CSC215 Quiz - Xirius

1. Which type of firewall provides both traditional filtering and advanced features like deep packet inspection and application-level control?

A. Packet-filtering firewall B. Proxy firewall C. Stateful inspection firewall D. Next-Generation Firewall (NGFW)

2. What is the main threat that phishing attacks aim to exploit?

A. Network bandwidth B. User trust and willingness to reveal sensitive information C. CPU overload D. Server hardware failures

3. What is the significance of ensuring high uptime and availability in network services?

A. Helps generate revenue through advertisements B. Allows users continuous access to services without interruption C. Reduces server storage space D. Increases number of user logins

4. Why is monitoring packet loss especially critical for Nigerian banks' online platforms?

A. It reduces electricity usage B. Prevents transaction delays affecting customer experience C. Increases ATM withdrawals D. Filters phishing emails

5. Which is an example of an anomaly-based detection alert?

A. Known ransomware signature matched B. Spike in traffic on a government portal indicating possible DDoS C. Standard login by authorized user D. Email antivirus scan result

6. How do Nigerian fintech companies use Zero Trust Architecture effectively?

A. By allowing unrestricted access to all company resources B. By ensuring employees and vendors access only authorized systems C. By blocking all third-party vendor access entirely D. By trusting devices connected to the company Wi-Fi

7. What is a common example of a phishing attack?

A. An attacker intercepting network packets B. A fake email requesting login credentials from a student C. Installing malware via a USB flash drive D. Blocking unauthorized IP addresses via a firewall

8. What kind of attack is brute-force login attempts, and which tool can help prevent it?

A. Phishing; prevented by firewalls B. Malware; prevented by NetFlow C. Unauthorized access attempts; prevented by IDS/IPS D. Data theft; prevented by encryption

9. In Nigerian universities, how is NetFlow used during online exams?

A. To prevent cheating by blocking websites B. To monitor traffic spikes on campus Wi-Fi and identify unusual activity C. To disable Wi-Fi during exams D. To provide encrypted messaging

10. In the context of IoT security monitoring, what is a key concern that must be addressed?

A. Encrypting all web traffic only B. Detecting unauthorized access or device misbehavior in real time C. Limiting user access to email services D. Preventing physical theft of IoT devices

11. What is the main advantage of using NetFlow or sFlow protocols in network monitoring?

A. Real-time encryption of data in motion B. Analysis of traffic patterns and identification of unusual spikes or bandwidth usage C. Automated patch management for network devices D. Firewall rule configuration

12. What is the primary purpose of SIEM platforms in network security?

A. To monitor physical security of buildings B. To collect and correlate logs and events for real-time alerting C. To encrypt all network traffic automatically D. To replace firewalls for network filtering

13. Why is high uptime and availability critical for Nigerian banks’ ATM and online services?

A. To ensure continuous customer access and avoid service disruptions B. To reduce network hardware costs C. To allow fewer security audits D. To increase data transfer speed only during business hours

14. What is the main focus of performance management in network monitoring?

A. Tracking user login times B. Measuring throughput, latency, error rates, and uptime to meet service levels C. Scanning for phishing emails D. Encrypting data on servers

15. What role do NetFlow and sFlow protocols play in network monitoring?

A. Encrypting data at the IP layer B. Collecting and analyzing network traffic patterns and flow data C. Managing user authentication D. Detecting phishing attacks

16. How can packet loss affect network performance?

A. It increases encryption strength B. It leads to slow performance and application errors C. It improves throughput during peak hours D. It prevents unauthorized access

17. How does anomaly-based detection differ from signature-based detection in IDS/IPS systems?

A. Anomaly-based relies on known attack patterns; signature-based uses traffic volume B. Anomaly-based detects deviations from normal behavior; signature-based matches known attack signatures C. Anomaly-based has fewer false positives; signature-based detects zero-day attacks D. Both use the same approach but in different network zones

18. What is the main advantage of anomaly-based detection in IDS/IPS systems?

A. Detects only known threats B. Requires no system training C. Can detect unknown or zero-day attacks D. Has zero false positives

19. What does the FCAPS model stand for in network management?

A. Firewall, Configuration, Authorization, Performance, Security B. Fault, Configuration, Accounting, Performance, Security C. File, Control, Access, Packet, Security D. Fault, Control, Authentication, Protocol, System

20. Which type of malware disguises itself as legitimate software to trick users?

A. Virus B. Trojan horse C. Worm D. Spyware

21. What is the purpose of log analyzers in network security monitoring?

A. Encrypt communication between servers B. Collect, parse, and analyze logs to detect unusual activity and troubleshoot issues C. Block malicious network traffic D. Provide real-time traffic visualization only

22. What is the primary goal of fault management?

A. Prevent malware infections entirely B. Detect, isolate, and resolve network problems to minimize downtime C. Encrypt data in transit D. Manage user accounts and permissions

23. What is the main function of Syslog in network monitoring?

A. To store and collect log messages from devices and servers centrally B. To analyze traffic flow patterns C. To block brute force attacks D. To monitor packet loss

24. What does packet loss typically cause in a network?

A. Increased encryption strength B. Slow network performance and application errors C. Faster data transmission D. Enhanced security

25. In the context of network security, what does the Zero Trust Architecture emphasize?

A. Trust all devices inside the network B. Require continuous verification of identity and access for all users and devices C. Only verify user identity once at login D. Trust devices from within a company domain automatically

26. Why do Nigerian universities monitor their Wi-Fi network performance?

A. To increase the number of their network devices B. To ensure students can access e-learning platforms without lag C. To reduce server logs D. To prevent spam emails

27. Why is monitoring CPU and memory utilization important for network devices?

A. To block unauthorized traffic B. To prevent device overload and ensure efficient functioning C. To encrypt data in transit D. To monitor user login attempts

28. How do Nigerian smart city projects benefit from IoT security monitoring?

A. By encrypting all IoT device data offline B. Detecting vulnerabilities and unauthorized access to devices like traffic cameras in real time C. Preventing all devices from communicating D. Only monitoring IoT devices during business hours

29. Which tool is used for monitoring bandwidth usage and device health using SNMP and packet sniffing?

A. IDS B. PRTG C. NetFlow D. Syslog

30. What role do proxy firewalls play in network security?

A. They act as intermediaries and analyze requests between user and internet B. They encrypt all outgoing data C. They track CPU usage D. They prevent physical network access

31. What is the primary purpose of a SIEM platform in network security?

A. To encrypt data transmissions between users B. To collect and correlate logs from multiple sources for real-time threat detection C. To block malware automatically on endpoint devices D. To manage network hardware configurations

32. What capability do Next-Generation Firewalls provide beyond traditional firewalls?

A. Only packet filtering B. Intrusion prevention, deep packet inspection, and application-level control C. Encrypting data at rest D. User account management

33. How does security management enhance network protection?

A. By disabling unauthorized network devices entirely B. Using firewalls, IDS/IPS, authentication, and encryption to protect from unauthorized access and attacks C. Only encrypting email communications D. Monitoring CPU load

34. What is the fundamental principle behind Zero Trust Architecture in network security?

A. All internal devices are implicitly trusted B. Devices are trusted based on their physical location C. Continuous verification is required for every user and device regardless of location D. Access is granted only during off-peak hours

35. In the context of Nigerian banks, how are log analyzers used?

A. To encrypt customers' ATM cards B. To analyze server logs for investigating failed ATM transactions or unauthorized access attempts C. To provide internet service only D. To block missing data packets

36. What role does the FCAPS model play in network management?

A. It offers encryption techniques to secure communication B. It organizes network management into fault, configuration, accounting, performance, and security tasks C. It defines user roles for access control only D. It manages virus definitions for antivirus software

37. What is a common delivery method for phishing attacks?

A. Router firmware updates B. Emails, SMS messages, fake websites, and social media links C. Physical theft D. Over encrypted VPN tunnels

38. How do Intrusion Prevention Systems (IPS) differ from Intrusion Detection Systems (IDS)?

A. IPS only alerts on possible threats, IDS blocks traffic B. IPS blocks malicious traffic automatically, IDS only alerts C. IDS analyzes logs, IPS monitors network traffic D. IDS monitors physical access, IPS monitors user behavior

39. What is an example of continuous verification in Zero Trust Architecture?

A. Automatic trust after initial login B. Frequent re-authentication and access checks for devices and users C. Trusting devices only within a secure office network D. Allowing all devices to communicate freely once verified once

40. What is the key difference between a worm and a virus in malware classification?

A. Worms require human action to spread, viruses spread automatically B. Viruses attach to files; worms spread automatically over networks C. Worms are harmless, viruses cause damage D. Both are identical in behavior

41. Why is configuration management critical in network management?

A. It prevents phishing attacks B. Sets up and maintains network devices and services for smooth operations C. Encrypts all transactions D. Analyzes user behavior

42. What does accounting management track in network systems?

A. User data encryption keys B. Network resource usage for billing, auditing, or planning C. CPU and memory utilization D. Device firmware versions

43. Which of the following is NOT a type of firewall mentioned?

A. Packet-filtering firewall B. Stateful inspection firewall C. Proxy firewall D. Application firewalls

44. Which of the following best describes the function of an Intrusion Prevention System (IPS)?

A. Monitors traffic and alerts users about potential attacks B. Automatically blocks malicious network traffic C. Analyzes user behavior for compliance reports D. Collects logs for forensic analysis

45. How do Nigerian ISPs use network traffic analyzers?

A. To block emails with malware B. To detect unusual spikes that may indicate malware infections or intrusion attempts C. To manage employee work hours D. To block third-party vendor access

46. Which of the following is NOT part of the CIA Triad in network security?

A. Confidentiality B. Integrity C. Authorization D. Availability

47. Why is configuration management important in network security?

A. It visualizes network traffic in dashboards B. It tracks hardware, software, and settings allowing updates without disruption C. It blocks unauthorized network connections D. It monitors CPU usage on routers and servers

48. How do Nigerian ISPs utilize network traffic analyzers?

A. To improve offline software updates B. To detect unusual traffic spikes that could indicate malware or intrusion attempts C. To encrypt customer data stored on servers D. To configure network hardware automatically

49. What is a major weakness of signature-based detection in IDS systems?

A. High false positives B. Cannot detect unknown or zero-day attacks C. Doesn't detect known threats D. Requires manual packet inspection

50. Which tool would most likely be used to capture and inspect detailed network protocol data for troubleshooting?

A. SolarWinds B. Wireshark C. NetFlow D. SIEM

Xirius-NetworkSecurityampManagementNetworkMonitoringandManagementTools8-CSC215.pdf