Network Firewalls Quiz Questions

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Hamidos1

Hamidos1

Community Contributor

Quizzes Created: 1 | Total Attempts: 503

Questions: 45 | Attempts: 503 | Updated: Mar 21, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

IS Practice 2 practice

Questions and Answers

1.

A(n) ____ is “a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.”
- A.
  
  SESAME
- B.
  
  SVPN
- C.
  
  VPN
- D.
  
  KERBES
Correct Answer
C. VPN

Explanation
A VPN (Virtual Private Network) is a private data network that uses the public telecommunication infrastructure to maintain privacy. It achieves this through the use of a tunneling protocol and security procedures.

Rate this question:
2.

In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) ____.
- A.
  
  Ticket
- B.
  
  PAC
- C.
  
  VPN
- D.
  
  ECMA
Correct Answer
B. PAC

Explanation
After being authenticated by the authentication server, the user receives a token. This token is then used as proof of identity to gain a PAC (Privilege Attribute Certificate) from the privilege attribute server. The PAC grants the user certain privileges or access rights within the system.

Rate this question:
3.

____ generates and issues session keys in Kerberos.
- A.
  
  TGS
- B.
  
  VPN
- C.
  
  KDC
- D.
  
  AS
Correct Answer
C. KDC

Explanation
The Key Distribution Center (KDC) generates and issues session keys in Kerberos. The KDC is responsible for authenticating users and granting them tickets for accessing network resources. It generates a session key that is used to encrypt and decrypt messages exchanged between the client and the server during a session. The KDC plays a crucial role in ensuring secure communication in a Kerberos environment.

Rate this question:
4.

____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.
- A.
  
  Packet filtering
- B.
  
  Circuit gateways
- C.
  
  Application gateways
- D.
  
  MAC layer firewalls
Correct Answer
A. Packet filtering

Explanation
Packet filtering firewalls examine the header of every incoming packet and make filtering decisions based on information such as the destination address, source address, packet type, and other key details. This means that they can selectively allow or block packets based on these criteria. Unlike circuit gateways, application gateways, and MAC layer firewalls, packet filtering firewalls focus specifically on filtering packets at the network layer based on header information.

Rate this question:

1
0
5.

ICMP uses port ____ to request a response to a query and can be the first indicator of a malicious attack.
- A.
  
  7
- B.
  
  48
- C.
  
  8
- D.
  
  4
Correct Answer
A. 7

Explanation
ICMP (Internet Control Message Protocol) is a network protocol that is used to send error messages and operational information about network conditions. It does not use ports like other protocols such as TCP or UDP. Instead, ICMP messages are encapsulated within IP packets and do not have a specific port number associated with them. Therefore, the statement in the question that ICMP uses port 7 is incorrect. ICMP messages are used for various purposes, including network troubleshooting and diagnostics, and they can also be exploited by attackers for malicious purposes.

Rate this question:
6.

Telnet protocol packets usually go to TCP port ____.
- A.
  
  23
- B.
  
  14
- C.
  
  8
- D.
  
  7
Correct Answer
A. 23

Explanation
Telnet protocol packets typically go to TCP port 23. The Telnet protocol is used for remote login and command execution on a remote computer or server. Port 23 is the well-known port assigned to Telnet, and it is the default port used for establishing a Telnet session. By sending packets to TCP port 23, the communication can be established between the client and the server, allowing the user to remotely access and control the remote system.

Rate this question:
7.

The dominant architecture used to secure network access today in large organizations is the ____ firewall.
- A.
  
  Bastion
- B.
  
  Unlimited
- C.
  
  Static
- D.
  
  Screened subnet
Correct Answer
D. Screened subnet

Explanation
The correct answer is "screened subnet". A screened subnet firewall is a security architecture that involves the use of two firewalls and a demilitarized zone (DMZ) to protect the internal network from external threats. The external firewall filters and controls incoming traffic, while the internal firewall filters and controls outgoing traffic. The DMZ acts as a buffer zone between the internal network and the external network, allowing certain services to be exposed to the outside while still maintaining security. This architecture provides a layered approach to network security and is commonly used in large organizations to secure network access.

Rate this question:
8.

____ filtering allows the firewall to react to an emergent event and update or create rules to deal with the event.
- A.
  
  Stateful
- B.
  
  Stateless
- C.
  
  Static
- D.
  
  Dynamic
Correct Answer
D. Dynamic

Explanation
Dynamic filtering allows the firewall to react to an emergent event and update or create rules to deal with the event. Unlike static filtering, which uses pre-determined rules, dynamic filtering is able to adapt and respond in real-time based on the current network conditions. This allows for more flexibility and responsiveness in handling unexpected events or threats. Stateful and stateless filtering refer to the way the firewall tracks and manages network connections, and are not directly related to the ability to react to emergent events.

Rate this question:
9.

____ firewalls keep track of each network connection between internal and external systems.
- A.
  
  Stateless
- B.
  
  Static
- C.
  
  Stateful
- D.
  
  Dynamic
Correct Answer
C. Stateful

Explanation
Stateful firewalls keep track of each network connection between internal and external systems. Unlike stateless firewalls, which only examine individual packets, stateful firewalls maintain a record of the state of each connection, including information such as source and destination IP addresses, ports, and sequence numbers. This allows stateful firewalls to make more informed decisions about which packets to allow or block based on the context of the entire connection.

Rate this question:
10.

The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone.
- A.
  
  Cold
- B.
  
  Fully trusted
- C.
  
  Hot
- D.
  
  Demilitarized
Correct Answer
D. Demilitarized

Explanation
The correct answer is "demilitarized". The reason for this is that a proxy server is often placed in a demilitarized zone (DMZ) of a network. A DMZ is a separate network segment that acts as a buffer between the internal network and the external network, providing an extra layer of security. By placing the proxy server in the DMZ, it helps protect the internal network from potential attacks coming from the outside.

Rate this question:
11.

A(n) ____ works like a burglar alarm in that it detects a violation of its configuration (analogous to an opened or broken window) and activates an alarm.
- A.
  
  ITS
- B.
  
  IIS
- C.
  
  SIS
- D.
  
  IDS
Correct Answer
D. IDS

Explanation
An IDS (Intrusion Detection System) is a security tool that functions similarly to a burglar alarm. It monitors a system or network for any unauthorized or suspicious activity, such as a configuration violation, which is comparable to an opened or broken window. When a violation is detected, the IDS activates an alarm to alert the system administrator or security team.

Rate this question:
12.

Using ____, the system reviews the log files generated by servers, network devices, and even other IDPSs.
- A.
  
  LFM
- B.
  
  Stat IDPS
- C.
  
  AppIDPS
- D.
  
  HIDPS
Correct Answer
A. LFM

Explanation
The correct answer is LFM. LFM stands for Log File Monitoring, which is a method used by the system to review the log files generated by servers, network devices, and even other IDPSs. This allows for the analysis and detection of any suspicious or malicious activities that may have occurred within the network.

Rate this question:
13.

____ are decoy systems designed to lure potential attackers away from critical systems and encourage attacks against themselves.
- A.
  
  Honey cells
- B.
  
  Padded cells
- C.
  
  Padded nets
- D.
  
  Honey pots
Correct Answer
D. Honey pots

Explanation
Honey pots are decoy systems that are designed to divert potential attackers away from critical systems and instead encourage them to attack the honey pots themselves. These systems mimic the appearance and vulnerabilities of real systems, making them attractive targets for attackers. By luring attackers to the honey pots, organizations can gather information about their tactics and techniques, as well as protect their actual critical systems from being compromised.

Rate this question:
14.

____ is the action of luring an individual into committing a crime to get a conviction.
- A.
  
  Padding
- B.
  
  Intrusion
- C.
  
  Enticement
- D.
  
  Entrapment
Correct Answer
D. Entrapment

Explanation
Entrapment refers to the action of luring an individual into committing a crime in order to obtain a conviction. This typically involves a law enforcement officer or agent enticing or inducing someone to engage in illegal activities that they may not have otherwise committed. The purpose of entrapment is to gather evidence and prove the guilt of the individual. It is important to note that entrapment is considered illegal and unethical if it involves excessive coercion or persuasion that overrides the individual's free will.

Rate this question:
15.

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.
- A.
  
  Honey pot
- B.
  
  Packet scanner
- C.
  
  Honey packet
- D.
  
  Packet sniffer
Correct Answer
D. Packet sniffer

Explanation
A packet sniffer is a network tool that collects copies of packets from the network and analyzes them. It is used to monitor and analyze network traffic, capturing packets of data as they are transmitted over the network. This allows network administrators to troubleshoot network issues, analyze network performance, and detect any malicious activity or security breaches. By capturing and analyzing packets, a packet sniffer provides valuable insights into the network's behavior and helps in maintaining network security and performance.

Rate this question:
16.

Which of the following is the most secure Biometric Authentication system?
- A.
  
  Handprint recognition
- B.
  
  Retina pattern recognition
- C.
  
  Signature recognition
- D.
  
  Voice recognition
Correct Answer
B. Retina pattern recognition

Explanation
Retina pattern recognition is considered the most secure biometric authentication system because it analyzes the unique patterns of blood vessels in the back of the eye. These patterns are highly complex and virtually impossible to replicate, making it extremely difficult for unauthorized individuals to gain access. Handprint recognition, signature recognition, and voice recognition can be more easily forged or imitated, making them less secure compared to retina pattern recognition.

Rate this question:
17.

A(n) ____ IDPS is focused on protecting network information assets.
- A.
  
  Network-based
- B.
  
  Server-based
- C.
  
  Application-based
- D.
  
  Host-based
Correct Answer
A. Network-based

Explanation
A network-based IDPS is designed to protect network information assets by monitoring and analyzing network traffic for any suspicious or malicious activity. It operates at the network level, inspecting packets of data as they pass through the network, and can detect and respond to threats such as unauthorized access attempts or abnormal network behavior. This type of IDPS is particularly effective in defending against attacks that target the network infrastructure and can provide real-time protection for the network and its assets.

Rate this question:
18.

____ is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device
- A.
  
  NIDPS
- B.
  
  IDSE
- C.
  
  SPAN
- D.
  
  DPS
Correct Answer
C. SPAN

Explanation
A SPAN (Switched Port Analyzer) is a specially configured connection on a network device that can monitor and view all the traffic passing through the device. This feature is commonly used for network analysis, troubleshooting, and security monitoring purposes. By using a SPAN, network administrators can capture and analyze network traffic without interrupting the normal operation of the network.

Rate this question:
19.

NIDPSs must look for attack patterns by comparing measured activity to known ____ in their knowledge base.
- A.
  
  Fingerprints
- B.
  
  Signatures
- C.
  
  Footprints
- D.
  
  Fingernails
Correct Answer
B. Signatures

Explanation
NIDPSs, or Network Intrusion Detection and Prevention Systems, are designed to detect and prevent attacks on a network. In order to do this, they need to compare the measured activity on the network to known attack patterns or behaviors. These known attack patterns are stored in the NIDPS's knowledge base and are referred to as "signatures." By comparing the measured activity to these signatures, the NIDPS can identify and respond to potential attacks.

Rate this question:
20.

____ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.
- A.
  
  AppIDPSs
- B.
  
  SIDPSs
- C.
  
  HIDPSs
- D.
  
  NIDPSs
Correct Answer
C. HIDPSs

Explanation
HIDPSs, or Host-based Intrusion Detection and Prevention Systems, are designed to monitor the status of key system files and detect any unauthorized changes made by intruders. They provide security by continuously benchmarking and monitoring files, ensuring their integrity and identifying any modifications, creations, or deletions. HIDPSs are specifically focused on the host system and are effective in detecting and preventing intrusions at the individual host level.

Rate this question:
21.

____ sensors project and detect an infrared beam across an area.
- A.
  
  Thermal
- B.
  
  Air-aspirating
- C.
  
  Photoelectric
- D.
  
  Smoke
Correct Answer
C. pHotoelectric

Explanation
Photoelectric sensors are designed to project and detect an infrared beam across an area. These sensors work by emitting a beam of light and then detecting any changes in the amount of light that is reflected back. When an object or obstruction interrupts the infrared beam, the sensor is triggered and can detect the presence or absence of the beam. This makes photoelectric sensors useful for applications such as object detection, counting, and proximity sensing.

Rate this question:
22.

Class ____ fires are extinguished by agents that remove oxygen from the fire.
- A.
  
  C
- B.
  
  A
- C.
  
  B
- D.
  
  D
Correct Answer
C. B

Explanation
Class B fires are extinguished by agents that remove oxygen from the fire. Class B fires involve flammable liquids such as gasoline, oil, and grease. These fires can spread quickly and are best extinguished by smothering them with a substance that removes oxygen, such as a fire extinguisher containing foam or carbon dioxide. Therefore, the correct answer is B.

Rate this question:
23.

Class ____ fires are extinguished with agents that must be non-conducting.
- A.
  
  A
- B.
  
  B
- C.
  
  D
- D.
  
  C
Correct Answer
D. C

Explanation
Class C fires involve energized electrical equipment, such as appliances, wiring, and circuit breakers. These fires can be dangerous because water or other conductive agents can cause electrical shock or spread the fire. Therefore, agents that are non-conducting, such as carbon dioxide or dry chemical powders, are used to extinguish Class C fires.

Rate this question:
24.

____ sprinklers are the newest form of sprinkler systems and rely on ultra fine mists instead of traditional shower-type systems.
- A.
  
  Air-dry
- B.
  
  Pre-action
- C.
  
  Water-free
- D.
  
  Water mist
Correct Answer
D. Water mist

Explanation
Water mist sprinklers are the newest form of sprinkler systems and they work by using ultra fine mists instead of traditional shower-type systems. This means that instead of large droplets of water, the sprinklers release a fine mist that covers a larger area and is more effective in suppressing fires. Water mist sprinklers are considered to be more efficient and environmentally friendly compared to other types of sprinkler systems.

Rate this question:
25.

One of the leading causes of damage to sensitive circuitry is ____.
- A.
  
  HVAC
- B.
  
  ESD
- C.
  
  EPA
- D.
  
  CPU
Correct Answer
B. ESD

Explanation
ESD stands for Electrostatic Discharge, which refers to the sudden flow of electricity between two objects with different charges. This discharge can occur when a person or object comes into contact with sensitive circuitry, causing damage. Therefore, ESD is one of the leading causes of damage to sensitive circuitry. HVAC (Heating, Ventilation, and Air Conditioning), EPA (Environmental Protection Agency), and CPU (Central Processing Unit) are not directly related to causing damage to sensitive circuitry.

Rate this question:
26.

____ occurs when an authorized individual presents a key to open a door, and other individuals, who may or may not be authorized, also enter through.
- A.
  
  Sidegating
- B.
  
  Hitchhiking
- C.
  
  Tailgating
- D.
  
  Freeloading
Correct Answer
C. Tailgating

Explanation
Tailgating occurs when an authorized individual presents a key to open a door, and other individuals, who may or may not be authorized, also enter through. This term is commonly used to describe the act of someone following closely behind an authorized person to gain access to a restricted area without proper authorization.

Rate this question:
27.

The most sophisticated locks are ____.
- A.
  
  Electronic
- B.
  
  Manual
- C.
  
  Programmable
- D.
  
  Biometric
Correct Answer
D. Biometric

Explanation
Biometric locks are considered the most sophisticated because they use unique physical characteristics, such as fingerprints or iris patterns, to grant access. This advanced technology provides a high level of security as it is difficult to replicate or forge biometric data. Biometric locks also offer convenience as they eliminate the need for keys or codes, making them a popular choice for high-security areas such as government buildings or research facilities.

Rate this question:
28.

Electronic monitoring includes ____ systems.
- A.
  
  Local video
- B.
  
  Closed-circuit television
- C.
  
  Open-circuit television
- D.
  
  Blocked video
Correct Answer
B. Closed-circuit television

Explanation
Closed-circuit television (CCTV) is a type of electronic monitoring system that is commonly used for surveillance purposes. Unlike open-circuit television, which broadcasts the video signal to a public or wide area network, CCTV uses a closed circuit that allows the video to be monitored only by authorized individuals or within a limited area. This ensures privacy and security as the video feed is not accessible to the general public. Therefore, closed-circuit television is a suitable option for electronic monitoring systems.

Rate this question:
29.

____ sensors work when two contacts are connected as, for example, when a foot steps on a pressure-sensitive pad under a rug, or a window being opened triggers a pin and spring sensor.
- A.
  
  Pressure
- B.
  
  Contact and weight
- C.
  
  Motion
- D.
  
  Movement
Correct Answer
B. Contact and weight

Explanation
Contact and weight sensors work by detecting the presence or pressure of an object. These sensors are activated when two contacts are connected, such as when a foot steps on a pressure-sensitive pad under a rug or when a window being opened triggers a pin and spring sensor. These sensors are able to measure the amount of contact or weight applied, allowing them to detect changes in pressure or the presence of an object.

Rate this question:
30.

The interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices but below the top of the storey. This space is called a(n) ____.
- A.
  
  Attic
- B.
  
  Padding
- C.
  
  Plenum
- D.
  
  Kneespace
Correct Answer
C. Plenum

Explanation
The correct answer is "plenum." In this context, a plenum refers to the space above the ceiling of the offices but below the top of the storey. It is the area where the interior walls do not reach all the way to the next floor, creating a gap or void. This term is commonly used in architecture and building design to describe this specific type of space.

Rate this question:
31.

____ is the requirement that every employee be able to perform the work of another employee.
- A.
  
  Duty exchange
- B.
  
  Collusion
- C.
  
  Task rotation
- D.
  
  Two-man control
Correct Answer
C. Task rotation

Explanation
Task rotation is the requirement that every employee be able to perform the work of another employee. This practice helps to ensure that there is flexibility within the workforce and that no single individual holds exclusive knowledge or skills. By rotating tasks, organizations can prevent bottlenecks and reduce the risk of disruptions caused by employee absence or turnover. It also promotes cross-training and skill development among employees, leading to a more versatile and adaptable workforce.

Rate this question:
32.

____ is a cornerstone in the protection of information assets and in the prevention of financial loss.
- A.
  
  Collusion
- B.
  
  Separation of duties
- C.
  
  Fire protection
- D.
  
  Business separation
Correct Answer
B. Separation of duties

Explanation
Separation of duties is a fundamental principle in protecting information assets and preventing financial loss. It involves dividing critical tasks and responsibilities among different individuals to ensure that no single person has complete control or access to all aspects of a process. This helps to minimize the risk of fraud, errors, and unauthorized activities by providing checks and balances. By separating duties, organizations can establish a system of accountability and reduce the likelihood of collusion or intentional misuse of information, thereby safeguarding their assets and financial well-being.

Rate this question:
33.

The information security function can be placed within ____.
- A.
  
  Administrative services function
- B.
  
  Insurance and risk management function
- C.
  
  All of the above
- D.
  
  Legal department
Correct Answer
C. All of the above

Explanation
The correct answer is "All of the above". This means that the information security function can be placed within the administrative services function, insurance and risk management function, and the legal department. This suggests that information security can be integrated into various areas of an organization, highlighting its importance and the need for collaboration across different departments to ensure the security of information.

Rate this question:
34.

Many organizations use a(n) ____ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee’s tenure in the organization.
- A.
  
  Hostile
- B.
  
  Departure
- C.
  
  Exit
- D.
  
  Termination
Correct Answer
C. Exit

Explanation
An exit interview is used by many organizations to remind the employee of their contractual obligations, such as nondisclosure agreements, and to obtain feedback on their tenure in the organization. This type of interview typically takes place when an employee is leaving the organization voluntarily, either through resignation or retirement. It allows the organization to gather valuable information about the employee's experience and identify any areas for improvement.

Rate this question:
35.

____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented.
- A.
  
  Security technicians
- B.
  
  CSOs
- C.
  
  Security managers
- D.
  
  CISOs
Correct Answer
A. Security technicians

Explanation
Security technicians are the technically qualified individuals tasked with configuring firewalls, deploying IDSs, implementing security software, diagnosing and troubleshooting problems, and coordinating with systems and network administrators to ensure that an organization's security technology is properly implemented. They have the expertise and knowledge to handle the technical aspects of security measures and ensure that the necessary security protocols are in place to protect an organization's systems and data.

Rate this question:
36.

____ is the process of converting an original message into a form that is unreadable to unauthorized individuals.
- A.
  
  Decryption
- B.
  
  Cryptology
- C.
  
  Cryptography
- D.
  
  Encryption
Correct Answer
D. Encryption

Explanation
Encryption is the process of converting an original message into a form that is unreadable to unauthorized individuals. It involves using an algorithm or cipher to transform the data into a secret code, making it difficult for anyone without the proper key to understand the information. Encryption is an essential component of data security and is widely used to protect sensitive information such as personal data, financial transactions, and communications.

Rate this question:
37.

DES uses a(n) _____-bit block size.
- A.
  
  32
- B.
  
  64
- C.
  
  128
- D.
  
  256
Correct Answer
B. 64

Explanation
DES (Data Encryption Standard) uses a 64-bit block size. The block size refers to the fixed length of data that is encrypted or decrypted at a time. In the case of DES, each block of plaintext or ciphertext is divided into 64-bit chunks and undergoes a series of transformations using a 56-bit key. This block size allows for efficient encryption and decryption operations while maintaining a good level of security.

Rate this question:
38.

____ is a Federal Information Processing Standard that specifies a cryptographic algorithm that is used within the U.S. government to protect information at federal agencies that are not a part of the national defense infrastructure.
- A.
  
  AES
- B.
  
  DES
- C.
  
  3DES
- D.
  
  2DES
Correct Answer
A. AES

Explanation
AES (Advanced Encryption Standard) is a Federal Information Processing Standard that specifies a cryptographic algorithm used by the U.S. government to protect information at federal agencies that are not part of the national defense infrastructure. AES is a widely adopted encryption algorithm known for its security and efficiency. It is used to encrypt sensitive data and ensure its confidentiality and integrity in various applications and industries worldwide. DES, 3DES, and 2DES are other cryptographic algorithms, but AES is the correct answer in this context.

Rate this question:
39.

The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.
- A.
  
  MAC
- B.
  
  RA
- C.
  
  CRL
- D.
  
  AES
Correct Answer
C. CRL

Explanation
The correct answer is CRL, which stands for Certificate Revocation List. A CRL is a list that is periodically distributed to all users and contains information about all revoked certificates. It helps users identify which certificates are no longer valid and should not be trusted.

Rate this question:
40.

____ is the entire range of values that can possibly be used to construct an individual key.
- A.
  
  Code
- B.
  
  Algorithm
- C.
  
  Keyspace
- D.
  
  Cryptogram
Correct Answer
C. Keyspace

Explanation
The term "keyspace" refers to the entire range of values that can potentially be used to create a single key. In other words, it represents the total number of possible combinations or permutations that can be used to generate a key. This concept is commonly used in cryptography and computer security to assess the strength and complexity of encryption keys. The larger the keyspace, the more difficult it becomes for an attacker to guess or crack the key.

Rate this question:
41.

____ is a hybrid cryptosystem originally designed in 1991 by Phil Zimmermann.
- A.
  
  DES
- B.
  
  PGP
- C.
  
  AH
- D.
  
  ESP
Correct Answer
B. PGP

Explanation
PGP (Pretty Good Privacy) is a hybrid cryptosystem originally designed in 1991 by Phil Zimmermann. It combines symmetric-key encryption for efficient data encryption and asymmetric-key encryption for secure key exchange. PGP is widely used for secure communication and data protection, providing confidentiality, integrity, and authentication.

Rate this question:
42.

____ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.
- A.
  
  Password
- B.
  
  Cipher
- C.
  
  Key
- D.
  
  Passphrase
Correct Answer
C. Key

Explanation
A key is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. It is a crucial component in encryption and decryption processes, as it determines the specific transformation applied to the data. Without the correct key, it is nearly impossible to decipher the encrypted message or encrypt a message in a specific way. Therefore, the key plays a vital role in ensuring the security and confidentiality of the information being transmitted or stored.

Rate this question:
43.

____ is the amount of effort (usually in hours) required to perform cryptanalysis on an encoded message so that it may be decrypted when the key or algorithm (or both) are unknown.
- A.
  
  Key
- B.
  
  Work factor
- C.
  
  Algorithm
- D.
  
  Code
Correct Answer
B. Work factor

Explanation
The work factor refers to the amount of effort, typically measured in hours, needed to perform cryptanalysis on an encoded message when the key or algorithm (or both) are unknown. In other words, it represents the level of difficulty in decrypting the message without knowledge of the key or algorithm used.

Rate this question:
44.

____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.
- A.
  
  Key
- B.
  
  Map
- C.
  
  Hash
- D.
  
  Encryption
Correct Answer
C. Hash

Explanation
Hash functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content. Hash functions take an input (message) and produce a fixed-size string of characters (hash value) that is unique to that specific input. This hash value acts as a digital fingerprint for the message, allowing for quick and efficient verification of message integrity and authenticity.

Rate this question:
45.

The ____ is essentially a one-way hash value that is encrypted with a symmetric key.
- A.
  
  Digest
- B.
  
  Fingerprint
- C.
  
  Signature
- D.
  
  MAC
Correct Answer
D. MAC

Explanation
A Message Authentication Code (MAC) is a cryptographic hash value that is generated using a symmetric key. It provides integrity and authenticity of a message by ensuring that it has not been tampered with during transmission. The MAC is computed using a one-way hash function and the shared symmetric key, making it impossible to reverse-engineer the original message from the MAC. Therefore, the MAC is an encrypted hash value that guarantees the integrity and authenticity of the message.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2023

Quiz Edited by
ProProfs Editorial Team
Dec 14, 2009

Quiz Created by
Hamidos1

Network Firewalls Quiz Questions

A(n) ____ is “a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.”

In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) ____.

____ generates and issues session keys in Kerberos.

____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.

ICMP uses port ____ to request a response to a query and can be the first indicator of a malicious attack.

Telnet protocol packets usually go to TCP port ____.

The dominant architecture used to secure network access today in large organizations is the ____ firewall.

____ filtering allows the firewall to react to an emergent event and update or create rules to deal with the event.

____ firewalls keep track of each network connection between internal and external systems.

The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone.

A(n) ____ works like a burglar alarm in that it detects a violation of its configuration (analogous to an opened or broken window) and activates an alarm.

Using ____, the system reviews the log files generated by servers, network devices, and even other IDPSs.

____ are decoy systems designed to lure potential attackers away from critical systems and encourage attacks against themselves.

____ is the action of luring an individual into committing a crime to get a conviction.

A(n) ____ is a network tool that collects copies of packets from the network and analyzes them.

Which of the following is the most secure Biometric Authentication system?

A(n) ____ IDPS is focused on protecting network information assets.

____ is a specially configured connection on a network device that is capable of viewing all of the traffic that moves through the entire device

NIDPSs must look for attack patterns by comparing measured activity to known ____ in their knowledge base.

____ benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files.

____ sensors project and detect an infrared beam across an area.

Class ____ fires are extinguished by agents that remove oxygen from the fire.

Class ____ fires are extinguished with agents that must be non-conducting.

____ sprinklers are the newest form of sprinkler systems and rely on ultra fine mists instead of traditional shower-type systems.

One of the leading causes of damage to sensitive circuitry is ____.

____ occurs when an authorized individual presents a key to open a door, and other individuals, who may or may not be authorized, also enter through.

The most sophisticated locks are ____.

Electronic monitoring includes ____ systems.

____ sensors work when two contacts are connected as, for example, when a foot steps on a pressure-sensitive pad under a rug, or a window being opened triggers a pin and spring sensor.

The interior walls reach only part way to the next floor, which leaves a space above the ceiling of the offices but below the top of the storey. This space is called a(n) ____.

____ is the requirement that every employee be able to perform the work of another employee.

____ is a cornerstone in the protection of information assets and in the prevention of financial loss.

The information security function can be placed within ____.

Many organizations use a(n) ____ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee’s tenure in the organization.

____ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization’s security technology is properly implemented.

____ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

DES uses a(n) _____-bit block size.

____ is a Federal Information Processing Standard that specifies a cryptographic algorithm that is used within the U.S. government to protect information at federal agencies that are not a part of the national defense infrastructure.

The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.

____ is the entire range of values that can possibly be used to construct an individual key.

____ is a hybrid cryptosystem originally designed in 1991 by Phil Zimmermann.

____ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.

____ is the amount of effort (usually in hours) required to perform cryptanalysis on an encoded message so that it may be decrypted when the key or algorithm (or both) are unknown.

____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.

The ____ is essentially a one-way hash value that is encrypted with a symmetric key.