Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
8 views4 pages

Continuous Assessment: Specialty/Option: NWS, Swe Course: Network Security Duration: 2hours

continous assesment on linux admin

Uploaded by

kingslydebruyne17
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views4 pages

Continuous Assessment: Specialty/Option: NWS, Swe Course: Network Security Duration: 2hours

continous assesment on linux admin

Uploaded by

kingslydebruyne17
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

CONTINUOUS ASSESSMENT

Specialty/Option: NwS, SwE


Course: NETWORK SECURITY Duration: 2hours

Exercise 1: MCQS (10 marks)


Correct answer = +1, Wrong answer = - 0,5
Choose the best answer;

1. What is the primary goal of information security?


a) To make all data accessible to everyone.
b) To protect the confidentiality, integrity, and availability (CIA) of information.
c) To increase the speed of data transmission.
d) To block all network traffic.

2. What does the term "confidentiality" refer to in information security?


a) Ensuring that data is accurate and complete.
b) Ensuring that data is accessible to authorized users.
c) Preventing unauthorized disclosure of information.
d) Ensuring that data is available when needed.

3. Which of the following best describes "integrity" in the context of information security?
a) The data is available to users.
b) The data is kept secret.
c) The data is accurate and has not been tampered with.
d) The data is easily accessible on any device.

4. Which of the following is a common type of malware?


a) TCP
b) HTTP
c) Virus
d) DNS

5. What is a "phishing" attack?


a) An attack that overloads a server.
b) An attack that tries to steal information by disguising as a trusted entity.
c) An attack that damages physical computer hardware.
d) An attack that redirects network traffic.

6. What is the purpose of a strong password?


a) To make passwords easy to remember.
b) To increase the speed of network connection.
c) To make it difficult for attackers to guess or crack passwords.
d) To make sure users never need to change their password.

7. What is the purpose of encryption?


a) To speed up data transmission.
b) To make data unreadable to unauthorized individuals.
c) To block unauthorized access to a network.
d) To allow easy access to all data.

8. Which of the following is NOT a common security practice?


a) Using strong passwords.
b) Sharing passwords with colleagues.
c) Updating software regularly.
d) Being cautious about suspicious emails.

9. What is a "denial-of-service" (DoS) attack?


a) An attack that steals personal information from individuals.
b) An attack that makes a service unavailable to legitimate users.
c) An attack that modifies data on a network.
d) An attack that bypasses security systems.

10. What does "social engineering" refer to in security?


a) The use of technology to create social media accounts
b) The manipulation of individuals to gain access to sensitive information.
c) The design of social spaces using specific security principles.
d) The process of creating a secure password.

11. What is the role of a firewall in network security?


a) To create backups of important files.
b) To speed up network connections.
c) To prevent unauthorized access to or from a private network.
d) To translate domain names into IP addresses.

12. What is the purpose of a VPN (Virtual Private Network)?


a) To increase the speed of a local network.
b) To provide a secure, encryptedconnection over a public network.
c) To block all network traffic.
d) To make all online activity public.

13. What does the term "vulnerability" mean in information security?


a) A strong network password.
b) A weakness in a system that can be exploited by an attacker.
c) A backup of sensitive information.
d) A type of encrypted connection.

14. Which of the following is an example of a "physical" security measure?


a) A firewall
b) A password
c) Security guard
d) VPN

15. What is multi-factor authentication (MFA)?


a) The use of a single password for all accounts.
b) A system that requires multiple methods of verification for access.
c) A way to make passwords easier to remember.
d) A way to bypass security systems.

16. What is "ransomware"?


a) Software that hides on the network.
b) Software that encrypts files and demands payment for their release.
c) Software that sends spam.
d) Software that makes device perform better.

17. Which of the following is a good practice to protect against malware?


a) Always disabling antivirus software.
b) Only downloading software from official and trusted sources.
c) Opening all email attachments without checking.
d) Clicking on all links on the Internet.

18. What is "intrusion detection"?


a) The act of attempting to steal information.
b) The process of monitoring a system for malicious activities.
c) The process of making a computer faster.
d) A method to make passwords stronger.

19. Why is it important to back up data regularly?


a) To make data easier to steal
b) To increase network speed.
c) To ensure data can be recovered if lost or corrupted.
d) To expose data to the public.

20. What is a "zero-day" exploit?


a) A bug that is fixed right away.
b) An exploit for which no patch is yet available.
c) An attack that overloads the server.
d) A virus that only activates on the 0th day of the month.

Exercise 2: Structural Questions (10 marks)

Instructions: Answer the following questions in detail, using complete sentences.

Question 1: What are the three core principles of information security, often referred to as the
CIA triad, and briefly explain each?

Question 2: Differentiate between a threat, a vulnerability, and a risk in the context of


information security.

Question 3: What is the difference between symmetric and asymmetric encryption, and provide
a common example of each?

Question 4: Explain the purpose of a firewall in network security, and describe two common
types of firewalls.
Question 5: What is the purpose of an Intrusion Detection System (IDS), and how does it differ
from an Intrusion Prevention System (IPS)?

Question 6: What is social engineering, and provide two examples of common social
engineering techniques used in information security attacks?

Question 7: What is the concept of "defense in depth" (or layered security), and why is it a
recommended security strategy?

Question 8: Describe the purpose of a VPN (Virtual Private Network) in the context of network
security.

Question 9: What is malware, and list three common types of malware?

Question 10: What is the purpose of authentication and authorization in access control, and
explain the difference between the two?

You might also like