250+ TOP MCQs on Secure Socket Layer and Answers

Network Security Multiple Choice Questions on “Secure Socket Layer”.

1. In the alert protocol the first byte takes the value 1 or 2 which corresponds to _________ and _________ respectively.
a) Select, Alarm
b) Alert, Alarm
c) Warning, Alarm
d) Warning, Fatal

Answer: d
Clarification: The first byte takes the value warning(1) or fatal(2) to convey the severity of the message.

2. In the above figure, which of the above shaded block is transparent to end users and applications?
a) IP/IPSec
b) SSL
c) Kerberos
d) S/MIME

Answer: a
Clarification: IP/IPSec is the Network layer which is transparent to end users and applications.

3. In terms of Web Security Threats, “Impersonation of another user” is a Passive Attack.
a) True
b) False

Answer: b
Clarification: Passive attacks include eavesdropping on network traffic between browser and server and gaining access to information on a website that is supposed to be restricted. Active attacks include impersonating another user, altering messages in transit between client and server, altering information on a website.

4. Which one of the following is not a higher –layer SSL protocol?
a) Alert Protocol
b) Handshake Protocol
c) Alarm Protocol
d) Change Cipher Spec Protocol

Answer: c
Clarification: Three higher –layer protocols are defined as part of SSL: The Handshake Protocol, The Change Cipher Spec Protocol and The Alert Protocol.

5. Which one of the following is not a session state parameter?
a) Master Secret
b) Cipher Spec
c) Peer Certificate
d) Server Write Key

Answer: d
Clarification: Session state is defined by the following parameters – Session identifier, Peer certificate, Compression method, Cipher spec, Master secret, Is resumable. Server Write Key falls under Connection State.

6. In the SSL Protocol, each upper layer message if fragmented into a maximum of __________ bytes.
a) 216
b) 232
c) 214
d) 212

Answer: c
Clarification: In the fragmentation process we obtain blocks of 2^14 bytes which is compressed in the next step.

7. The difference between HMAC algorithm and SSLv3 is that pad1 and pad2 are ________ in SSLv3 whereas ________ in HMAC.
a) NANDed, XORed
b) Concatenated, XORed
c) XORed, NANDed
d) XORed, Concatenated

Answer: b
Clarification: The pads are concatenated in SSLv3 and XORed in HMAC algorithm.

8. The full form of SSL is
a) Serial Session Layer
b) Secure Socket Layer
c) Session Secure Layer
d) Series Socket Layer

Answer: b
Clarification: SSL stands for Secure Sockets Layer.

9. After the encryption stage in SSL, the maximum length of each fragment is
a) 214+1028
b) 214+2048
c) 216+1028
d) 216+2048

Answer: b
Clarification: Encryption may not increase the content length by more than 1024 bytes, so the total length may not exceed 214+2048.

10. Consider the following example –
Size of Plaintext – 48 bytes.
Size of MAC – 20 bytes.
Block Length – 8 bytes.
How many bytes of padding need to be added to the system?
a) 1
b) 2
c) 3
d) 4

Answer: c
Clarification: 48 + 20 = 68 bytes. 72 is the next multiple of 8 (Block Length). 72 – 68 = 4. But we need to compensate 1 byte for length of the padding. Therefore, we require only 3 Bytes padding.

11. Which protocol is used to convey SSL related alerts to the peer entity?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol

Answer: a
Clarification: The Alert protocol is used to convey SSL related alerts to the peer entity.

12. Which protocol consists of only 1 bit?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol

Answer: d
Clarification: The change cipher spec protocol is bit long.

13. Which protocol is used for the purpose of copying the pending state into the current state?
a) Alert Protocol
b) Handshake Protocol
c) Upper-Layer Protocol
d) Change Cipher Spec Protocol

Answer: d
Clarification: The Change Cipher Spec Protocol is used for this action.

14. Which of the following are possible sizes of MACs?
i) 12 Bytes
ii) 16 Bytes
iii) 20 Bytes
iv) 24 Bytes

a) i and iii
b) ii only
c) ii and iii
d) ii iii and iv

Answer: c
Clarification: MACs can be 0, 16 or 20 Bytes.

Leave a Reply

Your email address will not be published. Required fields are marked *