0

security Online Quiz - 66

Description: security Online Quiz - 66
Number of Questions: 32
Created by:
Tags: security
Attempted 0/32 Correct 0 Score 0

How to implement authentication via web.config?

  1. Include the authentication element.

  2. Include the authorization element.

  3. Include the identity element.

  4. Include the deny element.


Correct Option: B

AI Explanation

To implement authentication via the web.config file, you need to include the authorization element.

Option A) Include the authentication element - This option is incorrect because the authentication element is used to configure authentication settings, such as the authentication mode and providers. It is not directly related to implementing authentication.

Option B) Include the authorization element - This option is correct because the authorization element is used to configure authorization settings, such as specifying which users or roles are allowed or denied access to specific resources. It plays a crucial role in implementing authentication by controlling access based on user credentials.

Option C) Include the identity element - This option is incorrect because the identity element is not directly related to implementing authentication. It is used to configure identity settings, such as impersonation and Windows authentication.

Option D) Include the deny element - This option is incorrect because the deny element is used within the authorization element to explicitly deny access to specific users or roles. While it is part of the authorization configuration, it is not the main element for implementing authentication.

The correct answer is Option B) Include the authorization element. This option is correct because the authorization element is used to configure authorization settings, which play a crucial role in implementing authentication.

  1. Cross site Scripting

  2. Injection flaws

  3. Privilege Escalation

  4. None of the above


Correct Option: C
  1. Server side Validation

  2. Client side Validation

  3. None of the above

  4. Both 1 and 2


Correct Option: B

Allowing user input to control paths used in file system operations may results in----

  1. Privilege Escalations

  2. Path traversal Attack

  3. Cross Site Scripting

  4. Buffer overflow


Correct Option: B
  1. an ASCII file that contains an entry for each user

  2. File which is created and maintained by a server of activity performed by it.

  3. short python program that prints the list of all files inside the current directory

  4. File which is created and maintained by the operating system


Correct Option: B
  1. uses different ports

  2. HTTPS is insure while HTTP is secure

  3. HTTPS is designed to withstand such attacks and is secure.

  4. Both 1 and 3

  5. Both 2 and 3


Correct Option: D

As a preventive measure what needs to be done while accessing the Database?

  1. Use of dynamic Query with System Privilege Account

  2. Use of Prepared Statements

  3. Use Least Privilege Account

  4. Both 1 and 3

  5. Both 2 and 3


Correct Option: E
  1. Firewall

  2. Input Validation

  3. Updated Antivirus

  4. Extension check for file


Correct Option: B
  1. Cross site Scripting

  2. Injection flaws

  3. Privilege Escalation

  4. None of the above


Correct Option: C

Which validation can be bypassed easily?

  1. Server side Validation

  2. Client side Validation

  3. None of the above

  4. Both 1 and 2


Correct Option: B
  1. Privilege Escalations

  2. Path traversal Attack

  3. Cross Site Scripting

  4. Buffer overflow


Correct Option: B
  1. an ASCII file that contains an entry for each user

  2. File which is created and maintained by a server of activity performed by it

  3. short python program that prints the list of all files inside the current directory

  4. File which is created and maintained by the operating system


Correct Option: B

HTTP Vs HTTPS

  1. uses different ports

  2. HTTPS is insure while HTTP is secure

  3. HTTPS is designed to withstand such attacks and is secure.

  4. Both 1 and 3

  5. Both 2 and 3


Correct Option: D
  1. stored on Server

  2. executable text

  3. used for authentication

  4. all of the above


Correct Option: C

It is 802.11 network detector, packet sniffer, and intrusion detection system which work passively.

  1. Kismet

  2. Nmap

  3. Crackspider

  4. John the Ripper


Correct Option: A

The first virus that used polymorphic engine to mutate itself to avoid detection by Anti-Virus but keep the base algorithm same is

  1. Virut

  2. Morph

  3. 1260

  4. Timid Virus


Correct Option: C

A type of computer threat that exploits vulnerabilities in Application that is not yet known to vendor or others and for which a patch is yet to be released

  1. Rootkit

  2. Denial of Service

  3. Zero Day

  4. Worm


Correct Option: C

The last Service Pack for Windows XP was

  1. SP3

  2. SP2

  3. SP4

  4. SP1


Correct Option: A

A technique where in a hacker masquerades a fake website to look like the original one to obtain sensitive information from a victim

  1. Keylogging

  2. Backdoor

  3. Phishing

  4. Masquerading


Correct Option: C
Explanation:

To solve this question, the user needs to be familiar with different hacking techniques. The user must identify the technique used by the hacker to obtain sensitive information from a victim.

The correct answer is:

C. Phishing

Explanation:

Phishing is a technique used by hackers to create a fake website or email to look like an original one to trick the victims into providing sensitive information, such as passwords, credit card numbers, or social security numbers. The fake website or email will usually contain a link to the original website, but when the victim clicks on the link, they will be directed to the fake website where the hacker can obtain their sensitive information.

Option A, Keylogging, is a technique used to record the keystrokes of a victim to obtain their login credentials.

Option B, Backdoor, is a technique used to create a hidden entry point to a computer system to gain access to it later.

Option D, Masquerading, is a general term that refers to any technique used to disguise oneself or one's activities.

Therefore, the correct answer is C. Phishing.

A variant of computer malware whose name was influenced by Greek Mythology

  1. Chimera

  2. Trojan

  3. Hercules

  4. Hydra


Correct Option: B

Pick Odd One Out :

  1. AES

  2. DES

  3. RSA

  4. MARS


Correct Option: B

AI Explanation

To answer this question, you need to understand the different encryption algorithms.

Option A) AES - AES stands for Advanced Encryption Standard. It is a symmetric encryption algorithm widely used for securing sensitive data. AES is a strong encryption algorithm and is considered to be secure.

Option B) DES - DES stands for Data Encryption Standard. It is a symmetric encryption algorithm that was widely used in the past. However, DES is no longer considered secure due to its small key size.

Option C) RSA - RSA is an asymmetric encryption algorithm named after its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman. RSA is widely used for secure communication and digital signatures. It is based on the mathematical properties of large prime numbers.

Option D) MARS - MARS stands for Multiple-precision Advanced RISC Machine. However, MARS is not an encryption algorithm. It is a type of microprocessor architecture used in computer systems.

The correct answer is B) DES. DES is the odd one out because it is an outdated encryption algorithm that is no longer considered secure. AES, RSA, and MARS are all valid encryption-related terms or algorithms.

Which of the below Algorithm is the strongest in using cariable key mechanism for Encyption

  1. Mars

  2. Serpent

  3. Twofish

  4. Des


Correct Option: B

How many versions does a DES algorithm have

  1. 5

  2. 2

  3. 9

  4. 13


Correct Option: B

What is the Vulnerability of AES Encryption

  1. Brute force Attack

  2. Variable Key Attack

  3. Round Key Analysis

  4. Plain Text Attack


Correct Option: D

How many Standard versions of AES algorithm are available

  1. 1

  2. 2

  3. 3

  4. 4


Correct Option: C

How do you fix the unbounded string copy in the following code? char fname[20]; /* 1 / cout << “Enter First Name:”; / 2 / cin >> fname ; / 3 */

  1. Replace cin call in line 3 with gets() function

  2. The length of input from cin cannot be limited. Use a larger array for fname

  3. Use cin.width[20] before line 3

  4. Use cin.size[19] before line 3


Correct Option: C

Are there any memory issues in the following code? Please assume that variable inputsize has the correct size. int add_num_array(int inputsize, int num) { int newnum = malloc (inputsize * sizeof(int)); / 1 */ int i; for (i=0; i

  1. No vulnerabilities are present

  2. Line 1 should only use malloc(inputsize)

  3. Line 2 should be for (i=0; i<=n, i++)

  4. Line 1 should use calloc() instead of malloc()


Correct Option: D

What is the vulnerability in this code? char output[20]; /* Assume data is a character array with value %200d asdf */ sprintf(output, data);

  1. Buffer overflow

  2. Off by one error

  3. Format string vulnerability

  4. No vulnerabilities are present in this code


Correct Option: C

What is the vulnerability in this code? int main(int argc, char * argv[]) { printf (argv[1]); }

  1. Buffer overflow

  2. Off by one error

  3. Format string vulnerability

  4. No vulnerabilities are present in this code


Correct Option: C

What is the possible vulnerability in this code? unsigned int total, userinput1, userinput2; userinput1 = receiveInput(); userinput2 = receiveInput(); total = userinput1 + userinput2;

  1. Integer overflow

  2. Buffer overflow

  3. Stack overflow

  4. Data type mismatch


Correct Option: A
- Hide questions