Scribd
Upload
354 views

SR - No Questions Correct Answer 1. C

The document is a quiz on information security concepts. It contains questions about the CIA triad (confidentiality, integrity, availability), security policies, OSI model layers, types of attacks (active vs passive), encryption techniques (symmetric vs asymmetric key encryption), and other core cybersecurity topics. The questions are multiple choice designed to test understanding of key terms, components, and principles related to information security.

Uploaded by

teci
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
354 views

SR - No Questions Correct Answer 1. C

The document is a quiz on information security concepts. It contains questions about the CIA triad (confidentiality, integrity, availability), security policies, OSI model layers, types of attacks (active vs passive), encryption techniques (symmetric vs asymmetric key encryption), and other core cybersecurity topics. The questions are multiple choice designed to test understanding of key terms, components, and principles related to information security.

Uploaded by

teci
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Sr.

No Questions Correct Answer


1. According to the CIA Triad, which of the below-mentioned C
element is not considered in the triad?

a) Confidentiality b) Integrity c) Authenticity d) Availability


2. CIA triad is also known as ________ B

a) NIC (Non-repudiation, Integrity, Confidentiality)


b) AIC (Availability, Integrity, Confidentiality)
c) AIN (Availability, Integrity, Non-repudiation)
d) AIC (Authenticity, Integrity, Confidentiality)
3. _______ of information means, only authorised users are A
capable of accessing the information.

a) Confidentiality
b) Integrity
c) Non-repudiation
d) Availability
4. ______ means the protection of data from modification by B
unknown users.

a) Confidentiality
b) Integrity
c) Authentication
d) Non-repudiation
5. When you use the word _____ it means you are protecting your A
data from getting disclosed.

a) Confidentiality
b) Integrity
c) Authentication
d) Availability
6. When integrity is lacking in a security system, _________ C
occurs.

a) Database hacking
b) Data deletion
c) Data tampering
d) Data leakage
7. Why these 4 elements (confidentiality, integrity, authenticity & C
availability) are considered fundamental?

a) They help understanding hacking better


b) They are key elements to a security breach
c) They help understands security and its components better
d) They help to understand the cyber-crime better
8. This helps in identifying the origin of information and authentic C
user. This referred to here as __________
a) Confidentiality
b) Integrity
c) Authenticity
d) Availability
9. Data ___________ is used to ensure confidentiality. A

a) Encryption
b) Locking
c) Deleting
d) Backup
10. Data integrity gets compromised when _____ and _____ are C
taken control off.

a) Access control, file deletion


b) Network, file permission
c) Access control, file permission
d) Network, system
11. _______ is the practice and precautions taken to protect valuable C
information from unauthorised access, recording, disclosure or
destruction.

a) Network Security
b) Database Security
c) Information Security
d) Physical Security
12. From the options below, which of them is not a threat to D
information security?

a) Disaster
b) Eavesdropping
c) Information leakage
d) Unchanged default password
13. Compromising confidential information comes under _________ B

a) Bug
b) Threat
c) Vulnerability
d) Attack
14. Which of the following are not security policies? C

a)Regulatory
b)Advisory
c)Availability
d)User Policies
15. Examples of User Policies is/are: D

a)Password Policies
b)Internet Usage
c)System Use
d)All of the above
16. _____ Policy ensures that the organization is maintaining A
standards set by specific industry regulation.

a)Regulatory
b)Advisory
c)Availability
d)User Policies
17. ______ Policy is like standards rules and regulations set by the B
management to advise their employees on their activity or
behavior

a)Regulatory
b)Advisory
c)Availability
d)User Policies
18. What defines the restrictions on employees such as usage? D

a)Regulatory
b)Advisory
c)Availability
d)User Policies
19. The full form of OSI is OSI model is ______________ A

a) Open Systems Interconnection


b) Open Software Interconnection
c) Open Systems Internet
d) Open Software Internet
20. In __________________ layer, vulnerabilities are directly A
associated with physical access to networks and hardware.

a) physical
b) data-link
c) network
d) application
21. Loss of power and unauthorized change in the functional unit of A
hardware comes under problems and issues of the physical layer.

a) True
b) False
22. Which of the following attack can actively modify C
communications or data?

a)Both Active and Passive Attacks


b)Neither Active and Passive Attacks
c) Active Attacks
d)Passive Attacks
23. OSI architechture mainly focuses on: D
1) Security Attack
2) Security Techniques/Mechanisms
3) Categories of Security Service
a)1
b)1 &3
c) 2& 3
d)1,2,3
24. IT security department must periodically check for security logs A
and entries made during office hours.
a) True
b) False

25. Release of Message Content and Traffic analysis are type of : D

a)Both Active and Passive Attacks


b)Neither Active and Passive Attacks
c) Active Attacks
d)Passive Attacks
26. If communication between 2 people is overheard by a third A
person without manipulation of any data, it is called as:

a) Release of Message Content-Passive Attack


b) Traffic analysis -Passive Attacks
c) Release of Message Content- Active Attacks
d) Traffic analysis -Active Attacks
27. If communication between 2 people is overheard by a third D
person without extraction of any data, it is called as:

a) Release of Message Content-Passive Attack


b) Traffic analysis -Passive Attacks
c) Release of Message Content- Active Attacks
d) Traffic analysis -Active Attacks

28. No modification of data is a characteristic of A

a)Active Attack
b)Passive Attack
29. Which of the following are Active attack types D
a)Masquerade
b)Replay
c)Modification
d)All of the above
30. ______ means when an attacker pretends to be authentic user A

a)Masquerade
b)Replay
c)Modification
d)Traffic analysis
31. ___________ attack is when original data is modified and B
malicious data is inserted

a)Masquerade
b)Replay(Rewrite)
c)Modification
d)Traffic analysis

32. When original data is changed to make it non-meaningful by C


attacker it is known as

a)Masquerade
b)Replay
c)Modification of Messages
d)Traffic analysis
33. Which is the type of attack when Network is made unavailable D
for user

a)Masquerade
b)Replay
c)Modification
d)Denial of Service
34. Modification of Data is done in: A

a)Both Active and Passive Attacks


b)Neither Active and Passive Attacks
c) Active Attacks
d)Passive Attacks
35. The information that gets transformed in encryption is A
____________
a) Plain text
b) Parallel text
c) Encrypted text
d) Decrypted text
36. 1. The process of transforming plain text into unreadable text. B
a) Decryption
b) Encryption
c) Network Security
d) Information Hiding
37. A process of making the encrypted text readable again. A

a) Decryption
b) Encryption
c) Network Security
d) Information Hiding
38. A unique piece of information that is used in encryption. C

a) Cipher
b) Plain Text
c) Key
d) Cipher
39. Assurance that authentic user is taking part in communication is: A

a)Authentication
b)Authorization
c)Access Control
d)Auditing
40. ATM pin while withdrawing money is an example of using: B

a)Authentication
b)Authorization
c)Access Control
d)Auditing
41. Study of creating a d using encryption and decryption B
techniques.

a) Cipher
b) Cryptography
c) Encryption
d) Decryption
42. An attack in which the user receives unwanted amount of e- C
mails.

a) Smurfing
b) Denial of service
c) E-mail bombing
d) Ping storm
43. The process of disguising plaintext in such a way that its D
substance gets hidden (into what is known as cipher-text) is
called _________________
a) cryptanalysis
b) decryption
c) reverse engineering
d) encryption
44. In _____________________ same keys are implemented for A
encrypting as well as decrypting the information.

a) Symmetric Key Encryption


b) Asymmetric Key Encryption
c) Asymmetric Key Decryption
d) Hash-based Key Encryption
45. The procedure to add bits to the last block is termed as D
_________________
a) decryption
b) hashing
c) tuning
d) padding
46. In asymmetric key cryptography, the private key is kept by B
__________
a) sender
b) receiver
c) sender and receiver
d) all the connected devices to the network
47. Cryptanalysis is used __________ A
a) to find some insecurity in a cryptographic scheme
b) to increase the speed
c) to encrypt the data
d) to make new ciphers
48. Conventional cryptography is also known as _____________ or A
symmetric-key encryption.

a) secret-key
b) public key
c) protected key
d) primary key
49. _____________________ is the art & science of cracking the B
cipher-text without knowing the key.

a) Cracking
b) Cryptanalysis
c) Cryptography
d) Crypto-hacking
50. In _____________ a sequence of actions is carried out on this A
block after a block of plain-text bits is chosen for generating a
block of cipher-text bits.
a) Block Cipher
b) One-time pad
c) Hash functions
d) Vigenere Cipher

You might also like