Question

Which of the following security attack affects or exhibits threats to the integrity of any message?
(a) Interruption
(b) Modification
(c) Interception
(d) Fabrication
Spoofing is an example of: [Select all correct options]
(a) Deception
(b) Disclosure
(c) Usurpation
(d) Disruption
Which of the following is/are NOT a type of an active attack?
(a) Denial of service
(b) Traffic analysis
(c) Replay
(d) Masquerade
Typical goal(s) of a security mechanism is/are:
(a)Prevention
(b)Counter Attack
(c)Detection
(d)Trust
Considering the multi-tenancy property of cloud, new risks involve:
(a)Side-channels exploitation
(b)Vulnerable VM isolation mechanisms
(c)Lack of control in shared server space
(d)Denial of Service (DOS)
Which of the following is/are Gartner’s cloud computing security risks?
(a) Data Location
(b) Long-term Viability
(c) Privileged User Access
(d) Operating System Vulnerability
In cloud “Recovery Time Objective” ( RTO) depicts:
(a)The period of time allowed for recovery
(b)Percentage of data recovered
(c )Maximum amount of data recovered
(d)None
Which type(s) of firewall record(s) information about ongoing TCP sessions and ensures out-of-session packets are discarded?
(a) Stateful
(b) Application proxy
(c) Packet filter
(d) None of these
Which of the following sequence is correct for working of network security?
(a) Reconnaissance, Determine security policy, Determine security policy, Post-attack investigation
(b) Determine security policy, Vulnerability scanning, Post-attack investigation, Reconnaissance
(c) Vulnerability scanning, Determine security policy, Reconnaissance, Post-attack investigation
(d) Determine security policy, Reconnaissance, Vulnerability scanning, Post-attack investigation
Basic component(s) of cloud security is/are:
(a)Integrity
(b)Availability
(c)Confidentiality
(d)Access Control

Answer 1

1)b
2)a,c
3)b
4)a,c
5)a,b,c
6)a,b,c
7)a
8)a
9)d
10)a,b,c

Answer 2

Answer:

1) c is correct.

2) a, c are correct.

3) b is correct.

4) a, c are correct.

5) a, b, c are correct.

6) a, b, c are correct.

7) a is correct.

8) a is correct.

9) d is correct.

10) a, b, c are correct.

Explanation:

1. Interception affects or exhibits threats to the integrity of any message.
2. Spoofing is an example of deception and usurpation.
3. Denial of service, Traffic analysis and Masquerade are types of active attacks.
4. Typical goals of a security mechanism are prevention and detection.
5. Considering the multi-tenancy property of cloud, new risks involve: Side-channels exploitation, Vulnerable VM isolation mechanisms and Lack of control in shared server space.
6. Data Location, Long-term Viability, Privileged User Access are Gartner’s cloud computing security risks.
7. In cloud “Recovery Time Objective” ( RTO) depicts the period of time allowed for recovery.
8. Stateful firewalls record information about ongoing TCP sessions and ensures out-of-session packets are discarded.
9. Security policy, Reconnaissance, Vulnerability scanning, Post-attack investigation is the correct sequence for working of network security.
10. Basic components of cloud security is/are: Integrity, Availability and Confidentiality