Explore topic-wise InterviewSolutions in .

Right OPTION is (a) NSA

Easiest explanation: The NSA is primarily responsible for military encryption systems. The NSA DESIGNS evaluates, and IMPLEMENTS encryption systems for the military and government agencies with high SECURITY needs.

Right choice is (a) CONFIDENTIALITY

The explanation: Confidentiality means that the ASSETS can only be accessed by authorized parties. INTEGRITY means that computer system assets can be modified only by authorized PARITIES. Availability refers to the accessibility of the resource to the authorized parties. Authenticity means that the ASSET is not unethically changed.

The correct choice is (b) integrity

To explain: Integrity MEANS that computer system assets can be MODIFIED only by authorized parities. CONFIDENTIALITY means that the assets can only be accessed by authorized parties. Availability REFERS to the accessibility of the resource to the authorized parties. Authenticity means that the asset is not unethically changed.

Right option is (d) error control

To elaborate: The ESP PROVIDES DATA confidentiality, INTEGRITY and authentication. It provides confidentiality through encryption.ESP can operate in TWO modes, transport mode and tunnel mode.

Right CHOICE is (a) Network

The best I can explain: IPSec is a set of protocols used to PROVIDE authentication, data integrity and confidentiality between TWO machines in an IP network. In the TCP/IP model, it PROVIDES security at the IP layer i.e. the network layer.

The CORRECT choice is (c) AH; ESP

Explanation: AH ensures that there is no retransmission of data from an UNAUTHORIZED source, and protects against data tampering. ESP provides with content protection and ensures that there is INTEGRITY and confidentiality for the message.

Right option is (a) AH

To elaborate: The Authentication Header (AH) AUTHENTICATES the origin of data, and guarantees the INTEGRITY of the INFORMATION that’s being sent using IPSec. It also PROVIDES anti-reply security.

Correct OPTION is (d) Both SHA and MD5

To elaborate: SHA or MD5 can be used. Kerberos V5 is an authentication PROTOCOL, not an ENCRYPTION protocol; therefore, answer A is incorrect. CERTIFICATES are a type of authentication that can be used with IPsec, not an encryption protocol; therefore, answer B is incorrect.

The correct option is (b) ESP TRANSPORT mode

The best I can explain: ESP transport mode should be used to ensure the INTEGRITY and confidentiality of data that is exchanged within the same LAN. ESP tunnel mode is comparatively more SECURE and should be used to assure the security of the data within different LANs.

The correct choice is (b) checksum

The EXPLANATION is: Checksum FIELD is USED to detect errors over the entire USER datagram. Though it is not as efficient as CRC which is used in TCP, it gets the job done for the UDP datagram as UDP doesn’t have to ensure the delivery of the packet.

Correct option is (a) UDP length = IP length – IP header’s length

The best explanation: A USER DATAGRAM is encapsulated in an IP datagram. There is a field in the IP header that DEFINES the total length of the IP packet. There is another field in the IP header that defines the length of the header. So if we subtract the length of the IP header that is encapsulated in the IP packet, we get the length of UDP datagram.

Right option is (d) UDP header PLUS data

For explanation: Total length is the 16 bit field which contains the length of UDP header and the data. The maximum value of the Total length field and the maximum size of a UDP DATAGRAM is 65,535 bytes (8 BYTE header + 65,527 bytes of data).

Correct OPTION is (d) Client

To explain: Port numbers from 1025 to 5000 are USED as EPHEMERAL port numbers in Windows Operating SYSTEM. Ephemeral port numbers are short-lived port numbers which can be used for clients in a UDP system where there are temporary clients all the time.

The correct answer is (a) 8 BYTES

For explanation I would say: The fixed size of the UDP packet HEADER is 8 bytes. It CONTAINS four two-byte fields: Source port address, Destination port address, Length of packet, and checksum.

The correct answer is (b) 123

The BEST I can explain: The Network TIME PROTOCOL is a clock synchronization network protocol implemented by USING UDP port number 123 to send and receive time stamps.

Correct answer is (c) LOW OVERHEAD

The explanation: As UDP does not PROVIDE assurance of DELIVERY of packet, reliability and other services, the overhead taken to provide these services is REDUCED in UDP’s operation. Thus, UDP provides low overhead, and higher speed.

Correct choice is (d) Demultiplexing and error checking

The BEST I can explain: De-multiplexing is the delivering of received segments to the correct APPLICATION layer PROCESSES at the recipients end using UDP. Error checking is DONE through checksum in UDP.

Right answer is (a) Connection-oriented

Easiest explanation: UDP is an unreliable, connectionless TRANSPORT layer PROTOCOL that provides message-based data TRANSMISSION. TCP is an EXAMPLE of connection-oriented protocols.

Right option is (b) Acknowledgment NUMBER

Best explanation: TCP header contains separate FIELDS for sequence number and acknowledgment number. Comparing these VALUES is what allows TCP to detect lost segments and in TURN recover from that loss. After detecting the lost segments, the recovery may require RETRANSMISSION of the lost segments of data.

The CORRECT choice is (B) 16-bits and 16-bits

The best explanation: All PORT addresses are of 16 bits and they specify the type of service being used by the network entity. For example, port 21 is used for FTP connections and port 25 is used for ICMP connections.

The correct choice is (d) Denial-of-SERVICE attack

For explanation I WOULD say: During SYNC flooding the system collapses and DENIES service to every request, making it a DOS attack. Some other DoS attacks are bandwidth flooding, connection flooding and UDP flooding.

Right choice is (a) SYNC flooding attack

To explain I would say: SYNC flooding attack is a FORM of Denial of Service attack. Due to the overflow of SYNC SEGMENTS sent to the server, the victims are not ABLE to request for a connection to the server, thus resulting in Denial of Service.

Correct choice is (c) Simultaneous open

The best I can explain: In simultaneous open situation, TWO NODES send an SYN signal to each other and start a TCP CONNECTION. Here, both TCP nodes transmit a SYNC+ACK SEGMENT to each other and a connection is established between them. This doesn’t happen usually, because both sides have to know which port on the other SIDE to send to.

The correct answer is (d) Passive open

To elaborate: This is the first step in the Three-Way Handshaking process and is started by the SERVER. Then the Client picks an ISN (Initial SEQUENCE Number) and synchronizes (SHARES) it with the Server REQUESTING a connection. The Server acknowledges the clients ISN, and then picks an ISN and synchronizes it with the Client. At last, the Client acknowledges the servers ISN.

The CORRECT choice is (c) 20 and 60 bytes

For explanation I would say: The size of the HEADER can be 20 bytes at a minimum if there are no options and can GO up to 60 bytes at maximum with 40 bytes in the options field. The header contains all the control information required to ensure ORDERED, error-free and reliable delivery of the segment.

Correct answer is (a) FLOW control

Best explanation: Flow control is done to prevent the RECEIVER from being OVERFLOWED with data. It is done USING VARIOUS open-loop (prevention) methods and closed-loop (recovery) methods.

The correct option is (a) Byte NUMBER

To EXPLAIN I would SAY: As TCP has to ensure ordered delivery of PACKETS, sequence number and acknowledgement number are used to identify the byte number of the packet in the STREAM of bytes being transmitted.

Correct answer is (d) Acknowledgment

Best explanation: Acknowledgment mechanism is used to check the safe and SOUND arrival of data. The sender actively checks for acknowledgement from the receiver and once a SPECIFIC TIME period has PASSED, it retransmits the data.

Right option is (a) Stream of bytes

For explanation: TCP provides stream oriented delivery between hosts communicating VIA an IP network and there are no message boundaries. TCP can concatenate data from a number of SEND () COMMANDS into one stream of data and still TRANSMIT it RELIABLY.

The correct CHOICE is (d) Unreliable

Explanation: TCP is a transport LAYER protocol that provides RELIABLE and ORDERED delivery of a stream of bytes between hosts communicating VIA an IP network.