1. Which of the following is false with respect to
TCP?
a) Connection-oriented
b) Process-to-process
c) Transport layer protocol
d) Unreliable
Answer: d
Explanation: TCP is a transport layer protocol that provides reliable and
ordered delivery of a stream of bytes between hosts communicating via an IP
network
2. In TCP, sending and receiving data is done as
_______
a) Stream of bytes
b) Sequence of characters
c) Lines of data
d) Packets
Answer: a
Explanation: TCP provides stream oriented delivery between hosts
communicating via an IP network and there are no message boundaries. TCP can
concatenate data from a number of send () commands into one stream of data and
still transmit it reliably.
3. TCP process may not write and read data at the same
speed. So we need __________ for storage.
a) Packets
b) Buffers
c) Segments
d) Stacks
Answer: b
Explanation: A TCP receiver has a receive buffer that is used to store the
unprocessed incoming packets in case the sender is sending packets faster than
the processing rate of the received packets.
4. TCP groups a number of bytes together into a packet
called _______
a) Packet
b) Buffer
c) Segment
d) Stack
Answer: c
Explanation: A segment may be collection of data from many send ()
statements. TCP transmits each segment as a stream of bytes.
5. Communication offered by TCP is ________
a) Full-duplex
b) Half-duplex
c) Semi-duplex
d) Byte by byte
Answer: a
Explanation: Data can flow both the directions at the same time during a
TCP communication hence, it is full-duplex. This is the reason why TCP is used
in systems that require full-duplex operation such as e-mail systems.
6. To achieve reliable transport in TCP, ___________
is used to check the safe and sound arrival of data.
a) Packet
b) Buffer
c) Segment
d) Acknowledgment
Answer: d
Explanation: Acknowledgment mechanism is used to check the safe and sound
arrival of data. The sender actively checks for acknowledgement from the
receiver and once a specific time period has passed, it retransmits the data.
7. In segment header, sequence number and
acknowledgement number fields refer to _______
a) Byte number
b) Buffer number
c) Segment number
d) Acknowledgment
Answer: a
Explanation: As TCP has to ensure ordered delivery of packets, sequence
number and acknowledgement number are used to identify the byte number of the
packet in the stream of bytes being transmitted.
8. Suppose a TCP connection is transferring a file of
1000 bytes. The first byte is numbered 10001. What is the sequence number of
the segment if all data is sent in only one segment?
a) 10000
b) 10001
c) 12001
d) 11001
Answer: b
Explanation: The sequence number given to first byte of a segment, with
respect to its order among the previous segments, is the sequence number of
that segment.
9. Bytes of data being transferred in each connection
are numbered by TCP. These numbers start with a _________
a) Fixed number
b) Random sequence of 0’s and 1’s
c) One
d) Sequence of zero’s and one’s
Answer: d
Explanation: One might expect the sequence number of the first byte in the
stream to be 0, or 1. But that does not happen in TCP, Instead, the sender has
to choose an Initial Sequence Number (ISN), which is basically a random 32 bit
sequence of 0’s and 1’s, during the connection handshake.
10. The value of acknowledgement field in a segment
defines _______
a) sequence number of the byte received previously
b) total number of bytes to receive
c) sequence number of the next byte to be received
d) sequence of zeros and ones
Answer: c
Explanation: The acknowledgement field in a segment defines the sequence
number of the byte which is to be received next i.e. sequence number of byte
that the sender should transmit next.
11. The receiver of the data controls the amount of
data that are to be sent by the sender is referred to as ___________
a) Flow control
b) Error control
c) Congestion control
d) Error detection
Answer: a
Explanation: Flow control is done to prevent the receiver from being
overflowed with data. It is done using various open-loop (prevention) methods
and closed-loop (recovery) methods.
12. Size of TCP segment header ranges between
___________
a) 16 and 32 bytes
b) 16 and 32 bits
c) 20 and 60 bytes
d) 20 and 60 bits
Answer: c
Explanation: The size of the header can be 20 bytes at a minimum if there
are no options and can go up to 60 bytes at maximum with 40 bytes in the
options field. The header contains all the control information required to
ensure ordered, error-free and reliable delivery of the segment.
13. Connection establishment in TCP is done by which
mechanism?
a) Flow control
b) Three-Way Handshaking
c) Forwarding
d) Synchronization
Answer: b
Explanation: A three-way handshake allows both, the server and the client
to choose their Initial Sequence Number and inform about it to the other party.
This won’t be possible using the two-way handshake mechanism.
14. The server program tells its TCP that it is ready
to accept a connection. This process is called ___________
a) Active open
b) Active close
c) Passive close
d) Passive open
Answer: d
Explanation: This is the first step in the Three-Way Handshaking process
and is started by the server. Then the Client picks an ISN (Initial Sequence
Number) and synchronizes (shares) it with the Server requesting a connection.
The Server acknowledges the clients ISN, and then picks an ISN and synchronizes
it with the Client. At last, the Client acknowledges the servers ISN.
15. A client that wishes to connect to an open server
tells its TCP that it needs to be connected to that particular server. The
process is called ___________
a) Active open
b) Active close
c) Passive close
d) Passive open
Answer: a
Explanation: This is the second step in the Three-Way Handshaking process
and is done by the client once it finds the open server and picks an ISN. The
Server acknowledges the clients request, and then picks an ISN and synchronizes
it with the Client. At last, the Client acknowledges the servers ISN.
16. In Three-Way Handshaking process, the situation
where both the TCP’s issue an active open is ___________
a) Mutual open
b) Mutual Close
c) Simultaneous open
d) Simultaneous close
Answer: c
Explanation: In simultaneous open situation, two nodes send an SYN signal
to each other and start a TCP connection. Here, both TCP nodes transmit a
SYNC+ACK segment to each other and a connection is established between them.
This doesn’t happen usually, because both sides have to know which port on the
other side to send to.
17. A malicious attacker sends a large number of SYNC
segments to a server, pretending that each of them is coming from a different
client by faking the source IP address in the datagram. Which type of attack is
being performed in this situation?
a) SYNC flooding attack
b) Active attack
c) Passive attack
d) Denial-of-service attack
Answer: a
Explanation: SYNC flooding attack is a form of Denial of Service attack.
Due to the overflow of SYNC segments sent to the server, the victims are not
able to request for a connection to the server, thus resulting in Denial of
Service.
18. SYNC flooding attack belongs to a type of security
attack known as ___________
a) SYNC flooding attack
b) Active attack
c) Passive attack
d) Denial-of-service attack
Answer: d
Explanation: During SYNC flooding the system collapses and denies service
to every request, making it a DoS attack. Some other DoS attacks are bandwidth
flooding, connection flooding and UDP flooding.
19. The sizes of source and destination port address in
TCP header are ___________ respectively.
a) 16-bits and 32-bits
b) 16-bits and 16-bits
c) 32-bits and 16-bits
d) 32-bits and 32-bits
Answer: b
Explanation: All port addresses are of 16 bits and they specify the type of
service being used by the network entity. For example, port 21 is used for FTP
connections and port 25 is used for ICMP connections.
20. What allows TCP to detect lost segments and in
turn recover from that loss?
a) Sequence number
b) Acknowledgment number
c) Checksum
d) Both Sequence & Acknowledgment number
Answer: b
Explanation: TCP header contains separate fields for sequence number and
acknowledgment number. Comparing these values is what allows TCP to detect lost
segments and in turn recover from that loss. After detecting the lost segments,
the recovery may require retransmission of the lost segments of data.
21. Which of the following is false with respect to
UDP?
a) Connection-oriented
b) Unreliable
c) Transport layer protocol
d) Low overhead
Answer: a
Explanation: UDP is an unreliable, connectionless transport layer protocol
that provides message-based data transmission. TCP is an example of
connection-oriented protocols.
22. Return value of the UDP port “Chargen” is _______
a) String of characters
b) String of integers
c) Array of characters with integers
d) Array of zero’s and one’s
Answer: a
Explanation: Using Chargen with UDP on port 19, the server sends a UDP
datagram containing a random number of characters every time it receives a
datagram from the connecting host. The number of characters is between 0 and
512.
23. Beyond IP, UDP provides additional services such
as _______
a) Routing and switching
b) Sending and receiving of packets
c) Multiplexing and demultiplexing
d) Demultiplexing and error checking
Answer: d
Explanation: De-multiplexing is the delivering of received segments to the
correct application layer processes at the recipients end using UDP. Error
checking is done through checksum in UDP.
24. What is the main advantage of UDP?
a) More overload
b) Reliable
c) Low overhead
d) Fast
Answer: c
Explanation: As UDP does not provide assurance of delivery of packet,
reliability and other services, the overhead taken to provide these services is
reduced in UDP’s operation. Thus, UDP provides low overhead, and higher speed.
25. Port number used by Network Time Protocol (NTP)
with UDP is ________
a) 161
b) 123
c) 162
d) 124
Answer: b
Explanation: The Network Time Protocol is a clock synchronization network
protocol implemented by using UDP port number 123 to send and receive time
stamps.
26. What is the header size of a UDP packet?
a) 8 bytes
b) 8 bits
c) 16 bytes
d) 124 bytes
Answer: a
Explanation: The fixed size of the UDP packet header is 8 bytes. It
contains four two-byte fields: Source port address, Destination port address,
Length of packet, and checksum.
27. The port number is “ephemeral port number”, if the
source host is _______
a) NTP
b) Echo
c) Server
d) Client
Answer: d
Explanation: Port numbers from 1025 to 5000 are used as ephemeral port
numbers in Windows Operating System. Ephemeral port numbers are short-lived
port numbers which can be used for clients in a UDP system where there are
temporary clients all the time.
28. “Total length” field in UDP packet header is the
length of _________
a) Only UDP header
b) Only data
c) Only checksum
d) UDP header plus data
Answer: d
Explanation: Total length is the 16 bit field which contains the length of
UDP header and the data. The maximum value of the Total length field and the
maximum size of a UDP datagram is 65,535 bytes (8 byte header + 65,527 bytes of
data).
29. Which is the correct expression for the length of
UDP datagram?
a) UDP length = IP length – IP header’s length
b) UDP length = UDP length – UDP header’s length
c) UDP length = IP length + IP header’s length
d) UDP length = UDP length + UDP header’s length
Answer: a
Explanation: A user datagram is encapsulated in an IP datagram. There is a
field in the IP header that defines the total length of the IP packet. There is
another field in the IP header that defines the length of the header. So if we
subtract the length of the IP header that is encapsulated in the IP packet, we
get the length of UDP datagram.
30. The ______ field is used to detect errors over the
entire user datagram.
a) udp header
b) checksum
c) source port
d) destination port
Answer: b
Explanation: Checksum field is used to detect errors over the entire user
datagram. Though it is not as efficient as CRC which is used in TCP, it gets
the job done for the UDP datagram as UDP doesn’t have to ensure the delivery of
the packet.
31. Which mode of IPsec should you use to assure the
security and confidentiality of data within the same LAN?
a) AH transport mode
b) ESP transport mode
c) ESP tunnel mode
d) AH tunnel mode
Answer: b
Explanation: ESP transport mode should be used to ensure the integrity and
confidentiality of data that is exchanged within the same LAN. ESP tunnel mode
is comparatively more secure and should be used to assure the security of the
data within different LANs.
32. Which two types of encryption protocols can be
used to secure the authentication of computers using IPsec?
a) Kerberos V5
b) SHA
c) MD5
d) Both SHA and MD5
Answer: d
Explanation: SHA or MD5 can be used. Kerberos V5 is an authentication
protocol, not an encryption protocol; therefore, answer A is incorrect.
Certificates are a type of authentication that can be used with IPsec, not an
encryption protocol; therefore, answer B is incorrect.
33. Which two types of IPsec can be used to secure
communications between two LANs?
a) AH tunnel mode
b) ESP tunnel mode
c) Both AH tunnel mode and ESP tunnel mode
d) ESP transport mode
Answer: c
Explanation: The AH and ESP tunnel mode IPSec should be used for data
transfer purpose, option d is for integrity & confidentiality purpose.
Tunnel mode provides security for the entire original IP packet unlike
transport mode which is not as secure as it only encrypts the data portion and
not the whole packet.
34. ______ provides authentication at the IP level.
a) AH
b) ESP
c) PGP
d) SSL
Answer: a
Explanation: The Authentication Header (AH) authenticates the origin of
data, and guarantees the integrity of the information that’s being sent using
IPSec. It also provides anti-reply security.
35. IPsec defines two protocols: _______ and ________
a) AH; SSL
b) PGP; ESP
c) AH; ESP
d) PGP; SSL
Answer: c
Explanation: AH ensures that there is no retransmission of data from an
unauthorized source, and protects against data tampering. ESP provides with
content protection and ensures that there is integrity and confidentiality for
the message.
36. IP Security operates in which layer of the OSI
model?
a) Network
b) Transport
c) Application
d) Physical
Answer: a
Explanation: IPSec is a set of protocols used to provide authentication,
data integrity and confidentiality between two machines in an IP network. In
the TCP/IP model, it provides security at the IP layer i.e. the network layer.
37. ESP does not provide ________
a) source authentication
b) data integrity
c) privacy
d) error control
Answer: d
Explanation: The ESP provides data confidentiality, integrity and
authentication. It provides confidentiality through encryption. ESP can operate
in two modes, transport mode and tunnel mode.
38. In computer security _______ means that computer
system assets can be modified only by authorized parities.
a) confidentiality
b) integrity
c) availability
d) authenticity
Answer: b
Explanation: Integrity means that computer system assets can be modified
only by authorized parities. Confidentiality means that the assets can only be
accessed by authorized parties. Availability refers to the accessibility of the
resource to the authorized parties. Authenticity means that the asset is not
unethically changed.
39. In computer security _______ means that the
information in a computer system only be accessible for reading by authorized
parities.
a) confidentiality
b) integrity
c) availability
d) authenticity
Answer: a
Explanation: Confidentiality means that the assets can only be accessed by
authorized parties. Integrity means that computer system assets can be modified
only by authorized parities. Availability refers to the accessibility of the
resource to the authorized parties. Authenticity means that the asset is not
unethically changed.
40. Which of the following organizations is primarily
concerned with military encryption systems?
a) NSA
b) NIST
c) IEEE
d) ITU
Answer: a
Explanation: The NSA is primarily responsible for military encryption
systems. The NSA designs evaluates, and implements encryption systems for the
military and government agencies with high security needs.
41. Two broad categories of congestion control are
a) Open-loop and Closed-loop
b) Open-control and Closed-control
c) Active control and Passive control
d) Active loop and Passive loop
Answer: a
Explanation: Open loop congestion control techniques are used to prevent
congestion before it even happens by enforcing certain policies. Closed loop
congestion control techniques are used to treat congestion after it has
happened.
42. In open-loop control, policies are applied to
__________
a) Remove after congestion occurs
b) Remove after sometime
c) Prevent before congestion occurs
d) Prevent before sending packets
Answer: c
Explanation: Open loop congestion control techniques are used to prevent
congestion before it even happens by enforcing certain policies. Retransmission
policy, window policy and acknowledgement policy are some policies that might
be enforced.
43. Retransmission of packets must not be done when
_______
a) Packet is lost
b) Packet is corrupted
c) Packet is needed
d) Packet is error-free
Answer: d
Explanation: Retransmission refers to the sender having to resend the
packet to the receiver. It needs to be done only when some anomaly occurs with
the packet like when the packet is lost or corrupted.
44. In Go-Back-N window, when the timer of the packet
times out, several packets have to be resent even some may have arrived safe.
Whereas in Selective Repeat window, the sender resends ___________
a) Packet which are not lost
b) Only those packets which are lost or corrupted
c) Packet from starting
d) All the packets
Answer: b
Explanation: In Selective Repeat, the sender side uses a searching
algorithm to find the packets which need to be retransmitted based on the
negative acknowledgements received and then resends only those packets thus
saving bandwidth.
45. Discarding policy is mainly done by _______
a) Sender
b) Receiver
c) Router
d) Switch
Answer: c
Explanation: The discarding policy adopted by the routers mainly states
that the routers discard sensitive or corrupted packets that it receives, thus
controlling the integrity of the packet flow. The discarding policy is adopted
as an open loop congestion control technique.
46. Closed-Loop control mechanisms try to _________
a) Remove after congestion occurs
b) Remove after sometime
c) Prevent before congestion occurs
d) Prevent before sending packets
Answer: a
Explanation: In closed loop congestion control, methods are implemented to
remove congestion after it occurs. Some of the methods used are backpressure
and choke packet.
47. The technique in which a congested node stops
receiving data from the immediate upstream node or nodes is called as _______
a) Admission policy
b) Backpressure
c) Forward signaling
d) Backward signaling
Answer: b
Explanation: In this closed loop congestion control technique, the
congested node propagates in the opposite direction of the data flow to inform
the predecessor node to reduce the flow of packets. This is why this technique
is called a node-to-node congestion control technique.
48. Backpressure technique can be applied only to
_______
a) Congestion networks
b) Closed circuit networks
c) Open circuit networks
d) Virtual circuit networks
Answer: d
Explanation: In Virtual circuit networks, each node knows the upstream node
from which a flow data is coming. So, it makes possible for the congested node
to track the source of the congestion and then inform that node to reduce the
flow to remove congestion.
49. The packet sent by a node to the source to inform
it of congestion is called _______
a) Explicit
b) Discard
c) Choke
d) Backpressure
Answer: c
Explanation: Choke packet is sent by a node to the source to inform it of
congestion. Two choke packet techniques can be used for the operation called
hop-by-hop choke packet and source choke packet.
50. In the slow-start algorithm, the size of the
congestion window increases __________ until it reaches a threshold.
a) exponentially
b) additively
c) multiplicatively
d) suddenly
Answer: a
Explanation: In slow-start algorithm, the size of the congestion window
increases exponentially until it reaches a threshold. When it reaches the
threshold, it stops increasing and continues sending packets through the
threshold window thus preventing congestion.
51. An RPC (remote procedure call) is initiated by the
_________
a) server
b) client
c) client after the sever
d) a third party
Answer: b
Explanation: Remote Procedure Call is a method used for constructing
distributed, client-server applications based on extending the conventional
local procedure calling where the client initiates an RPC to start a connection
process.
52. In RPC, while a server is processing the call, the
client is blocked ________
a) unless the client sends an asynchronous request to
the server
b) unless the call processing is complete
c) for the complete duration of the connection
d) unless the server is disconnected
Answer: a
Explanation: While the server is processing the call i.e. looking through
the specifications, the client is blocked, unless the client sends an
asynchronous request to the server for another operation.
53. A remote procedure call is _______
a) inter-process communication
b) a single process
c) a single thread
d) a single stream
Answer: a
Explanation: Remote procedure calls is a form of inter-process
communication where the client initiates an RPC to start a connection process.
It is used to construct distributed, client-server applications.
54. RPC allows a computer program to cause a
subroutine to execute in _________
a) its own address space
b) another address space
c) both its own address space and another address space
d) applications address space
Answer: b
Explanation: RPC allows a computer program to cause a subroutine to execute
in another address space which is usually the servers address space in a
conventional client-server network.
55. RPC works between two processes. These processes
must be ____________
a) on the same computer
b) on different computers connected with a network
c) on the same computer and also on different computers connected with a
network
d) on none of the computers
Answer: c
Explanation: For the operation of RPC between two processes, it is
mandatory that the processes are present on the same computer and also on
different computers connected with its network.
56. A remote procedure is uniquely identified by
_________
a) program number
b) version number
c) procedure number
d) all of the mentioned
Answer: d
Explanation: Each remote procedure can be uniquely identified by the
program number, version number and the procedure number in the networks scope.
The identifiers can be used to control the remote procedure by parties involved
in the process.
57. An RPC application requires _________
a) specific protocol for client server communication
b) a client program
c) a server program
d) all of the mentioned
Answer: d
Explanation: The RPC technique for constructing distributed, client-server
applications based on extending the conventional local procedure calling. It
requires a client program, a server program and specific protocol for client
server communication to build the system.
58. RPC is used to _________
a) establish a server on remote machine that can
respond to queries
b) retrieve information by calling a query
c) establish a server on remote machine that can respond to queries and
retrieve information by calling a query
d) to secure the client
Answer: c
Explanation: RPC or Remote Procedure Call is used to establish a server on
remote machine that can respond to queries and to retrieve information by calling
a query by other computers.
59. RPC is a _________
a) synchronous operation
b) asynchronous operation
c) time independent operation
d) channel specific operation
Answer: a
Explanation: RPC is a synchronous operation where the remote machine works
in sync with the other machines to act as a server that can respond to queries
called by the other machines.
60. The local operating system on the server machine
passes the incoming packets to the ___________
a) server stub
b) client stub
c) client operating system
d) client process
Answer: a
Explanation: The local operating system on the server machine passes the
incoming packets to the server stub which then processes the packets which
contain the queries from the client machines for retrieving information.
0 Comments