Security + Systems Security

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Joelcg
J
Joelcg
Community Contributor
Quizzes Created: 5 | Total Attempts: 5,024
Questions: 42 | Attempts: 423

SettingsSettingsSettings
Security Plus Quizzes & Trivia

Never take security for granted – the right software, hardware or physical protection can be pivotal in keeping you, your personal information and your belongings from the wrong hands. What do you know about the topic of security?


Questions and Answers
  • 1. 

    Which of the following is not one of the main components of the security triad?

    • A.

      Distributed

    • B.

      Physical

    • C.

      Operational

    • D.

      Management

    Correct Answer
    A. Distributed
    Explanation
    The three components of the computer security triad that interact to provide a reasonably secure environment are physical, operational, and management.

    Rate this question:

  • 2. 

    Which of the following goals of information security refers to preventing computer or information violations from occurring?

    • A.

      Detection

    • B.

      Prevention

    • C.

      Recursion

    • D.

      Response

    Correct Answer
    B. Prevention
    Explanation
    The three primary goals of information security are prevention, detection, and response. Prevention refers to preventing computer or information violations from occurring. Detection refers to identifying events when they occur. Response refers to developing strategies and techniques to deal with an attack or loss.

    Rate this question:

  • 3. 

    During which general type of attack does someone who should not be able to get access attempt to get to your resources?

    • A.

      Access

    • B.

      Modification and repudiation

    • C.

      Denial-of-service

    • D.

      Interception

    Correct Answer
    A. Access
    Explanation
    In an access attack, someone who should not be able to get it wants access to your resources. During a modification and repudiation attack, someone wants to modify information in your system(s). A denial-of-service (DoS) attack tries to disrupt your network and services. Interception is a type of access attack but not a general attack category type.

    Rate this question:

  • 4. 

    Which of the following are the most popular spoofing attacks? (Choose two.)

    • A.

      TCP spoofing

    • B.

      DHCP spoofing

    • C.

      IP spoofing

    • D.

      DNS spoofing

    Correct Answer(s)
    C. IP spoofing
    D. DNS spoofing
    Explanation
    The two most common, or popular, spoofing attacks today are IP spoofing and DNS spoofing. The other choices do not represent the most popular spoofing attacks.

    Rate this question:

  • 5. 

    Which of the following is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack?

    • A.

      Brute force

    • B.

      Dictionary

    • C.

      Man-in-the-middle

    • D.

      NetBus

    Correct Answer
    D. NetBus
    Explanation
    NetBus is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack. Brute-force attacks and dictionary attacks are password-guessing attacks, while man-in-the-middle is its own type of attack and not a type of remote administration attack.

    Rate this question:

  • 6. 

    What type of software hides certain things from the operating system?

    • A.

      Rootkit

    • B.

      Spyware

    • C.

      Adware

    • D.

      SCR

    Correct Answer
    A. Rootkit
    Explanation
    Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system. Spyware is software that acts on behalf of a third party and collects information. Adware is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements. SCR viruses are those that are disguised as or within screen savers.

    Rate this question:

  • 7. 

    Which type of virus will change its form in order to avoid detection?

    • A.

      Stealth

    • B.

      Retrovirus

    • C.

      Multipartite

    • D.

      Polymorphic

    Correct Answer
    D. PolymorpHic
    Explanation
    A polymorphic virus will change its form in order to avoid detection. A stealth virus avoids detection by making itself indistinguishable from other applications. A retrovirus attacks, or bypasses, the antivirus software installed on a computer. A multipartite virus attacks a system in multiple ways.

    Rate this question:

  • 8. 

    Which of the following types of viruses modifies and alters other programs and databases?

    • A.

      Phage

    • B.

      Companion

    • C.

      Macro

    • D.

      Armored

    Correct Answer
    A. pHage
    Explanation
    A phage virus modifies and alters other programs and databases. A companion virus attaches itself to a legitimate program and then creates a program with a different file extension. A macro virus exploits the macro ability in many application programs. An armored virus is designed to make itself difficult to detect or analyze.

    Rate this question:

  • 9. 

    Which of the following goals of information security refers to developing strategies and techniques to deal with an attack or loss?

    • A.

      Detection

    • B.

      Prevention

    • C.

      Recursion

    • D.

      Response

    Correct Answer
    D. Response
    Explanation
    The three primary goals of information security are prevention, detection, and response. Response refers to developing strategies and techniques to deal with an attack or loss. Detection refers to identifying events when they occur. Prevention refers to preventing computer or information violations from occurring.

    Rate this question:

  • 10. 

    Which of the following access attacks amounts to someone routinely monitoring network traffic?

    • A.

      Snooping

    • B.

      Passive interception

    • C.

      Eavesdropping

    • D.

      Active interception

    Correct Answer
    B. Passive interception
    Explanation
    All the choices listed are various types of access attacks. In a passive interception attack, someone routinely monitors network traffic. In a snooping attack, someone looks through your files in hopes of finding something interesting. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation. In an active interception attack, a computer is placed between the sender and receiver to capture information while it's sent.

    Rate this question:

  • 11. 

    During which general type of attack does someone want to modify information in your system?

    • A.

      Access

    • B.

      Modification and repudiation

    • C.

      Denial-of-service

    • D.

      Interception

    Correct Answer
    B. Modification and repudiation
    Explanation
    During a modification and repudiation attack, someone wants to modify information in your system(s). A denial-of-service (DoS) attack tries to disrupt your network and services. In an access attack, someone who should not be able to have access wants access to your resources. Interception is a type of access attack but not a general attack category.

    Rate this question:

  • 12. 

    Which type of virus attacks a system in multiple ways?

    • A.

      Stealth

    • B.

      Retrovirus

    • C.

      Multipartite

    • D.

      Polymorphic

    Correct Answer
    C. Multipartite
    Explanation
    A multipartite virus attacks a system in multiple ways. A polymorphic virus will change its form in order to avoid detection. A stealth virus avoids detection by making itself indistinguishable from other applications. A retrovirus attacks, or bypasses, the antivirus software installed on a computer.

    Rate this question:

  • 13. 

    Which of the following is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements?

    • A.

      Rootkit

    • B.

      Grayware

    • C.

      Adware

    • D.

      SCR

    Correct Answer
    C. Adware
    Explanation
    Spyware is software that acts on behalf of a third party and collects information. Adware is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements. Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system. SCR viruses are those that are disguised as or within screen savers.

    Rate this question:

  • 14. 

    Which of the following authentication protocols employs certificates that contain rights and access privileges of a bearer as part of its payload?

    • A.

      CHAP

    • B.

      Security token

    • C.

      PAP

    • D.

      Kerberos

    Correct Answer
    B. Security token
    Explanation
    Security tokens are forms of certificates that contain rights and access privileges of a token bearer as part of their token. Challenge Handshake Authentication Protocol (CHAP) challenges a system to verify identity and employs an encrypted challenge. Password Authentication Protocol (PAP) offers no true security and is one of the simplest forms of authentication: both the username and the password are sent as clear text and checked for a match. Kerberos authenticates a principal (user, system, program, and so on) and provides it with a ticket.

    Rate this question:

  • 15. 

    Which of the following is a type of virus disguised as or within screen savers?

    • A.

      Rootkit

    • B.

      Grayware

    • C.

      Adware

    • D.

      SCR

    Correct Answer
    D. SCR
    Explanation
    SCR viruses are those that are disguised as or within screen savers. Grayware is a classification for software that is annoying; this includes spyware (which acts on behalf of a third party and collects information) and adware. Adware is often used to generate unwanted/unsolicited pop-up advertisements. Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system.

    Rate this question:

  • 16. 

    Which type of virus often attacks the antivirus software installed on a computer?

    • A.

      Stealth

    • B.

      Retrovirus

    • C.

      Multipartite

    • D.

      Polymorphic

    Correct Answer
    B. Retrovirus
    Explanation
    A retrovirus attacks, or bypasses, the antivirus software installed on a computer. A stealth virus avoids detection by making itself indistinguishable from other applications. A multipartite virus attacks a system in multiple ways. A polymorphic virus will change its form in order to avoid detection.

    Rate this question:

  • 17. 

    Which type of virus avoids detection by making itself indistinguishable from other applications?

    • A.

      Stealth

    • B.

      Retrovirus

    • C.

      Multipartite

    • D.

      Polymorphic

    Correct Answer
    A. Stealth
    Explanation
    A stealth virus avoids detection by making itself indistinguishable from other applications. A retrovirus attacks, or bypasses, the antivirus software installed on a computer. A multipartite virus attacks a system in multiple ways. A polymorphic virus will change its form in order to avoid detection.

    Rate this question:

  • 18. 

    What type of software acts on behalf of a third party and collects information?

    • A.

      Rootkit

    • B.

      Spyware

    • C.

      Adware

    • D.

      SCR

    Correct Answer
    B. Spyware
    Explanation
    Spyware is software that acts on behalf of a third party and collects information. Rootkits have become popular and work by hiding certain things (such as running processes) from the operating system. Adware is a type of spyware that is often used to generate unwanted/unsolicited pop-up advertisements. SCR viruses are those that are disguised as or within screen savers.

    Rate this question:

  • 19. 

    Which of the following is a device that looks for open ports on a server?

    • A.

      Scanner

    • B.

      Freezer

    • C.

      Sniffer

    • D.

      Watchdog

    Correct Answer
    A. Scanner
    Explanation
    A scanner is a device that looks for open ports. A sniffer is a device that captures and displays network traffic. Neither a freezer nor a watchdog is a valid network device used for this purpose.

    Rate this question:

  • 20. 

    Which of the following access attacks amounts to someone placing a computer between the sender and the receiver to capture information while it's sent?

    • A.

      Snooping

    • B.

      Passive interception

    • C.

      Eavesdropping

    • D.

      Active interception

    Correct Answer
    D. Active interception
    Explanation
    While all the choices listed are various types of access attacks, only in an active interception attack is a computer placed between the sender and receiver to capture information while it's sent. In a snooping attack, someone looks through your files in hopes of finding something interesting. In a passive interception attack, someone routinely monitors network traffic. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation.

    Rate this question:

  • 21. 

    Which of the following is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack?

    • A.

      Back Orifice

    • B.

      Dictionary

    • C.

      Man-in-the-middle

    • D.

      Brute force

    Correct Answer
    A. Back Orifice
    Explanation
    Back Orifice is a remote administration tool used by attackers to take control of Windows-based systems in a backdoor type of attack. Brute-force attacks and dictionary attacks are password-guessing attacks, while man-in-the-middle is its own type of attack and not a type of remote administration attack.

    Rate this question:

  • 22. 

    Which of the following are popular examples of denial-of-service attacks? (Choose all that apply.)

    • A.

      Buffer overflow

    • B.

      Star of pain

    • C.

      Ping of death

    • D.

      Memlock

    Correct Answer(s)
    A. Buffer overflow
    C. Ping of death
    Explanation
    Both the ping of death and buffer overflow attacks are popular examples of denial-of-service (DoS) attacks. The other options given are fictitious and not popular examples of DoS attacks.

    Rate this question:

  • 23. 

    Which of the following is another name for active sniffing?

    • A.

      War driving

    • B.

      Chalking

    • C.

      TCP/IP hijacking

    • D.

      Apt cleanup

    Correct Answer
    C. TCP/IP hijacking
    Explanation
    Active sniffing is more commonly known as TCP/IP hijacking. The other choices given are not valid names for active sniffing.

    Rate this question:

  • 24. 

    During which general type of attack does someone try to disrupt your network and services?

    • A.

      Access

    • B.

      Modification and repudiation

    • C.

      Denial-of-service

    • D.

      Interception

    Correct Answer
    C. Denial-of-service
    Explanation
    A denial-of-service (DoS) attack tries to disrupt your network and services. In an access attack, someone who should not be able to have access wants access to your resources. During a modification and repudiation attack, someone wants to modify information in your system(s). Interception is a type of access attack but not a general attack category type.

    Rate this question:

  • 25. 

    Which of the following goals of information security refers to identifying events when they occur?

    • A.

      Detection

    • B.

      Prevention

    • C.

      Recursion

    • D.

      Response

    Correct Answer
    A. Detection
    Explanation
    The three primary goals of information security are prevention, detection, and response. Detection refers to identifying events when they occur. Prevention refers to preventing computer or information violations from occurring. Response refers to developing strategies and techniques to deal with an attack or loss.

    Rate this question:

  • 26. 

    Which language is seen as a successor to HTML and offers many capabilities that HTML does not?

    • A.

      XML

    • B.

      SGML

    • C.

      CSS

    • D.

      CML

    Correct Answer
    A. XML
    Explanation
    eXtensible Markup Language (XML) is seen as a successor to HTML and offers many capabilities that HTML does not. The other choices are all languages that predate HTML or are not seen as successors to HTML.

    Rate this question:

  • 27. 

    Which of the following are common ways to provide secure connections between a web client and a web server? (Choose two.)

    • A.

      ActiveX

    • B.

      SSL/TLS

    • C.

      SML

    • D.

      HTTPS

    Correct Answer(s)
    B. SSL/TLS
    D. HTTPS
    Explanation
    Both Secure Socket Layer/Transport Layer Security (SSL/TLS) and HTTP Secure (HTTPS) are common ways to provide secure connections between a web client and a web server. Regardless of which is used, port 443 is utilized. The other two choices are not valid protocols for providing secure connections between a web client and a web server.

    Rate this question:

  • 28. 

    Java applets run in a restricted area of memory. What is this restricted area known as?

    • A.

      DMZ

    • B.

      Parking lot

    • C.

      Sandbox

    • D.

      No-fly zone

    Correct Answer
    C. Sandbox
    Explanation
    The restricted area of memory that Java applets run in is the sandbox. The other options do not represent the restricted area of memory that Java applets run in.

    Rate this question:

  • 29. 

    What is the term used when an application receives more data than it is programmed to accept?

    • A.

      Buffer overflow

    • B.

      Cookie

    • C.

      SMTP Relay

    • D.

      Open Relay

    Correct Answer
    A. Buffer overflow
    Explanation
    When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. SMTP Relay is an email feature that is intended to allow the server to forward email to other servers. Open Relay is a type of SMTP Relay that is being exploited.

    Rate this question:

  • 30. 

    Which file extension is used to indicate a JavaScript file?

    • A.

      .jar

    • B.

      .java

    • C.

      .js

    • D.

      .jpg

    Correct Answer
    C. .js
    Explanation
    The extension for a JavaScript file is .js. The extension for a JPEG file is .jpg. The extension for a Java applet is .jar. The extension on Java source code is .java.

    Rate this question:

  • 31. 

    What is the term used for a text file that a browser maintains on a user's hard disk in order to store information about the user?

    • A.

      Buffer overflow

    • B.

      Cookie

    • C.

      SMTP Relay

    • D.

      Open Relay

    Correct Answer
    B. Cookie
    Explanation
    A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. SMTP Relay is an email feature that is intended to allow the server to forward email to other servers. Open Relay is a type of SMTP Relay that is being exploited.

    Rate this question:

  • 32. 

    Which of the following is the process of systematically identifying a network and its security posture?

    • A.

      Packet sniffing

    • B.

      Footprinting

    • C.

      Scanning

    • D.

      Signal analysis/intelligence

    Correct Answer
    B. Footprinting
    Explanation
    Footprinting is the process of systematically identifying a network and its security posture. Packet sniffing is the process of monitoring data that is transmitted across a network. Scanning is the process that attackers use to gather information about how your network is configured. Signal analysis/intelligence involves methods used to gain information about your environment including footprinting and scanning.

    Rate this question:

  • 33. 

    Which type of instant messaging (IM) attack can occur when a user closes one window and dozens of others suddenly pop open?

    • A.

      Jamming

    • B.

      DoS

    • C.

      Buffer overflow

    • D.

      Flooding

    Correct Answer
    B. DoS
    Explanation
    A denial-of-service (DoS) attack in IM can take the form of many windows popping open as soon as the user tries to close one. Jamming is intended to disrupt existing systems by injecting or flooding a channel with garbage data. A malformed MIME message can cause buffer overflow.

    Rate this question:

  • 34. 

    What is the term used for an email feature intended to allow the server to forward email to other servers?

    • A.

      Buffer overflow

    • B.

      Cookie

    • C.

      SMTP Relay

    • D.

      Open Relay

    Correct Answer
    C. SMTP Relay
    Explanation
    SMTP Relay is an email feature that is intended to allow the server to forward email to other servers. When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. Open Relay is a type of SMTP Relay that is being exploited.

    Rate this question:

  • 35. 

    Which protocol is used to manage group or multicasting sessions?

    • A.

      SNMP

    • B.

      ICMP

    • C.

      IGMP

    • D.

      TFTP

    Correct Answer
    C. IGMP
    Explanation
    Internet Group Management Protocol (IGMCP) is used to manage group or multicasting sessions. Simple Network Management Protocol (SNMP) is used to manage and monitor devices in a network. Internet Control Message Protocol (ICMP) is used to report errors and reply to requests from programs such as ping and traceroute. Trivial File Transfer Protocol (TFTP) is an anonymous version of FTP.

    Rate this question:

  • 36. 

    Which type of instant messaging (IM) problem can occur from a malformed MIME message?

    • A.

      Jamming

    • B.

      DoS

    • C.

      Buffer overflow

    • D.

      Flooding

    Correct Answer
    C. Buffer overflow
    Explanation
    A malformed MIME message can cause buffer overflow. Jamming is intended to disrupt existing systems by injecting or flooding a channel with garbage data. A DoS attack in IM can take the form of many windows popping open as soon as the user tries to close one.

    Rate this question:

  • 37. 

    Which of the following file extensions would not indicate an executable file?

    • A.

      .bat

    • B.

      .com

    • C.

      .exe

    • D.

      None of the above

    Correct Answer
    D. None of the above
    Explanation
    The .bat extension is used for batch files. The .com extension is used on command files. The .exe extension is used on executable files. All of these are executable files.

    Rate this question:

  • 38. 

    What is the term used for an exploited email feature originally intended to allow the server to forward email to other servers?

    • A.

      Buffer overflow

    • B.

      Cookie

    • C.

      SMTP Relay

    • D.

      Open Relay

    Correct Answer
    D. Open Relay
    Explanation
    Open Relay is a type of SMTP Relay that is being exploited. When an application receives more data than it is programmed to accept, it is a buffer overflow. The application will either terminate or write data beyond the allocated space. A cookie is a text file that a browser maintains on a user's hard disk in order to store information about the user. SMTP Relay is an email feature that is intended to allow the server to forward email to other servers.

    Rate this question:

  • 39. 

    Which of the following is the process that attackers use to gather information about how your network is configured?

    • A.

      Packet sniffing

    • B.

      Footprinting

    • C.

      Scanning

    • D.

      Signal analysis/intelligence

    Correct Answer
    C. Scanning
    Explanation
    Scanning is the process that attackers use to gather information about how your network is configured. Packet sniffing is the process of monitoring data that is transmitted across a network. Footprinting is the process of systematically identifying a network and its security posture. Signal analysis/intelligence involves methods used to gain information about your environment including footprinting and scanning.

    Rate this question:

  • 40. 

    Which file extension is used to indicate a JPEG file?

    • A.

      .jar

    • B.

      .java

    • C.

      .js

    • D.

      .jpg

    Correct Answer
    D. .jpg
    Explanation
    The extension for a JPEG file is .jpg. The extension for a Java applet is .jar. The extension on Java source code is .java. The extension for a JavaScript file is .js.

    Rate this question:

  • 41. 

    Which type of IM attack is intended to disrupt existing systems by injecting or flooding a channel with garbage data?

    • A.

      Jamming

    • B.

      DoS

    • C.

      Buffer overflow

    • D.

      Flooding

    Correct Answer
    A. Jamming
    Explanation
    Jamming is intended to disrupt existing systems by injecting or flooding a channel with garbage data. A DoS attack in IM can take the form of many windows popping open as soon as the user tries to close one. A malformed MIME message can cause buffer overflow.

    Rate this question:

  • 42. 

    You want to block all web traffic on the firewall, with and without SSL. Which port(s) should you block? (Choose all that apply.)

    • A.

      80

    • B.

      334

    • C.

      443

    • D.

      801

    Correct Answer(s)
    A. 80
    C. 443
    Explanation
    Standard web traffic uses port 80. When SSL is used (HTTPS), traffic is conducted on port 443. You don't need to block the other ports.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jan 06, 2011
    Quiz Created by
    Joelcg
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.