Network Security MCQ Quiz - Objective Question with Answer for Network Security - Download Free PDF

What key(s) are used by the sender of an encrypted message in an asymmetric-key cipher?

1. Neither public nor private key of the receiver
2. Public key of the receiver
3. Public or private key of the sender
4. Private key of the sender
5. None of the above

Answer (Detailed Solution Below)

Network Security Question 1 Detailed Solution

The correct answer is option 2.

Concept:

The two keys are called the “public key” and the “private key” of the user. The sender uses a public key to encrypt the message. The recipient uses its private key to decrypt the message.

Asymmetric encryption is also called public-key encryption, but it actually relies on a key pair. Two mathematically related keys, one called the public key and another called the private key, are generated to be used together. The private key is never shared; it is kept secret and is used only by its owner. The public key is made available to anyone who wants it. Because of the time and amount of computer processing power required, it is considered mathematically infeasible for anyone to be able to use the public key to re-create the private key, so this form of encryption is considered very secure.

Hence the correct answer is the p ublic key of the receiver.

Network Security Question 2:

1. public-key encryption
2. asymmetric encryption
3. conventional encryption
4. hybrid encryption

Answer (Detailed Solution Below)

Network Security Question 2 Detailed Solution

Key Points

• Conventional encryption is another term for symmetric encryption.
• In symmetric encryption, the same key is used for both encryption and decryption of data.
• This method is known for being fast and efficient, making it suitable for encrypting large amounts of data.
• However, it requires secure key management to ensure that the encryption key is not compromised.
• Examples of symmetric encryption algorithms include AES (Advanced Encryption Standard), DES (Data Encryption Standard), and 3DES (Triple DES).

Additional Information

• Public-key encryption (Option 1) is another term for asymmetric encryption, where different keys are used for encryption and decryption.
• Asymmetric encryption (Option 2) involves a pair of keys: a public key for encryption and a private key for decryption.
• Hybrid encryption (Option 4) combines both symmetric and asymmetric encryption techniques to leverage the advantages of each.
• Symmetric encryption is generally faster than asymmetric encryption but requires secure key distribution and management.

Network Security Question 3:

Symmetric Key Cryptography uses stream cipher to encrypt the information. One of example of stream cipher:

1. SHA
2. RC4
3. MD5
4. Blowfish
5. None of the above

Answer (Detailed Solution Below)

Network Security Question 3 Detailed Solution

The correct answer is option 2.

Concept:

Symmetric Key Cryptography uses a stream cipher to encrypt the information. One example of stream cipher is RC4.

Stream cipher:

A stream cipher is an encryption technique that encrypts and decrypts a set quantity of data using a symmetric key. In contrast to an asymmetric cipher key, a symmetric cipher key is an encryption tool that may be used for both encryption and decryption.

Rivest Cipher 4:

• Rivest Cipher 4, often known as RC4, is a stream cipher that was developed in 1987. A stream cipher is a sort of encryption algorithm that encrypts data one byte at a time.
• RC4 is a stream cipher that has been used in the Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocols, the IEEE 802.11 wireless LAN standard, and the Wi-Fi Security Protocol WEP (Wireless Equivalent Protocol).

Hence the correct answer is RC4.

Additional Information

• Secure hashing algorithm (SHA) is an acronym for secure hashing algorithm. SHA is a hashing algorithm that is based on MD5. It is used to hash data and certificates. Using bitwise operations, modular additions, and compression functions, a hashing algorithm compresses the input data into a smaller form that cannot be comprehended.
• Blowfish is the first symmetric encryption algorithm created by Bruce Schneier in 1993. Symmetric encryption uses a single encryption key to both encrypt and decrypt data.

Network Security Question 4:

1. Social Engineering
2. Trojan
3. Shoulder Surfing
4. Spyware
5. None of the above

Answer (Detailed Solution Below)

Network Security Question 4 Detailed Solution

The correct answer is option 4.
Concept:

Keyloggers, also known as keystroke loggers, are software applications or hardware devices that record the activity (keys tapped) on a keyboard. Keyloggers are a type of spyware in which users are unaware that their actions are being recorded.

Spyware:

Spyware is a type of malicious software or malware that is installed on a computing device without the end user's knowledge.

Characteristics:

• Keyloggers may be used for a number of objectives, including fraudulently gaining access to your private information and monitoring staff actions. Some keyloggers may also record your screen at random intervals; these are known as screen recorders.
• Keylogger software normally saves your keystrokes in a tiny file that may be viewed later or automatically sent to the person watching your activity.
• A keylogger is a malicious computer application that records everything you write on the keyboard and learns the keystroke pattern, including words, characters, and symbols, and then sends all of the recorded information to hostile hackers.

Hence the correct answer is Spyware.

Network Security Question 5:

1. Authentication
2. Nonrepudiation
3. Confidentiality
4. Integrity
5. None of the above

Answer (Detailed Solution Below)

Network Security Question 5 Detailed Solution

The correct answer is Confidentiality

Key Points Confidentiality:

• A digital signature does not inherently provide confidentiality. This means that if someone intercepts the message, they can read its content.
• Confidentiality must be ensured by other means, such as encryption. Encryption scrambles the content of a message so that it can be understood only by someone who has the corresponding decryption key.
• This keep the contents hidden from anyone who might intercept the message during transmission.
• In other words, digital signature alone cannot prevent unwanted third parties from reading the message if it is intercepted; it only ensures that the receiver will know if the message was tampered with during transmission.

Additional Information A digital signature provides three functions:

• Authentication: It verifies the sender's identity. The receiver can be sure that the message was indeed sent by the claimed sender, as it's based on the sender's private key, which is not publicly accessible.
• Non-Repudiation: It ensures that the sender cannot deny having sent the message. Once signed with a digital signature, a message can always be proven to have been signed by that unique private key.
• Integrity: It verifies that the message content has not been altered in transit. Any modification to the message would alter the signature and, therefore, be detected at the receiving end.

Top Network Security MCQ Objective Questions

Network Security Question 6

In computing, ________ is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

1. Spyware
2. Cookie
3. Spam
4. Firewall

Answer (Detailed Solution Below)

Network Security Question 6 Detailed Solution

The correct answer is option 4) i.e. Firewall.

• A firewall is a type of computer-security system.
• A firewall controls the flow of data from one computer or network to another and they are mainly intended to protect an individual computer system or a network from being accessed by an intruder, especially via the Internet.

Note:

• Cookies are small files that are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client computer.
• Spam is an undesired or illegal email message.
• Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information.

Share on Whatsapp

Network Security Question 7

1. Hardware
2. Software
3. Bacteria
4. Freeware

Answer (Detailed Solution Below)

Network Security Question 7 Detailed Solution

The correct answer is Software.

• A computer virus is a malicious software that, when executed replicates itself by modifying other computer programs.
• The full form of VIRUS is Vital Information Resources Under Seize because they replicate and multiply and use up computer memory processing power with fake repetitive commands. It causes the system to become slow and keeps hanging.

Share on Whatsapp

Network Security Question 8

Which type of virus attaches with EXE files and the resulting infected EXE file attacks other EXE files and infects them ?

1. Parasitic virus
2. Boot Sector Virus
3. Stealth Virus
4. Memory Resident Virus

Answer (Detailed Solution Below)

Network Security Question 8 Detailed Solution

The type of virus that attaches to EXE files and infects other EXE files is a type of Parasitic virus, also known as an executable virus or file infecting virus.

Boot sector viruses infect the boot sector of storage devices such as hard drives and floppy disks.

Stealth viruses use various techniques to hide themselves from detection by antivirus software and other system tools.

Memory resident viruses, as the name suggests, reside in a computer's memory and can infect other files that are loaded into memory. However, they do not typically infect EXE files specifically.

Hence, the correct answer is option 1.

Share on Whatsapp

Network Security Question 9

What is the term for a cyber-security attack that targets multiple interconnected devices simultaneously to create a large- scale attack network?

1. DDoS attack
2. Botnet attack
3. Zero-day attack
4. Spear phishing attack

Answer (Detailed Solution Below)

Network Security Question 9 Detailed Solution

The correct answer is Botnet attack.

Key Points

• Botnet is a network of computers that have been infected with malware and are controlled by a single attacker. The attacker can use the botnet to launch a variety of attacks, including DDoS attacks.
• DDoS attack is a cyber-security attack that targets a website or server with a flood of traffic. This traffic can overwhelm the website or server, making it unavailable to legitimate users.
• Zero-day attack is an attack that exploits a vulnerability in software that the software vendor is not aware of. This means that there is no patch available to fix the vulnerability, making it very difficult to defend against.
• A spear phishing attack is a targeted attack that is designed to trick the victim into clicking on a malicious link or opening an infected attachment.
• Therefore, the term for a cyber-security attack that targets multiple interconnected devices simultaneously to create a large-scale attack network is botnet attack.

Additional Information

Here are some ways to protect yourself from botnet attacks:

• Keep your software up to date. Software vendors often release patches to fix security vulnerabilities.
• Use a firewall. A firewall can help to block malicious traffic from reaching your computer.
• Use antivirus software. Antivirus software can help to detect and remove malware from your computer.
• Be careful about what websites you visit and what links you click on.
• Do not open attachments from unknown senders.

Share on Whatsapp

Network Security Question 10

1. Email bomb
2. Ping storm
3. Spoofing
4. Smurfing

Answer (Detailed Solution Below)

Network Security Question 10 Detailed Solution

Important Points

It is an attack on your inbox that involves sending massive amounts of emails to your address. Sometimes these messages are complete gibberish, but more often they’ll be confirmation emails for newsletters and subscriptions.

Additional Information

Spoofing

It is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server.

Smurf Attack

It is a form of a DDoS attack that causes packet flood on the victim by exploiting/abusing ICMP protocol. When deployed, large packets are created using a technique called “spoofing”. The phony source address that is now attached to these packets becomes the victim, as their IP is flooded with traffic. The small ICMP packet generated by the tool causes big trouble for a victim, hence the name Smurf.

Ping storm

It is a condition in which the Internet ping program is used to send a flood of packets to a server to test its ability to handle a high amount of traffic or, maliciously, to make the server inoperable

Hence Option 1 is correct