Cs205 Mid by M. Qasim
Cs205 Mid by M. Qasim
03337435091
D. lack uf u ner ship, d epartment silus, missing secrrity hard ening ( I think D, may be A)
10. There are ____ main steps in infurmatiun secrrity life cycle
A. 6
B. 7
C. 9
D. 11
11. Regiunally the must ell d eveluped cyber secrrity strategy and frame urk
A. 1
B. 2
C. 3
D. 4
A. Access cuntrul
B. Data integrity
C. nunrreprd iatiun
D. availability
D. At the net urk perimeter and at the entrance tu the d ata center
14: Majur secrrity frnctiun perfurmed be the perimeter NGN NGN fre all are____?
17. One uf the main challenge in small sized urganizatiun related tu secrrity is_____?
18. At hich puint a maliciurs entity/ black hat hackers atack fur ebsite d efacement in an IT
net urk____?
C. Email gate ay
19. Hu eb and email can be secrred against mal are and atacks in and Enterprise IT net urk?
A. 90%
B. 75%
C. 50%
D. 5%
A. Operating system
B. Mubile d evice.
B. mubile d evice
D. Clurd pruvid er
27. Freqrency uf rpd ating the signatrre fle fur antivirrs prugram mrst be set tu ___?
A. Daily basis
B. eekly basis
C. furtnightly basis
D. Munthly basis
A. Disable
B. Enable
C. Partially enabled
D. Munitured
29. A prugram ur d evice that can munitur d ata traveling uver a net urk is called ____ ?
A. Huax
B. Rurter
D. Spuuf
A. Litle ENDIAN
B. Big ENDIAN
C. UTFr32
D. UNICODE
B. Mubile d evice
C. Operating system
33. OWASP, clurd secrrity alliance, ISACA and ISC2 are example uf _____?
C. Research urganizatiun
A. Operating system
D. Net urk uperatiun and perfurmance management ( nut srre) r can alsu verify.
36. DISA gives rs the fullu ing featrre set as cumpared tu CIS
C. Guud cuntrul ith nu rnrsable terminulugy ( Nut srre may be A. see cumparisun table)
A. High Availability
C. activer passive
D. Active Active
38. The best mud el in Pakistan tu efectively ad d ress the eakness in the cyber secrrity is tu
ad upt_________?
A. ISMS
C. COBIT
39. ____________ is techniqre rsed tu gain rnarthurized access tu cumprter, herein the intrrd er
send messages ith a surrce IP ad d ress that has been furged tu ind icate that the messages are cuming
frum a trrsted surrce?
A. Man in mid d le
40. The key and must impurtant element in the management prucess is ____r?
A. Risk d ucrmentatiun
B. Risk d eterminatiun
C. Risk assessment
D. Risk pulicy
41. _______ is the frst layer in the infurmatiun secrrity transfurmatiun frame urk?
A. Secrrity guvernance
B. secrrity engineering
C. Vrlnerability management
A. Mal are fltering, access list fur trafc fltering, band id th fltering
B. Lug aggregatiun, secrrity events d ashbuard , event currelatiun and ruut carse analysis
C. Lug cullectiun
Ans: Secrrity hard ening, vrlnerability management, secrrity engineering, secrrity guvernance
44. Srrprisingly in ____________ uf all urganizatiun in Pakistan (All type) secrrity pustrre has been
furnd tu be d efcient.
A. 80%
B. 85%
C. 90%
D. 95%
A. initial
B. Final
C. Secrre
D. Unsecrre
Qrestiun Nu 02: There are three pillars related tu implementatiun uf infurmatiun secrrity .
mentiun the name? •
Three piiiars of informaton security Impiementonn ( yeh impiementaton hai)
– Peuple
– Prucess
– Technulugy
Qrestiun Nu.03: Yur are reqrired tu id entify and rite the name uf three main pillars uf
infurmatiun secrrity?
(Just names main ap name he likhna.)
− Confdentaiity: keeping infurmatiun secret
− Integrity: keeping infurmatiun in its uriginal furm
− Avaiiabiiityn keeping infurmatiun and infurmatiun systems available fur rse
Qrestiun nu 04: Hu many layers invulved in infurmatiun secrrity transfurmatiun frame urk?
yur are reqrired tu rite the name.
Ans: There are Furr main layers ur steps invulved in infurmatiun secrrity transfurmatiun
frame urk. Names riten as rnd er
A. Secrrity Hard ening
B. Vrlnerability management
C. Secrrity Engineering
D. Secrrity Guvernance
Qrestiun Nu 05: Enlist the frst fve CIS cuntruls that eliminate the vast majurity uf yurr
urganizatiun vrlnerability
Ans: Fullu ing are the frst fve CIS cuntrul amung CIS 20 cuntruls.
A. Inventury uf Arthurized and rnarthurized d evices.
B. Inventury uf Arthurized and rnarthurized suf are.
C. Secrre cunfgrratiun fur suf are uf hard are
D. Cuntinrurs vrlnerability assessment and remed iatiun.
E. Cuntrulled rse uf ad ministrative privilege.
Qrestiun nu 06: Write the name uf any t u Famurs SIEM sulrtiun that are available in market
Ans: Lead ing SIEM sulrtiuns:
LugRhythm,
Splrnk,
Elastic Search
Qrestiun# 07: Write the name uf d iferent stake huld er that ill cund rct the secrrity
hard ening.
Ans: Invulvement uf variurs stakehuld ers fur secrrity hard ening
– Operatiuns teams
– Secrrity team
– IT management
– Cunsrltant
– Brsiness
Qrestiun# 08: Hu d iferent versiuns SSH prutuculs srppurt? Write the names?
Ans: : SSH srppurts 2 d iferent and incumpatible prutuculs:
SSH1 and SSH2. ( jrst name likh d ain yeh bhe kaf hai)
Qrestiun# 09: Three types uf red rnd ant site mud els:
• Hut site
• Culd site
• Warm site
Or
: ACTIVE DIRECTORY (AD) • Active Directury (AD) is essential nut unly tu regrlate accurnt management
(arthenticatiun and arthurizatiun) brt alsu tu enfurce and manage secrrity cuntruls
Queston#20n Hu eb and email can secrred against mal are and atacks in enterprise.
Tu secrre eb and email in an enterprise, implement antivirrs suf are, fre alls, and intrrsiun
d etectiun systems. Train empluyees un secrrity best practices, rse email encryptiun, rpd ate suf are,
empluy MFA, munitur trafc, backrp d ata, and cund rct secrrity assessments.
3: Training and skill reqrired tu uperate the suphisticated d evices and featrres