This set of Cyber Security Multiple Choice Questions & Answers focuses on “Network Models – OSI Model Security – 2”.
1. Which of the following is not a transport layer vulnerability?
a) Mishandling of undefined, poorly defined
b) The Vulnerability that allows “fingerprinting” & other enumeration of host information
c) Overloading of transport-layer mechanisms
d) Unauthorized network access
View Answer
Explanation: The different vulnerabilities of the Transport layer are mishandling of undefined, poorly defined, Vulnerability that allow “fingerprinting” & other enumeration of host information, Overloading of transport-layer mechanisms etc. Unauthorized network access is an example of physical layer vulnerability.
2. Which of the following is not session layer vulnerability?
a) Mishandling of undefined, poorly defined
b) Spoofing and hijacking of data based on failed authentication attempts
c) Passing of session-credentials allowing intercept and unauthorized use
d) Weak or non-existent authentication mechanisms
View Answer
Explanation: Vulnerabilities of session layer of the OSI model are spoofing and hijacking of data based on failed authentication attempts, weak or non-existent authentication mechanisms, and the passing of session-credentials allowing intercept and unauthorized use.
3. Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?
a) Physical layer
b) Data-link Layer
c) Session layer
d) Presentation layer
View Answer
Explanation: Session identification may be subject to spoofing may lead to data leakage which depends on failed authentication attempts and allow hackers to allow brute-force attacks on access credentials.
4. Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.
a) True
b) False
View Answer
Explanation: Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets. This type of attacks is done in the transport layer of the OSI model.
5. Which of the following is not an example of presentation layer issues?
a) Poor handling of unexpected input can lead to the execution of arbitrary instructions
b) Unintentional or ill-directed use of superficially supplied input
c) Cryptographic flaws in the system may get exploited to evade privacy
d) Weak or non-existent authentication mechanisms
View Answer
Explanation: Cryptographic flaws may be exploited to circumvent privacy, unintentional or ill-directed use of superficially supplied input, and poor handling of unexpected input are examples of presentation layer flaws.
6. Which of the following is not a vulnerability of the application layer?
a) Application design bugs may bypass security controls
b) Inadequate security controls force “all-or-nothing” approach
c) Logical bugs in programs may be by chance or on purpose be used for crashing programs
d) Overloading of transport-layer mechanisms
View Answer
Explanation: Application design flaws may bypass security controls, inadequate security controls as well as logical bugs in programs may be by chance or on purpose be used for crashing programs. These all are part of application layer vulnerability.
7. Which of the following is an example of Transport layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
View Answer
Explanation: Overloading of transport-layer mechanisms is an example of transport layer vulnerability. Other examples of Transport layer vulnerability are mishandling of undefined, poorly defined, Vulnerability that allows “fingerprinting” & other enumeration of host information.
8. Which of the following is an example of session layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) poor handling of unexpected input
d) highly complex application security controls
View Answer
Explanation: Weak or non-existent mechanisms for authentication is an example of session layer vulnerability. Other examples are spoofing and the hijacking of data based on failed-authentication attempts & passing of session-credentials allowing intercept and unauthorized use.
9. Which of the following is an example of presentation layer vulnerability?
a) weak or non-existent mechanisms for authentication
b) overloading of transport-layer mechanisms
c) highly complex application security controls
d) poor handling of unexpected input
View Answer
Explanation: Poor handling of unexpected input is an example of presentation layer vulnerability. Cryptographic flaws may be exploited to circumvent privacy, unintentional use of superficially supplied input are some other examples of presentation layer vulnerability.
10. Which of the following is an example of application layer vulnerability?
a) Cryptographic flaws lead to the privacy issue
b) Very complex application security controls
c) MAC Address Spoofing
d) Weak or non-existent authentication
View Answer
Explanation: Very complex application security controls can be an example of application layer vulnerability. Inadequate security controls, as well as logical bugs in programs, are some other examples of such type.
Sanfoundry Global Education & Learning Series – Cyber Security.
To practice all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.
If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]
- Check Cyber Security Books
- Check Computer Science Books
- Check Programming Books
- Practice Programming MCQs
- Practice Computer Science MCQs
