Bca 6th Sem Internal Exam Network Security

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Lovely Amit
L
Lovely Amit
Community Contributor
Quizzes Created: 3 | Total Attempts: 970
| Attempts: 465
SettingsSettings
Please wait...
  • 1/15 Questions

    _______ is the practice and precautions taken to protect valuable information from unauthorised access, recording, disclosure or destruction.

    • Network Security
    • Information Security
    • Information Security
    • Physical Security
Please wait...
About This Quiz

This BCA 6th Sem internal exam on Network Security assesses knowledge on SSLv3 protocol specifics, including padding, PRF inputs, and alert codes. It also tests understanding of basic network security concepts and terminology, crucial for safeguarding digital information.

Bca 6th Sem Internal Exam Network Security - Quiz

Quiz Preview

  • 2. 

    There are ______ subtypes of reconnaissance.

    • 2

    • 3

    • 4

    • 5

    Correct Answer
    A. 2
    Explanation
    There are two subtypes of reconnaissance.

    Rate this question:

  • 3. 

    In the SSLv3 the padding bits are ____________ with the secret key.

    • Padded

    • XORed

    • Concatenated

    • ANDed

    Correct Answer
    A. Padded
    Explanation
    In SSLv3, the padding bits are added to the secret key. Padding is a technique used to ensure that the length of the data being encrypted is a multiple of the block size. By padding the data with additional bits, the secret key is combined with these extra bits to ensure that the length requirement is met. This helps to maintain the security and integrity of the encryption process.

    Rate this question:

  • 4. 

    The full form of EDR is _______

    • Endpoint Detection and recovery

    • Early detection and response

    • Endpoint Detection and response

    • Endless Detection and Recovery

    Correct Answer
    A. Endpoint Detection and recovery
    Explanation
    EDR stands for Endpoint Detection and Response. This term refers to a cybersecurity solution that focuses on detecting and responding to advanced threats and attacks on endpoints, such as computers, servers, and mobile devices, within a network. EDR systems continuously monitor and analyze endpoint activities, collect data, and use advanced techniques to detect and respond to suspicious behavior, malware, and other security incidents. By providing real-time visibility and response capabilities, EDR helps organizations improve their security posture and mitigate potential risks.

    Rate this question:

  • 5. 

    Which of the following alert codes is not supported by SSLv3?

    • Record_overflow

    • No_certificate

    • Internal_error

    • Decode_error

    Correct Answer
    A. Record_overflow
    Explanation
    The alert code "record_overflow" is not supported by SSLv3. This means that when a record overflow occurs, SSLv3 does not have a specific alert code to handle this situation.

    Rate this question:

  • 6. 

    How many basic processes or steps are there in ethical hacking?

    • 4

    • 5

    • 6

    • 7

    Correct Answer
    A. 4
    Explanation
    There are four basic processes or steps in ethical hacking. These steps include reconnaissance, scanning, gaining access, and maintaining access. During reconnaissance, the hacker gathers information about the target system. Scanning involves identifying vulnerabilities and weaknesses in the system. Gaining access refers to the process of exploiting these vulnerabilities to gain unauthorized access. Finally, maintaining access involves ensuring continued access to the system for further exploitation or data gathering.

    Rate this question:

  • 7. 

    What Is The Sequence Of A TCP Connection?

    • SYN-ACK-FIN

    • SYN-SYN ACK-ACK

    • SYN-ACK

    • SYN-SYN-ACK

    Correct Answer
    A. SYN-ACK-FIN
    Explanation
    The correct answer is SYN-ACK-FIN. In a TCP connection, the sequence starts with the SYN (synchronize) packet sent by the client to initiate the connection. The server responds with the SYN-ACK (synchronize-acknowledge) packet to acknowledge the request. Finally, the client sends the FIN (finish) packet to terminate the connection. Therefore, the correct sequence is SYN-ACK-FIN.

    Rate this question:

  • 8. 

    We encounter the record_overflow error when the payload length exceeds –

    • 214 + 1024

    • 216 + 1024

    • 214 + 2048

    • 216 + 2048

    Correct Answer
    A. 214 + 1024
  • 9. 

    URL stands for –

    • Universal Remote Locator

    • Universal Resource Language

    • Uniform Resource Locator

    • Uniform Resource Language

    Correct Answer
    A. Universal Remote Locator
  • 10. 

    What Port Does Telnet Use?

    • 22

    • 80

    • 20

    • 23

    Correct Answer
    A. 22
    Explanation
    Telnet is a network protocol used to establish remote command-line sessions with other computers. It operates on port 23 by default. However, the given correct answer is incorrect. Port 22 is actually used by the SSH (Secure Shell) protocol, which is a secure alternative to Telnet. Port 80 is used by the HTTP (Hypertext Transfer Protocol) for web traffic, and port 20 is used by the FTP (File Transfer Protocol) for data transfer.

    Rate this question:

  • 11. 

    Which of the following is not a valid input to the PRF in SSLv3?

    • Secret value

    • Identifying label

    • Initialization vector

    • Secret value

    Correct Answer
    A. Secret value
    Explanation
    The secret value is not a valid input to the PRF in SSLv3 because the PRF (Pseudo-Random Function) in SSLv3 does not take a secret value as an input. The PRF in SSLv3 is used to derive key material from the pre-master secret, which is a combination of the client and server random values. The secret value is not part of this process and therefore cannot be a valid input to the PRF in SSLv3.

    Rate this question:

  • 12. 

    From the options below, which of them is not a threat to information security?

    • Disaster

    • Eavesdropping

    • Information leakage

    • Unchanged default password

    Correct Answer
    A. Disaster
    Explanation
    A disaster, such as a natural calamity or a physical damage to infrastructure, is not a threat to information security. While it may cause temporary disruption or loss of access to information, it does not directly compromise the confidentiality, integrity, or availability of data. On the other hand, eavesdropping, information leakage, and unchanged default passwords are all potential threats that can lead to unauthorized access, data breaches, or information disclosure.

    Rate this question:

  • 13. 

    Possible threat to any information cannot be ________________

    • Reduced

    • Transferred

    • Protected

    • Ignored

    Correct Answer
    A. Reduced
    Explanation
    The correct answer is "reduced" because reducing the threat to any information means taking measures to minimize the likelihood or impact of potential risks or dangers. This can involve implementing security measures, such as encryption or firewalls, conducting regular backups, or implementing access controls, to decrease the vulnerability and potential harm to the information.

    Rate this question:

  • 14. 

    The First Phase Of Hacking An IT System Is Compromise Of Which Foundation Of Security?

    • Availability

    • Confidentiality

    • Integrity

    • Authentication

    Correct Answer
    A. Availability
    Explanation
    The first phase of hacking an IT system is compromising the foundation of security, which is availability. Availability refers to the accessibility and functionality of the system, ensuring that authorized users can access the system and its resources whenever needed. By compromising availability, hackers can disrupt or deny access to the system, causing service interruptions or downtime. This can be achieved through various means such as Distributed Denial of Service (DDoS) attacks, network congestion, or exploiting vulnerabilities in the system's infrastructure.

    Rate this question:

  • 15. 

    To Hide Information Inside A Picture, What Technology Is Used?

    • Rootkits

    • Bitmapping

    • Steganography

    • Image Rendering

    Correct Answer
    A. Rootkits

Quiz Review Timeline (Updated): Mar 12, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 12, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Jul 19, 2020
    Quiz Created by
    Lovely Amit
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.