Explore topic-wise MCQs in Mongodb.

This section includes 102 Mcqs, each offering curated multiple-choice questions to sharpen your Mongodb knowledge and support exam preparation. Choose a topic below to get started.

51.

Which channel ensures local port forwarding?

A. session
B. x11
C. forward-tcpip
D. direct-tcpip
Answer» E.
Discussion
52.

In Message Integrity, the message digest needs to be kept

A. Secret
B. Low
C. High
D. Constant 0
Answer» B. Low
Discussion
53.

The SSH Connection Protocol runs on top of the SSH Transport Layer Protocol and assumes that a secure authentication connection is in use.

A. True
B. False
C. May be
D. Can't say
Answer» B. False
Discussion
54.

On which port will the server generally listen to for SMTP?

A. port 35
B. port 63
C. port 25
D. port 65
Answer» D. port 65
Discussion
55.

The secure authentication connection is referred to as-

A. chisel
B. tunnel
C. zeroing
D. handshaking
Answer» C. zeroing
Discussion
56.

The protocol ‘POP’ stands for-

A. Personal Office Protocol
B. Post Office Protocol
C. Privacy Overall Protocol
D. Privacy Over Protocol
Answer» C. Privacy Overall Protocol
Discussion
57.

In the SSL record protocol operation pad_1 is –

A. is the byte 0x36 repeated 40 times for MD5
B. is the byte 0x5C repeated 40 times for MD5
C. is the byte 0x5C repeated 48 times for SHA-1
D. is the byte 0x36 repeated 48 times for MD5
Answer» E.
Discussion
58.

In the handshake protocol which is the message type first sent between client and server ?

A. server_hello
B. client_hello
C. hello_request
D. certificate_request
Answer» C. hello_request
Discussion
59.

In the Phase 2 of the Handshake Protocol Action, the step server_key_exchange is not needed for which of the following cipher systems?

A. Fortezza
B. Anonymous Diffie-Hellman
C. Fixed Diffie-Hellman
D. RSA
Answer» D. RSA
Discussion
60.

In the “Opening a channel” phase what is the function of the “maximum packet size” parameter?

A. It specifies the number of bytes in the IV
B. It specifies the maximum size of an individual packet
C. It specifies how many bytes of channel data can be sent
D. None of the mentioned
Answer» C. It specifies how many bytes of channel data can be sent
Discussion
61.

The Secure Shell Connection Protocol Message exchange has the fist phase as “Opening a Channel” and it sends a message with parameters-SSH_MSG_CHANNEL_OPENchannel typesender channelinnitial window sizemaximum packet sizeWhat is the data type sender channel/innitial window size/ channel type?

A. uint16
B. uint32
C. int16
D. int32
Answer» C. int16
Discussion
62.

In the “Opening a channel” phase what is the function of the “innitial window size” parameter?

A. It specifies the number of bytes in the IV
B. It specifies the maximum size of an individual packet
C. It specifies how many bytes of channel data can be sent
D. None of the mentioned
Answer» D. None of the mentioned
Discussion
63.

Which is the key exchange algorithm used in CipherSuite parameter?

A. RSA
B. Fixed Diffie-Hellman
C. Ephemeral Diffie-Hellman
D. Any of the mentioned
Answer» E.
Discussion
64.

A single ______________ further allows the user to be authenticated once, and multiple applications can then verify the user’s identity through an authentication service without requiring reauthentication.

A. OpenID
B. Sign-on system
C. Security Assertion Markup Language (SAML)
D. Virtual Private Database (VPD)
Answer» C. Security Assertion Markup Language (SAML)
Discussion
65.

What is the recommended modes of operation for encryption and decryption in the Secure Shell Transport Layer?

A. ECB
B. OFB
C. CBC
D. CFB
Answer» D. CFB
Discussion
66.

A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

A. Two-factor authentication
B. Cross-site request forgery
C. Cross-site scripting
D. Cross-site scoring scripting
Answer» D. Cross-site scoring scripting
Discussion
67.

In the Key generation procedure, the Encryption key from the server to client is represented as:

A. HASH(K||H||”C”||session_id)
B. HASH(K||H||”B”||session_id)
C. HASH(K||H||”F”||session_id)
D. HASH(K||H||”D”||session_id)
Answer» E.
Discussion
68.

The message must be encrypted at the sender site and decrypted at the

A. Sender Site
B. Site
C. Receiver site
D. Conferencing
Answer» D. Conferencing
Discussion
69.

MAC stands for

A. Message authentication code
B. Message arbitrary connection
C. Message authentication control
D. Message authentication cipher
Answer» B. Message arbitrary connection
Discussion
70.

Which is not a channel recognized by the SSH connection protocol?

A. session
B. backward-tcpip
C. direct-tcpip
D. x11
Answer» C. direct-tcpip
Discussion
71.

A log of all changes to the application data is called as __________

A. Audit trail
B. Audit log
C. Audit lead
D. Data log
Answer» B. Audit log
Discussion
72.

SHA-l has a message digest of

A. 160 bits
B. 512 bits
C. 628 bits
D. 820 bits
Answer» B. 512 bits
Discussion
73.

In which port forwarding technique does the client act on the server’s behalf?

A. Remote Forwarding
B. Local Forwarding
C. Stable Forwarding
D. None of the mentioned
Answer» B. Local Forwarding
Discussion
74.

In Message Confidentiality, the transmitted message must make sense to only intended

A. Receiver
B. Sender
C. Modulor
D. Translator
Answer» B. Sender
Discussion
75.

In the User Authentication Protocol, when the client requests for authentication, then the first byte ( in this format) has decimal value –

A. 80
B. 60
C. 50
D. 61
Answer» D. 61
Discussion
76.

Confidentiality with asymmetric-key cryptosystem has its own

A. Entities
B. Data
C. Problems
D. Translator
Answer» D. Translator
Discussion
77.

What is the recommended MAC algorithm for the SSH Transport Layer?

A. HMAC – MD5
B. HMAC – MD5 – 96
C. HMAC SHA1 – 96
D. HMAC SHA1
Answer» D. HMAC SHA1
Discussion
78.

Which of the following is an example of application layer vulnerability?

A. Cryptographic flaws lead to the privacy issue
B. Very complex application security controls
C. MAC Address Spoofing
D. Weak or non-existent authentication
Answer» C. MAC Address Spoofing
Discussion
79.

Transmission mechanisms can be subject to spoofing & attacks based on skilled modified packets.

A. True
B. False
C. May be True or False
D. Can't say
Answer» B. False
Discussion
80.

Which of the following is an example of Transport layer vulnerability?

A. weak or non-existent mechanisms for authentication
B. overloading of transport-layer mechanisms
C. poor handling of unexpected input
D. highly complex application security controls
Answer» C. poor handling of unexpected input
Discussion
81.

Failed sessions allow brute-force attacks on access credentials. This type of attacks are done in which layer of the OSI model?

A. Physical layer
B. Data-link Layer
C. Session layer
D. Presentation layer
Answer» D. Presentation layer
Discussion
82.

Which of the following is not a vulnerability of the application layer?

A. Application design bugs may bypass security controls
B. Inadequate security controls force “all-or-nothing” approach
C. Logical bugs in programs may be by chance or on purpose be used for crashing programs
D. Overloading of transport-layer mechanisms
Answer» E.
Discussion
83.

TLS vulnerability is also known as Return of Bleichenbacher’s Oracle Threat.

A. True
B. False
C. May be True or False
D. Can't say
Answer» B. False
Discussion
84.

Which of the following is not an example of presentation layer issues?

A. Poor handling of unexpected input can lead to the execution of arbitrary instructions
B. Unintentional or ill-directed use of superficially supplied input
C. Cryptographic flaws in the system may get exploited to evade privacy
D. Weak or non-existent authentication mechanisms
Answer» E.
Discussion
85.

Which of them is not an attack done in the network layer of the TCP/IP model?

A. MITM attack
B. DoS attack
C. Spoofing attack
D. Shoulder surfing
Answer» E.
Discussion
86.

Which of the following is not session layer vulnerability?

A. Mishandling of undefined, poorly defined
B. Spoofing and hijacking of data based on failed authentication attempts
C. Passing of session-credentials allowing intercept and unauthorized use
D. Weak or non-existent authentication mechanisms
Answer» B. Spoofing and hijacking of data based on failed authentication attempts
Discussion
87.

There are __________ different versions of IP popularly used.

A. 2
B. 3
C. 4
D. 5
Answer» B. 3
Discussion
88.

Which of the following is not a transport layer vulnerability?

A. Mishandling of undefined, poorly defined
B. The Vulnerability that allows “fingerprinting” & other enumeration of host information
C. Overloading of transport-layer mechanisms
D. Unauthorized network access
Answer» E.
Discussion
89.

___________ is an attack technique where numerous SYN packets are spoofed with a bogus source address which is then sent to an inundated server.

A. SYN flooding attack
B. ACK flooding attack
C. SYN & ACK flooding attack
D. Packet flooding attack
Answer» B. ACK flooding attack
Discussion
90.

Which of the following is an example of presentation layer vulnerability?

A. weak or non-existent mechanisms for authentication
B. overloading of transport-layer mechanisms
C. highly complex application security controls
D. poor handling of unexpected input
Answer» E.
Discussion
91.

Which of the following is an example of session layer vulnerability?

A. weak or non-existent mechanisms for authentication
B. overloading of transport-layer mechanisms
C. poor handling of unexpected input
D. highly complex application security controls
Answer» B. overloading of transport-layer mechanisms
Discussion
92.

____________ is an attack where the attacker is able to guess together with the sequence number of an in progress communication session & the port number.

A. TCP Spoofing
B. TCP Blind Spoofing
C. IP Spoofing
D. IP Blind Spoofing
Answer» C. IP Spoofing
Discussion
93.

The full form of SSL is

A. Serial Session Layer
B. Secure Socket Layer
C. Session Secure Layer
D. Series Socket Layer
Answer» C. Session Secure Layer
Discussion
94.

The difference between HMAC algorithm and SSLv3 is that pad1 and pad2 are ________ in SSLv3 whereas ________ in HMAC.

A. NANDed, XORed
B. Concatenated, XORed
C. XORed, NANDed
D. XORed, Concatenated
Answer» C. XORed, NANDed
Discussion
95.

In the below figure, which of the above shaded block is transparent to end users and applications?

A. IP/IPSec
B. SSL
C. Kerberos
D. S/MIME
Answer» B. SSL
Discussion
96.

Consider the following example –Size of Plaintext – 48 bytes.Size of MAC – 20 bytes.Block Length – 8 bytes.How many bytes of padding need to be added to the system?

A. 1
B. 2
C. 3
D. 4
Answer» D. 4
Discussion
97.

After the encryption stage in SSL, the maximum length of each fragment is

A. 2^14+1028
B. 2^14+2048
C. 2^16+1028
D. 2^16+2048
Answer» C. 2^16+1028
Discussion
98.

In terms of Web Security Threats, “Impersonation of another user” is a Passive Attack.

A. True
B. False
C. May be
D. Can't say
Answer» C. May be
Discussion
99.

Which one of the following is not a higher –layer SSL protocol?

A. Alert Protocol
B. Handshake Protocol
C. Alarm Protocol
D. Change Cipher Spec Protocol
Answer» D. Change Cipher Spec Protocol
Discussion
100.

In the below figure from left to right, the correct order of the shaded levels are

A. Network level, Application level, Transport level
B. Application level, Network level, Transport level
C. Transport level, Application level, Network level
D. Network level, Transport level, Application level
Answer» E.
Discussion