آزمون امتحان دوره - 1399-1400 +security به صورت دیجی فرم

استفاده از اپلیکیشن ها و پیامرسان ها، پاسخ به تماس ها و استفاده از کلید های پایین موبایل مجاز نیست

زمان تکمیل این آزمون 23 دقیقه میباشد

پس از پاسخ به هر سوال، امکان بازگشت و ویرایش پاسخ وجود ندارد

تایید و ادامه

نام و نام خانوادگی خود را وارد نمایید *

تایید

شماره دانشجویی خود را وارد نمایید *

تایید

To protect against malicious attacks, what should you think like? (1 نمره)

Hacker

Network admin

Auditor

Spoofer

تایید

Which of the following does the A in CIA stand for when it comes to IT security?(Select the best answer.) (1 نمره)

Assessment

Auditing

Accountability

Availability

تایید

A user receives an e-mail but the e-mail client software says that the digital signature is invalid and the sender of the e-mail cannot be verified. The would-be recipient is concerned about which of the following concepts? (1 نمره)

Availability

Remediation

Confidentiality

Integrity

تایید

A group of compromised computers that have software installed by a worm or Trojan is known as which of the following? (1 نمره)

Rootkit

Zombie

Botnet

Virus

تایید

Which of the following is a common symptom of spyware? (1 نمره)

Computer shuts down

Pop-up windows

Infected files

Applications freeze

تایید

Which type of attack uses more than one computer? (1 نمره)

DDoS

Virus

DoS

Worm

تایید

What is a malicious attack that executes at the same time every week? (1 نمره)

Worm

Ransomware

Virus

Logic bomb

تایید

What type of attack sends two different messages using the same hash function, which end up causing a collision? (1 نمره)

Man-in-the-middle attack

Logic bomb

Bluesnarfing

Birthday attack

تایید

Which of the following is the weakest encryption type? (1 نمره)

DES

AES

RSA

SHA

تایید

You are attempting to move data to a USB flash drive. Which of the following enables a rapid and secure connection? (1 نمره)

AES-256

MD5

3DES

SHA-2

تایید

Your boss wants you to set up an authentication scheme in which employees will use smart cards to log in to the company network. What kind of key should be used to accomplish this? (1 نمره)

Private key

Shared key

Cipher key

Public key

تایید

Why would an attacker use steganography? (1 نمره)

For data integrity

To hide information

For wireless access

To encrypt information

تایید

Which of the following methods can be used by a security administrator to recover a user’s forgotten password from a password-protected file? (1 نمره)

Social engineering

Packet sniffing

Brute-force

Cognitive password

تایید

Which of the following is the strongest password? (1 نمره)

This1sV#ryS3cure

ocrian#

Marqu1sD3S0d

Thisisverysecure

تایید

Which of the following is the least secure type of wireless encryption? (1 نمره)

WPA2 with AES

WPA with TKIP

WEP 128-bit

WEP 64-bit

تایید

Making data appear as if it is coming from somewhere other than its original source is known as what? (1 نمره)

Phishing

Cracking

Spoofing

Hacking

تایید

Which of the following cloud computing services offers easy-to configure operating systems? (1 نمره)

SaaS

IaaS

PaaS

تایید

Which of the following should be placed between the LAN and the Internet? (1 نمره)

DMZ

Extranet

Domain controller

HIDS

تایید

Your organization’s servers and applications are being audited. One of the IT auditors tests an application as an authenticated user. Which of the following testing methods is being used? (1 نمره)

Black-box

Gray-box

Penetration testing

White-box

تایید

You are the security administrator for your organization. You want to ensure the confidentiality of data on mobile devices. What is the best solution? (1 نمره)

Remote wipe

Device encryption

Screen locks

AV software

تایید

Which of the following would most likely be considered for DLP? (1 نمره)

Proxy server

Print server

USB mass storage device

Application server content

تایید

Which of the following is not an advantage of NTFS over FAT32? (1 نمره)

NTFS supports file encryption

NTFS supports larger volumes

NTFS supports larger file sizes

NTFS supports more file formats

تایید

Which of the following should you implement to fix a single security issue on the computer? (1 نمره)

Patch

Support website

Baseline

Service pack

تایید

In Windows, which of the following commands will not show the version number? (1 نمره)

Winver

Systeminfo

Msinfo32.exe

Wf.msc

تایید

As part of your user awareness training, you recommend that users remove which of the following when they finish accessing the Internet? (1 نمره)

Temporary files

Instant messaging

Group policies

تایید

Which of the following concepts can ease administration but can be the victim of a malicious attack? (1 نمره)

Zombies

Buffer overflow

Backdoors

Group Policy

تایید

How can you train a user to easily determine whether a web page has a valid security certificate? (Select the best answer.) (1 نمره)

Have the user check for HTTPS

Have the user call the ISP

Have the user click the padlock in the browser and verify the certificate

Have the user contact the webmaster

تایید

What’s the best way to prevent SQL injection attacks on web applications? (1 نمره)

Host-based firewall

Add HTTPS pages

Input validation

Update the web server

تایید

Which of the following attacks uses a JavaScript image tag in an e-mail? (1 نمره)

Directory traversal

Null pointer dereference

Cross-site scripting

Cross-site request forgery

SQL injection

تایید

Which of the following best describes a protective countermeasure for SQL injection? (1 نمره)

Installing an IDS to monitor the network

Eliminating XSS vulnerabilities

Validating user input within web-based applications

Implementing a firewall server between the Internet and the database server

تایید