Computer Networks Multiple Choice Questions on “Security In The Internet”.
1. IPSec is designed to provide security at the _________
a) transport layer
b) network layer
c) application layer
d) session layer
Answer: b
Clarification: IPSec is a set of protocols used to provide authentication, data integrity and confidentiality between two machines in an IP network. In the TCP/IP model, it provides security at the IP layer i.e. the network layer.
2. In tunnel mode, IPSec protects the ______
a) Entire IP packet
b) IP header
c) IP payload
d) IP trailer
Answer: a
Clarification: In the tunnel mode, IPSec adds control bits into the packets to encrypt the entire packet between the IPSec endpoints. Using encryption, it provides secure communication between the two endpoints.
3. Network layer firewall works as a ________
a) frame filter
b) packet filter
c) signal filter
d) content filter
Answer: b
Clarification: As you know, firewalls are available as hardware appliances, as software-only, or a combination of the two. In every case, the purpose of a firewall is to isolate your trusted internal network (or your personal PC) from the dangers of unknown resources on the Internet and other network connections that may be harmful. The firewall prevents unauthorized access to your internal, trusted network from outside threats.
4. Network layer firewall has two sub-categories called ____________
a) stateful firewall and stateless firewall
b) bit oriented firewall and byte oriented firewall
c) frame firewall and packet firewall
d) network firewall and data firewall
Answer: a
Clarification: Most network layer firewalls can operate as stateful or stateless firewalls, creating two subcategories of the standard network layer firewall. Stateful firewalls have the advantage of being able to track packets over a period of time for greater analysis and accuracy — but they require more memory and operate more slowly. Stateless firewalls do not analyze past traffic and can be useful for systems where speed is more important than security, or for systems that have very specific and limited needs. For example, a computer that only needs to connect to a particular backup server does not need the extra security of a stateful firewall.
5. WPA2 is used for security in _______
a) ethernet
b) bluetooth
c) wi-fi
d) e-mail
Answer: c
Clarification: WPA2 or WiFi Protected Access 2 is a security protocol used to provide users and firms with strong data security and protection for their wireless networks (WiFi) to give them confidence that only authorized users can access their network.
6. An attempt to make a computer resource unavailable to its intended users is called ______
a) denial-of-service attack
b) virus attack
c) worms attack
d) botnet process
Answer: a
Clarification: In a Denial of Service attack, the attacker won’t let the victims access the network by using a certain method that ensures that an essential network resource is unavailable to the victim. The methods that the attacker can use are vulnerability attack, bandwidth flooding and connection flooding.
7. Extensible authentication protocol is authentication framework frequently used in ______
a) wired personal area network
b) wireless networks
c) wired local area network
d) wired metropolitan area network
Answer: b
Clarification: The Extensible Authentication Protocol (EAP) is an authentication protocol used to connect a network node to the Internet. It designed through extending the methods used by the Point-to-Point Protocol for authentication.
8. Pretty good privacy (PGP) is used in ______
a) browser security
b) email security
c) FTP security
d) wifi security
Answer: b
Clarification: PGP is an encryption method used in e-mail security to encrypt and decrypt the content of an e-mail transmitted over the internet. It makes sure that the message cannot be stolen by other unauthorized users.
9. PGP encrypts data by using a block cipher called ______
a) international data encryption algorithm
b) private data encryption algorithm
c) internet data encryption algorithm
d) local data encryption algorithm
Answer: a
Clarification: The IDEA was designed in 1991 by Xuejia Lai and James Massey. Before IDEA, PGP used the cipher method BassOmatic.
10. When a DNS server accepts and uses incorrect information from a host that has no authority giving that information, then it is called _________
a) DNS lookup
b) DNS hijacking
c) DNS spoofing
d) DNS authorizing
Answer: c
Clarification: In DNS spoofing, also known as DNS cache poisoning, an attacker gets the valid credentials from a victim by spoofing the intended resource, and tricking the victim to give his/her valid authorization credentials.