Cyber Security Principles MCQs
This section focuses on "Principles" of Cyber Security. These Multiple Choice Questions (MCQ) should be practiced to improve the Cyber Security skills required for various interviews (campus interview, walk-in interview, company interview), placements, entrance exams and other competitive examinations.
1. ISPs stands for?
A. Intranet service providers
B. Internet service providers
C. interneted service providers
D. Information service providers
View Answer
Ans : B
Explanation: ISPs' (Internet Service Provider's)
2. Which cyber security principle states that Security mechanisms should be as simple and small as possible?
A. Fail-safe defaults
B. Least Privilege
C. Economy of mechanism
D. Open Design
View Answer
Ans : C
Explanation: Economy of mechanism states that Security mechanisms should be as simple and small as possible.
3. Which cyber security principle principle restricts how privileges are initialized when a subject or object is created?
A. Fail-safe defaults
B. Least Privilege
C. Complete mediation
D. Open Design
View Answer
Ans : A
Explanation: This principle also restricts how privileges are initialized when a subject or object is created. Whenever access, privileges/rights, or some security-related attribute is not explicitly granted, it should not be grant access to that object.
4. "If the boss demands root access to a UNIX system that you administer, he/she should not be given that right unless he/she has a task that requires such level of access" is the example of which cyber security principle?
A. Separation of Privilege
B. Least Privilege
C. Complete mediation
D. Open Design
View Answer
Ans : B
Explanation: This principle states that a user should only have those privileges that need to complete his task. Its primary function is to control the assignment of rights granted to the user, not the identity of the user.
5. Which of the following are example of Open Design?
A. DVD player
B. Content Scrambling System
C. Both A and B
D. None of the above
View Answer
Ans : C
Explanation: DVD player & Content Scrambling System (CSS) protection. The CSS is a cryptographic algorithm that protects the DVD movie disks from unauthorized copying.
6. Which of the following is true about Complete mediation?
A. The principle of complete mediation restricts the caching of information, which often leads to simpler implementations of mechanisms.
B. The idea of this principle is that access to every object must be checked for compliance with a protection scheme to ensure that they are allowed.
C. In Complete mediation, whenever someone tries to access an object, the system should authenticate the access rights associated with that subject.
D. All of the above
View Answer
Ans : D
Explanation: All of the above statement are true.
7. How many verification should be performed before privilege is granted in Separation of Privilege?
A. 2
B. 3
C. 4
D. 5
View Answer
Ans : A
Explanation: Before privilege is granted more than two verification should be performed : the user must know the root password and the user must be in the right group.
8. Which principle states sometimes it is more desirable to record the details of intrusion that to adopt a more sophisticated measure to prevent it?
A. Work Factor
B. Psychological acceptability
C. Least Common Mechanism
D. Compromise Recording
View Answer
Ans : D
Explanation: The Compromise Recording principle states that sometimes it is more desirable to record the details of intrusion that to adopt a more sophisticated measure to prevent it.
9. Open Design principle is the opposite of the approach?
A. Work Factor
B. security through obscurity
C. Least Common Mechanism
D. Least Privilege
View Answer
Ans : B
Explanation: This principle is the opposite of the approach known as "security through obscurity."
10. "An online banking website should require users to sign-in again after a certain period like we can say, twenty minutes has elapsed" is an example of which cyber security principle?
A. Fail-safe defaults
B. Separation of Privilege
C. Psychological acceptability
D. Complete mediation
View Answer
Ans : D
Explanation: Example: An online banking website should require users to sign-in again after a certain period like we can say, twenty minutes has elapsed.
Discussion