Zast 2.Kol

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Catherine Halcomb
Catherine Halcomb
Community Contributor
Quizzes Created: 1443 | Total Attempts: 6,686,485
| Attempts: 650
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/59 Questions

    Administrator Veb servera je primetio zahtev za autentifikaciju korisnika kod koga je kao vrednost lozinke postavljen sledeci tekst: ' or true; --   Najverovatnije je da je u pitanju:

    • Neispravan kod HTML formulara
    • Slaba lozinka koju je lako razbiti putem recnika
    • Pokusaj SQL injection napada
Please wait...
About This Quiz

.

Zast 2.Kol - Quiz

Quiz Preview

  • 2. 

    Koncept cupa sa medom (engl. Honeypot) podrazumeva:

    • Konzerviranje bezbednosno osetljivih resursa

    • Namamljivanje napadaca u virtualno okruzenje

    • Postavljanje vrhunske zastite oko najznacajnijih resursa

    Correct Answer
    A. Namamljivanje napadaca u virtualno okruzenje
    Explanation
    The concept of a honeypot involves luring attackers into a virtual environment. This technique is used as a cybersecurity strategy to gather information about potential threats, study attacker behavior, and protect valuable resources. By creating a tempting target that appears vulnerable, organizations can divert attackers' attention from their actual critical systems and gain insights into their tactics, techniques, and motives. This allows for better understanding and mitigation of potential risks.

    Rate this question:

  • 3. 

    Infrastrukturni servir kojim administratori mogu automatizovano da dodeljuju mrezne parametre (adresu, masku, podrazumevani mrezni prolaz, DNS servere i slicno) je:

    • DNS

    • DHCP

    • SNMP

    Correct Answer
    A. DHCP
    Explanation
    DHCP stands for Dynamic Host Configuration Protocol. It is an infrastructure service that allows administrators to automatically assign network parameters such as IP address, subnet mask, default gateway, DNS servers, etc. to devices on a network. DHCP simplifies network administration by eliminating the need for manual configuration of network settings on each individual device. Instead, devices can obtain their network parameters dynamically from a DHCP server, which reduces the administrative overhead and ensures efficient network management.

    Rate this question:

  • 4. 

    Najcesca svrha unosenja sledeceg zapisa 203.0.113.123 accounts.google.com u hosts fajl zrtve je:

    • Onemogucavanje pristupa zrtve Internetu

    • Preusmeravanje zrtve na komunikaciju sa lazim serverom

    • Izvrsavanje napada na adresu 203.0.113.123

    Correct Answer
    A. Preusmeravanje zrtve na komunikaciju sa lazim serverom
    Explanation
    The most common purpose of entering the given record in the victim's hosts file is to redirect the victim to communicate with a fake server.

    Rate this question:

  • 5. 

    Virtualne privatne mreze koje prihvataju podatke iz privatnih mreza koje povezuju na nivou okvira, odnosno paketa protkola na sloju veze podataka:

    • Funkcionisu kao IPsec sistem zastite

    • Funkcionisu kao ruteri

    • Funkcionisu kao mrezni mostovi

    Correct Answer
    A. Funkcionisu kao mrezni mostovi
    Explanation
    Virtualne privatne mreže koje prihvataju podatke iz privatnih mreža koje povezuju na nivou okvira, odnosno paketa protokola na sloju veze podataka, funkcionišu kao mrežni mostovi. Mrežni mostovi su uređaji koji povezuju mreže na istom sloju i omogućavaju prenos podataka između njih. U ovom slučaju, virtualne privatne mreže deluju kao mostovi koji omogućavaju komunikaciju između privatnih mreža na sloju veze podataka.

    Rate this question:

  • 6. 

    Termin 'hranjenje na kasicicu' (engl. spoon feeding) kod Veb aplikacija podrazumeva koriscenje:

    • Proksi servera

    • Zastitnog zida

    • HTTP protokola

    Correct Answer
    A. Proksi servera
    Explanation
    The term "hranjenje na kasicicu" refers to spoon feeding in the context of web applications. Spoon feeding involves the use of a proxy server. A proxy server acts as an intermediary between the client and the web server, allowing the client to make requests to the server indirectly through the proxy. This can be beneficial in scenarios where the client wants to access restricted or blocked content, or when the client wants to improve performance by caching frequently accessed data. Therefore, the correct answer is "Proksi servera."

    Rate this question:

  • 7. 

    Identifikator sesije je u sustini sesijski kljuc koji je:

    • Kombinacija korisnickog imena i lozinke

    • Slucajno generisan na strani servera

    • Sacinjen od IP adrese klijenta

    Correct Answer
    A. Slucajno generisan na strani servera
    Explanation
    The correct answer is "Slucajno generisan na strani servera" which means "randomly generated on the server side". This means that the session identifier is created by the server in a random manner. It is not a combination of the username and password, nor is it composed of the client's IP address. The random generation of the session identifier helps to ensure its uniqueness and security.

    Rate this question:

  • 8. 

    Za odbranu od snimanja korisnickog unosa putem tastature bolje je koristiti:

    • Bezicne tastature

    • Zicne tastature

    Correct Answer
    A. Bezicne tastature
    Explanation
    Wireless keyboards are better for protecting against keystroke logging because they do not require a physical connection to the computer. This means that it is more difficult for someone to intercept and record the keystrokes being entered. Wired keyboards, on the other hand, can be more vulnerable to keystroke logging as the connection between the keyboard and the computer can potentially be intercepted. Therefore, using wireless keyboards can provide an added layer of security for protecting user input from being recorded.

    Rate this question:

  • 9. 

    Kod otkrivanja skrivenih sekcija na serveru, napadacu moze posluziti:

    • Verzija Veb aplikacije koja se koristi

    • Fajl robots.txt

    • Identifikator sesije (session id)

    Correct Answer
    A. Fajl robots.txt
    Explanation
    The correct answer is "Fajl robots.txt". The robots.txt file is a text file that is placed on a website's server to provide instructions to web crawlers and search engine bots about which areas of the site should not be crawled or indexed. By accessing the robots.txt file, an attacker can gain information about the server's directory structure and potentially identify hidden sections or sensitive areas of the website. This information can then be used to plan and execute further attacks.

    Rate this question:

  • 10. 
    Prikazana sema stanja odnosi se na:  - ProProfs

    Prikazana sema stanja odnosi se na: 

    • Intervjuisanje

    • Socijalni inzenjering

    • Proveru probojnosti

    Correct Answer
    A. Proveru probojnosti
    Explanation
    The given state diagram represents "Proveru probojnosti" which translates to "Penetration testing" in English. Penetration testing is a method of assessing the security of a system by simulating an attack to identify vulnerabilities. The state diagram likely illustrates the different stages or steps involved in conducting a penetration test.

    Rate this question:

  • 11. 

    Primena Wired Equivalent Privacy protkola u bezicnim privatnim racunarskim mrezama je: 

    • Jos uvek nerasprostranjena zbog slozenosti upotrebe

    • Prevazidjena i ne preporucuje se

    • Preporucena i najcesce koriscena bezbednosna opcija

    Correct Answer
    A. Prevazidjena i ne preporucuje se
    Explanation
    The given answer states that the use of the Wired Equivalent Privacy protocol in wireless private computer networks is outdated and not recommended. This implies that the protocol is no longer considered secure or effective in protecting the network from unauthorized access. Therefore, it is not recommended to use this protocol anymore.

    Rate this question:

  • 12. 

    Preotimanje sesije (engl. session hijacking) kod Veb aplikacija je postupak  kod koga:

    • Napadac onemogucava autentifikaciju regularnog korisnika

    • Napadac preuzima ulogu korisnika koji se regularno autentifikovao

    • Napadac onemogucava regularno autentifikovanom korisniku da pristupi serveru

    Correct Answer
    A. Napadac preuzima ulogu korisnika koji se regularno autentifikovao
    Explanation
    Session hijacking is a process where an attacker takes over the role of a legitimately authenticated user. This means that the attacker gains unauthorized access to the user's session and can perform actions on behalf of the user without their knowledge or consent. This can lead to various malicious activities such as stealing sensitive information, manipulating data, or performing unauthorized transactions. The attacker essentially impersonates the authenticated user, allowing them to exploit their privileges and potentially cause harm.

    Rate this question:

  • 13. 

    Da bi se sprecio napada trovanja kesa DNS servera potrebno je:

    • Digitalno potpisati odgovore servera

    • Iskljuciti upotrebu hosts fajlova

    • Koristiti DNS softver renomiranih proizvodjaca

    Correct Answer
    A. Digitalno potpisati odgovore servera
    Explanation
    To prevent poisoning attacks on DNS servers, it is necessary to digitally sign the server's responses. This ensures the authenticity and integrity of the responses, making it difficult for attackers to manipulate the DNS data and redirect users to malicious websites. By digitally signing the responses, the server can provide a cryptographic proof that the data has not been tampered with, increasing the security of the DNS system.

    Rate this question:

  • 14. 

    U praksi, napadaci cesto nisu u mogucnosti da samostalno iscrpe odredjeni resurs, vec im je za to potrebna pomoc veceg broja racunara. Napadi u kojima ucestvuje veci broj racunara nazivaju se:

    • Multiplikovani napadi

    • Distribuirani napadi

    • Amplifikovani napadi

    Correct Answer
    A. Distribuirani napadi
    Explanation
    Distribuirani napadi su napadi u kojima učestvuje veći broj računara. U praksi, napadači često nemaju dovoljno resursa da samostalno iscrpe određeni resurs, pa im je potrebna pomoć većeg broja računara. Kada se koristi više računara za izvršavanje napada, povećava se i snaga napada, što čini distribuirane napade veoma efikasnim i opasnim.

    Rate this question:

  • 15. 

    U odbranu od SQL injection napada kod Veb aplikacija potrebno je:

    • Normalizovati ulazne podatke

    • Instalirati zastitni zid izmedju servera i korisnika

    • Koristiti HTTPS umesto HTTP protokola

    Correct Answer
    A. Normalizovati ulazne podatke
    Explanation
    Normalizacija ulaznih podataka je važan korak u odbrani od SQL injection napada kod Veb aplikacija. Ovaj proces podrazumeva proveru, filtriranje i validaciju svih unetih podataka kako bi se osiguralo da su ispravni i bezbedni za dalju obradu. Normalizacija može uključivati uklanjanje specijalnih karaktera, enkodiranje podataka ili korišćenje parametrizovanih upita kako bi se sprečilo ubacivanje zlonamernog SQL koda. Ova mera pomaže u sprečavanju napadača da iskoriste ranjivosti u unosu podataka i izvrše neovlaštene SQL upite na bazi podataka.

    Rate this question:

  • 16. 

    Za izvrsavanje sledece  naredbe: ping -f 192.168.60.60 na Linuks sistemima je potreban: 

    • Iskljucen IP protokol u jezgru

    • Administratorski nalog

    • Mrezni interfejs u promiskuitetnom rezimu rada

    Correct Answer
    A. Administratorski nalog
    Explanation
    The correct answer is "Administratorski nalog" because executing the ping command with the -f flag (force option) on Linux systems requires administrative privileges. This is because the -f flag sends ping packets at a very high rate, which can potentially overwhelm the network and cause disruption. Therefore, only users with administrative access are allowed to use this option to prevent misuse or unauthorized network disruptions.

    Rate this question:

  • 17. 

    Virtualne privatne mreze (VPN) koriste se za:

    • Povezivanje virtualnih masina

    • Pravljenje virtualnih privatnih mreza na jedinstvenoj fizickoj infrastrukturi

    • Bezbedno povezivanje udaljenih privatnih mreza

    Correct Answer
    A. Bezbedno povezivanje udaljenih privatnih mreza
    Explanation
    VPN koriste se za bezbedno povezivanje udaljenih privatnih mreža. VPN omogućava enkripciju podataka koji se prenose preko javne mreže, što osigurava privatnost i sigurnost komunikacije između udaljenih mreža. Ovo je posebno korisno za organizacije koje imaju više poslovnih lokacija ili za pojedince koji žele sigurno pristupiti svojoj privatnoj mreži dok su van nje.

    Rate this question:

  • 18. 

    Za odbranu od SQL injection napada kod Veb aplikacija potrebno je:

    • Instalirati zastitni zid izmedju servera i korisnika 

    • Koristiti HTTPS umesto HTTP protokola

    • Normalizovati ulazne podatke

    Correct Answer
    A. Normalizovati ulazne podatke
    Explanation
    To defend against SQL injection attacks in web applications, it is necessary to normalize input data. Normalizing input data involves validating and sanitizing user inputs to ensure they adhere to expected formats and do not contain any malicious code or characters that could be used to exploit vulnerabilities in the application's database. By normalizing input data, the risk of SQL injection attacks can be significantly reduced as the application can effectively handle and process user inputs without compromising the security of the underlying database.

    Rate this question:

  • 19. 

    Ping poplava (eng. ping flood) je tip napada za cije se izvrsavanje koristi:

    • TCP protokol

    • HTTP protokol

    • ICMP protokol

    Correct Answer
    A. ICMP protokol
    Explanation
    Ping flood (or ping poplava in Serbian) is a type of attack that utilizes the ICMP (Internet Control Message Protocol) protocol. ICMP is primarily used for diagnostic purposes and error reporting in IP networks. In a ping flood attack, the attacker overwhelms the target system with a large number of ICMP echo request packets (ping) in a short period of time. This flood of requests can cause the target system to become unresponsive or crash, leading to a denial of service (DoS) situation. Therefore, the correct answer is ICMP protocol.

    Rate this question:

  • 20. 

    Veb servis je postao najkorisceniji servis Internet mreze, pre svega zahvaljujuci:

    • Omogucavanju koriscenja drugih servisa kao svojih podservisa

    • Visokom nivou bezbednosti koji nudi

    • Podrazumevano ukljucenom sifrovanju podataka koji se prenose

    Correct Answer
    A. Omogucavanju koriscenja drugih servisa kao svojih podservisa
    Explanation
    Veb servis je postao najkorisceniji servis Internet mreze zahvaljujući omogućavanju korišćenja drugih servisa kao svojih podservisa. Ova funkcionalnost omogućava Veb servisu da integriše druge servise i koristi njihove funkcionalnosti kako bi pružio bogatije i više personalizovano iskustvo korisnicima. Otvorenost i fleksibilnost Veb servisa omogućavaju razvoj različitih aplikacija i usluga koje koriste različite servise i omogućavaju korisnicima da prilagode svoje iskustvo prema svojim potrebama.

    Rate this question:

  • 21. 

    Izolovanih privatnih racunarskih mreza (koje nemaju vezu sa Internetom) danas je:

    • Oko 80%, konstantno

    • Sve vise

    • Sve manje

    Correct Answer
    A. Sve manje
    Explanation
    The correct answer is "Sve manje" which translates to "Decreasing". This suggests that the number of isolated private computer networks that do not have internet connection is decreasing. This could be due to the increasing need for internet connectivity in today's digital age, where most businesses and individuals rely heavily on the internet for communication, information, and various online services.

    Rate this question:

  • 22. 

    Primer alata za otkrivanje propusta je:

    • Metasploit

    • Kissmet

    • Honeypot

    Correct Answer
    A. Metasploit
    Explanation
    Metasploit is the correct answer as it is a popular and widely used tool for detecting vulnerabilities in computer systems. It provides a comprehensive framework for penetration testing and vulnerability assessment. With a vast collection of exploits and payloads, Metasploit enables security professionals to identify and exploit weaknesses in a system's defenses. It also offers features like post-exploitation modules and social engineering tools, making it an essential tool in the arsenal of ethical hackers and security researchers.

    Rate this question:

  • 23. 

    Da bi uspesno izvrsio preootimanje sesije (engl. session hijacking) kod Veb aplikacija napadac mora da zna vrednost:

    • Identifikatora sesije (engl. session id)

    • Korisnickog imena i lozinke regularnog korisnika

    • Porta koji se koristi na strani klijenta

    Correct Answer
    A. Identifikatora sesije (engl. session id)
    Explanation
    To successfully perform session hijacking in web applications, an attacker needs to know the value of the session identifier (session id). The session id is a unique identifier assigned to each user's session, allowing the server to differentiate between different users. By obtaining the session id, an attacker can impersonate the user and gain unauthorized access to their session, potentially compromising sensitive information and performing malicious actions on their behalf.

    Rate this question:

  • 24. 

    Virtualne privatne mreze (VPN) omogucavaju:

    • Verodostojnost

    • Poverljivost

    • Dostupnost

    Correct Answer(s)
    A. Verodostojnost
    A. Poverljivost
    Explanation
    Virtual private networks (VPNs) provide both authenticity and confidentiality. Authenticity ensures that the data being transmitted is from a trusted source and has not been tampered with. Confidentiality ensures that the data remains private and cannot be accessed by unauthorized parties. VPNs achieve this by encrypting the data and establishing a secure connection between the user's device and the network. This allows users to securely access and transmit sensitive information over public networks, such as the internet. VPNs do not directly provide availability, which refers to the accessibility and reliability of the network itself.

    Rate this question:

  • 25. 

    Postavljanje sledeceg koda u formular HTML stranice: <input type="file" value="C:\Users\AJ\zrm.pdf" style="display: none" /> imace sledeci efekat:

    • Prilikom slanja formulara bice ukraden i fajl od klijenta

    • Kradja fajla ce biti sprecena jer nisu dozvoljene podrazumevane vrednosti za kontrole za slanje fajlova

    • Kradja fajla ce biti sprecena jer nije dozvoljeno skrivanje kontrole za slanje fajlova

    Correct Answer
    A. Prilikom slanja formulara bice ukraden i fajl od klijenta
    Explanation
    The given code snippet includes an input element of type "file" with a specified value attribute. This value attribute is set to a specific file path on the client's computer ("C:\Users\AJ\zrm.pdf"). However, the "value" attribute of a file input element is read-only and cannot be set programmatically due to security reasons. Therefore, when the form is submitted, the actual file that will be uploaded is determined by the user's selection and not by the value attribute. Thus, the statement "Prilikom slanja formulara bice ukraden i fajl od klijenta" is incorrect.

    Rate this question:

  • 26. 

    Napad koji se zasniva na mogucnosti napadaca da 'pinguje' (salje ICMP zahteve) emisionu adresu mreze, odnosno sve racunare u lokalnoj mrezi, kao i da u tim zahtevima lazira izvrsnu adresu, tj. da kao izvor zahteva navede racunar na koji vrsi napad, naziva se:

    • Denial of Service (DoS)

    • Smurf napad

    • Session hijacking

    Correct Answer
    A. Smurf napad
    Explanation
    A smurf attack is a type of attack where the attacker sends ICMP requests (ping) to the broadcast address of a network, causing all the computers in the local network to respond to the victim's IP address. The attacker also spoofs the source address in the requests, making it appear as if the requests are coming from the victim's computer. This flood of responses overwhelms the victim's network, causing a denial of service.

    Rate this question:

  • 27. 

    Napad pod nazivom 'zabadanje nosa u kes DNS servera' (engl. DNS Cache Snooping) ima za cilj da:

    • Krajnjem korisniku DNS servisa poturi lazne podatke

    • Utvrdi kojim domenima su korisnici pristupali

    • Izmeni sadrzaj hosts fajla na racunarima korisnika

    Correct Answer
    A. Utvrdi kojim domenima su korisnici pristupali
    Explanation
    The correct answer is "Utvrdi kojim domenima su korisnici pristupali" which means "Determine which domains users have accessed". This suggests that the purpose of the attack called "DNS Cache Snooping" is to gather information about the domains that users have accessed.

    Rate this question:

  • 28. 
    Napad prikazan na sldecoj slici koji koristi ICMP protkol naziva se: - ProProfs

    Napad prikazan na sldecoj slici koji koristi ICMP protkol naziva se:

    • Smurf napad

    • ICMP broadcast napad

    • Ethernet Comutator Amplification napad

    Correct Answer
    A. Smurf napad
    Explanation
    The correct answer is Smurf napad. A Smurf attack is a type of DDoS attack that uses ICMP (Internet Control Message Protocol) packets to flood a target network with a large volume of traffic. The attacker sends ICMP echo requests (ping) to a broadcast IP address, spoofing the source IP address to be the victim's IP address. This causes all the devices on the network to respond to the victim's IP address, overwhelming it with traffic and potentially causing it to become unavailable.

    Rate this question:

  • 29. 

    Kod razresavanja imena domena prednost ima:

    • DNS server

    • Korisnik sam odredjuje za pojedinacne upite

    • Hosts fajl

    Correct Answer
    A. DNS server
    Explanation
    When resolving domain names, the DNS server has the advantage. It is responsible for translating domain names into IP addresses, allowing users to access websites and other online services. The DNS server maintains a database of domain names and their corresponding IP addresses, allowing it to quickly and efficiently resolve queries. On the other hand, the user determining individual queries or the hosts file are not as efficient or comprehensive as the DNS server in resolving domain names.

    Rate this question:

  • 30. 

    Napad ilustrovan sledecim psudo-kodom: dok god DHCP server vraca IP adresu: { preuzmi adresu od DHCP servera povecaj MAC adresu mreznog interfejsa za 1 } poznat je pod nazivom:

    • Multi-mac-attack, mma

    • Starvation atack

    • Napad laznim DHCP serverom

    Correct Answer
    A. Starvation atack
    Explanation
    The given pseudocode suggests that the attacker continuously requests IP addresses from the DHCP server, causing it to run out of available addresses for legitimate clients. This type of attack is known as a "Starvation attack." The attacker is essentially starving the DHCP server by continuously requesting IP addresses, making it unable to allocate addresses to other devices on the network.

    Rate this question:

  • 31. 

    Sistem za sifrovanje podataka u bezicnim virtualnim mrezama koji koristi AES algoritam, naziva se:

    • WPA

    • WEP

    • WPA2

    Correct Answer
    A. WPA2
    Explanation
    The correct answer is WPA2. WPA2 is a system for encrypting data in wireless virtual networks that uses the AES algorithm. WPA and WEP are also encryption systems used in wireless networks, but WPA2 is considered more secure and advanced compared to WPA and WEP.

    Rate this question:

  • 32. 

    Podaci iz baze podataka sa kojom radi DNS server uglavnom:

    • Jesu strogo poverljivi

    • Nisu kategorisani po pitanju poverljivosti

    • Nisu strogo poverljivi

    Correct Answer
    A. Nisu strogo poverljivi
    Explanation
    The given correct answer states that the data from the database that the DNS server works with is not strictly confidential. This means that the data is not highly sensitive or classified, and there may be some level of accessibility or transparency in its handling.

    Rate this question:

  • 33. 

    U situaciji kada clanovi dve udaljene mreze, koje koriste 192.168.1.0/24 i 192.168.2.0/24 opsege adresa, a povezane su Internetom, zele da komuniciraju direktno, moguca resenja su:  

    • VPN tunelovanje

    • VLAN

    • Rutiranje

    • Koriscenje  SNAT i Port Forwarding mehanizama

    Correct Answer
    A. VPN tunelovanje
    Explanation
    In this situation, where members of two distant networks, using 192.168.1.0/24 and 192.168.2.0/24 address ranges, want to communicate directly, VPN tunneling is a possible solution. VPN (Virtual Private Network) tunneling creates a secure and encrypted connection over the internet, allowing the two networks to communicate as if they were directly connected. This ensures the confidentiality and integrity of the communication between the two networks.

    Rate this question:

  • 34. 

    Za uspesno koriscenje Port Security bezbednosne funkcije neophodno je: 

    • Da se koristi L3 komutator

    • Da su na komutatoru ispravno podeljene uloge portovima

    • Da se definisu bezbedni portovi iz opsega 0-65535

    Correct Answer
    A. Da su na komutatoru ispravno podeljene uloge portovima
    Explanation
    To successfully use the Port Security security feature, it is necessary to correctly assign roles to the ports on the switch.

    Rate this question:

  • 35. 

    Ogranicenje kod Internet domena je:

    • 63 segmenata, 127 znakova po segmentu, 255 znakova ukupno

    • 255 segmenata, 127 znakova po segmentu, 63 znakova ukupno

    • 127 segmenata, 63 znakova po segmentu, 255 znakova ukupno

    Correct Answer
    A. 127 segmenata, 63 znakova po segmentu, 255 znakova ukupno
    Explanation
    The correct answer is 127 segmenata, 63 znakova po segmentu, 255 znakova ukupno. This is because the maximum length for an Internet domain name is 255 characters, which includes the periods between segments. Each segment can have a maximum of 63 characters. Therefore, there can be up to 127 segments in a domain name.

    Rate this question:

  • 36. 

    Pod zastitom medjumreznih komunikacija podrazumeva se bezbedno povezivanje:

    • Dve nesusedne mreze preko bezbednih komunikacionih kanala

    • Dve susedne racunarske mreze

    • Dve nesusedne mreze preko nebezbednih komunikacionih kanala

    Correct Answer
    A. Dve nesusedne mreze preko nebezbednih komunikacionih kanala
    Explanation
    Under the protection of inter-network communication, it is assumed that there is a secure connection between two non-adjacent networks through insecure communication channels.

    Rate this question:

  • 37. 

    Privatne racunarske mreze uglavnom smatraju bezbednim, na osnovu:

    • Vlasnistva nad svim kanalima i opremom

    • Upotrebe sifarskih mehanizama

    • Koriscenja iskljucivo zicnih tehnlogija

    Correct Answer
    A. Vlasnistva nad svim kanalima i opremom
    Explanation
    Private computer networks are generally considered secure based on ownership of all channels and equipment. This means that the organization or individual who owns the network has control over all the communication channels and the equipment used in the network. This control allows them to implement security measures and protocols to protect the network from unauthorized access and ensure the confidentiality, integrity, and availability of the data transmitted through the network. By having ownership over all the channels and equipment, they can also monitor and manage the network more effectively, further enhancing its security.

    Rate this question:

  • 38. 

    Napad u Eternet mrezama kod koga napadac drugim clanovima prijavljuje fizicke adrese clanova kao svoje naziva se:

    • ARP Cache Poisoning

    • ARP Spoofing

    • Napad na STP protkol

    • Prepunjavanje adresne memorije komutatora

    • VLAN hopping

    Correct Answer(s)
    A. ARP Cache Poisoning
    A. ARP Spoofing
    Explanation
    ARP Cache Poisoning, also known as ARP Spoofing, is a type of attack in Ethernet networks where an attacker falsely associates their own MAC address with the IP address of another network device. By doing this, the attacker can intercept and modify network traffic, leading to potential security breaches and unauthorized access to sensitive information. This attack takes advantage of the Address Resolution Protocol (ARP) to manipulate the ARP cache of the network devices, causing them to send data to the attacker instead of the intended recipient.

    Rate this question:

  • 39. 
    Napad prikazan na sledecoj slici naziva se:  - ProProfs

    Napad prikazan na sledecoj slici naziva se: 

    • Prepunjavanje adresne memorije komutatora

    • VLAN hopping

    • ARP Cache Poisoning

    • Napad na STP protokol

    • ARP Spoofing

    Correct Answer(s)
    A. ARP Cache Poisoning
    A. ARP Spoofing
    Explanation
    The correct answer is ARP Cache Poisoning, ARP Spoofing. These terms refer to a type of network attack where an attacker sends falsified Address Resolution Protocol (ARP) messages to the network, tricking the devices into associating the attacker's MAC address with the IP address of another legitimate device. This allows the attacker to intercept and manipulate network traffic, potentially leading to unauthorized access or data theft.

    Rate this question:

  • 40. 

    Metod pod nazivom Blueprinting koristi se za 'uzimanje otisaka prsta' uredjaja sa podrskom za Bluetooth umrezavanje, odnosno za:                                

    • Identifikaciju korisnika putem biometrijskih parametara

    • Identifikaciju uredjaja na osnovu fizicke adrese

    • Preuzimanje bezbednosnih parametara sa uredjaja

    Correct Answer
    A. Identifikaciju uredjaja na osnovu fizicke adrese
    Explanation
    Blueprinting is a method used to obtain the fingerprint of a device with Bluetooth support. This method is used to identify devices based on their physical address, not for user identification or downloading security parameters.

    Rate this question:

  • 41. 

    Primena 802.1X protokola u bezicnim privatnim racunarskim mrezama zasniva se na:

    • Virtualnim privatnim mrezama

    • Koriscenju digitalnih sertifikata

    • Lozinkama duzine od 8 do 64 bajta

    Correct Answer
    A. Koriscenju digitalnih sertifikata
    Explanation
    The use of digital certificates is the basis for implementing the 802.1X protocol in wireless private computer networks. Digital certificates are used to authenticate and verify the identity of network devices and users. They provide a secure and reliable way to establish trust and ensure that only authorized devices and users can access the network. By using digital certificates, the 802.1X protocol enhances the security of wireless networks by preventing unauthorized access and protecting against potential threats.

    Rate this question:

  • 42. 

    Poverljivost i verodostojnost podataka koji se prenose virtualnim privatnim mezama postize se:

    • Slanjem paketa razlicitim putanjama

    • Koriscenjem bezbednih komunikacionih kanala

    • Digitalnim potpisivanjem

    • Sifrovanjem

    Correct Answer(s)
    A. Digitalnim potpisivanjem
    A. Sifrovanjem
    Explanation
    The correct answer is digital signing and encryption. Digital signing ensures the authenticity and integrity of the data being transmitted by using a digital signature. This verifies that the data has not been tampered with and is coming from a trusted source. Encryption, on the other hand, ensures the confidentiality of the data by encoding it in a way that can only be deciphered by authorized parties. By combining these two methods, the data transmitted through virtual private networks can be both confidential and trustworthy.

    Rate this question:

  • 43. 

    Napad na Veb aplikacije kod koga napadac posebnim zahtevima umece sopstveni sadrzaj u rezultat koji ce server vratiti je:

    • Napad umetanja sadrzaja (engl. Content Insertion Attack, CIA)

    • Umetanje SQL koda (engl. SQL injection)

    • Unakrsno skriptovanje (engl. Cross Site Scripting, XSS)

    Correct Answer
    A. Unakrsno skriptovanje (engl. Cross Site Scripting, XSS)
    Explanation
    The correct answer is "Cross Site Scripting (XSS)". This is a type of attack where the attacker is able to inject malicious scripts into a website, which are then executed by the users' browsers. This allows the attacker to steal sensitive information, manipulate website content, or redirect users to malicious websites. In this case, the attacker is able to insert their own content into the server's response by exploiting vulnerabilities in the web application.

    Rate this question:

  • 44. 

    Napad u Eternet mrezama kod koga napadac salje okvire sa tzv. dvostrukim oznakama (double tagging) naziva se:

    • Napad na STP protkol

    • ARP Cache Poisoning

    • Prepunjavanje adresne memorije komutatora

    • VLAN hopping

    • ARP Spoofing

    Correct Answer
    A. VLAN hopping
    Explanation
    VLAN hopping is a type of attack in Ethernet networks where an attacker sends frames with double tagging, also known as double encapsulation. This allows the attacker to bypass the security measures in place and gain unauthorized access to different VLANs. By sending frames with multiple VLAN tags, the attacker tricks the switch into forwarding the frames to a different VLAN than intended, giving them access to sensitive information and resources. This attack takes advantage of vulnerabilities in the VLAN configuration and can be used to gain unauthorized access or perform other malicious activities within the network.

    Rate this question:

  • 45. 
    Napad ciji je rezultat prikazan na sledecoj slici podrazumevano je od strane napadaca izvrsena putem:   - ProProfs

    Napad ciji je rezultat prikazan na sledecoj slici podrazumevano je od strane napadaca izvrsena putem:  

    • Umetanja virusa na klijentske racunare

    • Izmene konfiguracije na DHCP serveru

    • Brzog slanja odgovora klijentima na DHCP zahteve

    Correct Answer
    A. Izmene konfiguracije na DHCP serveru
    Explanation
    The correct answer is "Izmene konfiguracije na DHCP serveru" (Changes in DHCP server configuration). This means that the attack depicted in the picture is executed by the attacker making modifications to the DHCP server's configuration. This could involve altering the IP address range, assigning malicious DNS servers, or other changes that can affect the network's functionality and security.

    Rate this question:

  • 46. 

    Bezicna pristupna tacka za IEEE 802.11 tehnologiju se po nacinu logici prosledjivanja okvira moze uporediti sa:

    • Ruterom

    • Eternet habom

    • Eternet komutatorom

    Correct Answer
    A. Eternet habom
    Explanation
    A wireless access point for IEEE 802.11 technology can be compared to an Ethernet hub in terms of the way it forwards frame logic. Both the wireless access point and the Ethernet hub operate at the physical layer of the network and simply broadcast incoming frames to all connected devices without any intelligence to determine the destination. This is in contrast to an Ethernet switch, which operates at the data link layer and uses MAC addresses to selectively forward frames to the appropriate destination device.

    Rate this question:

  • 47. 

    U tri osnovna metoda za procenu bezbednosti odredjnog racunarskog sistema ili racunarske mreze spadaju:

    • Ispitivanje

    • Zamena zaposlenih

    • Spijuniranje sistema

    • Bezbednosna provera

    • Intervjuisanje

    • Socijalni inzenjering

    Correct Answer(s)
    A. Ispitivanje
    A. Bezbednosna provera
    A. Intervjuisanje
    Explanation
    The three basic methods for assessing the security of a computer system or network are testing, security auditing, and interviewing. Testing involves actively probing the system to identify vulnerabilities and weaknesses. Security auditing involves conducting a thorough examination of the system's security measures and controls. Interviewing involves speaking with individuals who have knowledge of the system to gather information about its security practices. These methods collectively provide a comprehensive evaluation of the system's security posture.

    Rate this question:

  • 48. 

    Primer normalizacije ulaznih vrednosti u Veb aplikaciju kroz insistiranje na tipu, a k_________  odbrana od SQL injection napada je: (ne vidi se celo pitanje pa se ne zna sta je odgooovor, ali otprilike izgleda ovako)

    • $starost = (int) $_POST['starost'];

    • $lozinka = md5($_POST['lozinka']);

    • $ime = mysq_real_escape($_POST['korisnik'];

    Correct Answer
    A. $starost = (int) $_POST['starost'];
    Explanation
    The given code snippet is an example of input value normalization in a web application. It demonstrates how the input values are being processed and sanitized to prevent SQL injection attacks. In this case, the code is casting the "starost" input value to an integer using "(int)" to ensure that it is a valid numerical value. This helps to prevent any malicious input that could potentially exploit the application.

    Rate this question:

  • 49. 

    Bezbednosna prosirenja sistema domenskih imena (engl. Domain Name System Security Extensions, DNSSEC) krajnjim korisnicima prvenstveno omogucavaju:

    • Verodostojnost

    • Dostupnost

    • Poverljivost

    Correct Answer
    A. Verodostojnost
    Explanation
    DNSSEC (Domain Name System Security Extensions) primarily provide end users with authenticity. This means that DNSSEC ensures that the information received from DNS servers has not been tampered with and comes from a trusted source. It uses digital signatures to verify the authenticity of DNS data, preventing DNS spoofing and other malicious activities. By ensuring authenticity, DNSSEC helps users trust the information they receive from the DNS system, enhancing the security and reliability of their online activities.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jan 06, 2020
    Quiz Created by
    Catherine Halcomb
Back to Top Back to top
Advertisement