Security and Future of IoT ecosystem important MCQs in English/Hindi | Nielit Notes | PDF

In this post, we cover all important Questions from the topic "Security and Future of IoT ecosystem".

These MCQs will definitely help to pass IT and Computer students in any exam and interview that have Security and Future of IoT ecosystem topic.

Security and Future of IoT ecosystem chapter covers the following topics:

1. Need of security in IoT - Why Security? Privacy for IoT enabled devices- IoT

   security for consumer devices- Security levels, protecting IoT devices

2. Future IoT eco system - Need of power full core for building secure algorithms,

   Examples for new trends - AI, ML penetration to IoT

After completion of Security and Future of IoT ecosystem unit, Students will be able to understand: 

• Need of security in IoT
• Various basic concept of security
• Security levels
• Need of powerful CPU for Future IoT eco system

Security and Future of IoT ecosystem MCQs

Here are the 30 most important and frequently asked MCQs from the  "Security and Future of IoT ecosystem" topic.

1.Even with two-factor authentication, users may still be vulnerable to_____________attacks.

a. Scripting

b. Cross attack

c. Man-in-the-middle

d. Radiant

Ans.c. Man-in-the-middle

 

2.An encryption scheme is unconditionally secure if the ciphertext generated does not contain enough information to determine uniquely the corresponding plaintext, no matter how much cipher text is available.

a. True

b. False

Ans.a. True

3. Example of a good password is

a. name of a partner or spouse

b. word related to a job or hobby

c. words contains multiple random digits

d. name of a child or pet

Ans.c.

4. The DES algorithm has a key length of

a. 64 Bits

b. 128 Bits

c. 16 Bits

d. 32 Bits

Ans.a. 64 Bits

5. If the sender and receiver use different keys, the system is referred to as conventional cipher system.

a. True

b. False

Ans.b. False

6. In asymmetric key cryptography, the private key is kept by

a. Receiver

b. sender and receiver

c. Sender

d. all the connected devices to the network

Ans.a. Receiver

7. In cryptography, what is cipher?

a. none of the mentioned

b. encrypted message

c. both algorithm for performing encryption and decryption and encrypted message

d. algorithm for performing encryption and decryption

Ans.d.

8. A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

a. Cross-site scripting

b. Cross-site scoring scripting

c. Cross-site request forgery

d. Two-factor authentication

Ans.a.

9. AES uses a 128 bit block size and a key size of __________ bits.

a. 128 or 192

b. 128 or 256

c. 128, 192, or 256

d. 128, 192, or 256

Ans.d. 

10. All of following are biometric techniques except

a. Badge

b. Retina

c. Face

d. Palm print

Ans.d. Palm print

11. In dealing with the risk, which response is done by buying insurance

a. Risk acceptance

b. Risk mitigation

c. Risk transfer

d. Risk avoidance

Ans.c.

12. Most devastating loss to a company is

a. Loss of printouts

b. Loss of data

c. Loss of Hardware

d. Loss of software

Ans.b. Loss of data

13. _________ is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

a. Cross-site scoring scripting

b. Cross-site request forgery

c. Two-factor authentication

d. Cross-site scripting

Ans.b.

14. In DREAD methodology of risk analysis in threat analysis, how is the Risk score for each threat is calculated

a. Risk score = (Reproducibility + Exploitability + Discoverability) * (Damage potential + Affected users)

b. Risk score = (Reproducibility * Exploitability * Discoverability) / (Damage potential * Affected users)

c. Risk score = (Reproducibility + Exploitability + Discoverability) / (Damage potential + Affected users)

d. Risk score = (Reproducibility * Exploitability - Discoverability) ^ (Damage potential + Affected users)

Ans.a.

15. Which of the following is the future application of IoT?

A. role of green iot system

B. qos in communication

C. secure communication

D. multimedia communication

Ans. a

16. In threat modeling, what methodology used to perform risk analysis

a. DREAD

b. OWASP

c. STRIDE

d. DAR

Ans.a. DREAD

17. Many applications use _________________, where two independent factors are used to identify a user.

a. Cross-site request forgery

b. Cross-site scoring scripting

c. Two-factor authentication

d. Cross-site scripting

Ans.c. 

18. Which of the following is not a response when dealing with a risk?

a. Mitigation

b. Avoidance

c. Transfer

d. Patching

Ans.d

19. Why threat modelling is not performed

a. Secure Application building

b. Performing data analytics

c. Achieving Defense in Depth

d. To save time, revenue and reputation of a company

Ans.b.

20. You are asked to develop application from scratch, when will you start performing threat modeling of the application

a. During requirements collection phase

b. At the design stage

c. At the beginning of the testing phase

Ans.a.

21. Which of the following is not a type of cloud deployment

a. Private

b. Public

c. Hybrid

d. Social

Ans.d

22. Which of the following is not the part of basic services offered by cloud

a. PaaS

b. SaaS

c. IaaS

d. LaaS

Ans.d

23. Which of the following is not the part of IoT Ecosystem

a. Edge Device

b. Public cloud

c. None of them

d. Mobile App

e. Router

Ans.c

24. Which of the following is threat to IoT Device

a. Virus

b. All of the above

c. People

d. Natural Disaster

e. Spoofing

Ans.b

25. Which of the following makes sure that data is not changed when it not supposed to be?

a. Integrity

b. Availability

c. Confidentiality

d. Accounting

Ans.a

26. Which of the following is not a type or source of threat

a. Operational threat

b. Cultural threat

c. Technical threat

d. Social threat

Ans.b

27. Which of the following is not the component of IoT Endpoint

a. Sensor

b. Gateway

c. Communication Module

d. MCU

Ans.b

28. Which of the following terms indicates that information is to be read only by those people for whom it is intended?

a. Availability

b. Accounting

c. Integrity

d. Confidentiality

Ans.d

29. Which one is not part of CIA Triad

a. Authorisation

b. Authenticity

c. Integrity

d. Confidentiality

Ans.b

30. Which one is not the component of IoT Security Architecture

a. None of them

b. Secure Device

c. Secure Lifecycle Management

d. Secure Communication

e. Secure Cloud

Ans.a