Advanced System Security & Digital Forensics (ASDF) MCQ's




Question 1 :
What is the software called that’s designed to exploit a computer user and is a broad term covering computer viruses, worms, Trojan, adware, etc.?

  1. Backdoors
  2. Key-logger
  3. Malware
  4. Spyware
  

Question 2 :
_______________ is the central node of 802.11 wireless operations.

  1. WPA
  2. Access Point
  3. WAP
  4. Access Port
  

Question 3 :
What is the Necessity of Forensic Duplication?

  1. Performing analysis on duplicate copy is easy.
  2. Preserving the original digital evidences is important
  3. Performing analysis on original copy is time consuming.
  4. Performing analysis on original copy is easy
  

Question 4 :
Vulnerabilities and risks are evaluated based on their threats against which of the following?

  1. One or more of the CIA Triad principles
  2. Data usefulness
  3. Due care
  4. Extent of liability
  

Question 5 :
What is ‘separation’ in security of Operating systems?

  1. To have separate login for different users
  2. To have Hard disk drive/partition for different users
  3. It means keeping one user’s objects separate from other users
  4. To have same objects for different users
  

Question 6 :
A user intending to connect to one LAN may unintentionally lock onto a wireless access point from the neighboring network. Which type of Wireless network threat would you classify this under?

  1. Malicious Threat
  2. Network Injection
  3. Denial Of Service
  4. Accidental Association
  

Question 7 :
A valid definition of digital evidence is:

  1. Data stored or transmitted using a computer
  2. Information of probative value
  3. Digital data of probative value
  4. Any digital evidence on a computer
  

Question 8 :
___________________ is alike as that of Access Point (AP) from 802.11, - the mobile operators uses it for offering signal coverage.

  1. Base Signal Station
  2. Base Transmitter Station
  3. Base Transceiver Station
  4. Transceiver Station
  

Question 9 :
What term describes the route that evidence takes from the time you find it until the case is closed or goes to court?

  1. Chain of Custody
  2. Law of probability
  3. Daubert path
  4. Separation of duties
  

Question 10 :
Edye works for a computer software company. As part of her job develops a computer program , then ownership of program belongs to

  1. Edye, as she develops the program
  2. Company, as it paid Edye to write the program
  3. Both of them
  4. Company Director
  

Question 11 :
What is the full form of MAC?

  1. Mandatory access control
  2. Medium access control
  3. Major account control
  4. Main access control
  

Question 12 :
What is the main concern of the Bell-LaPadula security model?

  1. confidentiality
  2. integrity
  3. authentication
  4. Accountability
  

Question 13 :
SSL stands for

  1. Simple socket layer
  2. Simple Secure layer
  3. Secure Socket Layer
  4. Socket Simple Layer
  

Question 14 :
Which of the following is NOT a valid access control mechanism?

  1. DAC (Discretionary Access Control)
  2. SAC (Subjective Access Control)
  3. MAC (Mandatory Access Control)
  4. RBAC (Role Based Access Control)
  

Question 15 :
Which of the following is not done by cyber criminals?

  1. Unauthorized account access
  2. Mass attack using Trojans as botnets
  3. Email spoofing and spamming
  4. Report vulnerability in any system
  

Question 16 :
The list of the DNS (Domain Name System) entries can be found in -

  1. /etc/groups
  2. /etc/hosts
  3. /etc/shadows
  4. /etc/passwd
  

Question 17 :
A ________ is a computer program that can infect other computer programs by modifying them in such a way as to include a copy of it

  1. email bombing
  2. salami attack
  3. computer virus
  4. logic bomb
  

Question 18 :
From the following, which is not a common file permission?

  1. Write
  2. Execute
  3. Read
  4. Stop
  

Question 19 :
Cross-Site Request Forgery (CSRF) is an attack

  1. Is for sending multiple requests to server for some site
  2. that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated
  3. That pretends attacker as legitimate user
  4. That monitors network Traffic For communication on sites
  

Question 20 :
What is an indirect way to transmit information with no explicit reading of confidential information?

  1. Covert channels
  2. Backdoor
  3. Timing channels
  4. Overt channels
  

Question 21 :
An attack that relies on high volume of password guessing.

  1. Brute Force Attack
  2. Credential Stuffing Attack
  3. Skimming Attack
  4. Phishing Attack
  

Question 22 :
Performing a shoulder surfing in order to check other’s password is ____________ ethical practice.

  1. a good
  2. not so good
  3. very good social engineering practice
  4. a bad
  

Question 23 :
____________ are unlike copyrights in that they protect inventions, tangible objects, or ways to make them, not works of the mind. It requires novelty.

  1. Copyright
  2. Patent
  3. Intellectual Property
  4. Trade Secret
  

Question 24 :
When an attacker is able to eavesdrop on network traffic and identify the MAC address of a computer with network previleges. Which type of Wireless network threat would you classify this under?

  1. Identity Theft.
  2. Man in the middle attack
  3. Network Injection
  4. Accidental Association
  

Question 25 :
Protection is only provided at the _____ level

  1. lower
  2. central
  3. higher
  4. any level
  
Pages