An encryption ______ is a set of steps that converts readable text into unreadable text.

Take your learning further

Take your learning further

Making the decision to study can be a big step, which is why you’ll want a trusted University. We’ve pioneered distance learning for over 50 years, bringing university to you wherever you are so you can fit study around your life. Take a look at all Open University courses.

If you’re new to university-level study, read our guide on Where to take your learning next, or find out more about the types of qualifications we offer including entry level Access modules, Certificates, and Short Courses.

Want to achieve your ambition? Study with us and you’ll be joining over 2 million students who’ve achieved their career and personal goals with The Open University.

Browse all Open University courses

Cryptography and Network Security- Module 5

1. _____________ is data interception method used by hackers.
a) Phishing
b) DoS
c) Sniffing
d) MiTM
Answer: c
Explanation: Sniffing is data interception method used by hackers. Sniffing is the method used to monitor & capture all data packets passing through any target network using sniffing tools.

2. Sniffing is also known as ___________________
a) network-tapping
b) wiretapping
c) net-tapping
d) wireless-tapping
Answer: b
Explanation: Sniffing which is also known as wiretapping is data interception method used by hackers. It is a technique used for monitoring & capturing all data packets passing through any target network.

3. _____________ are programs or devices that capture the vital information from the target network or particular network.
a) Routers
b) Trappers
c) Wireless-crackers
d) Sniffers
Answer: d
Explanation: Sniffing is data interception method used by cyber-criminals. Sniffers are programs or devices that capture vital information from the target network or particular network.

4. Which of them is not an objective of sniffing for hackers?
a) Fetching passwords
b) Email texts
c) Types of files transferred
d) Geographic location of a user
Answer: d
Explanation: The method used to capture data packets through any target network is called sniffing. The various objectives of sniffing for hackers are fetching passwords, email texts and the type of files transferred.

5. Which of the following tech-concepts cannot be sniffed?
a) Router configuration
b) ISP details
c) Email Traffic
d) Web Traffic
Answer: b
Explanation: Sniffing is data interception method and is not used for sniffing ISP details. It is particularly used for capturing router configuration, email traffic & web traffic.

6. Which of the following tech-concepts cannot be sniffed?
a) Cloud sessions
b) FTP passwords
c) Telnet passwords
d) Chat sessions
Answer: a
Explanation: Sniffing technique is used to monitor packets of target network using sniffer programs. It cannot sniff cloud sessions. It is used to capture and monitor router configuration, Telnet passwords, chat sessions etc.

7. Which of the below-mentioned protocol is not susceptible to sniffing?
a) HTTP
b) SMTP
c) POP
d) TCP
Answer: d
Explanation: The technique used to supervise & confine all data packets through any target network is called sniffing. HTTP, SMTP, POP are some protocols that are susceptible to sniffing.

8. Which of the below-mentioned protocol is not susceptible to sniffing?
a) NNTP
b) UDP
c) FTP
d) IMAP
Answer: b
Explanation: NNTP, FTP, POP and IMAP are some protocols that are susceptible to sniffing. UDP protocol is not susceptible to sniffing attack. Sniffing is mainly used for capturing email traffic, router’s configuration, & web traffic.

9. There are __________ types of sniffing.
a) 2
b) 3
c) 4
d) 5
Answer: a
Explanation: Sniffing is data surveillance technique used by hackers and is used to keep an eye on as well as detain all data packets with the help of sniffing tools. There are two types of sniffing attacks. These are passive sniffing and active sniffing.

10. Active sniffing is difficult to detect.
a) True
b) False
Answer: b
Explanation: Sniffing is like “tapping phone calls” and try to know about any conversation. There are two types of sniffing. These are passive sniffing and active sniffing. Passive sniffing is difficult to detect.

Learn Cryptography and System Security from Scratch

11. Which of the following is not a sniffing tool?
a) Wireshark
b) Dude Sniffer
c) Maltego
d) [email protected]
Answer: c
Explanation: Packet sniffers are utility tools which are used since the release of Ethernet. List of some of these sniffing tools are Wireshark, Dude Sniffer, [email protected] etc.

12. A sniffer, on the whole turns your system’s NIC to the licentious mode so that it can listen to all your data transmitted on its division.
a) True
b) False
Answer: a
Explanation: A sniffer on the whole turns your system’s NIC to the licentious mode so that it can listen to all your data transmitted on its division. This is how it works to sniff all data packets.

13. A ______________ on the whole turns your system’s NIC to the licentious mode so that it can listen to all your data transmitted on its division.
a) Phishing site
b) Sniffer tool
c) Password cracker
d) NIC cracker
Answer: b
Explanation: A sniffer tool turns your machine’s NIC to the dissolute mode so that hackers can listen to & observe all your data packets. Hence they can know what type of data is being transmitted and received.

14. In _____________ sniffing, the network traffic is not only supervised & locked but also be can be altered in different ways to accomplish the attack.
a) passive
b) signal
c) network
d) active
Answer: d
Explanation: Sniffing is like tapping the phone calls & over-heard about any discussion. In active sniffing, the network traffic is not only supervised & locked but also be can be altered in different ways to accomplish the attack.

15. __________________ are those devices which can be plugged into your network at the hardware level & it can monitor traffic.
a) Hardware sniffers & analyzers
b) Hardware protocol analyzers
c) Hardware protocol sniffers
d) Hardware traffic sniffers and observers
Answer: b
Explanation: Sniffing is data interception method which can be done using hardware also. Hardware protocol analyzers are those devices which can be plugged into your network at the hardware level & it can monitor traffic without manipulating it.

16. Which of the following is not a transport layer vulnerability?
a) Mishandling of undefined, poorly defined
b) The Vulnerability that allows “fingerprinting” & other enumeration of host information
c) Overloading of transport-layer mechanisms
d) Unauthorized network access
Answer: d
Explanation: The different vulnerabilities of the Transport layer are mishandling of undefined, poorly defined, Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.

17. Which of the following is not session layer vulnerability?
a) Mishandling of undefined, poorly defined
b) Spoofing and hijacking of data based on failed authentication attempts
c) Passing of session-credentials allowing intercept and unauthorized use
d) Weak or non-existent authentication mechanisms
Answer: a
Explanation: Vulnerabilities of session layer of the OSI model are spoofing and hijacking of data based on failed authentication attempts, weak or non-existent authentication mechanisms, and the passing of session-credentials allowing intercept and unauthorized use.

18. Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a) Physical layer
b) Data-link Layer
c) Session layer
d) Presentation layer
Answer: c
Explanation: Session identification may be subject to spoofing may lead to data leakage which depends on failed authentication attempts and allow hackers to allow brute-force attacks on access credentials.

19. Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a) True
b) False
Answer: a
Explanation: Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets. This type of attacks is done in the transport layer of the OSI model.

20. Which of the following is not an example of presentation layer issues?
a) Poor handling of unexpected input can lead to the execution of arbitrary instructions
b) Unintentional or ill-directed use of superficially supplied input
c) Cryptographic flaws in the system may get exploited to evade privacy
d) Weak or non-existent authentication mechanisms
Answer: d
Explanation: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-directed use of superficially supplied input, and poor handling of unexpected input are examples of presentation layer flaws.

Learn Cryptography and System Security from Scratch

21. Which of the following is not a vulnerability of the application layer?
a) Application design bugs may bypass security controls
b) Inadequate security controls force “all-or-nothing” approach
c) Logical bugs in programs may be by chance or on purpose be used for crashing programs
d) Overloading of transport-layer mechanisms
Answer: d
Explanation: Application design flaws may bypass security controls, inadequate security controls as well as logical bugs in programs may be by chance or on purpose be used for crashing programs. These all are part of application layer vulnerability.

22. Which of the following is an example of Transport layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
Answer: b
Explanation: Overloading of transport-layer mechanisms is an example of transport layer vulnerability. Other examples of Transport layer vulnerability are mishandling of undefined, poorly defined, Vulnerability that allows “fingerprinting” & other enumeration of host information.

23. Which of the following is an example of session layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
Answer: a
Explanation: Weak or non-existent mechanisms for authentication is an example of session layer vulnerability. Other examples are spoofing and the hijacking of data based on failed-authentication attempts & passing of session-credentials allowing intercept and unauthorized use.

24. Which of the following is an example of presentation layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) highly complex application security controls
d) poor handling of unexpected input
Answer: d
Explanation: Poor handling of unexpected input is an example of presentation layer vulnerability. Cryptographic flaws may be exploited to circumvent privacy, unintentional use of superficially supplied input are some other examples of presentation layer vulnerability.

25. Which of the following is an example of application layer vulnerability?
a) Cryptographic flaws lead to the privacy issue
b) Very complex application security controls
c) MAC Address Spoofing
d) Weak or non-existent authentication
Answer: b
Explanation: Very complex application security controls can be an example of application layer vulnerability. Inadequate security controls, as well as logical bugs in programs, are some other examples of such type.

26. __________ is a naming system given to different computers which adapt to human-readable domain names.
a) HTTP
b) DNS
c) WWW
d) ISP
Answer: b
Explanation: DNS is a naming system given to different computers that adapt to human-readable domain names. For example, Google.co.in has a computer-readable IP address which is 8.8.8.8 & 8.8.4.4 as the primary & secondary DNS addresses.

27. DNS stands for _____________
a) Data Name System
b) Domain Name Server
c) Domain Name System
d) Domain’s Naming System
Answer: c
Explanation: Domain Name System can be compared to the phonebook of the WWW. Users’ access information over the web through these human readable domain names. For example www.google.co.in gas computer-readable IP address which is 8.8.8.8 & 8.8.4.4 as the primary & secondary DNS addresses.

28. Some security issues might exist owing to misconfigured __________________ which can direct to disclosure of information regarding the domain.
a) DNS names
b) HTTP setup
c) ISP setup
d) FTP-unsecured
Answer: a
Explanation: Some security issues might exist owing to misconfigured DNS names which can direct to disclosure of information regarding the domain. DNS adapts to human readable domain names.

29. ______________ is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings.
a) DNS mal-functioning
b) DNS cracking
c) DNS redirecting
d) DNS hijacking
Answer: d
Explanation: Misconfigured DNS names which can direct to disclosure of information regarding the domain. DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings.

30. _____________ can be attained by the use of malware or by changing the server’s settings.
a) DNS poisoning
b) DNS cracking
c) DNS hijacking
d) DNS redirecting
Answer: c
Explanation: DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings. It can be attained by the use of malware or by changing the server’s settings.

Learn Cryptography and System Security from Scratch

31. There are _________ main types of DNS hijacking.
a) 4
b) 2
c) 3
d) 5
Answer: b
Explanation: There are two main types of DNS hijacking. These are by infecting the computer with malware or DNS trojans and the other type is hacking the target website and changes its DNS address.

32. DNS trojans are used for performing a type of DNS hijacking.
a) True
b) False
Answer: a
Explanation: DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings. There are two main types of DNS hijacking. These are by infecting the computer with malware or DNS trojans.

33. The _______________ matches and maps to the user friendly domain name.
a) HTTP
b) DNS
c) WWW
d) ISP
Answer: b
Explanation: The DNS matches for directing the user-friendly domain name (like google.co.in) to its equivalent IP address. DNS servers are typically owned by any ISPs or other business organizations.

34. Which of the following is not an example of DNS hijacking?
a) ISP DNS hijacking
b) DNS hijacking for phishing
c) DNS hijacking for pharming
d) HTTP-based DNS hacking
Answer: d
Explanation: DNS hijacking is a form of nasty online attack in which a user gets redirects queries to a DNS because of override of system’s TCP/IP settings. ISP DNS hijacking, DNS hijacking for phishing, DNS hijacking for pharming are some of the examples of DNS hijacking attack.

35. A ______________ is essentially a text file residing on the server that hosts different domain containing entries for dissimilar resource records.
a) Zone file
b) Robot file
c) Bot file
d) DNS file
Answer: a
Explanation: A Zone file is essentially a text file residing on the server that hosts different domain containing entries for dissimilar resource records. It is used in DNS hijacking.

36. ______________ which is also termed as DNS spoofing, is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet.
a) DNS poisoning
b) DNS re-routing
c) DNS cracking
d) Domain link poisoning
Answer: a
Explanation: DNS cache poisoning which is also termed as DNS spoofing, is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet away from genuine servers.

37. DNS poisoning is very dangerous because it can extend its reach from one ___________ to another.
a) ISP server
b) DNS server
c) Linux server
d) Domain user
Answer: b
Explanation: DNS poisoning which is also termed as DNS spoofing is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet. DNS poisoning is very dangerous because it can extend its reach from one DNS server to another.

38. A _________________ can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it.
a) Server data
b) Domain name
c) DNS cache
d) System file
Answer: c
Explanation: A DNS cache can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it. DNS poisoning is very dangerous because it can extend its reach from one DNS server to another.

39. The ____________ Domain Name Server data will get spread to the ISPs & will be cached there.
a) working
b) compromised
c) corrupted
d) poisoned
Answer: d
Explanation: DNS cache poisoning is a kind of attack which uses DNS based vulnerabilities for diverting the traffic of the internet. The poisoned Domain Name Server data will get spread to the ISPs & will be cached there.

40. The user could be influenced by DNS hijacking if the government of that country uses DNS redirecting as a mechanism to mask censorship.
a) True
b) False
Answer: a
Explanation: A DNS cache can be poisoned if it is having an erroneous entry where the invader gets to organize the DNS server & change different kinds of information on it. The user could be influenced by DNS hijacking if the government of that country uses DNS redirecting as a mechanism to mask censorship

Learn Cryptography and System Security from Scratch

41. A ______________ tries to formulate a web resource occupied or busy its users by flooding the URL of the victim with unlimited requests than the server can handle.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack
Answer: b
Explanation: A DoS attack tries to formulate a web resource occupied or busy to its users by flooding the URL of the victim with unlimited requests than the server can handle.

42. During a DoS attack, the regular traffic on the target _____________ will be either dawdling down or entirely interrupted.
a) network
b) system
c) website
d) router
Answer: c
Explanation: Using of DoS attack put together web resource by flooding its users with unlimited requests. During a DoS attack, the regular traffic on the target website will be either dawdling down or entirely interrupted.

43. The intent of a ______________ is to overkill the targeted server’s bandwidth and other resources of the target website.
a) Phishing attack
b) DoS attack
c) Website attack
d) MiTM attack
Answer: b
Explanation: Web resource gets occupied or busy as it floods its users performing DoS attack. The intent of this attack is to overkill the targeted server’s bandwidth and other resources of the target website.

44. DoS is abbreviated as _____________________
a) Denial of Service
b) Distribution of Server
c) Distribution of Service
d) Denial of Server
Answer: a
Explanation: A Denial of Service attack targets its victim by flooding the URL of the victim with unlimited requests. The intent of this attack is to overkill the targeted server’s bandwidth and other resources of the target website.

45. A DoS attack coming from a large number of IP addresses, making it hard to manually filter or crash the traffic from such sources is known as a _____________
a) GoS attack
b) PDoS attack
c) DoS attack
d) DDoS attack
Answer: d
Explanation: A DoS attack coming from a large number of IP addresses, making it hard to manually filter or crash the traffic from such sources is known as a Distributed Denial of Service (DDoS) attack.

46. DDoS stands for _________________
a) Direct Distribution of Server
b) Distributed Denial of Service
c) Direct Distribution of Service
d) Distributed Denial of Server
Answer: b
Explanation: When a DoS attack comes from a large number of IP addresses, this makes it hard to manually filter or crash the traffic from such sources and the attack is known as a Distributed Denial of Service (DDoS) attack.

47. Instead of implementing single computer & its internet bandwidth, a ____________ utilizes various systems & their connections for flooding the targeted website.
a) GoS attack
b) PoS attack
c) DDoS attack
d) DoS attack
Answer: c
Explanation: DDoS is another leading attack type. Instead of implementing single computer & its internet bandwidth, a DDoS utilizes various systems & their connections for flooding the targeted website.

48. There are ______ types of DoS attack.
a) 2
b) 3
c) 4
d) 5
Answer: a
Explanation: With the help of DoS attack attackers try to busy its users by flooding the URL of the victim with limitless requests. There are two types of DoS attack. These are Application Layer Attacks and Network Layer DoS attacks.

49. Application layer DoS attack is also known as _______________
a) Layer4 DoS attack
b) Layer5 DoS attack
c) Layer6 DoS attack
d) Layer7 DoS attack
Answer: d
Explanation: A DoS attack is a very dangerous threat for users who have their services running via the internet. The Application Layer DoS is also known as Layer-7 DoS attack.

50. ___________ is a type of DoS threats to overload a server as it sends a large number of requests requiring resources for handling & processing.
a) Network Layer DoS
b) Physical Layer DoS
c) Transport Layer DoS
d) Application Layer DoS
Answer: d
Explanation: DoS attacks are of two types. These are Application Layer Attacks and Network Layer DoS attacks. Application Layer DoS is a type of DoS threats to overload a server as it sends a large number of requests requiring resources for handling & processing.

Learn Cryptography and System Security from Scratch

51. Which of the following is not a type of application layer DoS?
a) HTTP flooding
b) Slowloris
c) TCP flooding
d) DNS query flooding
Answer: c
Explanation: In application Layer DoS, its threats to overload a server as it sends a large quantity of requests requiring resources for handling & processing. This category includes HTTP flooding, slow-flooding attack and DNS query flooding.

52. Network layer attack is also known as ________________
a) Layer3-4 DoS attack
b) Layer5 DoS attack
c) Layer6-7 DoS attack
d) Layer2 DoS attack
Answer: a
Explanation: Denial of Service attack becomes dangerous because it floods the target service over the internet. There are two types of DoS attack. The Network Layer DoS is also known as the Layer 3-4 DoS attack.

53. Which of the following do not comes under network layer DoS flooding?
a) UDP flooding
b) HTTP Flooding
c) SYN flooding
d) NTP Amplification
Answer: b
Explanation: Network layer DoS attack is set up to congest the “pipelines” that are connecting user’s network. This includes attacks such as NTP amplification, SYN flooding, UDP flooding and DNS amplification.

54. Which of the following do not comes under network layer DoS flooding?
a) DNS amplification
b) UDP flooding
c) DNS query flooding
d) NTP Amplification
Answer: c
Explanation: Network layer DoS attack includes attacks such as NTP amplification, SYN flooding, UDP flooding and DNS amplification. DNS query flooding does not come under the Network layer DoS attack.

55. DDoS are high traffic events that are measured in Gigabits per second (Gbps) or packets per second (PPS).
a) True
b) False
Answer: a
Explanation: At the time of DoS attack, it becomes hard to manually filter or crash the traffic from such sources. DDoS are high traffic events that are measured in Gigabits per second (Gbps) or packets per second (PPS).

56. A DDoS with 20 to 40 Gbps is enough for totally shutting down the majority network infrastructures.
a) True
b) False
Answer: a
Explanation: A DoS attack is very dangerous for any targeted victim because it can seize business and bring loss to a company running on the website. A DDoS with 20 to 40 Gbps is enough for totally shutting down the majority network infrastructures.

57. Internet Control Message Protocol (ICMP) has been designed to compensate _________
a) Error-reporting
b) Error-correction
c) Host and management queries
d) All of the mentioned
Answer: d
Explanation: IP by itself does not provide the features of error reporting or error correction. So, to address these issues a network layer protocol called Internet Control Message Protocol is used. ICMP operates over the IP packet to provide error reporting functionality.

58. Header size of the ICMP message is _________
a) 8-bytes
b) 8-bits
c) 16-bytes
d) 16-bits
Answer: a
Explanation: An ICMP message has an 8-byte header and a variable size data section. Out of the 8 bytes, the first 4 bytes are of a fixed format having the type, code and checksum fields and the next 4 bytes depend upon the type of the message.

59. During error reporting, ICMP always reports error messages to ________
a) Destination
b) Source
c) Next router
d) Previous router
Answer: b
Explanation: ICMP notifies the source about the error when an error is detected because the datagram knows information about source and destination IP address. The source can then retransmit the data again or try to correct those errors.

60. Which of these is not a type of error-reporting message?
a) Destination unreachable
b) Source quench
c) Router error
d) Time exceeded
Answer: c
Explanation: Router error is not a type of error-reporting message in ICMP. The type of error reporting message is specified in the ICMP header. Destination unreachable is type 3 error message, source quench is type 4, and time exceeded is type 11 error message.

Learn Cryptography and System Security from Scratch

61. ICMP error message will not be generated for a datagram having a special address such as _______
a) 127.0.0.0
b) 12.1.2
c) 11.1
d) 127
Answer: a
Explanation: 127.0.0.0 is a special address known as the loopback address which is used for testing purpose of a machine without actually communicating with a network. Thus no error reporting message will be generated for such special addresses.

62. When a router cannot route a datagram or host cannot deliver a datagram, the datagram is discarded and the router or the host sends a ____________ message back to the source host that initiated the datagram.
a) Destination unreachable
b) Source quench
c) Router error
d) Time exceeded
Answer: a
Explanation: Router sends destination unreachable message if the destination is not found. Destination unreachable is type 3 error reporting message. It is invoked when the router can’t find a path to the intended destination to forward the packet through.

63. The source-quench message in ICMP was designed to add a kind of ____________ to the IP.
a) error control
b) flow control
c) router control
d) switch control
Answer: b
Explanation: Firstly, it informs the source that the datagram has been discarded. Secondly, it warns the source that there is congestion in the network. It’s type 4 error reporting message after which the source is expected to reduce the flow of packets.

64. In case of time exceeded error, when the datagram visits a router, the value of time to live field is _________
a) Remains constant
b) Decremented by 2
c) Incremented by 1
d) Decremented by 1
Answer: d
Explanation: This field will be decremented by 1 at every router, and will be zero by the time it reaches source. This error reporting message is type 11 and is used to prevent the router from travelling forever in case some unknown path anomaly occurs.

65. Two machines can use the timestamp request and timestamp replay messages to determine the ___________ needed for an IP datagram to travel between them.
a) Half-trip time
b) Round-trip time
c) Travel time for the next router
d) Time to reach the destination/source
Answer: b
Explanation: The round-trip time refers to the total time taken combining the time taken for a packet sent from a source to reach a destination and the time taken the acknowledgement sent by the destination to reach the source. The Router sends destination unreachable message if the destination is not found.

66. During debugging, we can use the ____________ program to find if a host is alive and responding.
a) traceroute
b) shell
c) ping
d) java
Answer: c
Explanation: Ping program is used to find if a host is alive and responding. It is to be entered into a command line with the syntax “ping (IP address)” to be executed. Traceroute is a program used to find the shortest route to the destination IP.

67. In windows ____________ can be used to trace the route of the packet from the source to the destination.
a) traceroute
b) tracert
c) ping
d) locater
Answer: b
Explanation: Tracert is used in case of windows, whereas Traceroute in UNIX. Tracert is a program used to find the shortest route to the destination IP. The Router sends destination unreachable message if a path to the destination IP is not found.

68. In a simple echo-request message, the value of the sum is 01010000 01011100. Then, value of checksum is ___________
a) 10101111 10100011
b) 01010000 01011100
c) 10101111 01011100
d) 01010000 10100011
Answer: a
Explanation: The sender side adds the bits of the fragmented packet to find a sum. Checksum is the compliment of the sum (exchange 0’s and 1’s). The receiver then has to verify the checksum by adding the bits of the received packet to ensure that the packet is error-free.

69. Network layer firewall works as a __________
a) Frame filter
b) Packet filter
c) Content filter
d) Virus filter
Answer: b
Explanation: As you know, firewalls are available as hardware appliances, as software-only, or a combination of the two. In every case, the purpose of a firewall is to isolate your trusted internal network (or your personal PC) from the dangers of unknown resources on the Internet and other network connections that may be harmful. The firewall prevents unauthorized access to your internal, trusted network from outside threats.

70. Network layer firewall has two sub-categories as _________
a) State full firewall and stateless firewall
b) Bit oriented firewall and byte oriented firewall
c) Frame firewall and packet firewall
d) Network layer firewall and session layer firewall
Answer: a
Explanation: Most network layer firewalls can operate as stateful or stateless firewalls, creating two subcategories of the standard network layer firewall. Stateful firewalls have the advantage of being able to track packets over a period of time for greater analysis and accuracy — but they require more memory and operate more slowly. Stateless firewalls do not analyze past traffic and can be useful for systems where speed is more important than security, or for systems that have very specific and limited needs. For example, a computer that only needs to connect to a particular backup server does not need the extra security of a stateful firewall.

Learn Cryptography and System Security from Scratch

71. A firewall is installed at the point where the secure internal network and untrusted external network meet which is also known as __________
a) Chock point
b) Meeting point
c) Firewall point
d) Secure point
Answer: a
Explanation: A firewall can be a PC, a router, a midrange, a mainframe, a UNIX workstation, or a combination of these that determines which information or services can be accessed from the outside and who is permitted to use the information and services from outside. Generally, a firewall is installed at the point where the secure internal network and untrusted external network meet, which is also known as a chokepoint.

72. Which of the following is / are the types of firewall?
a) Packet Filtering Firewall
b) Dual Homed Gateway Firewall
c) Screen Host Firewall
d) Dual Host Firewall
Answer: a
Explanation: A firewall can be a PC, a midrange, a mainframe, a UNIX workstation, a router, or combination of these. Depending on the requirements, a firewall can consist of one or more of the following functional components: Packet-filtering router

73. A proxy firewall filters at _________
a) Physical layer
b) Data link layer
c) Network layer
d) Application layer
Answer: d
Explanation: The application firewall is typically built to control all network traffic on any layer up to the application layer. It is able to control applications or services specifically, unlike a stateful network firewall, which is – without additional software – unable to control network traffic regarding a specific application. There are two primary categories of application firewalls, network-based application firewalls and host-based application firewalls.

74. A packet filter firewall filters at __________
a) Physical layer
b) Data link layer
c) Network layer or Transport layer
d) Application layer
Answer: c
Explanation: In computing, a firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed not to be secure or trusted.[2] Firewalls are often categorized as either network firewalls or host-based firewalls.

75. What is one advantage of setting up a DMZ with two firewalls?
a) You can control where traffic goes in three networks
b) You can do stateful packet filtering
c) You can do load balancing
d) Improved network performance
Answer: c
Explanation: DMZ stands for De-Militarized Zone. In a topology with a single firewall serving both internal and external users (LAN and WAN), it acts as a shared resource for these two zones. So load balancing can be done by adding another firewall.

76. What tells a firewall how to reassemble a data stream that has been divided into packets?
a) The source routing feature
b) The number in the header’s identification field
c) The destination IP address
d) The header checksum field in the packet header
Answer: a
Explanation: The source routing feature provides a path address for the packet to help the firewall to reassemble the data stream that was divided into packets. After reassembling, the firewall can then filter the stream.

77. A stateful firewall maintains a ___________ which is a list of active connections.
a) Routing table
b) Bridging table
c) State table
d) Connection table
Answer: a
Explanation: The routing table basically gives the state of each connection i.e. whether the connection is active or not. A routing table ensures the best performance for the stateful firewall.

78. A firewall needs to be __________ so that it can grow proportionally with the network that it protects.
a) Robust
b) Expansive
c) Fast
d) Scalable
Answer: b
Explanation: The firewall has to be expansive because a network is expected to grow with time and if the firewall is unable to grow with it, the firewall won’t be able to handle the growing network traffic flow and will hence fail.

What is a set of steps that converts readable text into unreadable text?

Encryption is used to convert readable text or plain text into unreadable text or cipher text. Encryption is a two way data conversion technique, meaning data which is encrypted can also be decrypted (if you have the decryption key).

What is unencrypted readable data called?

Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext.

What purpose was the BSA formed?

The BSA provides a foundation to promote financial transparency and deter and detect those who seek to misuse the U.S. financial system to launder criminal proceeds, finance terrorist acts, or move funds for other illicit purposes. The BSA requires each bank to establish a BSA/AML compliance program.

What should an AUP specify?

An AUP sets rules related to an organization's IT security policies. These include rules around accessing restricted information; changing access data, such as passwords; opening questionable email attachments; using public Wi-Fi services; and using company approved authentication procedures.