What is a 'Sniffer' tool (e.g., Wireshark)?

A tool that reads and captures unencrypted messages on a network.

A tool that encrypts hard drives.

A one-way 'fingerprint' of data to ensure Integrity.

What does the 'ssl' module do in Python socket programming?

It wraps a standard socket with TLS encryption.

It makes the socket run faster.

In the context of Python security, what is 'Scapy'?

A powerful Python library used for network sniffing and packet manipulation.

When analyzing a packet in Scapy, what does 'pkt[IP].src' represent?

The source IP address where the packet originated.

Why is Asymmetric encryption considered 'slower' than Symmetric?

It involves complex mathematics and large key pairs.

It requires an internet connection.

What is the primary purpose of a 'Security Alert' script?

To monitor specific ports or patterns and notify the admin of potential threats.

What happens if a socket is NOT wrapped in SSL/TLS?

It sends data as raw, easily readable bytes.

It cannot connect to the internet.

It automatically compresses data.

True or False: Using a firewall means you don't need to encrypt your sockets.

False, a firewall doesn't hide the data inside the packets.

Only if the firewall is expensive.

What does NIDS stand for?

Network Intrusion Detection System

National Information Database Server

What is 'Signature-based' detection?

Looking for known 'bad' patterns or specific virus codes.

Guessing based on user behavior.

Checking physical signatures on documents.

What is a major limitation of Signature-based detection?

It cannot detect brand new, never-before-seen attacks (Zero-Day exploits).

What is 'Anomaly-based' detection?

Establishing a 'baseline' of normal behavior and alerting on weird deviations.

What is a 'True Positive' in NIDS terminology?

The alarm goes off, and there is an actual attack.

The alarm goes off, but it was just normal traffic.

No alarm sounds during an attack.

No alarm sounds, and the network is safe.

What is a 'False Positive'?

The alarm goes off for completely normal, innocent traffic.

The alarm correctly identifies a threat.

The NIDS fails to catch a hacker.

What is a 'False Negative', and why is it dangerous?

The system fails to detect an actual attack, letting the hacker in silently.

An alarm sounds for normal traffic.

The system correctly ignores normal traffic.

Why does encrypted traffic (TLS/SSL) pose a problem for traditional NIDS?

The NIDS can no longer read the 'Payload' to look for signatures.

How do modern NIDS handle encrypted traffic?

They look at 'Metadata' (packet size, timing, IP addresses) instead of the payload.

They ask the hacker for the password.

They block all encrypted traffic.

If your NIDS alerts you to 10,000 tiny UDP packets hitting your server from one IP, what is likely happening?

An Anomaly-based detection of a Denial of Service (DoS) attack.

A Signature-based detection of a SQL injection.

What is the 'Payload' of a network packet?

The actual data/message being carried inside the packet.

In a corporate environment, where is a NIDS usually placed?

At strategic 'choke points' in the network, like just behind the firewall.

On every employee's smartphone.

What does 'Recording' mean in the context of NIDS?

Keeping a log history of the attack data for future forensic analysis.

Taking webcam pictures of the user.

Recording audio from the microphone.

Saving the server's source code.

True or False: A NIDS can stop an attack in progress.

False, NIDS is passive and only alerts. An IPS (Intrusion Prevention System) takes action.

False, NIDS doesn't detect attacks.

What is the 'baseline' in Anomaly-based detection?

A statistical model of what 'normal' everyday network traffic looks like.

If you write a Scapy script to log traffic hitting a port you don't use, what are you creating?

A basic custom NIDS 'Watchdog'.

Why is a 'True Negative' a good thing?

It means the traffic was normal, and no alarm sounded, so the system is working correctly.

It means an attack was blocked.

What is the main takeaway regarding NIDS and Firewalls?

They serve different purposes and should be used together for Defense in Depth.

They are exactly the same thing.

What does 'Plaintext' refer to in socket programming?

Data sent in its original, unencrypted, and readable format.

BCP221 Network Security Quiz

Authored by Roweza Valencia

Computers

University

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

75 questions

Show all answers

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Popular Resources on Wayground

15 questions

Grade 3 Simulation Assessment 1

Quiz

•

3rd Grade

22 questions

HCS Grade 4 Simulation Assessment_1 2526sy

Quiz

•

4th Grade

16 questions

Grade 3 Simulation Assessment 2

Quiz

•

3rd Grade

19 questions

HCS Grade 5 Simulation Assessment_1 2526sy

Quiz

•

5th Grade

17 questions

HCS Grade 4 Simulation Assessment_2 2526sy

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

24 questions

HCS Grade 5 Simulation Assessment_2 2526sy

Quiz

•

5th Grade

20 questions

Math Review

Quiz

•

3rd Grade

Discover more resources for Computers

36 questions

8th Grade US History STAAR Review

Quiz

•

KG - University

25 questions

Spanish future tense

Quiz

•

10th Grade - University

55 questions

Post Malone Addtion (Tres)

Quiz

•

12th Grade - University

15 questions

Quotation Marks vs. Italics for MLA

Quiz

•

9th Grade - University

20 questions

Disney Trivia

Quiz

•

University

50 questions

AP Biology Exam Review 2017

Quiz

•

11th Grade - University

215 questions

8th Physical Science GA Milestones Review

Quiz

•

KG - University

20 questions

Ch15_review_TEACHER

Quiz

•

University

BCP221 Network Security Quiz

What does the 'C' in the CIA Triad stand for?

Confidentiality ensures that only authorized people can read the data.

Which component of the CIA Triad ensures that data hasn't been changed during transit?

Integrity guarantees that the data received is exactly the data that was sent, without modification.

What does 'Availability' mean in the context of the CIA Triad?

Availability ensures that systems and data are accessible to authorized users when they need them.

Which attack involves someone passively 'listening' to your socket data on the network?

Eavesdropping involves capturing packets on a network using a sniffer, violating Confidentiality.

What is a 'Man-in-the-Middle' (MITM) attack?

In a MITM attack, the attacker sits between the two parties, compromising both Confidentiality and Integrity.

Which attack aims to crash a server by flooding it with too many requests?

A DoS attack targets the Availability of a system by overwhelming its resources.

Why is using standard Python sockets considered vulnerable by default?

Standard sockets do not encrypt data. Anyone with a network sniffer can read Plaintext transmissions.

What is a 'Sniffer' tool (e.g., Wireshark)?

Sniffers passively monitor and capture network traffic, making plaintext data highly vulnerable.

Which encryption method uses the SAME key to lock and unlock data?

Symmetric encryption is fast because it uses a single shared secret key for both encryption and decryption.

Which encryption method uses a Public Key to lock and a Private Key to unlock?

Asymmetric encryption uses a pair of keys, solving the problem of securely sharing a single key.

Access all questions and much more by creating a free account

Popular Resources on Wayground

Discover more resources for Computers