virus

    • Trojan horse

    • SYN flood

    Correct Answer(s)
    A. Worm
    A. Virus
    Explanation
    Both worms and viruses are designed to replicate themselves. Worms are standalone malicious programs that can spread across networks and computers without needing a host file or program. They typically exploit vulnerabilities in network protocols to self-replicate and spread. Viruses, on the other hand, are malicious code that attaches itself to a host file or program and replicates when the host file or program is executed. Both worms and viruses can cause significant damage by spreading rapidly and infecting multiple systems. Trojan horse and SYN flood, on the other hand, do not replicate themselves like worms and viruses do.

    Rate this question:

  • 14. 

    In a restrictive firewall policy, what is the starting point for developing a rule base?

    • Allow all traffic

    • Block all traffic except specified types

    • Allow all traffic except specified types

    • Block all traffic

    Correct Answer
    A. Block all traffic
    Explanation
    In a restrictive firewall policy, the starting point for developing a rule base is to initially block all traffic. This approach ensures that all incoming and outgoing traffic is denied by default, providing a higher level of security. By blocking all traffic, the administrator can then selectively allow only the specified types of traffic that are necessary for the network's operations, reducing the attack surface and minimizing potential vulnerabilities.

    Rate this question:

  • 15. 

    In an IDPS, specific indications of a possible attack are called _____________.

    • Signatures

    • Signals

    • True positives

    • Alerts

    Correct Answer
    A. Signatures
    Explanation
    In an IDPS, specific indications of a possible attack are called "signatures". Signatures are patterns or characteristics that are associated with known attacks or malicious activities. These signatures are used by the IDPS to detect and identify potential threats or attacks. By comparing network traffic or system behavior against a database of signatures, the IDPS can generate alerts or take appropriate actions to mitigate the attack.

    Rate this question:

  • 16. 

    What advantages does IPv6 have over IPv4 (Choose all that apply)

    • IPv6 uses DHCP for its configuration settings

    • IPv6 uses a 128-bit address space

    • IPv4 cannot support IPsec

    • IPv6 incorporates IPsec

    Correct Answer(s)
    A. IPv6 uses a 128-bit address space
    A. IPv6 incorporates IPsec
    Explanation
    IPv6 has a 128-bit address space, which provides a significantly larger number of unique addresses compared to the 32-bit address space of IPv4. This allows for the allocation of more IP addresses and eliminates the issue of address exhaustion. Additionally, IPv6 incorporates IPsec, which provides built-in security features for authentication and encryption of network traffic. This enhances the overall security of IPv6 compared to IPv4, which does not have native support for IPsec.

    Rate this question:

  • 17. 

    A Class C address has a first octet decimal range of ____________ to ____________.

    • 172, 191

    • 191, 224

    • 192, 239

    • 192, 223

    Correct Answer
    A. 192, 223
    Explanation
    A Class C address has a first octet decimal range of 192 to 223.

    Rate this question:

  • 18. 

    Which of the following is a method of hiding internal host IP addresses? (Choose all that apply)

    • Network Address Translation (NAT)

    • Configuring the computer to insert a fake source IP address into outgoing messages

    • Proxy servers

    • Setting up software firewalls on all internal hosts

    Correct Answer(s)
    A. Network Address Translation (NAT)
    A. Proxy servers
    Explanation
    Network Address Translation (NAT) is a method of hiding internal host IP addresses by translating them into a single public IP address. This allows multiple devices on a private network to share a single public IP address when communicating with external networks. Proxy servers also serve as a method of hiding internal host IP addresses by acting as an intermediary between the client and the server, masking the client's IP address. By using either NAT or proxy servers, organizations can enhance security and privacy by keeping internal IP addresses hidden from external networks.

    Rate this question:

  • 19. 

    The Class A address of 127.0.0.1 is used for which of the following?

    • Broadcasting to all hosts on a subnet

    • Testing the local TCP/IP software implementation

    • Experimentation

    • Testing the local NIC

    Correct Answer
    A. Testing the local TCP/IP software implementation
    Explanation
    The Class A address of 127.0.0.1, also known as the loopback address, is used for testing the local TCP/IP software implementation. This address allows a device to send network packets to itself, allowing for testing and troubleshooting of network protocols and software without the need for external network connectivity. It is commonly used by developers and network administrators to ensure that the TCP/IP stack on a device is functioning correctly.

    Rate this question:

  • 20. 

    Why is UDP considered unreliable?

    • The header does not contain a checksum

    • The data is transmitted in clear text

    • It is connectionless

    • Routers typically drop a large number of UDP packets

    Correct Answer
    A. It is connectionless
    Explanation
    UDP is considered unreliable because it is connectionless. Unlike TCP, which establishes a connection between sender and receiver before transmitting data, UDP simply sends data packets without any prior setup. This lack of connection means that UDP does not guarantee delivery or ensure that packets arrive in order. It also does not provide error checking or retransmission of lost packets. Therefore, UDP is often used for applications that prioritize speed and efficiency over reliability, such as streaming media or online gaming.

    Rate this question:

  • 21. 

    In CIDR notation, the IP address and subnet mask 191.9.205.22  255.255.192.0 are written as __________________.

    • 191.9.205.22/19

    • 191.9.205.22/18

    • 191.9.205.22/17

    • 191.9.205.22/16

    Correct Answer
    A. 191.9.205.22/18
    Explanation
    The given IP address and subnet mask in CIDR notation represent a network with a subnet mask of 255.255.192.0. This subnet mask has 18 bits set to 1, which means it has a prefix length of /18. Therefore, the correct representation of the IP address and subnet mask in CIDR notation is 191.9.205.22/18.

    Rate this question:

  • 22. 

    How do routers handle packets that are too large to pass through because of frame size limitations?

    • Routers drop packets that are too large.

    • Routers bounce packets back to the sender to be resized.

    • Routers adjust their MTUs to accommodate the oversized packet.

    • Routers break packets into smaller pieces called fragments.

    Correct Answer
    A. Routers break packets into smaller pieces called fragments.
    Explanation
    Routers break packets into smaller pieces called fragments to handle packets that are too large to pass through because of frame size limitations. This allows the router to transmit the packet in smaller chunks that can fit within the frame size limitations.

    Rate this question:

  • 23. 

    Which of the following is an IPv6 Protocol?  (Choose all that apply)

    • Multicast Listening Detection

    • IGMPv6

    • Multicast Listener Discovery

    • Neighbor Discovery

    Correct Answer(s)
    A. Multicast Listener Discovery
    A. Neighbor Discovery
    Explanation
    Multicast Listener Discovery and Neighbor Discovery are both IPv6 protocols. Multicast Listener Discovery is used by IPv6 hosts to discover and join multicast groups on a network, while Neighbor Discovery is used for address resolution and neighbor discovery functions in IPv6 networks.

    Rate this question:

  • 24. 

    A DNS server translates ________________ to _______________.

    • Encrypted IP addresses, clear text

    • IP addresses, MAC addresses

    • FQDNs, IP addresses

    • Static addresses, DHCP

    Correct Answer
    A. FQDNs, IP addresses
    Explanation
    A DNS server translates Fully Qualified Domain Names (FQDNs) to IP addresses. FQDNs are the complete domain names that include the top-level domain (TLD), domain name, and subdomain. IP addresses are unique numerical identifiers assigned to devices connected to a network. The DNS server acts as a directory that maps FQDNs to their corresponding IP addresses, allowing users to access websites and other resources using domain names instead of remembering the specific IP addresses associated with them.

    Rate this question:

  • 25. 

    Why is fragmentation considered a security risk?

    • Fragments numbered 0 contain port information

    • Fragments numbered 1 or higher are passed through filters

    • Fragmented packets cannot be assembled

    • Fragmentation is frequently used

    Correct Answer
    A. Fragments numbered 1 or higher are passed through filters
    Explanation
    Fragmentation is considered a security risk because fragments numbered 1 or higher are passed through filters. This means that the filtering mechanisms in place to detect and prevent malicious content or attacks may not be able to analyze the entire packet if it is fragmented. This can potentially allow attackers to bypass security measures and exploit vulnerabilities in the network. Therefore, fragmentation poses a risk to the overall security of the system.

    Rate this question:

  • 26. 

    Which of the following is used for one-to-many communication, in which a single host can send packets to a group of recipients?

    • Multicast

    • Unicast

    • Anycast

    • Netcast

    Correct Answer
    A. Multicast
    Explanation
    Multicast is used for one-to-many communication, where a single host can send packets to a group of recipients. Unlike unicast, where packets are sent to a specific recipient, multicast allows for efficient communication to multiple recipients simultaneously. Anycast is used for one-to-nearest communication, where packets are sent to the nearest available recipient. Netcast is not a commonly used term in networking.

    Rate this question:

  • 27. 

    The number of TCP segments that can be sent before an acknowledgement must be received is determined by the ______________.

    • Sequence number

    • Sliding window size

    • Transmission rate

    • Port number in use for the session

    Correct Answer
    A. Sliding window size
    Explanation
    The sliding window size determines the number of TCP segments that can be sent before an acknowledgement must be received. The sliding window is a mechanism used for flow control in TCP, allowing the sender to transmit multiple segments without waiting for each individual acknowledgement. The size of the sliding window determines the maximum number of unacknowledged segments that can be sent at a time. Once the window is full, the sender must wait for acknowledgements before sending more segments. Therefore, the sliding window size directly affects the number of TCP segments that can be sent before an acknowledgement is required.

    Rate this question:

  • 28. 

    When one host wants to initiate a TCP session with another host, it sends a packet with the _______ flag set.

    • SYN

    • ACK

    • RST

    • FIN

    Correct Answer
    A. SYN
    Explanation
    When one host wants to initiate a TCP session with another host, it sends a packet with the SYN flag set. The SYN flag is used in the TCP three-way handshake process to establish a connection between two hosts. The sending host sets the SYN flag to indicate that it wants to synchronize sequence numbers with the receiving host. The receiving host will then respond with a packet containing the SYN-ACK flags set, indicating that it acknowledges the synchronization request and is ready to establish the connection.

    Rate this question:

  • 29. 

    An ICMPv6 header is indicated by a Next Header Value of ____________.

    • 60

    • 54

    • 58

    • 22

    Correct Answer
    A. 58
    Explanation
    An ICMPv6 header is indicated by a Next Header Value of 58. ICMPv6 (Internet Control Message Protocol version 6) is a network protocol used for diagnostic and error reporting purposes in IPv6 networks. The Next Header field in the IPv6 header specifies the type of the next header following the IPv6 header. In this case, a value of 58 indicates that the next header is an ICMPv6 header.

    Rate this question:

  • 30. 

    Compressing the IPv6 address 1080:0:0:0:8:800:200C:417A results in which of the following?

    • 1080::8:8:::2::C:417A

    • 1080::8:800:200C:417A

    • 1080::8:8::::20:C:417A

    • :1080::8:800:200C:417A

    Correct Answer
    A. 1080::8:800:200C:417A
  • 31. 

    Security devices on a network process digital information, such as text files and Web pages, in the same way.  However, which of the following pieces of information might they handle differently?

    • Protocols

    • TCP/IP Headers

    • Attack signatures

    • Port numbers

    Correct Answer
    A. TCP/IP Headers
    Explanation
    This is the answer that makes sense to me anyways.

    Rate this question:

  • 32. 

    In which of the following situations can CVE improve the coordination of intrusion information on a network?

    • Attack signatures can be compared to lists of known attack signatures on the CVE Web site.

    • Attack signatures can be compared to current network topology.

    • Installing application patches can thwart a reported attack.

    • Current network vulnerabilites can be used to generate application patches.

    Correct Answer
    A. Attack signatures can be compared to lists of known attack signatures on the CVE Web site.
    Explanation
    CVE (Common Vulnerabilities and Exposures) is a system that provides a standardized way to identify and categorize security vulnerabilities. By comparing attack signatures to lists of known attack signatures on the CVE Web site, organizations can identify if any of the attacks they are experiencing have been previously identified and categorized. This helps improve the coordination of intrusion information on a network by allowing organizations to quickly identify and respond to known attacks, potentially mitigating their impact and preventing further damage.

    Rate this question:

  • 33. 

    Which of the following can be included in a network traffic signature?  (Choose all that apply.)

    • Logon attempts

    • Message digest

    • TCP options

    • Ethernet interface number

    Correct Answer(s)
    A. Logon attempts
    A. TCP options
    Explanation
    A network traffic signature is a unique pattern or characteristic that can be used to identify specific types of network traffic. Logon attempts can be included in a network traffic signature as they can provide information about attempted unauthorized access to a network. TCP options can also be included as they provide additional information about the TCP connection, such as the maximum segment size or window scaling factor. However, message digest and Ethernet interface number are not typically included in a network traffic signature as they do not provide specific information about the type or behavior of the network traffic.

    Rate this question:

  • 34. 

    What is the name of an error-checking procedure that uses a formula to calculate a numeric value?

    • Check string

    • One-way hash

    • Hexadecimal code

    • Checksum

    Correct Answer
    A. Checksum
    Explanation
    A checksum is an error-checking procedure that uses a formula to calculate a numeric value. This value is then compared to a checksum value that is transmitted or stored along with the data. If the calculated checksum value matches the transmitted or stored checksum value, it suggests that the data is intact and error-free. This method is commonly used in data transmission and storage to ensure data integrity.

    Rate this question:

  • 35. 

    How do attackers use fragmentation to circumvent network defenses? (Choose all that apply.)

    • Fragments are crafted to be too large or too small

    • The initial packet is missing

    • The fragments arrive too slowly

    • The final fragment sent is less than 400 bytes long.

    Correct Answer(s)
    A. Fragments are crafted to be too large or too small
    A. The initial packet is missing
    A. The fragments arrive too slowly
    Explanation
    Attackers can use fragmentation to circumvent network defenses by crafting fragments that are either too large or too small. By doing so, they can exploit vulnerabilities in the network's fragmentation reassembly process, causing it to either discard or incorrectly reassemble the fragments. This can lead to the network defenses being bypassed and the attacker gaining unauthorized access. Additionally, attackers may intentionally remove the initial packet, which can disrupt the normal flow of data and potentially evade detection. Slowing down the arrival of fragments can also make it more difficult for network defenses to detect and respond to the attack.

    Rate this question:

  • 36. 

    Which of the following packets should never have a data payload?

    • One with the SYN/ACK flags set

    • One with the ACK flag set

    • One with the SYN flag set

    • One with the ACK/PSH flags set

    Correct Answer
    A. One with the SYN flag set
    Explanation
    A packet with the SYN flag set is used in the TCP three-way handshake to establish a connection between two devices. This packet is sent by the initiating device to the receiving device to request a connection. Since this packet is solely used for the purpose of initiating a connection and does not contain any actual data, it should never have a data payload.

    Rate this question:

  • 37. 

    Which of the following is not required for a single-packet attack?  (Choose all that apply.)

    • A source IP address

    • A destination IP address

    • An ICMP echo request

    • An established connection

    Correct Answer
    A. An established connection
    Explanation
    A single-packet attack refers to a type of network attack where only one packet is sent to the target system. In this case, an established connection is not required because the attack is executed using a single packet, without the need for a pre-existing connection. The attacker can send the packet directly to the target system without any prior communication or connection establishment. The other options, such as a source IP address, a destination IP address, and an ICMP echo request, are typically required for network communication and are relevant in the context of a single-packet attack.

    Rate this question:

  • 38. 

    Which of the following is an example of a multiple packet attack?

    • A fragment

    • An ICMP flood

    • A false Internet time stamp

    • A packet with SYN/FIN/ACK flags set

    Correct Answer
    A. An ICMP flood
    Explanation
    An ICMP flood is an example of a multiple packet attack. ICMP (Internet Control Message Protocol) flood involves sending a large number of ICMP packets to a target network or device, overwhelming its resources and causing it to become unresponsive or crash. This type of attack is often used to disrupt network connectivity or launch a denial-of-service (DoS) attack. By flooding the target with ICMP packets, the attacker can consume its bandwidth and processing power, making it difficult for legitimate traffic to pass through.

    Rate this question:

  • 39. 

    What is the purpose of the 4-byte acknowledgement in a TCP header?

    • It acknowledges receipt of the previous packet in the sequence.

    • It acknowledges that a connection has been made.

    • It verifies that the source and destination IP addresses are correct.

    • It acknowledges the ID number the packet is using.

    Correct Answer
    A. It acknowledges receipt of the previous packet in the sequence.
    Explanation
    The purpose of the 4-byte acknowledgement in a TCP header is to acknowledge the receipt of the previous packet in the sequence. This acknowledgement is important in ensuring reliable and ordered delivery of data packets. By acknowledging the receipt of each packet, the sender can keep track of which packets have been successfully received by the receiver and retransmit any lost or corrupted packets if necessary. This helps to maintain the integrity and accuracy of the data transmission process.

    Rate this question:

  • 40. 

    Which of the following is the correct order in which TCP flags appear during the initiation of a normal connection?

    • SYN, ACK, FIN, RST

    • SYN, PSH, ACK, RST

    • SYN, SYN/ACK, ACK

    • SYN, PSH, ACK, FIN

    Correct Answer
    A. SYN, SYN/ACK, ACK
    Explanation
    During the initiation of a normal TCP connection, the first step is for the client to send a SYN (synchronize) packet to the server. The server then responds with a SYN/ACK (synchronize/acknowledge) packet, indicating that it received the SYN packet and is willing to establish a connection. Finally, the client sends an ACK (acknowledge) packet to confirm the receipt of the SYN/ACK packet and complete the three-way handshake. Therefore, the correct order of TCP flags during the initiation of a normal connection is SYN, SYN/ACK, ACK.

    Rate this question:

  • 41. 

    Which protocol uses one port number to establish a connection and a different port number to transfer data?

    • TCP/IP

    • FTP

    • HTTP

    • ICMP

    Correct Answer
    A. FTP
    Explanation
    FTP (File Transfer Protocol) uses one port number (port 21) to establish a connection between the client and server, and a different port number (port 20) to transfer the actual data. This is known as the "active mode" of FTP, where the client initiates the data connection to the server. The use of separate port numbers allows for better control and organization of the data transfer process.

    Rate this question:

  • 42. 

    Which of the following is an example of a reconnaissance traffic signature?

    • Trojan program

    • Ping sweep

    • Denial of service

    • Ping of Death

    Correct Answer
    A. Ping sweep
    Explanation
    A reconnaissance traffic signature refers to a type of network activity that is used to gather information about a target system or network. A ping sweep is an example of reconnaissance traffic signature as it involves sending a series of ICMP echo requests to multiple IP addresses to determine which ones are active and responsive. This allows an attacker to create a map of the network and identify potential targets for further exploitation.

    Rate this question:

  • 43. 

    Which program keeps track of services and ports made available through Remote Procedure Calls?

    • Network Information System

    • Network File System

    • Network File Sharing

    • Portmapper

    Correct Answer
    A. Portmapper
    Explanation
    The portmapper program keeps track of services and ports made available through Remote Procedure Calls (RPC). It acts as a mediator between the client and server, mapping the service request to the appropriate port number. By maintaining this information, the portmapper enables clients to easily locate and connect to the desired services on a remote system.

    Rate this question:

  • 44. 

    To avoid attacks that use advanced evasion techniques, such as path obfuscation, CGI scripts, and packet injection, you must do which of the following?

    • Watch your log files closely

    • Install additional IDPS sensors

    • Keep your anti-adware software updated

    • Keep your IDPS signature files updated.

    Correct Answer(s)
    A. Watch your log files closely
    A. Keep your IDPS signature files updated.
    Explanation
    To avoid attacks that use advanced evasion techniques, it is important to watch your log files closely. By monitoring the log files, you can identify any suspicious activities or patterns that may indicate an attack. Additionally, keeping your IDPS (Intrusion Detection and Prevention System) signature files updated is crucial. These signature files contain information about known attack patterns, allowing the IDPS to detect and prevent such attacks. Regularly updating these files ensures that your IDPS can effectively identify and block new and emerging threats.

    Rate this question:

  • 45. 

    Which of the following features distinguishes IPv6 from IPv4?

    • IPv6 fragmentation occurs on IPv6-compliant routers

    • IPv4 is unfragmentable

    • IPv6 fragmentation occurs only at the source node

    • IPv6 maximum fragment size is larger than its IPv6 counterpart

    Correct Answer
    A. IPv6 fragmentation occurs only at the source node
    Explanation
    IPv6 fragmentation occurs only at the source node, which means that if a packet is too large to be transmitted across a network, it is the responsibility of the source node to fragment it into smaller packets before sending them. In IPv4, fragmentation can occur at any router along the path of the packet. Additionally, IPv6 has a larger maximum fragment size compared to IPv4, allowing for more efficient transmission of larger packets.

    Rate this question:

  • 46. 

    Which of the following is used as a cryptographic primitive?  (Choose all that apply.)

    • Pseudorandom number generators

    • Hashing functions

    • Feistel networks

    • Side channels

    Correct Answer(s)
    A. Pseudorandom number generators
    A. Hashing functions
    A. Feistel networks
    Explanation
    Pseudorandom number generators, hashing functions, and Feistel networks are all used as cryptographic primitives. Pseudorandom number generators are used to generate random-like numbers for encryption algorithms. Hashing functions are used to transform data into a fixed-size string of characters, commonly used for data integrity verification. Feistel networks are used in block cipher designs to provide confusion and diffusion properties. Side channels, on the other hand, are not cryptographic primitives but rather unintended channels that leak information about the secret key.

    Rate this question:

  • 47. 

    What is the block size in the AES implementation of Rijndael?

    • 128 or 256 bits

    • 128, 192, or 256 bits

    • Variable

    • 128 bits

    Correct Answer
    A. 128, 192, or 256 bits
    Explanation
    The block size in the AES implementation of Rijndael can be either 128, 192, or 256 bits. This means that the data being encrypted is divided into blocks of either 128, 192, or 256 bits in size before being processed by the AES algorithm. The flexibility in block size allows for different levels of security and performance depending on the specific requirements of the application.

    Rate this question:

  • 48. 

    Which of the following issues public and private key pairs?

    • Certificate publisher

    • Certification authority

    • Certificate revocation list

    • Certificate store

    Correct Answer
    A. Certification authority
    Explanation
    A certification authority is responsible for issuing and managing public and private key pairs. They verify the identity of individuals or organizations requesting certificates and then generate the corresponding key pairs. These key pairs are used for encryption and digital signatures, ensuring secure communication and authentication in various systems and applications. The certification authority plays a crucial role in establishing trust and maintaining the security of digital certificates.

    Rate this question:

  • 49. 

    Which of the following is used to check whether a certificate is still valid?

    • Certificate revocation list

    • Certification authority

    • Certificate publisher

    • Registration authority

    Correct Answer
    A. Certificate revocation list
    Explanation
    A certificate revocation list (CRL) is used to check whether a certificate is still valid. It is a list maintained by a certification authority (CA) that contains the serial numbers of certificates that have been revoked or are no longer trusted. When a certificate is revoked, it means that it is no longer considered valid and should not be trusted for authentication or encryption purposes. By checking the CRL, users can verify the status of a certificate and ensure its validity before relying on it for secure communication.

    Rate this question:

Quiz Review Timeline (Updated): Jul 29, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jul 29, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Feb 18, 2013
    Quiz Created by
    MrsQ

Related Topics

Recent Quizzes

BCA 6th Sem internal exam Network Security BCA 6th Sem internal exam Network Security
Network Security Exam MCQ Quiz! Network Security Exam MCQ Quiz!
DFN5033 Network Security Test Dis 2017 DFN5033 Network Security Test Dis 2017
Lesson 8: Designing Network Infrastructure and Network Security Lesson 8: Designing Network Infrastructure and Network Security
Data Communication and Network Security Data Communication and Network Security
Network Security Fundamentals Trivia Quiz Network Security Fundamentals Trivia Quiz

Featured Quizzes

Articles Quiz With Answers Articles Quiz With Answers
What Is My Talent? What Is My Talent?
What Ethnicity Do I Look Like? What Ethnicity Do I Look Like?
Are You Ready For IQ Quiz: Test Your Intelligence Now Are You Ready For IQ Quiz: Test Your Intelligence Now
Harry Potter House Quiz: Which Hogwarts House Do You Belong To? Harry Potter House Quiz: Which Hogwarts House Do You Belong To?
Best Friend Quiz: Are You Really Best Friends? Best Friend Quiz: Are You Really Best Friends?
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.