1.Which encryption algorithms is asymmetric encryption? a. RSA b. AES c. 3DES d.

DES

2.Which firewall can prevent attack from application layer a. Application Firewall b. Circuit level gateway c. Stateful firewall d. Packet filter

3.Which encryption method below is stream cipher? Select one: a. RC4 b. DES c. AES d. 3DES

4.Alarm when no attack behavior in IDS is called Select one: a. True positive b. False positive c. False negative d. True negative 5.Can self propagation without infected to a file is Select one: a. Trojan b. Zombie c. spyware d. Virus e. Worm

6.DES (Data Encyption Standard) key size Select one: a. 32 bits b. 128 bits c. 56 bits d. 64 bits

7.Which is the size of data block used in AES? Select one: a. 64 b. 128 c. 32 d. 256

8.Which is the best password Select one: a. Password b. P@ssword c. P@ssW0rd d. Passw0rd

9.Characteristic of ping of death attack? Select one: a. Broadcast ICMP packet with source IP address is victim address b. Send a lot of ICMP packet c. Only send TCP SYN d. Send big size packet

10.Which is firewall topology can centralize managed policies? Select one: a. DMZ b. Distributed firewall c. IPSec

11.IPSec have 2 security protocols. Which are? Select one: a. MD5 b. ESP c. AH d. SHA-1 e. L2TP f. GRE

12.Which is the port of HTTP with SSL Select one: a. 444 b. 8080 c. 443 d. 80

13.OSI security model focus on ? Select one: a. Security defense b. Security mechanism c. Security attack d. Security service e. All above

14.Is it easy to detect passive attack? Select one: a. Yes b. No

15.Which is the behavior that impact organization security? Select one: a. Security mechanism b. Security defense c. Security service d. Security attack

16.Which password attack method that certainly success? Select one: a. Frequency analysis b. Social engineering c. Algorithm error d. Brute force

17.Which malware used to establish a secret tunnel so that hacker can access to the infected host without exploiting vulnerabilities again? Select one: a. Trojan b. spyware c. Zombie d. Virus e. Backdoor

18.Nowadays, which encryption method are popular used Select one: a. Asymmetric encryption b. Both c. Symmetric encryption

19.Which service:port is wrong? Select one: a. HTTPS:443 b. POP3:110 c. SSL:25 d. HTTP:80 e. Telnet:23

20.Best way to store user password Select one: a. Hashed password. b. Store in clear text. c. Encrypt password using symmetric encryption d. Encrypt password using public key

21.SSL/TLS was developed by Select one: a. Netscape b. Microsoft c. Kaspersky d. IBM

22.Which is the system to trap hacker or malicious software and log the behaviors of them for later analyzing. Select one: a. Anti-Virus b. spyware c. Honeypot d. IPS e. Zombie

23.MD5 used for Select one: a. Message authentication b. Key distribution c. Message integrity d. Message confidentiality

24.Packet fitering firewall rules are built base on which parameter, choose wrong answer Select one: a. Destination port b. Protocol c. Connection state d. Source IP address

25.Minimum number of characters required in a strong password Select one: a. 16 b. 8 c. 10 d. 6 e. 12

26.3DES is do the DES three times in what order? Select one: a. Decrypt-Encrypt-Encrypt b. Decrypt- Encrypt-Decrypt c. Encrypt-Encrypt-Decrypt d. Encrypt-Encrypt-Encrypt e. Encrypt-Decrypt-Encrypt

27.Which is authentication method that using a KDC? Select one: a. Smart card b. Chap c. Kerberos d. Biometric

28.What kind of attack below is active attack? Select one: a. Relay attack b. Modification of messages c. Masquerade attack d. All above e. DoS

29.What is the organization that issue digital certificate? Select one: a. CRL b. LRA c. CA d. RA 30.Which malware used exist script engine in another program? Select one: a. Zombie b. spyware c. Worm d. Macro Virus e. Trojan

31.SYN Flood attack exploit vulnerability of which protocol Select one: a. UDP b. TCP c. HTTP d. ICMP

32.Which behavior below is passive attack? Select one: a. Information modifying b. Information Sniffing c. Information capturing and modifying

33.SHA-1 used for Select one: a. Create 160 bits hashed message b. Create 256 bits hashed message c. Create digital signature d. Create symmetric key

34.Self replicate only have in Select one: a. Trojan b. Virus c. Worm

35.A program that seem to do normal things but have some secret malicious scripts run beside, It called? Select one: a. Worm b. Trojan Horse c. SYN flood d. Virus e. Logic Bomb

36.Which algorithms is used to encrypt and decrypt message? Select one: a. MD5 b. RSA c. Deffie-hellman d. DSS (digital signature standard) 37.Number of subkey in DES Select one: a. 16 b. 32 c. 56 d. 8

38.Packet fitering firewall work in which OSI layer? Select one: a. Transport b. Physical c. Session d. Data link e. Network

39.Which size of the MD5 output message Select one: a. 128 bit b. 512 bit c. 156 bit d. 256 bit

40.Which is the characteristics of one-way hash function? Select one: a. A and B b. Input messages can have unlimited size c. Output messages have fixed size d. Output messages size depend on input messages size e. Input messages have fixed size

41.Which is the main problem when using a KDC (key distribution center)? Select one: a. Personal key security b. Key transmit c. Network security d. Certificate revocation

42.What is the main purpose of digital signature? Select one: a. Accounting b. Authorization c. Integrity d. Authentication e. Security

43.Firewall is useless to Select one: a. Secure inside network b. Packet filter c. prevent Social engineering attack d. Traffic control

44.In DES, what is the size of data block? Select one: a. 256 b. 128 c. 32 d. 64

45.Encrypted message is called Select one: a. Certificate b. Public key c. Password d. Ciphertext

46.Which is purpose of DoS attack? Select one: a. Deny user to use services b. Information gathering c. Deface web site d. Information altering

47.What is DMZ (demilitarized zone) Select one: a. To place servers that have public services b. To place web server c. To place FTP server d. To place server mail

48.In IDS, which wrong? Select one: a. False positive: No attack and alarmed b. True positive: No attack and no alarm c. True negative: No Attack and no alarm d. False negative: Attacked and no alarm

49.Which attack used a lot of compromised PC as attack machine? Select one: a. Brute force b. Cyber Attack c. DDoS d. DoS

50.Which is the default rule in router, firewall Select one: a. No control. b. Not have default rule c. Deny all. d. Permit all.

51.Which is the key parameter to evaluate an IDS Select one: a. False negative: Attacked and no alarm b. True negative: No Attack and no alarm c. False positive: No attack and alarmed d. True positive: No attack and no alarm

52.Which protocol provide secured session to remote login in UNIX system? Select one: a. TLS b. SSH c. PKI d. SSL

53. What kind of encryption that use same key to encrypt and decrypt message? Select one: a. Diffie-Hellman b. Symmetric encryption c. Not synchronize d. RSA

54.After sending a message, user cannot refuse that he sent this message, it called? Select one: a. Security b. Non-repudiation c. Authentication d. Integrity

55.Which is the virus can change itself Select one: a. Cavity b. Polymorphic c. Steath d. Camoulage