• security Online Quiz - 66
Back
0

security Online Quiz - 66

Description: security Online Quiz - 66
Number of Questions: 32
Created by:
Tags: security
Start the Quiz
Attempted 0/32 Correct 0 Score 0

How to implement authentication via web.config?

security

  1. Include the authentication element.

  2. Include the authorization element.

  3. Include the identity element.

  4. Include the deny element.

Show answer
Correct Option: B

AI Explanation

To implement authentication via the web.config file, you need to include the authorization element.

Option A) Include the authentication element - This option is incorrect because the authentication element is used to configure authentication settings, such as the authentication mode and providers. It is not directly related to implementing authentication.

Option B) Include the authorization element - This option is correct because the authorization element is used to configure authorization settings, such as specifying which users or roles are allowed or denied access to specific resources. It plays a crucial role in implementing authentication by controlling access based on user credentials.

Option C) Include the identity element - This option is incorrect because the identity element is not directly related to implementing authentication. It is used to configure identity settings, such as impersonation and Windows authentication.

Option D) Include the deny element - This option is incorrect because the deny element is used within the authorization element to explicitly deny access to specific users or roles. While it is part of the authorization configuration, it is not the main element for implementing authentication.

The correct answer is Option B) Include the authorization element. This option is correct because the authorization element is used to configure authorization settings, which play a crucial role in implementing authentication.

Which of the following vulnerability can not be handled by Input Validation?
technology security

  1. Cross site Scripting

  2. Injection flaws

  3. Privilege Escalation

  4. None of the above

Show answer
Correct Option: C

Which validation can be bypassed easily?
technology security

  1. Server side Validation

  2. Client side Validation

  3. None of the above

  4. Both 1 and 2

Show answer
Correct Option: B

Allowing user input to control paths used in file system operations may results in----

technology security

  1. Privilege Escalations

  2. Path traversal Attack

  3. Cross Site Scripting

  4. Buffer overflow

Show answer
Correct Option: B

What is a Log File.
technology security

  1. an ASCII file that contains an entry for each user

  2. File which is created and maintained by a server of activity performed by it.

  3. short python program that prints the list of all files inside the current directory

  4. File which is created and maintained by the operating system

Show answer
Correct Option: B

HTTP Vs HTTPS
technology security

  1. uses different ports

  2. HTTPS is insure while HTTP is secure

  3. HTTPS is designed to withstand such attacks and is secure.

  4. Both 1 and 3

  5. Both 2 and 3

Show answer
Correct Option: D

As a preventive measure what needs to be done while accessing the Database?

technology security

  1. Use of dynamic Query with System Privilege Account

  2. Use of Prepared Statements

  3. Use Least Privilege Account

  4. Both 1 and 3

  5. Both 2 and 3

Show answer
Correct Option: E

How many types of Privilege Escalations can happen in the Web Applications?
technology security

  1. One

  2. Two

  3. Three

  4. Four

Show answer
Correct Option: B

What can be the Best Preventive measures against different vulnerabilities?
technology security

  1. Firewall

  2. Input Validation

  3. Updated Antivirus

  4. Extension check for file

Show answer
Correct Option: B

Which of the following vulnerability can not be handled by Input Validation?
technology security

  1. Cross site Scripting

  2. Injection flaws

  3. Privilege Escalation

  4. None of the above

Show answer
Correct Option: C

Which validation can be bypassed easily?

technology security

  1. Server side Validation

  2. Client side Validation

  3. None of the above

  4. Both 1 and 2

Show answer
Correct Option: B

Allowing user input to control paths used in file system operations may results in----
technology security

  1. Privilege Escalations

  2. Path traversal Attack

  3. Cross Site Scripting

  4. Buffer overflow

Show answer
Correct Option: B

What is a Log File.
technology security

  1. an ASCII file that contains an entry for each user

  2. File which is created and maintained by a server of activity performed by it

  3. short python program that prints the list of all files inside the current directory

  4. File which is created and maintained by the operating system

Show answer
Correct Option: B

HTTP Vs HTTPS

technology security

  1. uses different ports

  2. HTTPS is insure while HTTP is secure

  3. HTTPS is designed to withstand such attacks and is secure.

  4. Both 1 and 3

  5. Both 2 and 3

Show answer
Correct Option: D

Cookie is—
technology security

  1. stored on Server

  2. executable text

  3. used for authentication

  4. all of the above

Show answer
Correct Option: C

It is 802.11 network detector, packet sniffer, and intrusion detection system which work passively.

technology security

  1. Kismet

  2. Nmap

  3. Crackspider

  4. John the Ripper

Show answer
Correct Option: A

The first virus that used polymorphic engine to mutate itself to avoid detection by Anti-Virus but keep the base algorithm same is

technology security

  1. Virut

  2. Morph

  3. 1260

  4. Timid Virus

Show answer
Correct Option: C

A type of computer threat that exploits vulnerabilities in Application that is not yet known to vendor or others and for which a patch is yet to be released

technology security

  1. Rootkit

  2. Denial of Service

  3. Zero Day

  4. Worm

Show answer
Correct Option: C

The last Service Pack for Windows XP was

technology security

  1. SP3

  2. SP2

  3. SP4

  4. SP1

Show answer
Correct Option: A

A technique where in a hacker masquerades a fake website to look like the original one to obtain sensitive information from a victim

technology security

  1. Keylogging

  2. Backdoor

  3. Phishing

  4. Masquerading

Show answer
Correct Option: C
Explanation:

To solve this question, the user needs to be familiar with different hacking techniques. The user must identify the technique used by the hacker to obtain sensitive information from a victim.

The correct answer is:

C. Phishing

Explanation:

Phishing is a technique used by hackers to create a fake website or email to look like an original one to trick the victims into providing sensitive information, such as passwords, credit card numbers, or social security numbers. The fake website or email will usually contain a link to the original website, but when the victim clicks on the link, they will be directed to the fake website where the hacker can obtain their sensitive information.

Option A, Keylogging, is a technique used to record the keystrokes of a victim to obtain their login credentials.

Option B, Backdoor, is a technique used to create a hidden entry point to a computer system to gain access to it later.

Option D, Masquerading, is a general term that refers to any technique used to disguise oneself or one's activities.

Therefore, the correct answer is C. Phishing.

A variant of computer malware whose name was influenced by Greek Mythology

technology security

  1. Chimera

  2. Trojan

  3. Hercules

  4. Hydra

Show answer
Correct Option: B

Pick Odd One Out :

technology security

  1. AES

  2. DES

  3. RSA

  4. MARS

Show answer
Correct Option: B

AI Explanation

To answer this question, you need to understand the different encryption algorithms.

Option A) AES - AES stands for Advanced Encryption Standard. It is a symmetric encryption algorithm widely used for securing sensitive data. AES is a strong encryption algorithm and is considered to be secure.

Option B) DES - DES stands for Data Encryption Standard. It is a symmetric encryption algorithm that was widely used in the past. However, DES is no longer considered secure due to its small key size.

Option C) RSA - RSA is an asymmetric encryption algorithm named after its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman. RSA is widely used for secure communication and digital signatures. It is based on the mathematical properties of large prime numbers.

Option D) MARS - MARS stands for Multiple-precision Advanced RISC Machine. However, MARS is not an encryption algorithm. It is a type of microprocessor architecture used in computer systems.

The correct answer is B) DES. DES is the odd one out because it is an outdated encryption algorithm that is no longer considered secure. AES, RSA, and MARS are all valid encryption-related terms or algorithms.

Which of the Following uses Symetric Metrix to Encrypt data
technology security

  1. Blow Fish

  2. Two Fish

  3. Rijindale

  4. Caesar

Show answer
Correct Option: B,C

Which of the below Algorithm is the strongest in using cariable key mechanism for Encyption

technology security

  1. Mars

  2. Serpent

  3. Twofish

  4. Des

Show answer
Correct Option: B

How many versions does a DES algorithm have

technology security

  1. 5

  2. 2

  3. 9

  4. 13

Show answer
Correct Option: B

What is the Vulnerability of AES Encryption

technology security

  1. Brute force Attack

  2. Variable Key Attack

  3. Round Key Analysis

  4. Plain Text Attack

Show answer
Correct Option: D

How many Standard versions of AES algorithm are available

technology security

  1. 1

  2. 2

  3. 3

  4. 4

Show answer
Correct Option: C

How do you fix the unbounded string copy in the following code? char fname[20]; /* 1 / cout << “Enter First Name:”; / 2 / cin >> fname ; / 3 */

technology security

  1. Replace cin call in line 3 with gets() function

  2. The length of input from cin cannot be limited. Use a larger array for fname

  3. Use cin.width[20] before line 3

  4. Use cin.size[19] before line 3

Show answer
Correct Option: C

Are there any memory issues in the following code? Please assume that variable inputsize has the correct size. int add_num_array(int inputsize, int num) { int newnum = malloc (inputsize * sizeof(int)); / 1 */ int i; for (i=0; i

technology security

  1. No vulnerabilities are present

  2. Line 1 should only use malloc(inputsize)

  3. Line 2 should be for (i=0; i<=n, i++)

  4. Line 1 should use calloc() instead of malloc()

Show answer
Correct Option: D

What is the vulnerability in this code? char output[20]; /* Assume data is a character array with value %200d asdf */ sprintf(output, data);

technology security

  1. Buffer overflow

  2. Off by one error

  3. Format string vulnerability

  4. No vulnerabilities are present in this code

Show answer
Correct Option: C

What is the vulnerability in this code? int main(int argc, char * argv[]) { printf (argv[1]); }

technology security

  1. Buffer overflow

  2. Off by one error

  3. Format string vulnerability

  4. No vulnerabilities are present in this code

Show answer
Correct Option: C

What is the possible vulnerability in this code? unsigned int total, userinput1, userinput2; userinput1 = receiveInput(); userinput2 = receiveInput(); total = userinput1 + userinput2;

technology security

  1. Integer overflow

  2. Buffer overflow

  3. Stack overflow

  4. Data type mismatch

Show answer
Correct Option: A
- Hide questions
ADVERTISEMENT

Find more quizzes from top tags

general knowledge
3615 Quizzes
119858 Questions
 technology
307 Quizzes
36705 Questions
 sports
963 Quizzes
19148 Questions
 history
1187 Quizzes
13475 Questions
 physics
598 Quizzes
13441 Questions
 biology
1160 Quizzes
12174 Questions
 science & technology
551 Quizzes
11015 Questions
 chemistry
490 Quizzes
9892 Questions
 maths
518 Quizzes
9324 Questions
 softskills
0 Quizzes
7131 Questions