Zast 2.Kol

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Catherine Halcomb

Catherine Halcomb

Community Contributor

Quizzes Created: 1428 | Total Attempts: 5,929,130

Questions: 59 | Attempts: 550 | Updated: Mar 21, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Questions and Answers

1.

Bezbednosna funkcija na komutatorima, poznata pod nazivom Port Security omogucava odbranu od sledecih tipova napada:
- A.
  
  DHCP starvation attack
- B.
  
  DoS
- C.
  
  ARP spoofing
- D.
  
  Laziranje IEEE 802.1X sertifikata
- E.
  
  Prepunjavanje memorije komutatora
Correct Answer(s)
A. DHCP starvation attack
E. Prepunjavanje memorije komutatora

Explanation
Port Security is a security feature on switches that allows defense against unauthorized access and various types of attacks. DHCP starvation attack is a type of attack where an attacker exhausts the available IP addresses on a DHCP server, preventing legitimate devices from obtaining an IP address. Memory overflow on a switch occurs when the switch's memory is overwhelmed with excessive traffic or data, causing it to become unresponsive or crash. By implementing Port Security, switches can protect against both DHCP starvation attacks and memory overflow attacks by limiting the number of MAC addresses allowed on a specific port.

Rate this question:
2.

Identifikator sesije je u sustini sesijski kljuc koji je:
- A.
  
  Kombinacija korisnickog imena i lozinke
- B.
  
  Slucajno generisan na strani servera
- C.
  
  Sacinjen od IP adrese klijenta
Correct Answer
B. Slucajno generisan na strani servera

Explanation
The correct answer is "Slucajno generisan na strani servera" which means "randomly generated on the server side". This means that the session identifier is created by the server in a random manner. It is not a combination of the username and password, nor is it composed of the client's IP address. The random generation of the session identifier helps to ensure its uniqueness and security.

Rate this question:
3.

Za odbranu od snimanja korisnickog unosa putem tastature bolje je koristiti:
- A.
  
  Bezicne tastature
- B.
  
  Zicne tastature
Correct Answer
A. Bezicne tastature

Explanation
Wireless keyboards are better for protecting against keystroke logging because they do not require a physical connection to the computer. This means that it is more difficult for someone to intercept and record the keystrokes being entered. Wired keyboards, on the other hand, can be more vulnerable to keystroke logging as the connection between the keyboard and the computer can potentially be intercepted. Therefore, using wireless keyboards can provide an added layer of security for protecting user input from being recorded.

Rate this question:
4.

Virtualne privatne mreze (VPN) omogucavaju:
- A.
  
  Verodostojnost
- B.
  
  Poverljivost
- C.
  
  Dostupnost
Correct Answer(s)
A. Verodostojnost
B. Poverljivost

Explanation
Virtual private networks (VPNs) provide both authenticity and confidentiality. Authenticity ensures that the data being transmitted is from a trusted source and has not been tampered with. Confidentiality ensures that the data remains private and cannot be accessed by unauthorized parties. VPNs achieve this by encrypting the data and establishing a secure connection between the user's device and the network. This allows users to securely access and transmit sensitive information over public networks, such as the internet. VPNs do not directly provide availability, which refers to the accessibility and reliability of the network itself.

Rate this question:
5.

Infrastrukturni servir kojim administratori mogu automatizovano da dodeljuju mrezne parametre (adresu, masku, podrazumevani mrezni prolaz, DNS servere i slicno) je:
- A.
  
  DNS
- B.
  
  DHCP
- C.
  
  SNMP
Correct Answer
B. DHCP

Explanation
DHCP stands for Dynamic Host Configuration Protocol. It is an infrastructure service that allows administrators to automatically assign network parameters such as IP address, subnet mask, default gateway, DNS servers, etc. to devices on a network. DHCP simplifies network administration by eliminating the need for manual configuration of network settings on each individual device. Instead, devices can obtain their network parameters dynamically from a DHCP server, which reduces the administrative overhead and ensures efficient network management.

Rate this question:
6.

U praksi, napadaci cesto nisu u mogucnosti da samostalno iscrpe odredjeni resurs, vec im je za to potrebna pomoc veceg broja racunara. Napadi u kojima ucestvuje veci broj racunara nazivaju se:
- A.
  
  Multiplikovani napadi
- B.
  
  Distribuirani napadi
- C.
  
  Amplifikovani napadi
Correct Answer
B. Distribuirani napadi

Explanation
Distribuirani napadi su napadi u kojima učestvuje veći broj računara. U praksi, napadači često nemaju dovoljno resursa da samostalno iscrpe određeni resurs, pa im je potrebna pomoć većeg broja računara. Kada se koristi više računara za izvršavanje napada, povećava se i snaga napada, što čini distribuirane napade veoma efikasnim i opasnim.

Rate this question:
7.

Ping poplava (eng. ping flood) je tip napada za cije se izvrsavanje koristi:
- A.
  
  TCP protokol
- B.
  
  HTTP protokol
- C.
  
  ICMP protokol
Correct Answer
C. ICMP protokol

Explanation
Ping flood (or ping poplava in Serbian) is a type of attack that utilizes the ICMP (Internet Control Message Protocol) protocol. ICMP is primarily used for diagnostic purposes and error reporting in IP networks. In a ping flood attack, the attacker overwhelms the target system with a large number of ICMP echo request packets (ping) in a short period of time. This flood of requests can cause the target system to become unresponsive or crash, leading to a denial of service (DoS) situation. Therefore, the correct answer is ICMP protocol.

Rate this question:
8.

Napadac koji se u privatnoj mrezi lazno predstavi kao DHCP server time direktno dobija mogucnost da:
- A.
  
  Obustavlja rad komutatora prepunjavanjem memorije
- B.
  
  Preusmerava korisnike na lazni DNS server
- C.
  
  Posreduje u komunikaciji izmedju clanova privatne i spoljne mreze
- D.
  
  Posreduje u komunikaciji izmedju clanova privatne mreze medjusobno
- E.
  
  Cita podatke sa hard-diskova obmanutih racunara
Correct Answer(s)
B. Preusmerava korisnike na lazni DNS server
C. Posreduje u komunikaciji izmedju clanova privatne i spoljne mreze

Explanation
The attacker, by falsely impersonating a DHCP server in a private network, gains the ability to redirect users to a fake DNS server and also mediate communication between members of the private network and the external network.

Rate this question:
9.

Koncept cupa sa medom (engl. Honeypot) podrazumeva:
- A.
  
  Konzerviranje bezbednosno osetljivih resursa
- B.
  
  Namamljivanje napadaca u virtualno okruzenje
- C.
  
  Postavljanje vrhunske zastite oko najznacajnijih resursa
Correct Answer
B. Namamljivanje napadaca u virtualno okruzenje

Explanation
The concept of a honeypot involves luring attackers into a virtual environment. This technique is used as a cybersecurity strategy to gather information about potential threats, study attacker behavior, and protect valuable resources. By creating a tempting target that appears vulnerable, organizations can divert attackers' attention from their actual critical systems and gain insights into their tactics, techniques, and motives. This allows for better understanding and mitigation of potential risks.

Rate this question:
10.

Kod otkrivanja skrivenih sekcija na serveru, napadacu moze posluziti:
- A.
  
  Verzija Veb aplikacije koja se koristi
- B.
  
  Fajl robots.txt
- C.
  
  Identifikator sesije (session id)
Correct Answer
B. Fajl robots.txt

Explanation
The correct answer is "Fajl robots.txt". The robots.txt file is a text file that is placed on a website's server to provide instructions to web crawlers and search engine bots about which areas of the site should not be crawled or indexed. By accessing the robots.txt file, an attacker can gain information about the server's directory structure and potentially identify hidden sections or sensitive areas of the website. This information can then be used to plan and execute further attacks.

Rate this question:
11.

Za uspesno koriscenje Port Security bezbednosne funkcije neophodno je:
- A.
  
  Da se koristi L3 komutator
- B.
  
  Da su na komutatoru ispravno podeljene uloge portovima
- C.
  
  Da se definisu bezbedni portovi iz opsega 0-65535
Correct Answer
B. Da su na komutatoru ispravno podeljene uloge portovima

Explanation
To successfully use the Port Security security feature, it is necessary to correctly assign roles to the ports on the switch.

Rate this question:
12.

Ogranicenje kod Internet domena je:
- A.
  
  63 segmenata, 127 znakova po segmentu, 255 znakova ukupno
- B.
  
  255 segmenata, 127 znakova po segmentu, 63 znakova ukupno
- C.
  
  127 segmenata, 63 znakova po segmentu, 255 znakova ukupno
Correct Answer
C. 127 segmenata, 63 znakova po segmentu, 255 znakova ukupno

Explanation
The correct answer is 127 segmenata, 63 znakova po segmentu, 255 znakova ukupno. This is because the maximum length for an Internet domain name is 255 characters, which includes the periods between segments. Each segment can have a maximum of 63 characters. Therefore, there can be up to 127 segments in a domain name.

Rate this question:
13.

Napad pod nazivom 'zabadanje nosa u kes DNS servera' (engl. DNS Cache Snooping) ima za cilj da:
- A.
  
  Krajnjem korisniku DNS servisa poturi lazne podatke
- B.
  
  Utvrdi kojim domenima su korisnici pristupali
- C.
  
  Izmeni sadrzaj hosts fajla na racunarima korisnika
Correct Answer
B. Utvrdi kojim domenima su korisnici pristupali

Explanation
The correct answer is "Utvrdi kojim domenima su korisnici pristupali" which means "Determine which domains users have accessed". This suggests that the purpose of the attack called "DNS Cache Snooping" is to gather information about the domains that users have accessed.

Rate this question:
14.

U odbranu od SQL injection napada kod Veb aplikacija potrebno je:
- A.
  
  Normalizovati ulazne podatke
- B.
  
  Instalirati zastitni zid izmedju servera i korisnika
- C.
  
  Koristiti HTTPS umesto HTTP protokola
Correct Answer
A. Normalizovati ulazne podatke

Explanation
Normalizacija ulaznih podataka je važan korak u odbrani od SQL injection napada kod Veb aplikacija. Ovaj proces podrazumeva proveru, filtriranje i validaciju svih unetih podataka kako bi se osiguralo da su ispravni i bezbedni za dalju obradu. Normalizacija može uključivati uklanjanje specijalnih karaktera, enkodiranje podataka ili korišćenje parametrizovanih upita kako bi se sprečilo ubacivanje zlonamernog SQL koda. Ova mera pomaže u sprečavanju napadača da iskoriste ranjivosti u unosu podataka i izvrše neovlaštene SQL upite na bazi podataka.

Rate this question:
15.

Za izvrsavanje sledece naredbe: ping -f 192.168.60.60 na Linuks sistemima je potreban:
- A.
  
  Iskljucen IP protokol u jezgru
- B.
  
  Administratorski nalog
- C.
  
  Mrezni interfejs u promiskuitetnom rezimu rada
Correct Answer
B. Administratorski nalog

Explanation
The correct answer is "Administratorski nalog" because executing the ping command with the -f flag (force option) on Linux systems requires administrative privileges. This is because the -f flag sends ping packets at a very high rate, which can potentially overwhelm the network and cause disruption. Therefore, only users with administrative access are allowed to use this option to prevent misuse or unauthorized network disruptions.

Rate this question:
16.

Administrator Veb servera je primetio zahtev za autentifikaciju korisnika kod koga je kao vrednost lozinke postavljen sledeci tekst: ' or true; -- Najverovatnije je da je u pitanju:
- A.
  
  Neispravan kod HTML formulara
- B.
  
  Slaba lozinka koju je lako razbiti putem recnika
- C.
  
  Pokusaj SQL injection napada
Correct Answer
C. Pokusaj SQL injection napada

Explanation
The given answer suggests that the most likely explanation for the situation is an attempted SQL injection attack. The presence of the text "' or true;--" in the password field indicates an attempt to manipulate the SQL query to bypass authentication. This technique is commonly used by attackers to gain unauthorized access to a system by exploiting vulnerabilities in the application's database layer.

Rate this question:
17.

Primena 802.1X protokola u bezicnim privatnim racunarskim mrezama zasniva se na:
- A.
  
  Virtualnim privatnim mrezama
- B.
  
  Koriscenju digitalnih sertifikata
- C.
  
  Lozinkama duzine od 8 do 64 bajta
Correct Answer
B. Koriscenju digitalnih sertifikata

Explanation
The use of digital certificates is the basis for implementing the 802.1X protocol in wireless private computer networks. Digital certificates are used to authenticate and verify the identity of network devices and users. They provide a secure and reliable way to establish trust and ensure that only authorized devices and users can access the network. By using digital certificates, the 802.1X protocol enhances the security of wireless networks by preventing unauthorized access and protecting against potential threats.

Rate this question:

1
0
18.

Virtualne privatne mreze koje prihvataju podatke iz privatnih mreza koje povezuju na nivou okvira, odnosno paketa protkola na sloju veze podataka:
- A.
  
  Funkcionisu kao IPsec sistem zastite
- B.
  
  Funkcionisu kao ruteri
- C.
  
  Funkcionisu kao mrezni mostovi
Correct Answer
C. Funkcionisu kao mrezni mostovi

Explanation
Virtualne privatne mreže koje prihvataju podatke iz privatnih mreža koje povezuju na nivou okvira, odnosno paketa protokola na sloju veze podataka, funkcionišu kao mrežni mostovi. Mrežni mostovi su uređaji koji povezuju mreže na istom sloju i omogućavaju prenos podataka između njih. U ovom slučaju, virtualne privatne mreže deluju kao mostovi koji omogućavaju komunikaciju između privatnih mreža na sloju veze podataka.

Rate this question:
19.

Termin 'hranjenje na kasicicu' (engl. spoon feeding) kod Veb aplikacija podrazumeva koriscenje:
- A.
  
  Proksi servera
- B.
  
  Zastitnog zida
- C.
  
  HTTP protokola
Correct Answer
A. Proksi servera

Explanation
The term "hranjenje na kasicicu" refers to spoon feeding in the context of web applications. Spoon feeding involves the use of a proxy server. A proxy server acts as an intermediary between the client and the web server, allowing the client to make requests to the server indirectly through the proxy. This can be beneficial in scenarios where the client wants to access restricted or blocked content, or when the client wants to improve performance by caching frequently accessed data. Therefore, the correct answer is "Proksi servera."

Rate this question:
20.

Postavljanje sledeceg koda u formular HTML stranice: <input type="file" value="C:\Users\AJ\zrm.pdf" style="display: none" /> imace sledeci efekat:
- A.
  
  Prilikom slanja formulara bice ukraden i fajl od klijenta
- B.
  
  Kradja fajla ce biti sprecena jer nisu dozvoljene podrazumevane vrednosti za kontrole za slanje fajlova
- C.
  
  Kradja fajla ce biti sprecena jer nije dozvoljeno skrivanje kontrole za slanje fajlova
Correct Answer
A. Prilikom slanja formulara bice ukraden i fajl od klijenta

Explanation
The given code snippet includes an input element of type "file" with a specified value attribute. This value attribute is set to a specific file path on the client's computer ("C:\Users\AJ\zrm.pdf"). However, the "value" attribute of a file input element is read-only and cannot be set programmatically due to security reasons. Therefore, when the form is submitted, the actual file that will be uploaded is determined by the user's selection and not by the value attribute. Thus, the statement "Prilikom slanja formulara bice ukraden i fajl od klijenta" is incorrect.

Rate this question:
21.

Kod razresavanja imena domena prednost ima:
- A.
  
  DNS server
- B.
  
  Korisnik sam odredjuje za pojedinacne upite
- C.
  
  Hosts fajl
Correct Answer
A. DNS server

Explanation
When resolving domain names, the DNS server has the advantage. It is responsible for translating domain names into IP addresses, allowing users to access websites and other online services. The DNS server maintains a database of domain names and their corresponding IP addresses, allowing it to quickly and efficiently resolve queries. On the other hand, the user determining individual queries or the hosts file are not as efficient or comprehensive as the DNS server in resolving domain names.

Rate this question:
22.

Primena Wired Equivalent Privacy protkola u bezicnim privatnim racunarskim mrezama je:
- A.
  
  Jos uvek nerasprostranjena zbog slozenosti upotrebe
- B.
  
  Prevazidjena i ne preporucuje se
- C.
  
  Preporucena i najcesce koriscena bezbednosna opcija
Correct Answer
B. Prevazidjena i ne preporucuje se

Explanation
The given answer states that the use of the Wired Equivalent Privacy protocol in wireless private computer networks is outdated and not recommended. This implies that the protocol is no longer considered secure or effective in protecting the network from unauthorized access. Therefore, it is not recommended to use this protocol anymore.

Rate this question:
23.

Najcesca svrha unosenja sledeceg zapisa 203.0.113.123 accounts.google.com u hosts fajl zrtve je:
- A.
  
  Onemogucavanje pristupa zrtve Internetu
- B.
  
  Preusmeravanje zrtve na komunikaciju sa lazim serverom
- C.
  
  Izvrsavanje napada na adresu 203.0.113.123
Correct Answer
B. Preusmeravanje zrtve na komunikaciju sa lazim serverom

Explanation
The most common purpose of entering the given record in the victim's hosts file is to redirect the victim to communicate with a fake server.

Rate this question:
24.

Napad ilustrovan sledecim psudo-kodom: dok god DHCP server vraca IP adresu: { preuzmi adresu od DHCP servera povecaj MAC adresu mreznog interfejsa za 1 } poznat je pod nazivom:
- A.
  
  Multi-mac-attack, mma
- B.
  
  Starvation atack
- C.
  
  Napad laznim DHCP serverom
Correct Answer
B. Starvation atack

Explanation
The given pseudocode suggests that the attacker continuously requests IP addresses from the DHCP server, causing it to run out of available addresses for legitimate clients. This type of attack is known as a "Starvation attack." The attacker is essentially starving the DHCP server by continuously requesting IP addresses, making it unable to allocate addresses to other devices on the network.

Rate this question:
25.

Preotimanje sesije (engl. session hijacking) kod Veb aplikacija je postupak kod koga:
- A.
  
  Napadac onemogucava autentifikaciju regularnog korisnika
- B.
  
  Napadac preuzima ulogu korisnika koji se regularno autentifikovao
- C.
  
  Napadac onemogucava regularno autentifikovanom korisniku da pristupi serveru
Correct Answer
B. Napadac preuzima ulogu korisnika koji se regularno autentifikovao

Explanation
Session hijacking is a process where an attacker takes over the role of a legitimately authenticated user. This means that the attacker gains unauthorized access to the user's session and can perform actions on behalf of the user without their knowledge or consent. This can lead to various malicious activities such as stealing sensitive information, manipulating data, or performing unauthorized transactions. The attacker essentially impersonates the authenticated user, allowing them to exploit their privileges and potentially cause harm.

Rate this question:
26.

Podaci iz baze podataka sa kojom radi DNS server uglavnom:
- A.
  
  Jesu strogo poverljivi
- B.
  
  Nisu kategorisani po pitanju poverljivosti
- C.
  
  Nisu strogo poverljivi
Correct Answer
C. Nisu strogo poverljivi

Explanation
The given correct answer states that the data from the database that the DNS server works with is not strictly confidential. This means that the data is not highly sensitive or classified, and there may be some level of accessibility or transparency in its handling.

Rate this question:
27.

Da bi se sprecio napada trovanja kesa DNS servera potrebno je:
- A.
  
  Digitalno potpisati odgovore servera
- B.
  
  Iskljuciti upotrebu hosts fajlova
- C.
  
  Koristiti DNS softver renomiranih proizvodjaca
Correct Answer
A. Digitalno potpisati odgovore servera

Explanation
To prevent poisoning attacks on DNS servers, it is necessary to digitally sign the server's responses. This ensures the authenticity and integrity of the responses, making it difficult for attackers to manipulate the DNS data and redirect users to malicious websites. By digitally signing the responses, the server can provide a cryptographic proof that the data has not been tampered with, increasing the security of the DNS system.

Rate this question:
28.

Pod zastitom medjumreznih komunikacija podrazumeva se bezbedno povezivanje:
- A.
  
  Dve nesusedne mreze preko bezbednih komunikacionih kanala
- B.
  
  Dve susedne racunarske mreze
- C.
  
  Dve nesusedne mreze preko nebezbednih komunikacionih kanala
Correct Answer
C. Dve nesusedne mreze preko nebezbednih komunikacionih kanala

Explanation
Under the protection of inter-network communication, it is assumed that there is a secure connection between two non-adjacent networks through insecure communication channels.

Rate this question:
29.

Bezbednosna prosirenja sistema domenskih imena (engl. Domain Name System Security Extensions, DNSSEC) krajnjim korisnicima prvenstveno omogucavaju:
- A.
  
  Verodostojnost
- B.
  
  Dostupnost
- C.
  
  Poverljivost
Correct Answer
A. Verodostojnost

Explanation
DNSSEC (Domain Name System Security Extensions) primarily provide end users with authenticity. This means that DNSSEC ensures that the information received from DNS servers has not been tampered with and comes from a trusted source. It uses digital signatures to verify the authenticity of DNS data, preventing DNS spoofing and other malicious activities. By ensuring authenticity, DNSSEC helps users trust the information they receive from the DNS system, enhancing the security and reliability of their online activities.

Rate this question:
30.

Iscrpljivanje centralnog procesora i memorije servera uglavnom se vrsi:
- A.
  
  Slanjem velikog broja ICMP zahteva
- B.
  
  Slanjem zahteva sa naloga za koji su ukradeni pristupni parametri
- C.
  
  Slanjem zahteva koji su tako formirani da iziskuju veliko vreme za obradu
- D.
  
  Slanjem zahteva sa naloga kod koga je oteta sesija
- E.
  
  Slanjem velikog broja zahteva
Correct Answer(s)
C. Slanjem zahteva koji su tako formirani da iziskuju veliko vreme za obradu
E. Slanjem velikog broja zahteva

Explanation
The correct answer is sending requests that are designed to require a long processing time and sending a large number of requests. This is because overwhelming the central processor and memory of a server can lead to slowdowns or crashes, and this can be achieved by either sending requests that take a long time to process or by sending a large volume of requests.

Rate this question:
31.

Bezicna pristupna tacka za IEEE 802.11 tehnologiju se po nacinu logici prosledjivanja okvira moze uporediti sa:
- A.
  
  Ruterom
- B.
  
  Eternet habom
- C.
  
  Eternet komutatorom
Correct Answer
B. Eternet habom

Explanation
A wireless access point for IEEE 802.11 technology can be compared to an Ethernet hub in terms of the way it forwards frame logic. Both the wireless access point and the Ethernet hub operate at the physical layer of the network and simply broadcast incoming frames to all connected devices without any intelligence to determine the destination. This is in contrast to an Ethernet switch, which operates at the data link layer and uses MAC addresses to selectively forward frames to the appropriate destination device.

Rate this question:
32.

Za identifikovanje strana koje komuniciraju putem virtualne privatne mreze koriste se:
- A.
  
  Javne IP adrese
- B.
  
  Parovi korisnickih imena i lozinki
- C.
  
  Digitalni sertifikati
- D.
  
  Kljucevi
- E.
  
  Fizicke adrese
- F.
  
  Biometrijski parametri korisnika
Correct Answer(s)
B. Parovi korisnickih imena i lozinki
C. Digitalni sertifikati
D. Kljucevi

Explanation
To identify the parties communicating through a virtual private network (VPN), pairs of usernames and passwords, digital certificates, and keys are used. These authentication methods ensure that only authorized users can access the VPN and communicate securely. Public IP addresses, physical addresses, and biometric parameters are not typically used for identification in VPN communication.

Rate this question:
33.

Napad u Eternet mrezama kod koga napadac drugim clanovima prijavljuje fizicke adrese clanova kao svoje naziva se:
- A.
  
  ARP Cache Poisoning
- B.
  
  ARP Spoofing
- C.
  
  Napad na STP protkol
- D.
  
  Prepunjavanje adresne memorije komutatora
- E.
  
  VLAN hopping
Correct Answer(s)
A. ARP Cache Poisoning
B. ARP Spoofing

Explanation
ARP Cache Poisoning, also known as ARP Spoofing, is a type of attack in Ethernet networks where an attacker falsely associates their own MAC address with the IP address of another network device. By doing this, the attacker can intercept and modify network traffic, leading to potential security breaches and unauthorized access to sensitive information. This attack takes advantage of the Address Resolution Protocol (ARP) to manipulate the ARP cache of the network devices, causing them to send data to the attacker instead of the intended recipient.

Rate this question:
34.

Napad na Veb aplikacije kod koga napadac posebnim zahtevima umece sopstveni sadrzaj u rezultat koji ce server vratiti je:
- A.
  
  Napad umetanja sadrzaja (engl. Content Insertion Attack, CIA)
- B.
  
  Umetanje SQL koda (engl. SQL injection)
- C.
  
  Unakrsno skriptovanje (engl. Cross Site Scripting, XSS)
Correct Answer
C. Unakrsno skriptovanje (engl. Cross Site Scripting, XSS)

Explanation
The correct answer is "Cross Site Scripting (XSS)". This is a type of attack where the attacker is able to inject malicious scripts into a website, which are then executed by the users' browsers. This allows the attacker to steal sensitive information, manipulate website content, or redirect users to malicious websites. In this case, the attacker is able to insert their own content into the server's response by exploiting vulnerabilities in the web application.

Rate this question:
35.

Privatne racunarske mreze uglavnom smatraju bezbednim, na osnovu:
- A.
  
  Vlasnistva nad svim kanalima i opremom
- B.
  
  Upotrebe sifarskih mehanizama
- C.
  
  Koriscenja iskljucivo zicnih tehnlogija
Correct Answer
A. Vlasnistva nad svim kanalima i opremom

Explanation
Private computer networks are generally considered secure based on ownership of all channels and equipment. This means that the organization or individual who owns the network has control over all the communication channels and the equipment used in the network. This control allows them to implement security measures and protocols to protect the network from unauthorized access and ensure the confidentiality, integrity, and availability of the data transmitted through the network. By having ownership over all the channels and equipment, they can also monitor and manage the network more effectively, further enhancing its security.

Rate this question:
36.

Veb servis je postao najkorisceniji servis Internet mreze, pre svega zahvaljujuci:
- A.
  
  Omogucavanju koriscenja drugih servisa kao svojih podservisa
- B.
  
  Visokom nivou bezbednosti koji nudi
- C.
  
  Podrazumevano ukljucenom sifrovanju podataka koji se prenose
Correct Answer
A. Omogucavanju koriscenja drugih servisa kao svojih podservisa

Explanation
Veb servis je postao najkorisceniji servis Internet mreze zahvaljujući omogućavanju korišćenja drugih servisa kao svojih podservisa. Ova funkcionalnost omogućava Veb servisu da integriše druge servise i koristi njihove funkcionalnosti kako bi pružio bogatije i više personalizovano iskustvo korisnicima. Otvorenost i fleksibilnost Veb servisa omogućavaju razvoj različitih aplikacija i usluga koje koriste različite servise i omogućavaju korisnicima da prilagode svoje iskustvo prema svojim potrebama.

Rate this question:
37.

Napad ilustrovan sledecim pseudo-kodom: while(true) { ifconfig eth0 $MAC ping -c 1 132.168.1.1 $MAC++ } naziva se:
- A.
  
  Napad na STP protokol
- B.
  
  ARP Cache Poisoning
- C.
  
  ARP Spoofing
- D.
  
  Prepunjavanje adresne memorije komutatora
- E.
  
  VLAN hopping
Correct Answer
D. Prepunjavanje adresne memorije komutatora

Explanation
The given pseudo-code suggests that the attacker is continuously changing the MAC address of eth0 interface and pinging a specific IP address. This action can lead to the flooding or overwhelming of the address memory of a switch, causing it to become unresponsive or slow down. This type of attack is known as address table flooding or address memory flooding, which is the correct answer option given.

Rate this question:
38.

U tri osnovna metoda za procenu bezbednosti odredjnog racunarskog sistema ili racunarske mreze spadaju:
- A.
  
  Ispitivanje
- B.
  
  Zamena zaposlenih
- C.
  
  Spijuniranje sistema
- D.
  
  Bezbednosna provera
- E.
  
  Intervjuisanje
- F.
  
  Socijalni inzenjering
Correct Answer(s)
A. Ispitivanje
D. Bezbednosna provera
E. Intervjuisanje

Explanation
The three basic methods for assessing the security of a computer system or network are testing, security auditing, and interviewing. Testing involves actively probing the system to identify vulnerabilities and weaknesses. Security auditing involves conducting a thorough examination of the system's security measures and controls. Interviewing involves speaking with individuals who have knowledge of the system to gather information about its security practices. These methods collectively provide a comprehensive evaluation of the system's security posture.

Rate this question:
39.

Izolovanih privatnih racunarskih mreza (koje nemaju vezu sa Internetom) danas je:
- A.
  
  Oko 80%, konstantno
- B.
  
  Sve vise
- C.
  
  Sve manje
Correct Answer
C. Sve manje

Explanation
The correct answer is "Sve manje" which translates to "Decreasing". This suggests that the number of isolated private computer networks that do not have internet connection is decreasing. This could be due to the increasing need for internet connectivity in today's digital age, where most businesses and individuals rely heavily on the internet for communication, information, and various online services.

Rate this question:
40.

U situaciji kada clanovi dve udaljene mreze, koje koriste 192.168.1.0/24 i 192.168.2.0/24 opsege adresa, a povezane su Internetom, zele da komuniciraju direktno, moguca resenja su:
- A.
  
  VPN tunelovanje
- B.
  
  VLAN
- C.
  
  Rutiranje
- D.
  
  Koriscenje SNAT i Port Forwarding mehanizama
Correct Answer
A. VPN tunelovanje

Explanation
In this situation, where members of two distant networks, using 192.168.1.0/24 and 192.168.2.0/24 address ranges, want to communicate directly, VPN tunneling is a possible solution. VPN (Virtual Private Network) tunneling creates a secure and encrypted connection over the internet, allowing the two networks to communicate as if they were directly connected. This ensures the confidentiality and integrity of the communication between the two networks.

Rate this question:
41.

Metod pod nazivom Blueprinting koristi se za 'uzimanje otisaka prsta' uredjaja sa podrskom za Bluetooth umrezavanje, odnosno za:
- A.
  
  Identifikaciju korisnika putem biometrijskih parametara
- B.
  
  Identifikaciju uredjaja na osnovu fizicke adrese
- C.
  
  Preuzimanje bezbednosnih parametara sa uredjaja
Correct Answer
B. Identifikaciju uredjaja na osnovu fizicke adrese

Explanation
Blueprinting is a method used to obtain the fingerprint of a device with Bluetooth support. This method is used to identify devices based on their physical address, not for user identification or downloading security parameters.

Rate this question:
42.

Primer alata za otkrivanje propusta je:
- A.
  
  Metasploit
- B.
  
  Kissmet
- C.
  
  Honeypot
Correct Answer
A. Metasploit

Explanation
Metasploit is the correct answer as it is a popular and widely used tool for detecting vulnerabilities in computer systems. It provides a comprehensive framework for penetration testing and vulnerability assessment. With a vast collection of exploits and payloads, Metasploit enables security professionals to identify and exploit weaknesses in a system's defenses. It also offers features like post-exploitation modules and social engineering tools, making it an essential tool in the arsenal of ethical hackers and security researchers.

Rate this question:
43.

U osnovne podatke koji se mogu dobiti snimanjem aktivnosti misa na nekom racunaru spadaju:
- A.
  
  Vrednosti polja nad kojima se mis nalazi
- B.
  
  Aktivirani tasteri
- C.
  
  X i y koordinate
- D.
  
  Spisak aktivnih aplikacija na racunaru
Correct Answer(s)
A. Vrednosti polja nad kojima se mis nalazi
B. Aktivirani tasteri
C. X i y koordinate

Explanation
The basic data that can be obtained by recording mouse activity on a computer includes the values of the fields over which the mouse is located, the activated buttons, and the x and y coordinates. It does not include the list of active applications on the computer.

Rate this question:
44.

Napad u Eternet mrezama kod koga napadac salje okvire sa tzv. dvostrukim oznakama (double tagging) naziva se:
- A.
  
  Napad na STP protkol
- B.
  
  ARP Cache Poisoning
- C.
  
  Prepunjavanje adresne memorije komutatora
- D.
  
  VLAN hopping
- E.
  
  ARP Spoofing
Correct Answer
D. VLAN hopping

Explanation
VLAN hopping is a type of attack in Ethernet networks where an attacker sends frames with double tagging, also known as double encapsulation. This allows the attacker to bypass the security measures in place and gain unauthorized access to different VLANs. By sending frames with multiple VLAN tags, the attacker tricks the switch into forwarding the frames to a different VLAN than intended, giving them access to sensitive information and resources. This attack takes advantage of vulnerabilities in the VLAN configuration and can be used to gain unauthorized access or perform other malicious activities within the network.

Rate this question:
45.

Virtualne privatne mreze (VPN) koriste se za:
- A.
  
  Povezivanje virtualnih masina
- B.
  
  Pravljenje virtualnih privatnih mreza na jedinstvenoj fizickoj infrastrukturi
- C.
  
  Bezbedno povezivanje udaljenih privatnih mreza
Correct Answer
C. Bezbedno povezivanje udaljenih privatnih mreza

Explanation
VPN koriste se za bezbedno povezivanje udaljenih privatnih mreža. VPN omogućava enkripciju podataka koji se prenose preko javne mreže, što osigurava privatnost i sigurnost komunikacije između udaljenih mreža. Ovo je posebno korisno za organizacije koje imaju više poslovnih lokacija ili za pojedince koji žele sigurno pristupiti svojoj privatnoj mreži dok su van nje.

Rate this question:
46.

Da bi uspesno izvrsio preootimanje sesije (engl. session hijacking) kod Veb aplikacija napadac mora da zna vrednost:
- A.
  
  Identifikatora sesije (engl. session id)
- B.
  
  Korisnickog imena i lozinke regularnog korisnika
- C.
  
  Porta koji se koristi na strani klijenta
Correct Answer
A. Identifikatora sesije (engl. session id)

Explanation
To successfully perform session hijacking in web applications, an attacker needs to know the value of the session identifier (session id). The session id is a unique identifier assigned to each user's session, allowing the server to differentiate between different users. By obtaining the session id, an attacker can impersonate the user and gain unauthorized access to their session, potentially compromising sensitive information and performing malicious actions on their behalf.

Rate this question:
47.

Napad koji se zasniva na mogucnosti napadaca da 'pinguje' (salje ICMP zahteve) emisionu adresu mreze, odnosno sve racunare u lokalnoj mrezi, kao i da u tim zahtevima lazira izvrsnu adresu, tj. da kao izvor zahteva navede racunar na koji vrsi napad, naziva se:
- A.
  
  Denial of Service (DoS)
- B.
  
  Smurf napad
- C.
  
  Session hijacking
Correct Answer
B. Smurf napad

Explanation
A smurf attack is a type of attack where the attacker sends ICMP requests (ping) to the broadcast address of a network, causing all the computers in the local network to respond to the victim's IP address. The attacker also spoofs the source address in the requests, making it appear as if the requests are coming from the victim's computer. This flood of responses overwhelms the victim's network, causing a denial of service.

Rate this question:
48.

Za otkrivanje verzije aplikacije koja se koristi na serveru, a ciji je izvorni kod javno dostupan, uglavnom se koriste:
- A.
  
  Propusti na Veb serveru
- B.
  
  Razlike izmedju fajlova u razlicitim verzijama
- C.
  
  SQL injection napadi
Correct Answer
A. Propusti na Veb serveru

Explanation
To detect the version of an application used on a server, vulnerabilities in the web server are commonly used. These vulnerabilities can provide information about the version of the application being used. By exploiting these vulnerabilities, an attacker can gather information about the server and the application running on it. This information can be used for further attacks or exploitation.

Rate this question:
49.

Prikazana sema stanja odnosi se na:
- A.
  
  Intervjuisanje
- B.
  
  Socijalni inzenjering
- C.
  
  Proveru probojnosti
Correct Answer
C. Proveru probojnosti

Explanation
The given state diagram represents "Proveru probojnosti" which translates to "Penetration testing" in English. Penetration testing is a method of assessing the security of a system by simulating an attack to identify vulnerabilities. The state diagram likely illustrates the different stages or steps involved in conducting a penetration test.

Rate this question:
50.

Napad prikazan na sldecoj slici koji koristi ICMP protkol naziva se:
- A.
  
  Smurf napad
- B.
  
  ICMP broadcast napad
- C.
  
  Ethernet Comutator Amplification napad
Correct Answer
A. Smurf napad

Explanation
The correct answer is Smurf napad. A Smurf attack is a type of DDoS attack that uses ICMP (Internet Control Message Protocol) packets to flood a target network with a large volume of traffic. The attacker sends ICMP echo requests (ping) to a broadcast IP address, spoofing the source IP address to be the victim's IP address. This causes all the devices on the network to respond to the victim's IP address, overwhelming it with traffic and potentially causing it to become unavailable.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2023

Quiz Edited by
ProProfs Editorial Team
Jan 06, 2020

Quiz Created by
Catherine Halcomb

Featured Quizzes

What Is My Talent? Quiz What Is My Talent? Quiz

Pottermore Sorting Hat Quiz Pottermore Sorting Hat Quiz

BTS Quiz: Who Is Your BTS Soulmate? BTS Quiz: Who Is Your BTS Soulmate?

Fursona Quiz: Which Animal Can Be Your Fursona? Fursona Quiz: Which Animal Can Be Your Fursona?

Waifu Quiz: Who Is Your Waifu? Waifu Quiz: Who Is Your Waifu?

Does He Like Me? Take This Quiz And Be 100% Sure Does He Like Me? Take This Quiz And Be 100% Sure

Back to top

Zast 2.Kol

Bezbednosna funkcija na komutatorima, poznata pod nazivom Port Security omogucava odbranu od sledecih tipova napada:

Identifikator sesije je u sustini sesijski kljuc koji je:

Za odbranu od snimanja korisnickog unosa putem tastature bolje je koristiti:

Virtualne privatne mreze (VPN) omogucavaju:

Infrastrukturni servir kojim administratori mogu automatizovano da dodeljuju mrezne parametre (adresu, masku, podrazumevani mrezni prolaz, DNS servere i slicno) je:

U praksi, napadaci cesto nisu u mogucnosti da samostalno iscrpe odredjeni resurs, vec im je za to potrebna pomoc veceg broja racunara. Napadi u kojima ucestvuje veci broj racunara nazivaju se:

Ping poplava (eng. ping flood) je tip napada za cije se izvrsavanje koristi:

Napadac koji se u privatnoj mrezi lazno predstavi kao DHCP server time direktno dobija mogucnost da:

Koncept cupa sa medom (engl. Honeypot) podrazumeva:

Kod otkrivanja skrivenih sekcija na serveru, napadacu moze posluziti:

Za uspesno koriscenje Port Security bezbednosne funkcije neophodno je:

Ogranicenje kod Internet domena je:

Napad pod nazivom 'zabadanje nosa u kes DNS servera' (engl. DNS Cache Snooping) ima za cilj da:

U odbranu od SQL injection napada kod Veb aplikacija potrebno je:

Za izvrsavanje sledece naredbe: ping -f 192.168.60.60 na Linuks sistemima je potreban:

Administrator Veb servera je primetio zahtev za autentifikaciju korisnika kod koga je kao vrednost lozinke postavljen sledeci tekst: ' or true; -- Najverovatnije je da je u pitanju:

Primena 802.1X protokola u bezicnim privatnim racunarskim mrezama zasniva se na:

Virtualne privatne mreze koje prihvataju podatke iz privatnih mreza koje povezuju na nivou okvira, odnosno paketa protkola na sloju veze podataka:

Termin 'hranjenje na kasicicu' (engl. spoon feeding) kod Veb aplikacija podrazumeva koriscenje:

Postavljanje sledeceg koda u formular HTML stranice: <input type="file" value="C:\Users\AJ\zrm.pdf" style="display: none" /> imace sledeci efekat:

Kod razresavanja imena domena prednost ima:

Primena Wired Equivalent Privacy protkola u bezicnim privatnim racunarskim mrezama je:

Najcesca svrha unosenja sledeceg zapisa 203.0.113.123 accounts.google.com u hosts fajl zrtve je:

Napad ilustrovan sledecim psudo-kodom: dok god DHCP server vraca IP adresu: { preuzmi adresu od DHCP servera povecaj MAC adresu mreznog interfejsa za 1 } poznat je pod nazivom:

Preotimanje sesije (engl. session hijacking) kod Veb aplikacija je postupak kod koga:

Podaci iz baze podataka sa kojom radi DNS server uglavnom:

Da bi se sprecio napada trovanja kesa DNS servera potrebno je:

Pod zastitom medjumreznih komunikacija podrazumeva se bezbedno povezivanje:

Bezbednosna prosirenja sistema domenskih imena (engl. Domain Name System Security Extensions, DNSSEC) krajnjim korisnicima prvenstveno omogucavaju:

Iscrpljivanje centralnog procesora i memorije servera uglavnom se vrsi:

Bezicna pristupna tacka za IEEE 802.11 tehnologiju se po nacinu logici prosledjivanja okvira moze uporediti sa:

Za identifikovanje strana koje komuniciraju putem virtualne privatne mreze koriste se:

Napad u Eternet mrezama kod koga napadac drugim clanovima prijavljuje fizicke adrese clanova kao svoje naziva se:

Napad na Veb aplikacije kod koga napadac posebnim zahtevima umece sopstveni sadrzaj u rezultat koji ce server vratiti je:

Privatne racunarske mreze uglavnom smatraju bezbednim, na osnovu:

Veb servis je postao najkorisceniji servis Internet mreze, pre svega zahvaljujuci:

Napad ilustrovan sledecim pseudo-kodom: while(true) { ifconfig eth0 $MAC ping -c 1 132.168.1.1 $MAC++ } naziva se:

U tri osnovna metoda za procenu bezbednosti odredjnog racunarskog sistema ili racunarske mreze spadaju:

Izolovanih privatnih racunarskih mreza (koje nemaju vezu sa Internetom) danas je:

U situaciji kada clanovi dve udaljene mreze, koje koriste 192.168.1.0/24 i 192.168.2.0/24 opsege adresa, a povezane su Internetom, zele da komuniciraju direktno, moguca resenja su:

Metod pod nazivom Blueprinting koristi se za 'uzimanje otisaka prsta' uredjaja sa podrskom za Bluetooth umrezavanje, odnosno za:

Primer alata za otkrivanje propusta je:

U osnovne podatke koji se mogu dobiti snimanjem aktivnosti misa na nekom racunaru spadaju:

Napad u Eternet mrezama kod koga napadac salje okvire sa tzv. dvostrukim oznakama (double tagging) naziva se:

Virtualne privatne mreze (VPN) koriste se za:

Da bi uspesno izvrsio preootimanje sesije (engl. session hijacking) kod Veb aplikacija napadac mora da zna vrednost:

Napad koji se zasniva na mogucnosti napadaca da 'pinguje' (salje ICMP zahteve) emisionu adresu mreze, odnosno sve racunare u lokalnoj mrezi, kao i da u tim zahtevima lazira izvrsnu adresu, tj. da kao izvor zahteva navede racunar na koji vrsi napad, naziva se:

Za otkrivanje verzije aplikacije koja se koristi na serveru, a ciji je izvorni kod javno dostupan, uglavnom se koriste:

Prikazana sema stanja odnosi se na:

Napad prikazan na sldecoj slici koji koristi ICMP protkol naziva se: