Question: A cannister contains exactly 125 cups of coffee. How many ounces are in the cannister? (1 cup = 8 ounces)
Solution:
Given, 1 cup = 8 ounces
Therefore,
125 cups of coffee = (8 ounces × 125 cups)/1cup
= 1000 ounces
So the cannister contains 1000 ounces of coffee.
Question: One cup holds 8 ounces. If a cup is 2/5 full, how many ounces are in the cup?
Solution: One cup can hold 8 ounces.
A cup is 2/5 full
The number of ounces in the cup = 8x2/5
= 16/5
=3.2 ounces
3.2 ounces are there in the 2/5 full cup.
Question: 450,000,000 cups of coffee and consumed everyday in the united states assume there are 8. ounces of coffee in a cup and 128 ounces in a gallon how many gallons are consumed in one year.
Solution: Everyday they consumed 450000000 cups of coffee in US.
8 ounces of coffee in cup. And 128 ounces in gallon. Then the total number of cups of coffee in a gallon is :-
128/8 = 16 cups
Then the everyday consumed coffee in gallons is:-
450000000/16 = 28125000 gallons in a day
Then total number of gallons consumed in a year:-
28125000 x 365 = 10,265,625,000 Gallons in a year
Question: How many ounces in 2 pounds?
Solution: Ounces in 1 pound = 16
so ounces in 2 pounds = 16 x 2 = 32 pounds
Question: How many gallons in 7 cups?
Solution: 1 cup = 0.0625 gallon
so 7 cup = 7 x 0.0625 = 0.4375 gallon
Question: How many ounces in 1 liter?
Solution: 1 litre = 33.84 ounces
Question: How many teaspoons in 1 1/2 cups?
Ingredient |
Original Quantity |
CF |
New Quantity |
Unit Ratio |
Adjusted Quantity |
Arborio Rice |
1 cup |
|
|
2 cups = 1 pint |
pt |
Butter, unsalted |
2 oz |
|
|
|
# |
Onion, diced |
3 Tbsp |
|
|
|
cup |
Chicken Stock |
3 cup |
|
|
|
qt |
Zucchini, diced |
¼ cup |
|
|
|
cup |
Solution:
Teaspoons in 1 1/2 cups
1 cup = 48 teaspoons
1 1/2 cup = 48 x 1.5 = 72 teaspoons
Question: How many pints in 48 tablespoons?
Solution: Pints in 1 tablespoon = 0.0312
48 tablespoon = 48 x 0.0312 = 1.5 pints
Question: How many grams in 3/4 ounce?
Solution: 1 ounce = 28.35 gram
3/4 ounce = 3/4 x 28.35 = 21.2625 grams
Question: How many quarts in 2 1/2 cups?
Solution: 1 cup = 0.25 quarts
2 1/2 cups = 2 1/2 x 0.25 quarts
2 1/2 cups = 0.625 quarts
Question: How many ounces in 3 1/3 pints of water?
Solution: 1 pint of water = 16 ounces
3 1/3 pints of water = 10/3 x 16 ounces
3 1/3 pints of water = 53.33 ounces
Question: A chef wants to change a recipe from serving 8 portions to have it serve 22. What is the conversion factor?
Solution: The conversion factor is 8/22 = 0.36
Question: A chef wants to change a recipe from serving 40 three-ounce portions to have it serve 60 four-ounce portions. What is the conversion factor?
Solution: Given
recipe yield = 40 ounces
recipe required = 64 ounces
then conversion factor 64/40
= 1.6
Question: My son drinks 3 cups of milk a day. There are 8 ounces in a cup. How many ounces would he have drunk after 10 weeks?
Solution: He drinks 3 cups of milk in a day. so he will drink:
3 x 7 = 21 cups in a week and so he will drink:
21 x 10 = 210 cups in 10 weeks.
Now it is given that there are 8 ounces in a cup. So, after 10 weeks he would have drunk 8 x 210 = 1689 ounces.
Question: What does the human gene H2AFY code? How many amino acids are present in isoform 1 of this protein?
Solution:
The human gene H2AFY codes for the protein Core Histone Macro-H2A1. In a subset of nucleosomes, it replaces the conventional H2A histones. It represents the transcription and inactivates the stable X-chromosome. Multiple transcript variants coding for different isoforms are formed because of alternative splicing. And expression of these isoforms is associated with different type of cancers and tumors. For example hepatocellular cancer.
372 number of amino acids are present in isoform 1 of this protein.
Question: What is meant by the term “molecular clock”? What are the basic assumptions by which it is presumed to operate? How have data from molecular clock analyses been used?
Solution: MOLECULAR CLOCK:-
The molecular clock is defined as a technique that helps to detect the geological time or era in which two species or taxa diverged from the parent species. This technique uses the rates of molecular changes and other fossil characteristics to determine the geological time.
ASSUMPTION ARE OPERATION::
the molecular clock has become an essential tool in many areas of evolutionary biology, including systematics, molecular ecology, and conservation genetics. The molecular clock hypothesis states that DNA and proteinsequences evolve at a rate that is relatively constant over time and among different organisms. A direct consequence of this constancy is that the genetic difference between any two speciesis proportional to the time since these species last shared a common ancestor. Therefore, if the molecular clock hypothesis holds true, this hypothesis serves as an extremely useful method for estimating evolutionary timescales. This is of particular value when studying organisms that have left few traces of their biological history in the fossil record, such as flatworms and viruses.
The molecular clock is figurative term for a technique that uses the mutation rate of biomolecules to deduce the time in prehistorywhen two or more life forms diverged. The biomolecular data used for such calculations are usually nucleotide sequences for DNA or amino acid sequences for proteins. The benchmarks for determining the mutation rate are often fossil or archaeological dates. The molecular clock was first tested in 1962 on the hemoglobin protein variants of various animals, and is commonly used in molecular evolution to estimate times of speciation or radiation.
It is sometimes called as gene clock or an evolutionary clock.
ANALYSIS USES ::
The molecular clock technique is an important tool in molecular systematics, the use of molecular genetics information to determine the correct scientific classificationof organisms or to study variation in selective forces. Knowledge of approximately constant rate of molecular evolution in particular sets of lineages also facilitates establishing the dates of phylogenetic events, including those not documented by fossils, such as the divergence of living taxa and the formation of the phylogenetic tree. In these cases—especially over long stretches of time—the limitations of MCH (above) must be considered; such estimates may be off by 50% or more.
Question: Approximately how many prokaryotic cells live in 5 mL of fertile soil?
Solution: About 100 million prokaryotic cells.
Prokaryotic cells are super tiny and are the simplest single celled organisms. There are 100 million + in 5 mL of fertile soil.
Question: What is a molecular clock and why is it important when using molecular techniques to create a phylogeny?
Solution: Molecular clock is a hypothesis that predicts a constant rate of molecular evolution among species. It is also a method of genetic analysis that can be used to estimate evolutionary rates and timescales using data from DNA or proteins.
Molecular clocks are typically used in phylogenetic analyses, which aim to reconstruct evolutionary trees that show the relationships among species of interest. Internal nodes in the tree represent evolutionary divergence events. The timing of these events can be estimated using molecular clocks. A number of statistical methods are available for testing the molecular-clock hypothesis for a given set of DNA or protein sequences. When the molecular clock is rejected for a data set, one can use a statistical model to account for rate variation when estimating evolutionary timescales. When estimating evolutionary timescales in a phylogenetic analysis, the molecular clock needs to be calibrated.
In a phylogenetic tree, the species or groups of interest are found at the tips of lines referred to as the tree's branches. For example, the phylogenetic tree below represents relationships between five species, A, B, C, D, and E, which are positioned at the ends of the branches:
Question: Define phylogeny and explain what we can learn from phylogenetic trees.
Solution: Phylogenetics is the branch of biology that deals with the study of evolutionary histroy and relationships between a indivisuals or group of organism. Phylogeny is the diagrammatic hypothesis that helps in visualizing the history of evolutionary relationship. Phylogenetic tree helps us to understand the ancestory, the differentiating characters, how evolution has occured and also how closely are two group of organisms related.
Question: What are synapomorphies and why are they important?
Solution: Synapomorphies is a shared derived character(apomorphy ) that is present in the ancestral species and its modified form by their decendants. Synapomorphies help in identifying the closest ancestor as well as how other species have evolved from the pre existing ones. For eg the verteberal column in mammals is conserved as the number of vertebrae are mostly constant but certain elephant species have more number of vertebrae thus giving information about the closest ancestor.
Question: Differentiate between homologous and convergent characters, reversals, and homoplasies.
Solution:
| Homologous characters | Convergent characters |
| Different function | Same function |
| Similar fundamental structure | Different structure |
| Divergent evolution | Convergent evolution |
| eg. four limbs in tetrapods | eg. wings of bats, birds and insects |
| Reversals | Homoplasies |
| A character in a derived state reverts back to the ancestral state | Similar traits which are not derived from a common ancestor. |
| Eg. leg less lizard and snakes.(loss of limbs) | eg. origin of eye. |
Question: Explain what an outgroup is and why it is important.
Solution: A group of organisms who don't belong to the group of organism whose evolutionary relationship is being studied is called the outgroup. Outgroup helps in understanding those characters which are widely distributed in the population and thus have a primitive origin.
Question: What does parsimony mean and how is it used to develop phylogenies?
Solution: In making phylogenetic tress parsimony is applied and according to it the best hypothesis is one, which requires least number of evolutionary changes. Parsimony is important in identifying the outgroup and hence making the phylogenetic tree. Parsimony also tells us how closely are two group of organisms related.
Question: Differentiate between monophyletic, paraphyletic, and polyphyletic groupings.
Solution: a) Monophyletic : Includes the most recent common ancestor and all its decendants. Eg. Mammalia and Aves.
b) Paraphyletic : Includes the most common ancestor but not all its decendants. Eg. Pisces and Reptilia.
c) Polypheletic : Does not include the common ancestor of all the taxon. Eg. Agnatha for jawless lampreys and Insectivora(anteaters and armadillos)
Using a search engine, research operating system timelines
then, based on the OS timelines
that you find, answer the following questions:
Question 1. Why do you think Linux and UNIX share more commands than Windows XP and UNIX?
Solution: Windows operating system is built for a different market peoples.It was mainly fancied over using of the GUI rather than the command line.But whereas Linux built after Unix so they have more number of commands in common.
Question 2. Which line of operating systems has recently become more similar to UNIX?
Solution: The line of operating system which has become more similar to Unix is the Mac OS.
Question 3. Which line of operating systems split into two lines, only to merge again later?
Solution: The line of operating systems split into two lines, only to merge again later is like MS-Dos in command line and later it is merged into Windows.
Question 4. Why do you think most versions of Linux and Windows use the cd command to change directories?
Solution: The command is very easy to understand as cd refers to change directory which gives a specific meaning.And also the command is taken from the Unix system
Linux
Question 1- Which of the following files includes device names, mount points, filesystem types, permissions and information about whether to mount the device at boot time?
/dev/info
/etc/fstab
/boot/info
/etc/inittab
/etc/mnt
/etc/mount
Solution: /etc/fstab
/etc/fstab contains information about device names, mount points, filesystem types, permissions and information about whether to mount the device at boot time.
Question 2- What is the process of confirming that an authenticated user has the correct permissions to access one or more network resources?
authorization
authentication
administration
allocation
availability
assignment
Solution: Authorization
Authorization is the process of confirming that an authenticated user has the correct permissions to access one or more network resources.
In Unix operation system , Answer the Questions
Question 1: Write the command to search an user with name Honda , who has already been created ....... ?
Solution: grep'^Honda' /etc/passwd is the command to search an user with name Honda.
Question 2: Write the command to rename the file F4 to file4 ..?
Solution: mv f4 file4 this command is used to rename. UNIX OS uses the same mv command to move and rename the files.
Question 3: Write the command to search a file having i-node number 3456 ...?
Solution: find /path/to/mountpoint -inum <inode number> this can be used to search a file using i-node number.
Question 4: Write a command to display all file in sorted order based on their names ...?
Solution: ls -la
or
ls -lA
is the command used to display all files in sorted order based on their names.
Question: Review the information presented concerning manned space missions to Mars. Based on your review do believe that this mission will occur. Discuss your reasons for your answer
Solution: The exploration of Mars has been a goal of national space programs for decades. Conceptual work for missions that would involve human explorers has been ongoing since the 1950s, with planned missions typically being stated as taking place anywhere between 10 and 30 years from the time they are drafted. The list of crewed Mars mission plans shows the various mission proposals that have been put forth by multiple organizations and space agencies in this field of space exploration. Plans have varied from scientific expeditions, in which a small group (between two and eight astronauts) would visit Mars for a period of a few weeks or year, to the permanent colonization of Mars. In the 2010s, numerous US, European, and Asian agencies were developing proposals for human missions to Mars. In fiction, Mars is a frequent target of exploration and settlement in books, graphic novels, and films. Robots, including the Perseverance rover launching soon to Mars, teach us about what it’s like on the surface. That intel helps inform future human missions to the Red Planet. We’ll also need to outfit spacecraft and astronauts with technologies to get them there, explore the surface, and safely return them home. The roundtrip mission, including time in transit – from and back to Earth – and on the Martian surface, will take about two years.
Technology development has already begun to enable a crewed Mars mission as early as the 2030s. Many of the capabilities will be demonstrated at the Moon first, during the Artemis missions, while other systems are more uniquely suited for deeper space. Here are six technologies NASA is working on to make Mars science fiction a reality.
Question: Find on the web, a virtual tour of the Valles Marineris. Describe your tour and the topography seen and as well the geologic events that possibly created this amazing feature.
Solution: Covering nearly a fifth the circumference of Mars, the canyon system Valles Marineris reigns as the largest canyon system on the Red Planet. Dwarfing its Earthly counterpart, the Grand Canyon, the Martian feature is one of the larger canyons in the solar system. Valles marineris system of canyons that spans 2,500 miles (4,000 kilometers). At some points, the canyon is 125 miles (200 km) wide. Regions can reach depths of 6 miles (10 km). If the system were located on Earth, it would stretch across the United States, from Los Angeles to the Atlantic coast.
By comparison, Earth's natural wonder, the Grand Canyon, is only 227 miles (446 km) long, 18 miles (30 km) wide, and 1 mile (1.6 km) deep. A windy channel on Venus, Baltis Valles, extends longer than the Martian system, as do a handful of rift valleys on Earth, which form along fault lines as the crust breaks apart. The canyon system contains a number of different features that give clues to its formation. Collapse pits created by rushing water eating away at the land, massive floods, and seeping along canyon walls all point to water just at or beneath the surface at some point in the Martian history. Cracks in the crust, cliffs and walls, and landslides also exist along the expanse of Valles Marineris.
The vast canyon can be seen from Earth through a telescope as a dark scarring on the planet's surface. Features known as chasmata, steep depressions that resemble canyons on Earth, dominate the canyon.
The canyon begins in the Noctis Labyrinthus on the western edge, a region of material thought to have volcanic origins. Two parallel chasmata, Ius and Tithonium, stretch eastward, and contain lava flows and faults from the Tharsis Bulge.
Question 1: What is the closest precise meaning of ‘Cryptography’?
a. A technique of military communication.
b. A study of hiding secret messages through encryption.
c. A study of principles/methods of deciphering ciphertext without knowing the key.
d. A technique of embedding one message into another.
Solution: A study of hiding secret messages through encryption.
Question 2: What is the closest meaning of ‘Cryptanalysis’?
a. A study of principles/methods of deciphering ciphertext without knowing the key.
b. A technique of military communication.
c. A technique of embedding one message into another.
d. A study of hiding secret messages through encryption.
Solution: A study of principles/methods of deciphering ciphertext without knowing the key.
Question 3: Which ONE (1) of the following is NOT a security issue?
a. How can we know the technology used in a particular software?
b. How can we tell whether an email from a potential client is a genuine inquiry from the person that it claims to have come from?
c. How can we be sure that the content of an electronic file have not been altered?
d. How can we be sure that the email that we sent contains no malware?
Solution: How can we know the technology used in a particular software?
Question 4: Which ONE (1) of the following terms is defined by this statement: ‘A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm’?
a. Exploit
b. Attack
c. Threat
d. Vulnerability
Solution: Threat
Question 5: A __________________ encrypts each plaintext digit one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream.
a. Block cipher
b. Stream cipher
c. RSA algorithm
d. Single Transposition Cipher
Solution: Stream cipher
Question 6: The term ‘Diffusion’ was introduced by Claude Shannon to thwart cryptanalysis based on statistical analysis. Which one of the following best describes the definition of this term?
a. The relationship between the statistics of the ciphertext and the value of the encryption key is made as complex as possible.
b. The statistical structure of the plaintext is dissipated into long range statistics of the ciphertext.
c. No elements are added or deleted or replaced in the sequence, rather the order in which the elements appear in the sequence is changed.
d. Each plaintext element or group of elements is uniquely replaced by a corresponding ciphertext element or group of elements.
Solution: The statistical structure of the plaintext is dissipated into long range statistics of the ciphertext.
Question 7: Which one of the following is NOT TRUE about Data Encryption Standard (DES)?
a. It has 3 variants namely DES-128, DES-192 and DES-256.
b. Data are encrypted in 64-bit blocks using a 56-bit key.
c. It was issued in 1977 by the United States National Bureau of Standards (now NIST) as Federal Information Processing Standard 46.
d. DES was broken due to differential attack that can deduce the key in less than 2^(56) time complexity.
Solution: It has 3 variants namely DES-128, DES-192 and DES-256.
Question 8: Which of the following contribute(s) to the failure of DES?
a. DES was designed to survive for less than 7 years.
b. The key length is short. Easy to conduct brute force attack.
c. The key length is sufficient. However, the round function is quite simple to perform reverse engineering.
d. DES produces poor avalanche effect.
Solution: The key length is short. Easy to conduct brute force attack.
DES produces poor avalanche effect.
Question 9: Why 3DES is still secure though DES was broken?
a. Because 3DES has 48 rounds.
b. Because the subkeys used are different for each round.
c. Because 3DES has 32 rounds.
d. Because 3DES does not implement the actual structure of DES.
Solution: Because 3DES has 48 rounds.
Because the subkeys used are different for each round.
Question 10: Which of the following is the transformation in AES that represent(s) Substitution?
a. MixColumn
b. AddRoundKey
c. SubByte
d. ShiftRow
Solution: SubByte
Question 11: Why the size of ciphertext is longer than the size of plaintext?
a. No, the size of the ciphertext is the same as the size of the plaintext.
b. Because there are some bits are padded to the last block of plaintext to make it a size of a defined block.
c. Because there are additional bits in subkeys are added up to the plaintext block during the encryption.
d. Because some bits in plaintext are removed during the encryption.
Solution: Because there are some bits are padded to the last block of plaintext to make it a size of a defined block.
Question 12: AES has three variants, namely AES-128, AES-192 and AES-256. In which applications that these three variants are used, respectively?
a. Military, E-Commerce, Government
b. Military, Government, E-Commerce
c. E-Commerce, Government, Military
d. Government, E-Commerce, Military
Solution: E-Commerce, Government, Military
Question 13: Why do you think AES is still secure until now?
a. The key length is long and makes it still infeasible to be broken.
b. AES implements low number of rounds.
c. AES has strong avalanche effect.
d. The structure is understandable but difficult to deduce the key.
Solution: The key length is long and makes it still infeasible to be broken.
AES has strong avalanche effect.
The structure is understandable but difficult to deduce the key.
Question 14: Which of the following represent(s) transposition in AES?
a. ShiftRow
b. SubByte
c. MixColumn
d. AddRoundKey
Solution: ShiftRow
MixColumn
Question 15: Which of the following is NOT TRUE about DES?
a. Though DES was broken, it was once useful for government.
b. DES was not used in any application before.
c. Though DES was broken, it was once useful for e-commerce.
d. Though DES was broken, it is still useful for military.
Solution: DES was not used in any application before.
Though DES was broken, it is still useful for military.
Q1: The Multimedia Internet Mail Extension (MIME) is used to allow non-ASCII content such as an image to be sent using email. Which of the following is NOT performed in order to allow for non-ASCII content to be sent?
A. Encrypt the non-ASCII content
B. Encode the non-ASCII content to ASCII format
C. Specify the encoding method in the email header
D. Specify the type of non-ASCII content in the email header
Solution: TLS
Q2: When DomainKeys Identified Email (DKIM) is used, what is stored in the DNS server that needs to be retrieved by the receiving email server?
A. Email policy specified by the sending domain
B. List of email servers that are authorized to send email from the sending domain
C. Public key of the email sender domain
D. Public key of the DNS server
Solution: Public key of the email sender domain
Q3: Which of the following data transfer is NOT done using the SMTP protocol?
A. Send email from an email client application to sender's email server
B. Transfer email message from the receiver's mailbox to the receiver's user agent
C. Send email from the sender's email server to the receiver's email server
D. Forward email from one email server to another email server
Solution: Transfer email message from the receiver's mailbox to the receiver's user agent
Q4: Which of the following S/MIME service - mechanism pair is NOT correct?
A. Integrity - hashing
B. Integrity - digital signature
C. Confidentiality - symmetric cryptography
D. Authentication - public key infrastructure (PKI)
Solution: Integrity - digital signature
Q5: To send email to the address salman@uniten.edu.my, the sender's email server needs to find the IP address of the receiver's email server (i.e. uniten.edu.my). Which DNS resource record type contains this information?
A. MX
B. A
C. NS
D. MAIL
Solution: MX
Q6: Which security objective is compromised when a transmitted email is read by an attacker during its transmission?
A. Authenticity
B. Accountability
C. Integrity
D. Confidentiality
Solution: Confidentiality
Q7: When SPF (Sender Policy Framework) is used, what is stored in the DNS server?
A. Public key of the email receiver domain
B. Public key of the email sender domain
C. Email server(s) authorized to send email for particular domain
D. Policy specified by the email sender
Solution: Email server(s) authorized to send email for particular domain
Q8: Which of the following use of encryption keys in S/MIME is not correct?
A. Receiver's public key: encrypt the secret key
B. Sender's private key: encrypt the hash value
C. Secret key: encrypt the email content
D. Symmetric key: encrypt the email header
Solution: Symmetric key: encrypt the email header
Q9: The command STARTTLS is executed when this TLS mode is used:
A. Start TLS mode
B. Explicit TLS mode
C. Implicit TLS mode
D. Normal TLS mode
Solution: Explicit TLS mode
Q10: In which of the following situations it is more suitable to use AH instead of ESP?
A. When the main security concern is passive attack
B. When the packet carries authentication information such as login credential
C. When communication is done between two hosts instead of a host and a firewall/router
D. When the IP payload is TLS data
Solution: When the IP payload is TLS data
Q11: If IPSec is to be used to configure a VPN between a remote worker using a laptop and the main office, which of the following IPSec protocols and modes that should be used?
A. AH tunnel mode
B. ESP tunnel mode
C. ESP transport mode
D. AH transport mode
Solution: ESP tunnel mode
Q12: When two hosts are communicating using IPSec, the information regarding whether they are using AH or ESP is specified in:
A. IP header of the transmitted packets
B. The digital certificate used by the sender and receiver
C. IPSec policy configured on both the sender and receiver
D. Security association used by the communication
Solution: Security association used by the communication
Q13: The use of private IP provides security in which of the following ways?
A. It prevents hosts using private IP addresses from being directly accessed by attackers in the Internet
B. It prevents hosts with private IP addresses from accessing insecure websites in the Internet
C. It prevents other intranet hosts from directly accessing hosts using private IP addresses
D. It prevents malware from being downloaded into hosts using private IP addresses
Solution: It prevents hosts using private IP addresses from being directly accessed by attackers in the Internet
Q14: What is the main motivation behind the development of IPv6?
A. The realization that the IPv4 address space is going to be used up
B. To provide a more secure IP protocol
C. To improve the speed of the Internet traffic
D. To catch with the use of modern networking technology and equipment
Solution: The realization that the IPv4 address space is going to be used up
Q15: You are configuring a communication between two servers. You would like to use IPSec to ensure that the two servers are not replaced by a different server, and they should stop communicating if that happens. Which of the following IPSec protocols and modes that should be used?
A. AH in transport mode
B. AH in tunnel mode
C. ESP in tunnel mode
D. ESP in transport mode
Solution: AH in transport mode
Q1: The use of HTTPS ensures the following EXCEPT
A. Confirms that the browser is a communicating with an authentic web server
B. Hides the IP address of the user's computer
C. The website content downloaded is encrypted and cannot be read
D. HTTP header is encrypted and cannot be read
Solution: Hides the IP address of the user's computer
Q2: What is the purpose of MIME extension in email application?
A. To authenticate the email sender
B. To encrypt the email content
C. To enable email to send attachments
D. To enable email to carry ASCII contents
Solution: To enable email to send attachments
Q3: The following are true about private IP addresses EXCEPT:
A. The address block 172.16.0.0/12 belongs to one of the private IP address blocks
B. Accessing the Internet requires the use of Network Address Translation (NAT)
C. A private IP address used in an organization may also be used in another organization
D. They can be directly accessed from the Internet
Solution: They can be directly accessed from the Internet
Q4: Given below are examples of network attack surface EXCEPT:
A. A corporate firewall that is configured to allow incoming connection on port 80
B. A corporate firewall that is configured to allow outgoing connection on port 80
C. A telnet service running on a public Web server
D. A login page on a website that does not use TLS
Solution: A corporate firewall that is configured to allow outgoing connection on port 80
Q5: Which of the following is a type of passive security attack?
A. Masquerade
B. Traffic analysis
C. Denial of service
D. Replay
Solution: Traffic analysis
Q6: The feature of SSH that enables any insecure TCP connection to be converted to a secure SSH connection is called ____________.
A. Port forwarding
B. Remote login
C. Channel conversion
D. Securing channel
Solution: Port forwarding
Q7: Which of the following email security threats can be prevented using DNSSEC?
A. Email sent is transmitted to the attackerʼs server
B. Email cannot be sent due to DoS attack
C. Email sent is sniffed during transmission
D. Email sending address is spoofed
Solution: Email sent is transmitted to the attackerʼs server
Q8: Which of the following is NOT a TLS record protocol payload?
A. Application data
B. Alert protocol
C. Hello protocol
D. Change cipher spec protocol
Solution: Hello protocol
Q9: Given below are security services offered by the Authentication Header (AH) protocol in IPSec EXCEPT:
A. Confidentiality
B. Integrity
C. Access control
D. Authentication
Solution: Confidentiality
Q10: DNSSEC ensures the following security objective(s):
A. Authenticity and confidentiality
B. Confidentiality, integrity and authenticity
C. Integrity and authenticity
D. Confidentiality and integrity
Solution: Integrity and authenticity
Q11: Given below are part of the Internetʼs network layer EXCEPT:
A. The TCP protocol
B. The IP protocol
C. The routing protocols
D. The ICMP protocol
Solution: The TCP protocol
Q12: Given below are ways by which we can secure email application EXCEPT:
A. Configure email client to run SMTP and IMAP over TLS
B. Configure email client to use S/MIME
C. Configure email client to use IPSec
D. Configure email server to use SPF, DKIM and DMARC
Solution: Configure email client to use IPSec
Q13: Which of the following protocols is used to set up a security association (SA)?
A. Security Association Connection (SAC)
B. Authentication Header (AH)
C. Encapsulating Security Payload (ESP)
D. Internet Key Exchange (IKE)
Solution: Internet Key Exchange (IKE)
Q14: Given below are among the security concerns to an Internet user EXCEPT:
A. An attacker may sniff your packets
B. You may not be communicating with the person that you think you are communicating with
C. Your Internet connection may not be fast enough that an attacker may capture your slow moving packet
D. Malware may be secretly installed on your computer
Solution: Your Internet connection may not be fast enough that an attacker may capture your slow moving packet
Q15: The security protocol used in HTTPS is _____________.
A. TLS
B. DNSSEC
C. IPSec
D. SSH
Solution: TLS
Q16: The use of HTTP proxy can prevent _____________.
A. the web server from knowing the IP address of the computer running the Web browser
B. an attacker from modifying an HTTP reply message
C. an attacker from sniffing the HTTP messages sent between the web browser and server
D. hijacking of an HTTP session
Solution: the web server from knowing the IP address of the computer running the Web browser
Q17: A security policy database (SPD) may contain the following information EXCEPT:
A. Security parameter index (SPI)
B. Remote IP address and port number
C. Local IP address and port number
D. Action to be taken
Solution: Security parameter index (SPI)
Q18: Which of the following fields is not encrypted in Encapsulating Security Payload (ESP) transport mode?
A. ESP trailer
B. TCP header
C. IP header
D. TCP data
Solution: IP header
Q19: The SSH protocol was initially developed for the purpose of:
A. File transfer
B. Remote program execution
C. Sending email
D. Remote login
Solution: Remote login
Q20: Which of the following is one of the differences between S/MIME and OpenPGP?
A. S/MIME uses certificates issued by Certificate Authority while OpenPGP generates their own public and private keys
B. S/MIME provides authenticity and confidentiality, while OpenPGP only provides confidentiality
C. S/MIME does not include the senderʼs public key with the message, while OpenPGP includes the senderʼs public key with the message
D. OpenPGP provides authenticity and confidentiality, while S/MIME only provides authenticity
Solution: S/MIME uses certificates issued by Certificate Authority while OpenPGP generates their own public and private keys
Q21: Given below are part of the Internet’s network layer EXCEPT
A. The IP protocol
B. The routing protocols
C. The TCP protocol
D. The ICMP protocol
Solution: The TCP protocol
Q22: Which of the following is NOT one of the reasons why TLS has become the most popular network security protocol?
A. TLS is independent of operating system platform
B. TLS is used to secure the Web application, which is the most used network application
C. TLS only needs to be configured once, and all network applications running on the host would then be protected
D. From a user point of view, using TLS is as easy as downloading and using a client application that implements TLS
Solution: TLS only needs to be configured once, and all network applications running on the host would then be protected
Q23: Which of the following email security mechanisms can be configured by an email user?
Select one:
A. DKIM
B. SPF
C. DANE
D. PGP
Solution: PGP
Q24: Which of the following is an advantage of using IPsec (which is network-layer security protocol) as compared to using TLS (which is a transport-layer security protocol)?
A. Configuration of IPsec is easier compared to TLS
B. IPsec uses more secure cryptographic protocols compared to TLS
C. Once IPsec is configured, communication will all Internet hosts will be protected
D. Once IPsec is configured, data transfer of all network applications with the specified receiving host will be protected
Solution: Once IPsec is configured, data transfer of all network applications with the specified receiving host will be protected
Q25: Which of the following is NOT true about the use of explicit TLS in email application?
A. Before secure connection is achieved, port 25 is used by SMTP client to connect to SMTP server
B. When explicit TLS is used, email message sent between an email client and an email server is encrypted
C. It requires an insecure SMTP connection to be upgraded to a secure connection using the STARTTLS command
D. Explicit TLS can be used not only by SMTP, but also by IMAP and POP3
Solution: Before secure connection is achieved, port 25 is used by SMTP client to connect to SMTP server
Q26: The use of https prevents the following attacks from being conducted EXCEPT:
A. Attacker replacing the Web server with a malicious server
B. Attacker sniffing the username and password transmitted by Web browser
C. Attacker stealing the HTTP cookie transmitted in an HTTP request message
D. Attacker spoofing the IP address of the host on which the Web browser is running
Solution: Attacker spoofing the IP address of the host on which the Web browser is running
Q27: What is contained in an HTTP cookie?
A. A string that specifies the type of Web browser used by the user
B. The username and password of the Web user in cleartext
C. A string that identifies the Web user
D. The username and password of the Web user in encrypted form
Solution: A string that identifies the Web user
Q28: Which of the following is NOT true about DNS-based Authentication of Named Entities (DANE)?
A. It solves security issues related to the use of STARTTLS
B. It encrypts the email data regardless of whether the email server supports TLS or not
C. It ensures the authenticity of an email server without verifying the server's digital certificate with a Certificate Authority (CA)
D. It makes use of a DNS record called TLSA
Solution: It encrypts the email data regardless of whether the email server supports TLS or not
Q29: In S/MIME, what is the use of the receiver's private key?
A. To encrypt the message digest
B. To decrypt the message content
C. To decrypt the message digest
D. To decrypt the secret key
E. To encrypt the message content
F. To encrypt the secret key
Solution: To decrypt the secret key
Q30: In S/MIME, what is the use of the receiver's public key?
A. To decrypt the secret key
B. To decrypt the message content
C. To encrypt the message digest
D. To encrypt the message content
E. To decrypt the message digest
F. To encrypt the secret key
Solution: To encrypt the secret key
Q31: Differentiate between active and passive security attacks.
Solution:
Passive security attack: In this attack the intruder or attacker just sniffs the information, he does not modify or change it. He only listens to the traffic and compromises the confidentiality of the data
Active Security attack: In this the attacker first listens to the information and then changes it and then forwards it to the receiving party which means the confidentiality and integrity both compromises.
Q32: If you perform a port scan, and see that a port is opened on the host, what does that tell you?
Solution: Open port tells that the port or the network is actively accepting packets and indicates that it is listening
Q33: Both Sender Policy Framework (SPF) and DomainKeys Identified Email (DKIM) are used to prevent the email sending address from being spoofed. However, the techniques used are different. Differentiate between the techniques used by these two mechanisms.
Solution: SPF makes use of a TXT DNS resource log in which the sending domain identifies all of the domain's senders. To authenticate the sender, the receiver will query a TXT DNS resource record about the sender's address domain and IP address. DKIM, on the other hand, uses a digital signature. The sender's private key will be used to sign the message. The receiver would then search the public key to see if the message is from the legitimate sender
Q34: HTTP cookie is a useful mechanism for Web application and can provide various functionalities to the Web application. However, it has a number of security issues.
(a) If you are logged in to a web application, HTTP cookie is used to maintain your login session. What could happen if an attacker manage to capture the cookie?
(b) What is the solution to the problem mentioned in (a) above?
(c) Explain ONE (1) more security issue related to the use of HTTP cookie.
Solution: a) Attacker could steal user session ID and perform session hijacking where attacker can later perform any action that the active user is authorized to do.
b) To solve the problem of unencrypted format for cookies the owner of the web application should use HTTPS with a digital certificate but for me, I should delete the cookies and log out after I finish using the session.
c) If an attacker steals the http cookie, the attacker can view user's browsing history and monitor user's activities. This compromises confidentiality.
Q35: For each of the following situation, identify the most suitable IPSec protocol (AH or ESP) and mode (transport or tunneling) to be used.
(a) A staff working from home during COVID-19 pandemic, and would like to establish a Virtual Private Network (VPN) to his corporate network.
(b) A system administrator configuring two servers that always send data to each other. The system administrator needs to ensure that the data transmitted between the two servers cannot be read by an attacker.
(c) A system administrator configuring firewall between two office branches. The data transmitted are all TLS data. The main aim of using IPSec would be to ensure the authenticity of the two firewalls.
Solution: a) ESP tunnel mode
b) ESP transport mode
c) AH tunnel mode
Q1: Lenina in BNW (Brave New World) represents a woman who:
a. Is happy in BNW, but supports Bernard's rebellion out of love for him.
b. Being the Controller's mistress, is supportive of the social goals of conditioning.
c. Is a superficial person, conditioned by BNW, and unable to understand any objection to it.
d. Understands the superficiality of life in BNW, but lacks the courage to speak out.
Solution: Is a superficial person, conditioned by BNW, and unable to understand any objection to it
Q2: Bernard in BNW (Brave New World) represents a character who:
a. Is a perfect product of social conditioning, and never thinks for himself.
b. Dislikes social conditioning, but lacks the courage to fully defy it.
c. Is tempted by power and riches to become a heartless tyrant.
d. Awakens from his conditioning and fights for democracy to the end.
Solution: Dislikes social conditioning, but lacks the courage to fully defy it.
Q3: Slogans in BNW are -
a. Sentences people shout in order to express identification with the political party they like.
b. Sentences people recite in order to calm down and remind themselves how to behave.
c. Sentences that people invent, and sing in front of others, for the sake of entertainment.
d. Sentences people murmur in order to feel identified with their parents and family members.
Solution: Sentences people recite in order to calm down and remind themselves how to behave
Q4: The attitude towards sex in Brave New World is:
a. People are encouraged to engage in casual, pleasurable sex with many partners.
b. Conditioning has eliminated sexual drives, so that people rarely think about sex.
c. All sexual activities are prohibited, and people are instructed to suppress them.
d. Sex with your partner is encouraged, but extra-marital sex is strictly forbidden.
Solution: People are encouraged to engage in casual, pleasurable sex with many partners.
Q5: Babies in Brave New World --
a. produced, raised, and conditioned in state-run institutions.
b. are educated by their parents, and are then handed over to the state.
c. are assigned to foster families who are responsible to condition them.
d. are conditioned to become as intelligent and productive as their genes allow.
Solution: produced, raised, and conditioned in state-run institutions.
