NT 316
Designing Network Security
LATEST MIDTERM GUIDE
Q&S
©2024/2025
,1. Multiple Choice: Which of the following is considered a
best practice for securing a network?
A) Using weak encryption algorithms
B) Implementing a default-deny firewall policy
C) Disabling security logs
D) Avoiding regular software updates
Correct Answer: B) Implementing a default-deny firewall
policy
Rationale: A default-deny firewall policy ensures that only
explicitly allowed traffic can access the network, minimizing
potential vulnerabilities.
2. Fill-in-the-Blank: __________ is a protocol used to
securely connect to a remote server.
Correct Answer: SSH (Secure Shell)
Rationale: SSH is widely used for secure network
services due to its encryption capabilities, which protect
sensitive data during transmission.
3. True/False: A VLAN offers the same level of security as a
physically separate network.
Correct Answer: False
Rationale: While VLANs provide segmentation and can
help reduce security risks, they do not offer the same
robustness as physically separate networks, which are
isolated at the hardware level.
4. Multiple Response: Select all that apply. Which of the
following are common types of network attacks?
A) Phishing
B) DDoS
©2024/2025
, C) SQL injection
D) Tailgating
Correct Answers: A) Phishing, B) DDoS, C) SQL injection
Rationale: These are all well-known attack vectors
targeting different aspects of network security, from social
engineering to service disruption and data breaches.
5. Multiple Choice: What is the primary purpose of a
network intrusion detection system (NIDS)?
A) To prevent users from accessing inappropriate
websites
B) To encrypt data packets
C) To monitor network traffic for suspicious activity
D) To serve as a primary firewall
Correct Answer: C) To monitor network traffic for
suspicious activity
Rationale: NIDS are deployed within a network to detect
potential threats by analyzing traffic patterns and identifying
anomalies.
6. Fill-in-the-Blank: The process of transforming readable
data into an unreadable format to prevent unauthorized
access is called __________.
Correct Answer: Encryption
Rationale: Encryption is a fundamental security measure
that protects data confidentiality by making it inaccessible to
unauthorized users.
7. True/False: Biometric authentication is less secure than
password-based authentication.
Correct Answer: False
Rationale: Biometric authentication uses unique physical
characteristics, making it more difficult to replicate or steal
©2024/2025
Designing Network Security
LATEST MIDTERM GUIDE
Q&S
©2024/2025
,1. Multiple Choice: Which of the following is considered a
best practice for securing a network?
A) Using weak encryption algorithms
B) Implementing a default-deny firewall policy
C) Disabling security logs
D) Avoiding regular software updates
Correct Answer: B) Implementing a default-deny firewall
policy
Rationale: A default-deny firewall policy ensures that only
explicitly allowed traffic can access the network, minimizing
potential vulnerabilities.
2. Fill-in-the-Blank: __________ is a protocol used to
securely connect to a remote server.
Correct Answer: SSH (Secure Shell)
Rationale: SSH is widely used for secure network
services due to its encryption capabilities, which protect
sensitive data during transmission.
3. True/False: A VLAN offers the same level of security as a
physically separate network.
Correct Answer: False
Rationale: While VLANs provide segmentation and can
help reduce security risks, they do not offer the same
robustness as physically separate networks, which are
isolated at the hardware level.
4. Multiple Response: Select all that apply. Which of the
following are common types of network attacks?
A) Phishing
B) DDoS
©2024/2025
, C) SQL injection
D) Tailgating
Correct Answers: A) Phishing, B) DDoS, C) SQL injection
Rationale: These are all well-known attack vectors
targeting different aspects of network security, from social
engineering to service disruption and data breaches.
5. Multiple Choice: What is the primary purpose of a
network intrusion detection system (NIDS)?
A) To prevent users from accessing inappropriate
websites
B) To encrypt data packets
C) To monitor network traffic for suspicious activity
D) To serve as a primary firewall
Correct Answer: C) To monitor network traffic for
suspicious activity
Rationale: NIDS are deployed within a network to detect
potential threats by analyzing traffic patterns and identifying
anomalies.
6. Fill-in-the-Blank: The process of transforming readable
data into an unreadable format to prevent unauthorized
access is called __________.
Correct Answer: Encryption
Rationale: Encryption is a fundamental security measure
that protects data confidentiality by making it inaccessible to
unauthorized users.
7. True/False: Biometric authentication is less secure than
password-based authentication.
Correct Answer: False
Rationale: Biometric authentication uses unique physical
characteristics, making it more difficult to replicate or steal
©2024/2025
