![MCQs [2024]](https://engineeringinterviewquestions.com/wp-content/uploads/2021/02/Interview-Questions-2.png)
Cyber Security Multiple Choice Questions on “Network Models – TCP-IP Model Security”.
1. TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together.
a) True
b) False
Answer: a
Clarification: TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together. Each layer is composed of header and payload.
2. TCP/IP is composed of _______ number of layers.
a) 2
b) 3
c) 4
d) 5
Answer: c
Clarification: TCP/IP is extensively used model for the World Wide Web for providing network communications which are composed of 4 layers that work together. Each layer is composed of header and payload.
3. Trusted TCP/IP commands have the same needs & go through the identical verification process. Which of them is not a TCP/IP command?
a) ftp
b) rexec
c) tcpexec
d) telnet
Answer: c
Clarification: Trusted TCP/IP commands such as ftp, rexec and telnet have the same needs & go through the identical verification process. Internet & TCP/IP are often implemented synonymously.
4. Connection authentication is offered for ensuring that the remote host has the likely Internet Protocol (IP) ___________ & _________
a) address, name
b) address, location
c) network, name
d) network, location
Answer: a
Clarification: Connection authentication is offered for ensuring that the remote host has the likely Internet Protocol (IP)’s address & name. This avoids a remote host to masquerade as an added remote host.
5. Application layer sends & receives data for particular applications using Hyper Text Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP).
a) True
b) False
Answer: a
Clarification: Application layer sends & receives data for particular applications using HyperText Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP). Hence, data encryption for HTTP and SMTP is important.
6. TLS vulnerability is also known as Return of Bleichenbacher’s Oracle Threat.
a) True
b) False
Answer: a
Clarification: Return of Bleichenbacher’s Oracle Threat is a transport layer vulnerability that allows an attacker to get hold of the RSA key essential to decrypt TLS traffic below certain conditions.
7. RoBOT is abbreviated as ___________
a) Return of Bleichenbacher’s Oracle Team
b) Rise of Bleichenbacher’s Oracle Threat
c) Return of Bleichenbacher’s Operational Threat
d) Return of Bleichenbacher’s Oracle Threat
Answer: d
Clarification: Return of Bleichenbacher’s Oracle Threat is a transport layer vulnerability that allows an attacker to get hold of the RSA key essential to decrypt TLS traffic below certain conditions.
8. There are __________ different versions of IP popularly used.
a) 2
b) 3
c) 4
d) 5
Answer: a
Clarification: There are two different versions of IPs used popularly over the internet. These are IPv4 and IPv6. IPv4 is a 32-bits numeric address written in decimal with 4 numbers separated by dots whereas IPv6 addresses are 128-bits written in hexadecimal & separated by colons.
9. ____________ is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.
a) TCP Spoofing
b) TCP Blind Spoofing
c) IP Spoofing
d) IP Blind Spoofing
Answer: b
Clarification: TCP Blind Spoofing is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.
10. ___________ is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server.
a) SYN flooding attack
b) ACK flooding attack
c) SYN & ACK flooding attack
d) Packet flooding attack
Answer: a
Clarification: SYN flooding attack is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server. The SYN & ACK segments need to begin in a TCP connection.
11. Which of them is not an attack done in the network layer of the TCP/IP model?
a) MITM attack
b) DoS attack
c) Spoofing attack
d) Shoulder surfing
Answer: d
Clarification: MITM, Denial of Service (DoS), and spoofing attacks are possible in the network layer of the TCP/IP model. It is important to secure the network layer as it is the only means to make certain that your application is not getting flooded with attacks.
12. Which of them is not an appropriate method of router security?
a) Unused ports should be blocked
b) Unused interfaces and services should be disabled
c) Routing protocol needs to be programmed by security experts
d) Packet filtering needs to be enabled
Answer: c
Clarification: Unused ports should be blocked, Unused interfaces and services should be disabled, and Packet filtering needs to be enabled are some of the security measures that need to be taken for the routers.
13. Which 2 protocols are used in the Transport layer of the TCP/IP model?
a) UDP and HTTP
b) TCP and UDP
c) HTTP and TCP
d) ICMP and HTTP
Answer: b
Clarification: The transport layer can voluntarily declare the consistency of communications. Transmission Control Protocol (TCP) & User Datagram Protocol (UDP) are the most common transport layer protocols.
14. Which of the protocol is not used in the network layer of the TCP/IP model?
a) ICMP
b) IP
c) IGMP
d) HTTP
Answer: d
Clarification: Internet Control Message Protocol (ICMP), Internet Protocol (IP) and Internet Group Management Protocol (IGMP) are used in the network layer. HTTP is used in application layer of TCP/IP model.
15. ____________ protocol attack is done in the data-link layer.
a) HTTP
b) DNS
c) TCP/IP
d) POP
Answer: b
Clarification: DNS protocol attack is done in the application layer of the TCP/IP model which allows attackers to modify DNS records in order to misdirect user traffic and land them in some malicious or spoofed address.