Information Security

61. All of the following are advantages of using self-signed SSL certificates EXCEPT:

  1. Server authentication
  2. Lower cost
  3. Easier to create
  4. More difficult to crack

Correct answer: (A)
Server authentication

62. All of the following are valid reasons for backing up data EXCEPT:

  1. Disaster
  2. Software bugs that corrupt data
  3. Replication
  4. Sabotage

Correct answer: (C)
Replication

63. All of the following methods for destroying data on hard disk drives are sufficient EXCEPT:

  1. Reformatting
  2. Degaussing
  3. Shredding
  4. Drilling

Correct answer: (A)
Reformatting

64. All of the following statements about a security incident plan are correct EXCEPT:

  1. The plan should be tested annually
  2. The plan should be reviewed annually
  3. The plan should be published annually
  4. Training on plan procedures should be performed annually

Correct answer: (C)
The plan should be published annually

65. All of the following statements about the OSI network model are true EXCEPT:

  1. No commercial network product that contains all of the components of the OSI model have ever been built
  2. The OSI network model uses encapsulation to build communication packets
  3. TCP/IP is an implementation of the OSI network model
  4. The OSI network model is a model of a network protocol stack

Correct answer: (C)
TCP/IP is an implementation of the OSI network model

66. All of the following statements about the polyalphabetic cipher are true EXCEPT:

  1. It is a form of one-time pad
  2. It is resistant to frequency analysis attacks
  3. It uses multiple substitution alphabets
  4. It is a type of substitution cipher

Correct answer: (A)
It is a form of one-time pad

67. All of the following statements about the TCP protocol are true EXCEPT:

  1. Correct order of delivery is guaranteed
  2. Connectionless
  3. Connection oriented
  4. Missing packets will be retransmitted

Correct answer: (B)
Connectionless

68. An application has been certified against established evaluation criteria. This means:

  1. A code review has been performed
  2. The application can now be used
  3. Formal management approval is required before it can be used
  4. The application is already being used

Correct answer: (C)
Formal management approval is required before it can be used

69. An attack on a DNS server to implant forged "A" records is characteristic of a:

  1. Pharming attack
  2. Phishing attack
  3. Whaling attack
  4. Spim attack

Correct answer: (A)
Pharming attack

70. An attacker is attempting to learn the encryption key that is used to protect messages being sent between two parties. The attacker is able to create his own messages, get them encrypted by one of the parties, and can then examine the ciphertext for his message. This type of attack is known as:

  1. Ciphertext only attack
  2. Chosen ciphertext attack
  3. Chosen plaintext attack
  4. Man in the middle attack

Correct answer: (C)
Chosen plaintext attack

Previous
Page 7 of 25
Next
Copyright © EngineeringMCQ.com