Computer System Security MCQ with answers -06

Posted by

The "Answers" given with the Question is "not verified". To view Verified answers click on the button below.

COMPUTER SYSTEM SECURITY MCQ with all answers (100% free pdf download)

Confidentiality Policies: Confinement Principle ,Detour Unix user IDs process IDs and
privileges, More on confinement techniques ,System call interposition ,Error 404 digital
Hacking in India part 2 chase , VM based isolation ,Confinement principle ,Software fault
isolation , Rootkits ,Intrusion Detection Systems

1. According to the CIA Triad, which of the below-mentioned element is not considered in the triad?
a. Confidentiality
b. Integrity
c. Authenticity
d. Availability
Answer: c

2. CIA triad is also known as ________
a. NIC (Non-repudiation, Integrity, Confidentiality)
b. AIC (Availability, Integrity, Confidentiality)
c. AIN (Availability, Integrity, Nonrepudiation)
d. AIC (Authenticity, Integrity, Confidentiality)
Answer: b

3. _______ of information means, only authorised users are capable of accessing the information.
a. Confidentiality
b. Integrity
c. Non-repudiation
d. Availability
Answer: a

4. ______ means the protection of data from modification by unknown users.
a. Confidentiality
b. Integrity
c. Authentication
d. Non-repudiation
Answer: b

5. When you use the word _____ it means you are protecting your data from getting disclosed.
a. Confidentiality
b. Integrity
c. Authentication
d. Availability
Answer: a

6. When integrity is lacking in a security system, _________ occurs.
a. Database hacking
b. Data deletion
c. Data tampering
d. Data leakage
Answer: c

7. Why these 4 elements (confidentiality, integrity, authenticity & availability) are considered fundamental?
a. They help understanding hacking better
b. They are key elements to a security breach
c. They help understands security and its components better
d. They help to understand the cybercrime better
Answer: c

8. This helps in identifying the origin of information and authentic user. This referred to here as __________
a. Confidentiality
b. Integrity
c. Authenticity
d. Availability
Answer: c

9. Data ___________ is used to ensure confidentiality.
a. Encryption
b. Locking
c. Deleting
d. Backup
Answer: a

10. Data integrity gets compromised when _____ and _____ are taken control off.
a. Access control, file deletion
b. Network, file permission
c. Access control, file permission
d. Network, system
Answer: c

11. _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction.
a. Network Security
b. Database Security
c. Information Security
d. Physical Security
Answer: c

12. From the options below, which of them is not a threat to information security?
a. Disaster
b. Eavesdropping
c. Information leakage
d. Unchanged default password
Answer: d

13. Compromising confidential information comes under _________
a. Bug
b. Threat
c. Vulnerability
d. Attack
Answer: b

14. Which of the following are not security policies?
a. Regulatory
b. Advisory
c. Availability
d. User Policies
Answer: c

15. Examples of User Policies is/are:
a. Password Policies
b. Internet Usage
c. System Use
d. All of the above

16. _____ Policy ensures that the organization is maintaining standards set by specific industry regulation.
a. Regulatory
b. Advisory
c. Availability
d. User Policies
Answer: a

17. ______ Policy is like standards rules and regulations set by the management to advise their employees on their activity or behavior
a. Regulatory
b. Advisory
c. Availability
d. User Policies
Answer: b

18. What defines the restrictions on employees such as usage?
a. Regulatory
b. Advisory
c. Availability
d. User Policies
Answer: d

19. Which of the following attack can actively modify communications or data?
a. Both Active and Passive Attacks
b. Neither Active and Passive Attacks
c. Active Attacks
d. Passive Attacks
Answer: c

20. Release of Message Content and Traffic analysis are type of :
a. Both Active and Passive Attacks
b. Neither Active and Passive Attacks
c. Active Attacks
d. Passive Attacks
Answer: d

21. If communication between 2 people is overheard by a third person without manipulation of any data, it is called as:
a. Release of Message Content-Passive Attack
b. Traffic analysis -Passive Attacks
c. Release of Message Content- Active Attacks
d. Traffic analysis -Active Attacks
Answer: a

22. If communication between 2 people is overheard by a third person without extraction of any data, it is called as:
a. Release of Message Content-Passive Attack
b. Traffic analysis -Passive Attacks
c. Release of Message Content- Active Attacks
d. Traffic analysis -Active Attacks
Answer: d

23. No modification of data is a characteristic of
a. Active Attack
b. Passive Attack
Answer: a

24. ______ means when an attacker pretends to be authentic user
a. Masquerade
b. Replay
c. Modification
d. Traffic analysis
Answer: a

25. ___________ attack is when original data is modified and malicious data is inserted
a. Masquerade
b. Replay(Rewrite)
c. Modification
d. Traffic analysis
Answer: b