Computer Networks MCQ Set 1
1. DHCP (dynamic host configuration protocol) provides __________ to the client.
a) IP address
b) MAC address
c) Url
d) None of the mentioned
Answer
Answer: a [Reason:] None.
2. DHCP is used for
a) IPv6
b) IPv4
c) Both (a) and (b)
d) None of the mentioned
Answer
Answer: c [Reason:] None.
3. The DHCP server
a) maintains a database of available IP addresses
b) maintains the information about client configuration parameters
c) grants a IP address when receives a request from a client
d) all of the mentioned
Answer
Answer: d [Reason:] None.
4. IP assigned for a client by DHCP server is
a) for a limited period
b) for unlimited period
c) not time dependent
d) none of the mentioned
Answer
Answer: a [Reason:] None.
5. DHCP uses UDP port _________ for sending data to the server.
a) 66
b) 67
c) 68
d) 69
Answer
Answer: b [Reason:] None.
6. The DHCP server can provide the _______ of the IP addresses.
a) dynamic allocation
b) automatic allocation
c) static allocation
d) all of the mentioned
Answer
Answer: d [Reason:] None.
7. DHCP client and servers on the same subnet communicate via
a) UDP broadcast
b) UDP unicast
c) TCP broadcast
d) TCP unicast
Answer
Answer: a [Reason:] None.
8. After obtaining the IP address, to prevent the IP conflict the client may use
a) internet relay chat
b) broader gateway protocol
c) address resolution protocol
d) none of the mentioned
Answer
Answer: c [Reason:] None.
9. What is DHCP snooping?
a) techniques applied to ensure the security of an existing DHCP infrastructure
b) encryption of the DHCP server requests
c) algorithm for DHCP
d) none of the mentioned
Answer
Answer: a [Reason:] None.
10. If DHCP snooping is configured on a LAN switch, then clients having specific ______ can access the network.
a) MAC address
b) IP address
c) Both (a) and (b)
d) None of the mentioned
Answer
Answer: c [Reason:] None.
Computer Networks MCQ Set 2
1. The entire hostname has a maximum of
a) 255 characters
b) 127 characters
c) 63 characters
d) 31 characters
Answer
Answer:a [Reason:] None.
2. A DNS client is called
a) DNS updater
b) DNS resolver
c) DNS handler
d) none of the mentioned
Answer
Answer:b [Reason:] None.
3. Servers handle requests for other domains
a) directly
b) by contacting remote DNS server
c) it is not possible
d) none of the mentioned
Answer
Answer:b [Reason:] None.
4. DNS database contains
a) name server records
b) hostname-to-address records
c) hostname aliases
d) all of the mentioned
Answer
Answer:d [Reason:] None.
5. If a server has no clue about where to find the address for a hostname then
a) server asks to the root server
b) server asks to its adjcent server
c) request is not processed
d) none of the mentioned
Answer
Answer:a [Reason:] None.
6. Which one of the following allows client to update their DNS entry as their IP address change?
a) dynamic DNS
b) mail transfer agent
c) authoritative name server
d) none of the mentioned
Answer
Answer:a [Reason:] None.
7. Wildcard domain names start with label
a) @
b) *
c) &
d) #
Answer
Answer:b [Reason:] None.
8. The right to use a domain name is delegated by domain name registers which are accredited by
a) internet architecture board
b) internet society
c) internet research task force
d) internet corporation for assigned names and numbers
Answer
Answer:d [Reason:] None.
9. The domain name system is maintained by
a) distributed database system
b) a single server
c) a single computer
d) none of the mentioned
Answer
Answer:a [Reason:] None.
10. Which one of the following is not true?
a) multiple hostnames may correspond to a single IP address
b) a single hostname may correspond to many IP addresses
c) a single hostname may correspond to a single IP address
d) none of the mentioned
Answer
Answer:c [Reason:] None.
Computer Networks MCQ Set 3
1. EIGRP is a routing Protocol design by Cisco. (Yes/No)?
a) Yes
b) No
Answer
Answer: a [Reason:] EIGRP is a routing Protocol design by Cisco.
2. EIGRP metric is ________
a) K-values
b) Bandwidth only
c) Hop Count
d) Delay only
Answer
Answer [Reason:] EIGRP metric is K-values.
3. EIGRP can support ____________
a) VLSM/subnetting
b) Auto summary
c) Unequal cast load balancing
d) Area
Answer
Answer: a, b, c [Reason:] VLSM/subnetting, Auto summary, Unequal cast load balancing.
4. EIGRP send the hello message after every ___________ seconds
a) 5 seconds (LAN), 60 seconds (WAN)
b) 5 seconds (LAN), 5 seconds (WAN)
c) 15s
d) 180s
Answer
Answer: a [Reason:] EIGRP send the hello message after every5 seconds (LAN), 60 seconds (WAN).
5. Administrative distance for internal EIGRP is ______
a) 90
b) 170
c) 110
d) 91
Answer
Answer: a [Reason:] Administrative distance for internal EIGRP is 90.
6. The EIGRP metric values include:
a) Delay
b) Bandwidth
c) Hop Count
d) MTU
Answer
Answer: a, b, d [Reason:] The EIGRP metric values are Delay, Bandwidth, and MTU.
7. For default gateway you will use which of following command on Cisco router?
a) IP default network
b) IP default gateway
c) IP default route
d) Default network
Answer
Answer: a [Reason:] IP default network command used in default gateway in Cisco router.
8. Administrative distance for external EIGRP route is _______
a) 90
b) 170
c) 110
d) 100
Answer
Answer: b [Reason:] Administrative distance for external EIGRP route is 170.
9. EIGRP uses the ____________ algorithm for finding shortest path.
a) SPF
b) DUAL
c) Linkstat
d) Dikstraalgo
Answer
Answer: b [Reason:] EIGRP uses the DUAL algorithm for finding shortest path.
10. In EIGRP best path is known as the successor, where as backup path is known as __________
a) Feasible successor
b) Back-up route
c) Default route
d) There is no backup route in EIGRP
Answer
Answer: a [Reason:] Feasible successor is the backup path.
Computer Networks MCQ Set 4
1. Which of the following is an advantage of anomaly detection?
a) Rules are easy to define
b) Custom protocols can be easily analyzed
c) The engine can scale as the rule set grows
d) Malicious activity that falls within normal usage patterns is detected
Answer
Answer: c [Reason:] Once a protocol has been built and a behavior defined, the engine can scale more quickly and easily than the signature-based model because a new signature does not have to be created for every attack and potential variant.
2. A false positive can be defined as…
a) An alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior
b) An alert that indicates nefarious activity on a system that is not running on the network
c) The lack of an alert for nefarious activity
d) Both a. and b
Answer
Answer: d [Reason:] A false positive is any alert that indicates nefarious activity on a system that, upon further inspection, turns out to represent legitimate network traffic or behavior.
3. One of the most obvious places to put an IDS sensor is near the firewall. Where exactly in relation to the firewall is the most productive placement?
a) Inside the firewall
b) Outside the firewall
c) Both inside and outside the firewall
d) Neither inside the firewall nor outside the firewall.
Answer
Answer: a [Reason:] There are legitimate political, budgetary and research reasons to want to see all the “attacks” against your connection, but given the care and feeding any IDS requires, do yourself a favor and keep your NIDS sensors on the inside of the firewall.
4. What is the purpose of a shadow honeypot?
a) To flag attacks against known vulnerabilities
b) To help reduce false positives in a signature-based IDS
c) To randomly check suspicious traffic identified by an anomaly detection system
d) To enhance the accuracy of a traditional honeypot
Answer
Answer: c [Reason:] “Shadow honeypots,” as researchers call them, share all the same characteristics of protected applications running on both the server and client side of a network and operate in conjunction with an ADS.
5. At which two traffic layers do most commercial IDSes generate signatures?
a) Application layer
b) Network layer
c) Session layer
d) Transport layer
Answer
Answer: b, d [Reason:] Most commercial IDSes generate signatures at the network and transport layers.
6. An IDS follows a two-step process consisting of a passive component and an active component. Which of the following is part of the active component?
a) Inspection of password files to detect inadvisable passwords
b) Mechanisms put in place to reenact known methods of attack and record system responses
c) Inspection of system to detect policy violations
d) Inspection of configuration files to detect inadvisable settings
Answer
Answer: b [Reason:] Second component of mechanisms are set in place to reenact known methods of attack and to record system responses.
7. When discussing IDS/IPS, what is a signature?
a) An electronic signature used to authenticate the identity of a user on the network
b) Attack-definition file
c) It refers to “normal,” baseline network behavior
d) None of the above
Answer
Answer: b [Reason:] IDSes work in a manner similar to modern antivirus technology. They are constantly updated with attack-definition files (signatures) that describe each type of known malicious activity.
8. “Semantics-aware” signatures automatically generated by Nemean are based on traffic at which two layers?
a) Application layer
b) Network layer
c) Session layer
d) Transport layer
Answer
Answer: a, c [Reason:] Nemean automatically generates “semantics-aware” signatures based on traffic at the session and application layers.
9. Which of the following is used to provide a baseline measure for comparison of IDSes?
a) Crossover error rate
b) False negative rate
c) False positive rate
d) Bit error rate
Answer
Answer: a [Reason:] As the sensitivity of systems may cause the false positive/negative rates to vary, it’s critical to have some common measure that may be applied across the board.
10. Which of the following is true of signature-based IDSes?
a) They alert administrators to deviations from “normal” traffic behavior
b) They identify previously unknown attacks
c) The technology is mature and reliable enough to use on production networks
d) They scan network traffic or packets to identify matches with attack-definition files
Answer
Answer: d [Reason:] They are constantly updated with attack-definition files (signatures) that describe each type of known malicious activity. They then scan network traffic for packets that match the signatures, and then raise alerts to security administrators.
Computer Networks MCQ Set 5
1. Ethernet frame consists of
a) MAC address
b) IP address
c) both (a) and (b)
d) none of the mentioned
Answer
Answer: a [Reason:] None.
2. What is stat frame delimeter (SFD) in ethernet frame?
a) 10101010
b) 10101011
c) 00000000
d) 11111111
Answer
Answer: b [Reason:] None.
3. MAC address is of
1) 24 bits
b) 36 bits
c) 42 bits
d) 48 bits
Answer
Answer: d [Reason:] None.
4. What is autonegotiation?
a) a procedure by which two connected devices choose common transmission parameters
b) a security algorithm
c) a routing algorithm
d) none of the mentioned
Answer
Answer: a [Reason:] None.
5. Ethernet in metropolitan area network (MAN) can be used as
a) pure ethernet
b) ethernet over SDH
c) ethernet over MPLS
d) all of the mentioned
Answer
Answer: d [Reason:] None.
6. A point-to-point protocol over ethernet is a network protocol for
a) encapsulating PPP frames inside ethernet frames
b) encapsulating ehternet framse inside PPP frames
c) for security of ethernet frames
d) for security of PPP frames
Answer
Answer: a [Reason:] None.
7. High speed ethernet works on
a) coaxial cable
b) twisted pair cable
c) optical fiber
d) none of the mentioned
Answer
Answer: c [Reason:] None.
8. The maximum size of payload field in ethernet frame is
a) 1000 bytes
b) 1200 bytes
c) 1300 bytes
d) 1500 bytes
Answer
Answer: d [Reason:] None.
9. What is interframe gap?
a) idle time between frames
b) idle time between frame bits
c) idle time between packets
d) none of the mentioned
Answer
Answer: a [Reason:] None.
10. An ethernet frame that is less than the IEEE 802.3 minimum length of 64 octets is called
a) short frame
b) run frame
c) mini frame
d) man frame
Answer
Answer: b [Reason:] None.
