Data Communication And Network Security

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Ynos82
Y
Ynos82
Community Contributor
Quizzes Created: 1 | Total Attempts: 368
Questions: 25 | Attempts: 368

SettingsSettingsSettings
Data Communication And Network Security - Quiz

Questions and Answers
  • 1. 

    Blowfish is an example of a _________-structure

    • A.

      Feistel

    • B.

      Twofish

    • C.

      Round

    • D.

      Permutation

    • E.

      Substitution

    Correct Answer
    A. Feistel
    Explanation
    Blowfish is an example of a Feistel structure. Feistel structure is a cryptographic structure that uses repeated rounds of encryption and decryption to achieve security. Blowfish, a symmetric key block cipher, uses a Feistel structure with a variable number of rounds to encrypt and decrypt data.

    Rate this question:

  • 2. 

    What does IPS mean?

    • A.

      Intrusion Prevention System

    • B.

      Intrusion Private System

    • C.

      Intrusion Public System

    • D.

      Intrusion Detection System

    • E.

      Intrusion Protection System

    Correct Answer
    A. Intrusion Prevention System
    Explanation
    IPS stands for Intrusion Prevention System. It is a security technology that monitors network traffic and actively blocks any malicious activity or unauthorized access attempts. Unlike an Intrusion Detection System (IDS), which only detects and alerts about potential threats, an IPS goes a step further by actively preventing these threats from entering the network. It acts as a barrier between the internal network and external threats, helping to protect against various types of attacks such as malware, DDoS attacks, and unauthorized access attempts.

    Rate this question:

  • 3. 

    The security of RSA is based on the difficulty of:

    • A.

      Discrete exponentiations

    • B.

      Factorization

    • C.

      Modular multiplications

    • D.

      Diffie-Hallman

    • E.

      Encryption

    Correct Answer
    B. Factorization
    Explanation
    The security of RSA is based on the difficulty of factorization. This means that it is computationally difficult to factorize large numbers into their prime factors. The RSA algorithm relies on the assumption that it is easy to multiply two large prime numbers together to obtain a large composite number, but it is extremely difficult to factorize that composite number back into its original prime factors. This difficulty forms the basis of the security of RSA, as it makes it impractical for an attacker to determine the private key from the public key.

    Rate this question:

  • 4. 

    A digital signature is created as follows:

    • A.

      Encrypting the message with the public key of the receiver; hashing the result; appending the hash to the encrypted message

    • B.

      Hashing the message; adding the hash to the message; encrypting the result with the private key of the receiver

    • C.

      Encrypting the message with the public key of the receiver; hashing the result; appending the hash to the original message

    • D.

      Hashing the message; encrypting the hash value with the private key of the sender; appending the result to the message

    • E.

      Hashing the message; encrypting the hash value with the public key of the receiver; appending the result to the message

    Correct Answer
    D. Hashing the message; encrypting the hash value with the private key of the sender; appending the result to the message
    Explanation
    The correct answer is hashing the message; encrypting the hash value with the private key of the sender; appending the result to the message. This process ensures the integrity and authenticity of the message. By hashing the message, a unique hash value is generated. This hash value is then encrypted using the sender's private key, which can only be decrypted using the corresponding public key. Appending the encrypted hash to the message allows the receiver to verify the integrity of the message by decrypting the hash value and comparing it with the calculated hash of the received message.

    Rate this question:

  • 5. 

    How many keys are used in symmetric crypto in case we have 13 users?

    • A.

      144

    • B.

      13

    • C.

      78

    • D.

      169

    • E.

      12

    Correct Answer
    C. 78
    Explanation
    In symmetric cryptography, the same key is used for both encryption and decryption. In this case, since there are 13 users, each user will need to have a unique key to communicate securely with the others. To calculate the number of keys needed, we can use the formula n*(n-1)/2, where n is the number of users. Plugging in 13 for n, we get 13*(13-1)/2 = 78. Therefore, 78 keys are needed for symmetric cryptography with 13 users.

    Rate this question:

  • 6. 

    Which three functional areas are provided by IPSec?

    • A.

      Authentication, Confidentiality, and Key management

    • B.

      Authentication, Confidentiality, and Digital Signatures

    • C.

      Authentication, Error detection, and Error correction

    • D.

      Authentication, Key generation, and Certificate exchange

    • E.

      Encryption, Decryption, and Certificate validation

    Correct Answer
    A. Authentication, Confidentiality, and Key management
    Explanation
    IPSec provides three functional areas: authentication, confidentiality, and key management. Authentication ensures the identity of the communicating parties, confidentiality ensures that the data is encrypted and cannot be accessed by unauthorized parties, and key management involves the generation, distribution, and management of cryptographic keys used for encryption and decryption.

    Rate this question:

  • 7. 

    What does AES mean?

    • A.

      Alternating Encryption System

    • B.

      Adversary Encapsulating System

    • C.

      Alternative Encipherment Solution

    • D.

      Adversary Encapsulating Solution

    • E.

      Advanced Encryption Standard

    Correct Answer
    E. Advanced Encryption Standard
    Explanation
    The correct answer is "Advanced Encryption Standard". AES is a widely used encryption algorithm that is used to secure sensitive data. It is a symmetric key algorithm, meaning that the same key is used for both encryption and decryption. AES is considered to be highly secure and is used by governments, organizations, and individuals to protect their data from unauthorized access or tampering.

    Rate this question:

  • 8. 

    If a hash function H is said to have strong collision resistance, then:

    • A.

      Given H(x) it is hard to find x

    • B.

      Given one pair (x,y) where h=H(x)=H(y) it is hard to find another input z such that H(z)=h

    • C.

      It is hard to find any pair (x,y) such that H(x)=H(y)

    • D.

      Given input x it is hard to find h=H(x)

    • E.

      Given x it is hard to find y such that H(y)=H(x)

    Correct Answer
    C. It is hard to find any pair (x,y) such that H(x)=H(y)
    Explanation
    The correct answer suggests that if a hash function has strong collision resistance, it is difficult to find any pair of inputs (x, y) that will result in the same hash value. This means that the hash function is designed in such a way that it minimizes the chances of two different inputs producing the same hash value, making it highly unlikely to find any such pair.

    Rate this question:

  • 9. 

    The Ticket Granting Server (TGS) in a Kerberos system has 2 pre-shared keys. These are shared with:

    • A.

      The Authentication Server and the server in a network

    • B.

      The user/client and the server in a network

    • C.

      The Authentication Server (AS) and the user/client

    • D.

      The 2 servers in the network

    • E.

      None of the above

    Correct Answer
    A. The Authentication Server and the server in a network
    Explanation
    The Ticket Granting Server (TGS) in a Kerberos system has 2 pre-shared keys, one shared with the Authentication Server (AS) and the other shared with the server in a network. These pre-shared keys are used for authentication and encryption purposes. The TGS uses the key shared with the AS to verify the authenticity of the user/client, and the key shared with the server to establish a secure communication channel between the user/client and the server. This ensures secure authentication and data protection within the Kerberos system.

    Rate this question:

  • 10. 

    Assume that 1 in 10.000 network packets are related to an attack. Assume our IDS system will detect malicious (attack) packets with 99% certainty and will wrongly mark 1% of the normal traffic as an attack packet. If the IDS classifies a particular packet as malicious, then the possibility that this is a wrong decision is approximately:

    • A.

      10%

    • B.

      99%

    • C.

      1%

    • D.

      50%

    • E.

      90%

    Correct Answer
    B. 99%
    Explanation
    The given question is asking for the possibility that the IDS system makes a wrong decision when classifying a particular packet as malicious. The question states that the IDS system detects malicious packets with 99% certainty, meaning that it correctly identifies 99% of the attack packets. However, it also wrongly marks 1% of the normal traffic as an attack packet. Therefore, if the IDS classifies a particular packet as malicious, there is a 1% chance that this is a wrong decision.

    Rate this question:

  • 11. 

    What does the Diffie-Hellman key exchange protocol enable two users to establish?

    • A.

      A secret key using a public-key scheme based on hardness of integer factorization.

    • B.

      Both private and public keys using a public-key scheme based on hardness of integer factorization

    • C.

      A secret key using a public-key scheme based on discrete logarithms

    • D.

      Both private and public keys using a secret-key scheme based on discrete logarithms.

    • E.

      A public key using a secret-key scheme based on discrete logarithms.

    Correct Answer
    C. A secret key using a public-key scheme based on discrete logarithms
    Explanation
    The Diffie-Hellman key exchange protocol enables two users to establish a secret key using a public-key scheme based on discrete logarithms. This means that the two users can securely communicate and share information without anyone else being able to intercept or decipher their messages. The protocol relies on the mathematical difficulty of solving discrete logarithm problems to ensure the security of the exchanged key.

    Rate this question:

  • 12. 

    Which is NOT TRUE for an anomaly detection IDS system:

    • A.

      Looks for statistical deviations from the normal situation

    • B.

      Vulnerable for zero-days exploits

    • C.

      Must adapt to changes in user’s behaviour

    • D.

      Needs to define “normal” expected behaviour of a system

    • E.

      Is suitable to detect port scans

    Correct Answer
    B. Vulnerable for zero-days exploits
    Explanation
    An anomaly detection IDS system is not vulnerable to zero-day exploits. Zero-day exploits refer to vulnerabilities or weaknesses in a system that are unknown to the software vendor or developers. Anomaly detection IDS systems are designed to detect deviations from normal behavior, so they may be able to identify and flag suspicious activity related to zero-day exploits. However, they are not inherently vulnerable to these exploits themselves.

    Rate this question:

  • 13. 

    A Security Association can uniquely be identified by the Security Parameter Index (SPI) and:

    • A.

      The destination IP address and the security protocol identifier

    • B.

      The source IP address, the ICV and the security protocol identifier

    • C.

      The source IP address and the security protocol identifier

    • D.

      The source IP address

    • E.

      The source IP address and the Integrity Check Value (ICV)

    Correct Answer
    A. The destination IP address and the security protocol identifier
    Explanation
    A Security Association can uniquely be identified by the Security Parameter Index (SPI) and the destination IP address and the security protocol identifier. The SPI is used to differentiate between multiple security associations on the same device, while the destination IP address and the security protocol identifier are used to uniquely identify a specific security association between two devices.

    Rate this question:

  • 14. 

    What does ESP mean?

    • A.

      Encryption System Protection

    • B.

      Encapsulating System Parameters

    • C.

      Encapsulating Security Payload

    • D.

      Encapsulated Security Protocol

    • E.

      Encrypted Security Parameters

    Correct Answer
    C. Encapsulating Security Payload
    Explanation
    ESP stands for Encapsulating Security Payload. It is a protocol used in computer networks to provide confidentiality, integrity, and authentication of data packets. ESP encapsulates the data being transmitted and adds a header that includes security information, such as encryption algorithms and keys. This ensures that the data is protected from unauthorized access or tampering.

    Rate this question:

  • 15. 

    Which of the following statements is NOT TRUE in IPSec:

    • A.

      In the tunnel mode a new IP header is attached

    • B.

      In transport mode the information is protected from source to destination host

    • C.

      In tunnel mode the mutable fields in the IP header are set to zero for the calculation of the Integrity Check Value (ICV)

    • D.

      Tunnel mode can be used for both AH and ESP

    • E.

      In transport mode the “next header” field is copied from the original IP header

    Correct Answer
    C. In tunnel mode the mutable fields in the IP header are set to zero for the calculation of the Integrity Check Value (ICV)
    Explanation
    In tunnel mode, the mutable fields in the IP header are not set to zero for the calculation of the Integrity Check Value (ICV). The mutable fields are left unchanged during the calculation of the ICV.

    Rate this question:

  • 16. 

    Kerberos is using an authentication protocol that is based on the following protocol:

    • A.

      Ipsec

    • B.

      HMAC

    • C.

      Needham-Schroeder

    • D.

      RSA

    • E.

      X.509

    Correct Answer
    C. Needham-Schroeder
    Explanation
    Kerberos is using the Needham-Schroeder protocol for authentication. The Needham-Schroeder protocol is a key distribution protocol that allows two parties to securely exchange keys over an insecure network. It ensures that the parties involved are who they claim to be and prevents replay attacks. Kerberos uses this protocol to authenticate users and provide secure access to network resources.

    Rate this question:

  • 17. 

    Where was the Kerberos protocol developed?

    • A.

      HIG

    • B.

      MIT

    • C.

      Stanford

    • D.

      Oxford

    • E.

      Cambridge

    Correct Answer
    B. MIT
    Explanation
    The Kerberos protocol was developed at MIT.

    Rate this question:

  • 18. 

    What does the abbreviation “CFB mode” stand for?

    • A.

      Current Fail Backup mode

    • B.

      Cipher Forward Blocking mode

    • C.

      Crypto Fall Back mode

    • D.

      Crypto Final Block mode

    • E.

      Cipher Feed Back mode

    Correct Answer
    E. CipHer Feed Back mode
    Explanation
    The abbreviation "CFB mode" stands for Cipher Feed Back mode. This mode is a method of encrypting data in block ciphers, where the output of the encryption process is fed back into the encryption algorithm to encrypt the next block of data. This mode provides a way to encrypt data in smaller units, rather than encrypting the entire message at once.

    Rate this question:

  • 19. 

    Which of the following statements is NOT TRUE in IKE:

    • A.

      IKE is used to negotiate ESP keys for symmetric encryption for confidentiality

    • B.

      In aggressive mode the Initiator only suggest 1 set of SA for the communication

    • C.

      Oakley provides a framework for key exchange, but the actual key exchange is based on the ISAKMP protocol

    • D.

      The two IKE components are ISAKMP and Oakley

    • E.

      The ISAKMP SA is first established before AH or ESP SA’s are established

    Correct Answer
    C. Oakley provides a framework for key exchange, but the actual key exchange is based on the ISAKMP protocol
    Explanation
    Oakley provides a framework for key exchange, but the actual key exchange is based on the ISAKMP protocol.

    Rate this question:

  • 20. 

    What is symmetric encryption?

    • A.

      A form of cryptosystem in which encryption and decryption are performed using the same key.

    • B.

      A form of cryptosystem in which encryption and decryption are symmetric according to the y-axis.

    • C.

      A form of cryptosystem in which encryption and decryption are symmetric according to the x-axis.

    • D.

      A form of cryptosystem that is based on groups of symmetry.

    • E.

      A mathematical procedure that is using a symmetric group.

    Correct Answer
    A. A form of cryptosystem in which encryption and decryption are performed using the same key.
    Explanation
    Symmetric encryption is a form of cryptosystem where the same key is used for both encryption and decryption. This means that the sender and the receiver both have the same key, and they use it to encrypt and decrypt the message. This type of encryption is efficient and fast, as it does not require complex mathematical operations. However, the main drawback is that the key needs to be securely shared between the sender and the receiver, as anyone who gets hold of the key can decrypt the message.

    Rate this question:

  • 21. 

    An ESP trailer contains:

    • A.

      Padding and Pad length

    • B.

      Padding and Integrity Check Value (ICV)

    • C.

      Padding, Pad length, and Next header

    • D.

      Padding, Pad length, Next header, Security Parameter Index (SPI), and ICV

    • E.

      Padding, Pad length, Next header and ICV

    Correct Answer
    C. Padding, Pad length, and Next header
  • 22. 

    Snort is an example of:

    • A.

      A protocol based IDS

    • B.

      A firewall

    • C.

      An anomaly based IDS

    • D.

      A signature based IDS

    • E.

      An action based IDS

    Correct Answer
    D. A signature based IDS
    Explanation
    Snort is an example of a signature-based IDS. Signature-based IDS systems detect and prevent attacks by comparing network traffic against a database of known attack signatures. Snort uses a set of rules to analyze network packets and identify patterns that match known attack signatures. When a match is found, Snort can generate alerts or take action to block the suspicious traffic. This approach is effective in detecting known attacks but may struggle with detecting new or unknown threats.

    Rate this question:

  • 23. 

    Suppose a firewall has the following rules implemented: What will this firewall do?

    • A.

      Allows only for incoming connections to our SMTP server

    • B.

      Allows our network to be tracerouted

    • C.

      Allows DNS lookup as a client

    • D.

      Allows only outgoing connections to our SMTP server

    • E.

      Allows only outgoing connections to an external SMTP server

    Correct Answer
    C. Allows DNS lookup as a client
    Explanation
    The firewall will allow DNS lookup as a client. This means that the firewall will allow the network to make DNS requests to external DNS servers in order to resolve domain names to IP addresses. However, it will not allow any other type of incoming or outgoing connections, such as incoming connections to the SMTP server or outgoing connections to external SMTP servers.

    Rate this question:

  • 24. 

    The 4 general means of authentication are by something you:

    • A.

      Must, will, shall, or can

    • B.

      Know, Have, Are, or Will

    • C.

      Know, take, give, or are

    • D.

      Know, speak, touch, or see

    • E.

      Do, have, know, or are

    Correct Answer
    E. Do, have, know, or are
    Explanation
    The correct answer is "Do, have, know, or are." This answer accurately identifies the four general means of authentication. "Do" refers to authentication through actions or behaviors, such as providing a fingerprint or entering a password. "Have" refers to authentication through possession of something, such as a key card or a mobile device. "Know" refers to authentication through knowledge, such as a PIN or a secret question. "Are" refers to authentication through biometric characteristics, such as facial recognition or fingerprint scanning.

    Rate this question:

  • 25. 

    There exist ___ versions of the X.509 certificate:

    • A.

      1

    • B.

      3

    • C.

      5

    • D.

      Depends on the IPsec version number

    • E.

      Depends on the user

    Correct Answer
    B. 3
    Explanation
    The correct answer is 3. This means that there are three versions of the X.509 certificate.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Sep 06, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jun 01, 2014
    Quiz Created by
    Ynos82
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.