CS507 Solved Quiz Dated
CS507 Solved Quiz Dated
CS507 Solved Quiz Dated
Firewalls
Network-based IDS
Signature-based IDS
Statistical-based IDS
Ref: Statistical-based: These systems need a comprehensive definition of the known and
expected behavior of systems.
Reference
Eavesdropping
Masquerading
Piggybacking
Spoofing
4. ________ are installed at the point where network connections enter a site.
Select correct option:
Antivirus
Bridges
Routers
Firewalls
Ref: Firewalls are defined as a device installed at the point where network connections
enter a site; they apply rules to control the type of networking traffic flowing in and out.
5. Incase of __________, an intruder fools a user into thinking they are interacting
with the operating system.
Select correct option:
Spoofing
Piggybacking
Eavesdropping
Trojan horse
Ref: Spoofing – A penetrator fools users into thinking they are interacting with the
operating system. He duplicates logon procedure and captures pass word.
6. Which of the following when together, break down the geographical and time
barriers?
Select correct option:
Ref: Mobility implies that the Internet access travels with the customers. M-commerce is
appealing because wireless offers customers information from any location. This enables
employees to contact the office from anywhere they happen to be or customer.
Reachability means that people can be contacted at any time, which most people see as a
convenience of modern life. These two characteristics – mobility and reachability break
the geographical and time barriers.
scope
nature
global access
speed
Risk cost
Risk timing
Risk scope
Risk resources
9. Under which of the following agreement, two or more organizations agree to
provide backup facilities to each other in case of one suffering from a disaster.
Select correct option:
Mutual
Cooperative
Reciprocal
Joint
Ref: Reciprocal Agreement_ Two or more organization might agree to provide backup
facilities to each other in the event of one suffering a disaster. This backup option is
relatively cheap, but each participate must maintain sufficient capacity to operate
another’s critical systems. Reciprocal agreements are often informal in nature.
Reference
11. Which of the following apply rules to control the type of networking traffic
flowing in and out?
Select correct option:
Data analyzers
Firewall
Antivirus
Modem
Ref: Firewalls are defined as a device installed at the point where network connections
enter a site; they apply rules to control the type of networking traffic flowing in and out.
The purpose is to protect the Web server by controlling all traffic between the Internet
and the Web server.
On site reviews
Information elicitation
Threat identification
Maintain system integrity
13. Which of the following is applicable to environments with stable demand
patterns?
Select correct option:
14. Data packets are routed across a network with the help of_______________.
Select correct option:
FTP protocol
HTTP protocol
TCP protocol
Internet Protocol
Ref: The Internet Protocol is designed solely for the addressing and routing of data
packets across a network.
Eavesdropping
Masquerading
Piggybacking
Spoofing
16. ________ site backup is an appropriate choice for organizations if fast recovery is
critical.
Select correct option:
Hot
Cold
Cool
Warm
If fast recovery is critical, an organization might need hot-site backup. All hardware and
operations facilities will be available at the hot site. In some cases, software, data, and
supplies might also be stored there. Hot sites are expensive to maintain. They usually are
shared with other organizations that have same hot site needs.
17. Which of the following phase determines the adverse impact resulting from a
successful threat exercise of vulnerability?
Select correct option:
Risk resilience
Monitoring threats
Likelihood determination
Impact analysis
The next major step in measuring level of risk is to determine the adverse impact
resulting into a successful,exercise of vulnerability.
Impact analysis
Assessment process
Control recommendation
Vulnerability identification
19. __________ supply chain segment includes all the processes to transform inputs
to outputs.
Select correct option:
Downstream
Internal
Upstream
Middle stream
Ref: Upstream supply chain segment – includes the organization’s first-tier suppliers
(manufacturers and assemblers). The major activities are purchasing and shipping.
• Internal supply chain segment – includes all the processes to transform inputs to
outputs.
Threat statement
Threat source
Threat action plan
Threat impact analysis
Ref: Information is used as an input to determine and identify what kind of threats the
system is exposed to history of system attack, data from intelligence agencies. The out
put of this phase is a threat statement identifying and defining threats.
DEI
EDI
CDI
IDE
Continuous replenishment
Made to store
JIT
Built to order
23. Firewalls ________ data packets which are sent between different physical
locations within an organization.
Select correct option:
facilitate
Encrypt
restrict
allow
Ref: Firewalls encrypt packets that are sent between different physical locations within
an organization by creating a VPN over the Internet.(Page NO.178)
Reference
25. Which of the following is the act of secretly listening to the private conversation
of others without their consent?
Select correct option:
Eavesdropping
Spoofing
Masquerading
Piggybacking
Reference
26. Which of the following is not simply redesigning of certain input forms but also
includes changing of working practices?
Select correct option:
BPR
ERP
BRP
ERD
Ref: BPR was not simply of redesigning certain input forms but involved changed
practices of working. It involved change in human thought and approaches to their
routine, mundane tasks. This raised issues of Change Management.
Risk determination
Control recommendations
Control measures
Risk pliability
Ref: The control recommendations are the results of the risk assessment
28. Which of the following refers to the online delivery of information for the
purpose of education, training and knowledge management etc?
Select correct option:
E-Banking
E-Commerce
E-Business
E-Learning
Ref: It is a web - enabled system that makes knowledge accessible to those who need it,
when they need it – anytime, anywhere. E-learning is useful for facilitating learning at
schools.
mostly
does not
does
up to some extent
Ref: The Internet Protocol is designed solely for the addressing and routing of data
packets across a network. It does not guarantee or provide evidence on the delivery of
messages. There is no verification of an address. The sender will not know if the message
reaches its destination at the time it is required.
Ref: The real reason that B2C is flourishing in technologically advanced societies is that
it has broken down ‘physical’ barriers to doing business.
32. Which of the following IDS will not be able to detect all types of intrusions due to
limitations of detection rules?
Select correct option:
Network-based
Node-based
Signature-based
Statistical-based
Ref: Signature-based IDSs will not be able to detect all types of intrusions due to the
limitations of detection rules. On the other hand, statistical-based systems may report
many events outside of the defined normal activity but which are normal activities on the
network.
33. Effective Business continuity plans can not be executed without proper
Select correct option:
Control recommendation
Control implementation
Control management
Control monitoring
34. What could be the first step in any corporate risk strategy?
Select correct option:
Risk identification
Control implementation
Characterization
Documentation
35. Which of the following supply chain segment includes the organization’s first tier
suppliers?
Select correct option:
Internal
Downstream
Middle stream
Upstream
Ref: Upstream supply chain segment – includes the organization’s first-tier suppliers
(manufacturers and assemblers). The major activities are purchasing and shipping.
Ref: Reachability means that people can be contacted at any time, which most people see
as a convenience of modern life.
37. Which of the following network attacks involves probing for network
information?
Select correct option:
Passive attacks
Active attacks
Masquerading
Spoofing
Explanation: By probing for network information, the intruder obtains network
information as that can be used to target a particular system or set of systems during an
actual attack.
38. Which of the following uses internet and online technologies to create operating
efficiencies and therefore increase value to the customer?
Select correct option:
Internet
E-business
IDS
CRM
Ref: E-business means using the internet and online technologies to create operating
efficiencies, and therefore increase value to the customer. All e-commerce is part of e-
business. Not all e-business is e-commerce.
39. Which of the following works in conjunction with routers and firewalls by
monitoring network usage anomalies?
Select correct option:
SDLC
IDS
ISD
DCS
40. _________ controls the most vulnerable point between a corporate network and
the internet.
Select correct option:
Firewall
Sensors
Data analyzers
Spoofing
Ref: Firewalls are hardware and software combinations that are built using routers,
servers and variety of software. They should control the most vulnerable point between a
corporate network and the Internet.
41. _________ refers to the ability of a system to handle growing amounts of work in
a graceful manner.
Select correct option:
Scalability
Consistency
Security
Clustering
Ref: Impact needs to be measured by defining certain levels. E.g. high medium low as
qualitative categories or quantifying the impact by using probability distribution.
• Mission Impact Analysis
• Assess criticality assessment
• Data criticality
• Data sensitivity