Do you know that? $44-$49 average hourly rates for freelancers with less than five years of experience next

Contact Email: teammmrem@yahoo.com

<< All Upwork (oDesk) and Elance Tests << Elance test answers << IT & Programming category

Test answers for Internet Security 2020

(88) Last updated: January 23
Elance • IT & Programming
Questions and answers are regularly updated. Answered and not answered tests questions.

This helps getting job: Hundreds of (cover letter examples , interview questions , profile samples ) • Earn on Upwork (oDesk)
Job assistance: jobs popularityfreelance rates

Popular test answers: HTML, .Net, CSS, English, SEO, Photoshop, iOS, Java, Android, Ruby, Python, JavaScript

See all 6 tests answers updated

Find Upwork (oDesk) and Elance test answers on this website:



Collapse | Expand

88 Answered Test Questions:

1. What does IP mean?

Answers:

• Instance Principle

• Internet Protocol

• Instant Protocol

• Intellectual Property

2. What happens to your data when it is encrypted?

Answers:

• It is transferred to a third party, encoded, then sent back.

• It is compressed, renamed, and archived.

• It is sent through a series of supercomputers to be compressed multiple times.

• It is recoded to retain privacy from third-parties.

3. What is a computer virus?

Answers:

• A virus is the same as a cookie in that it is stored on your computer against your permission.

• A virus is friendly software that is simply mislabled.

• Malicious software that merely stays dormant on your computer.

• Malicious software that inserts itself into other programs.

4. Which of the following is valid difference between a Virus and a Spyware ?

Answers:

• Spyware damages data and also steals sensitive private information

• Virus damages data, Spyware steals sensitive private information

• Spyware damages data, Virus steals sensitive private information

• Virus damages data and also steals sensitive private information

5. How to avoid Man-in-the-middle attacks?

Answers:

• Accept every SSL certificate, even the broken ones

• Use connections without SSL

• Use HTTPS connections and verify the SSL certificate

6. What happens during the TCP attack; Denial of Service?

Answers:

• A virus is sent to disable their dos prompt.

• Viruses are sent to their ISP to deny them tech support.

• A worm is loaded onto the victims computer to disable their keyboard.

• Information is repeatedly sent to the victim to consume their system resources, causing them to shut down.

7. What is Internet Protocol Security?

Answers:

• Methods to secure Internet Protocol (IP) communication.

• Ways to disconnect your router in an emergency.

• Methods to secure a disconnected computer.

• Methods to secure your documents from physical breaches.

8. Which of the following is a valid Internet Security requirement?

Answers:

• Authentication

• All of the given options are correct

• Integrity

• Confidentiality

9. Digital signatures provide which of the following ?

Answers:

• authentication

• Non-repudiation

• All of the given options are correct

• integrity protection

10. In which of the following protocols does a website (if accessed using the protocol) encrypt the session with a Digital Certificate?

Answers:

• TCP

• SHTTP

• HTTPS

• XHTTP

11. Which of the following are possible security threats?

Answers:

• Illegitimate use

• All of the given options are correct

• Backdoors

• Masquerading

12. What is a firewall?

Answers:

• Firewalls are network-based security measures that control the flow of incoming and outgoing traffic.

• A firewall is a program that encrypts all the programs that access the Internet.

• A firewall is a program that keeps other programs from using the network.

• Firewalls are interrupts that automatically disconnect from the internet when a threat appears.

13. Which of the following involves submitting as many requests as possible to a single Internet computer or  service, overloading it and preventing it from servicing legitimate requests?

Answers:

• Distributed denial-of-service attacks

• Backdoor

• Masquerading

• Phishing

14. Which of the following symmetric keys can be derived from  Symmetric master key?

Answers:

• Authentication keys

• Key wrapping keys

• All of the given options are correct

• Data encryption keys

15. Which of the following are valid Cryptographic key types?

Answers:

• Public authentication key

• All of the given options are correct

• Public signature verification key

• Private signature key

16. Is true that HTTP is an insecure protocol?

Answers:

• True

• False

17. Which is the best way a system can be hardened?

Answers:

• Total disk encryption coupled with strong network security protocols.

• White-list ad filtering only.

• Installing a commercial security suite.

• Virus scanning only.

18. Why is it crucial to encrypt data in transit?

Answers:

• To assure that all of your information cannot be decrypted.

• To decrease your resources.

• So you can increase your chances of testing your encryption capabilities.

• To prevent unauthorized access to private networks and sensitive information during its most vulnerable state.

19. Which of the following are the basic functionalities of the IPsec Protocol ?

Answers:

• Security association for policy management and traffic processing

• Security protocols for AH and ESP

• Manual and automatic key management for the internet key exchange

• All of the given options are correct

20. Can a proxy be used as a firewall? If so, how?

Answers:

• No. Proxies are data encryption stations whose sole purpose is to encrypt and re-rout data.

• No. Proxies are firewalls that are maintained at locations other than that of the user.

• No. All a proxy does is re-rout Internet traffic, and thus all the malicious signals that go with it.

• Yes. A proxy acts as a network intermediary for the user that serves to control the flow of incomming and outgoing traffic.

21. In which of the following fraud methods is a legitimate/legal-looking email sent in an attempt to gather personal and financial information from recipients?

Answers:

• Virus

• Masquerading

• Phishing

• Malware

22. Which of the following is TRUE about TLS?

Answers:

• The HMAC construction used by most TLS cipher suites is specified in RFC 2104

• Provides protection against a downgrade of the protocol to a previous (less secure) version or a weaker cipher suite

• The message that ends the handshake sends a hash of all the exchanged handshake messages seen by both parties

• All of the given options are correct

23. Which of the following is a VALID type of Key Management System?

Answers:

• Third-Party Key Management System

• Dynamic Key Management System

• Integrated Key Management System

• Both Integrated Key Management System and Third-Party Key Management System

24. What is one way that a web browser is vulnerable to breaching?

Answers:

• A browser can be infected by closing it.

• A virus can be sent through the monitor.

• A browser plugin can be exploited.

• Web browsers are impervious to exploitation.

25. What two main categories of network topologies are there?

Answers:

• Digital and Topological

• Direct and Indirect

• Close and Distant

• Physical and logical.

26. What is another name for an insecure plugin?

Answers:

• Hardware

• Software

• Firmware

• Malware

27. A digital signature scheme consists of which of the following typical algorithms ?

Answers:

• Key generation, Signing and Signature verifying algorithm

• Signature verifying algorithm

• Key generation algorithm

• Signing algorithm

28. Which of the following is TRUE about SSL 3.0?

Answers:

• It has a weak MAC construction that uses the MD5 hash function with a secret prefix

• Identical cryptographic keys are used for message authentication and encryption

• SSL 3.0 improved upon SSL 2.0 by adding SHA-1 based ciphers and support for certificate authentication

• It assumes a single service and a fixed domain certificate, which clashes with the standard feature of virtual hosting in Web servers

29. There are two types of firewall. What are they?

Answers:

• Internet-based and home-based.

• Hardware and software.

• Remote and local

• Digital and electronic.

30. True of False? Malware exists which affects both Windows and Linux systems.

Answers:

• True

• False

31. Which of the following refers to programs that surreptitiously monitor activity on a computer system and report that information to others without the user's consent?

Answers:

• Malware

• Botnet

• Trojan horse

• Spyware

32. What is a computer worm?

Answers:

• It is software designed to exploit networks.

• It is software designed to analyze and search for open ports.

• It is a software utilized to scan packets on open networks.

• It is malware designed to infect other computers.

33. Is a Unix-based system vulnerable to viruses?

Answers:

• Yes. The split is approximately 50/50 when it comes to attacks on Windows vs. Unix based systems.

• Yes, the majority of viruses attack Unix-based systems.

• No. Linux systems are totally impervious to attacks.

• Yes, however the majority are coded to attack Windows-based systems.

34. Which of the following protocol used Port 443 and Port 80 respectively

Answers:

• HTTPS and HTTP

• XHTML

• HTTP and HTTPS

• DHTML

35. Which of the following is a means to access a computer program or entire computer system bypassing all security mechanisms?

Answers:

• Backdoor

• Masquerading

• Phishing

• Trojan Horse

36. What does TCP mean?

Answers:

• Total Content Positioning

• Transmission Control Protocol

• Transmittable Constant Protocol

• Technical Control Panel

37. What does cross-site scripting allow for attackers?

Answers:

• Direct introduction of viruses into a victims computer.

• The introduction of worm viruses into the victims website.

• A phishing attack that automatically downloads the victims personal information.

• Injection of client-side scripts into web pages.

38. Which of the following is collection of Internet-connected programs communicating with other similar programs in order to perform tasks?

Answers:

• Botnet

• Spyware

• Trojan horse

• Malware

39. What are TLS and SSL?

Answers:

• Internet protocols.

• Network layers.

• Internet layers

• Cryptographic protocols.

40. Who was TLS defined by?

Answers:

• The DEA

• OSHA

• Internet Engineering Task Force

• NSA

41. Modern secure password storage should implement:

Answers:

• Salted plain-text values of the password

• Hashed values of the password

• Plain-text passwords stored in an encrypted database

• Salted and hashed values of the password

42. What is network topology?

Answers:

• It is the inner networkings of a single computer.

• It is the top layer of a computer network.

• It is the framework of the components of a computer network.

• It is the entirety of the data of a computer network.

43. Which of the following is a general term for malicious software that pretends to be harmless so that a user willingly allows it to be downloaded onto the computer?

Answers:

• Spware

• Virus

• Trojan Horse

• Botnets

44. What is another name for Internet Layer?

Answers:

• TCP layer

• Interwebs

• IP layer

• SSL layer

45. Which of the following is the collective name for Trojan horses, spyware, and worms?

Answers:

• Spware

• Botnets

• Virus

• Malware

46. When cookies are used as session identifiers, how are they then used as a potential security hazard?

Answers:

• They emulate user's by downloading all the victims information onto a virtual machine.

• User's cookies are altered to a virus-like state.

• They emulate user's by stealing their personal identity.

• Attackers emulate users by stealing their cookies.

47. Which of the following is a valid flaw of SSL 2.0 ?

Answers:

• It does not have any protection for the handshake

• Identical cryptographic keys are used for message authentication and encryption

• It has a weak MAC construction that uses the MD5 hash function with a secret prefix

• All of the given options are correct

48. Which of the following is an ITU-T standard for a public key infrastructure (PKI) and Privilege Management Infrastructure (PMI)?

Answers:

• X.507

• X.519

• X.508

• X.509

49. Trojan Horse programs operate with what intent?

Answers:

• To slowly but surely infect and become your operating system until the system crashes.

• To openly exploit a systems weaknesses until the user discovers it.

• To masquerade as non-malicious software while exploiting a system's weaknesses.

• To do a series of brute force attacks within the system itself and a series of external attacks from other servers.

50. Why is a virtual machine considered a sandboxing method?

Answers:

• Virtual machines all have firewalls, virus scanners, and proxy connetions.

• Virtual machines all have sandbox features installed on them.

• Virtual machines take the brunt of the attack, so the user is always safe.

• All host resources are channeled through the emulator.

51. When is encrypted data the safest?

Answers:

• When it is being transferred via usb stick.

• When it is in transit.

• When it is being written.

• When it is at rest.

52. Which of the following keys are used to generate random numbers?

Answers:

• Symmetric random number generation keys

• Symmetric and asymmetric random number generation keys

• Public signature verification key

• Asymmetric random number generation keys

53. Which of the following is true about Public Key Encryption?

Answers:

• Anyone can encrypt with the public key and anyone can decrypt with the private key

• Anyone can encrypt with the public key, only one person can decrypt with the private key

• Anyone can encrypt with the private key, only one person can decrypt with the public key

• Only one person can encrypt with the public key and anyone can decrypt with the private key

54. If you set up a BUS network, what is the major disadvantage?

Answers:

• It is entirely wireless and open to wifi-based attacks.

• It is daisy-chained together with several cables.

• It is linked with a single cable which can be a major vulnerability.

• It is connected in a star pattern and can be disabled by disrupting one data center.

55. What does the acronym BEAST mean in Beast Attack?

Answers:

• Breaking and Entering Against SSL/TLS

• Browser Extension And SSL/TLS

• Browser Exploit Against SSL/TLS

• Breach Entering Against SSL/TLS

56. TCP is used for what three main functions?

Answers:

• Connect to the Web, deliver email, and transfer files.

• Connect to the Web, compress data, encrypt mail.

• Connect to the web, conceal data, transfer files.

• Connect to the Web, encrypt data, transmit information.

57. Secure cookies have which feature?

Answers:

• They are not encrypted, just sent via secure server.

• They are encrypted.

• Secure cookies are passed along via encrypted programs.

• Cookies are always traded between trusted users.

58. How are port numbers categorized?

Answers:

• Static, dynamic, enigmatic

• Known, well-known, unknown

• Well-known, registered, and static/dynamic.

• Unknown, unregistered, invalid

59. Which of the following type of attack can actively modify communications or data?

Answers:

• Both Active and Passive attack

• Neither Active nor Passive attack

• Active attack

• Passive attack

60. What is the top method an attacker might infect a target?

Answers:

• Social engineering, or psychological manipulation.

• SQL injection.

• Buffer overflow.

• Hacking via the Internet.

61. Secure Sockets Layer is a predecessor of which  cryptographic protocol?

Answers:

• IPSec

• Transport Layer Security

• SSL 3.0

• HTTPS

62. An SQL injection is often used to attack what?

Answers:

• Small scale machines such as diebold ATMs.

• Large-scale sequel databases such as those containing credit card information.

• Servers running SQL databases similar to Hadoop or Hive.

• Servers built on NoSQL

63. Which version of TLS is vulnerable to BEAST exploit?

Answers:

• TLS 1.1

• TLS 3.0

• TLS 0.5

• TLS 2.0

• TLS 1.0

64. According to OWASP what is the most dangerous web vulnerability?

Answers:

• Injections (SQL, LDAP, etc)

• Cross-site-scripting (XSS)

• Security Misconfiguration

• Cross-Site Request Forgery (CSRF)

• Sensitive Data Exposure

65. Sandboxing does what to computer programs?

Answers:

• Sandboxing protects your system by trapping all the viruses.

• It separates and isolates them.

• Sandboxing doesn't protect your system.

• Sandboxes protect your programs by isolating all the other programs except the one you are using at the time.

66. What is largely considered the most advanced computer virus?

Answers:

• Conficker Virus

• Zeus

• Stuxnet.

• agent.biz

67. What is necessary for a cross-site script attack with cookies to be thwarted?

Answers:

• CAPTCHAs

• Virtual machines

• Proxies

• Firewalls

68. What are the two primary classifications of cross-site scripting?

Answers:

• DOM-based and persistent

• traditional and DOM-based

• traditional and non-persistent

• non-persistent and persistent.

69. Which of the following is a VALID authorization key?

Answers:

• Public authorization key

• Public ephemeral key authorization key

• Asymmetric authorization keys

• Symmetric authorization keys

70. Which of the following is a VALID digital signature key?

Answers:

• Public signature authentication key

• Private signature authentication key

• Symmetric signature authentication key

• Private signature key

71. How can cookies be used to mitigate cross-site scripting?

Answers:

• Cookies can be coded like a program to intercept script attacks.

• Cookies store an exact mirror copy of all a users web activity.

• Cookies allow for cookie-based user authentication.

• They can't. Cookies only store user information.

72. Which of the following uses asymmetric cryptography ?

Answers:

• (none of these)

• VoIP

• Both VoIP and SSL

• SSL

73. Which of the following is not a VALID type of firewall?

Answers:

• Application-level gateways

• Circuit-level gateways

• Proxy Server Gateways

• Packet filters

74. What is the less secure AES encryption mode?

Answers:

• CFB

• OCB

• ECB

• CTR

• CBC

75. What is a method to fend off a Sockstress attack?

Answers:

• Do nothing. It will pass on its own.

• Prepare a retaliatory DDOS attack.

• Black-listing access to TCP services on critical systems.

• White-listing access to TCP services on critical systems.

76. Which of the following HTTP method is considered insecure ?

Answers:

• POST

• DELETE

• TRACE

• GET

77. Which of the following represents a cryptographic key that is generated for each execution of a key establishment process ?

Answers:

• Private key transport key

• Public signature verification key

• Private ephemeral key agreement key

• Public authentication key

78. What does the Linux kernal use to sandbox running programs?

Answers:

• Linux doesn't sandbox because it is impervious to any and all cyber attacks.

• Linux uses a layered system of user authentication to perform sandbox-like functions.

• seccomp, or Secure Computing Mode

• Linux drives are fully encrypted, thus they don't need sandboxing.

79. Which of the following keys are the private keys of asymmetric (public) key pairs that are used only once to establish one or more keys ?

Answers:

• Public ephemeral key agreement key

• Asymmetric random number generation keys

• Symmetric random number generation keys

• Private ephemeral key agreement key

80. What does a cryptographic key do within the Internet Layer?

Answers:

• It specifies how encrypted data is transferred and to whom.

• It specifies how transferred information is converted into cyphertext.

• It converts it into encrypted language.

• It is the specialized dataset that is able to decrypt cyphertext.

81. Which of the following represents a cryptographic key that is intended to be used for a long period of time?

Answers:

• Private key transport key

• Public authentication key

• Public signature verification key

• Private static key agreement key

82. Which of the following is a VALID ephemeral key?

Answers:

• Asymmetric ephemeral random number generation keys

• Public ephemeral verification key

• Symmetric ephemeral random number generation keys

• Public ephemeral key agreement key

83. Which of the following enables secure and private data exchange/transfer on an unsecure public network ?

Answers:

• Public Key Infrastructure

• Virtual Key Infrastructure

• Private Key Infrastructure

• All of the given options are correct

84. Which of the following keys are used to encrypt other keys using symmetric key algorithms ?

Answers:

• Symmetric random number generation keys

• Asymmetric random number generation keys

• Symmetric key wrapping key

• Public signature verification key

85. Which of the following is a standalone computer program that pretends to be a well-known program in order to steal confidential data ?

Answers:

• SPWare

• Spyware

• Fraudtool

• Malware

• Virus

86. In the sublayer of which of the following does TLS and SSL performs the data encryption of network connections?

Answers:

• presentation layer

• Both session and presentation layer

• session layer

• application layer

87. Which of the following are the public keys of asymmetric (public) key pairs that are used to encrypt keys using a public key algorithm?

Answers:

• Public signature verification key

• Private signature key

• Public key transport key

• Private key transport key

88. Which of the following are the public keys of asymmetric key pairs that are used to encrypt keys using a public key algorithm ?

Answers:

• Private signature key

• Private key transport key

• Public signature verification key

• Public authentication key