Question
Which of these is not a major type of cloud computing usage?

Select one:
a. Hardware as a Service
b. Platform as a Service
c. Software as a Service
d. Software as a Service

The correct answer is: Hardware as a Service

Question
Virtualization facilitates multiple machines on the same physical machine with

Select one:
a. Same OS & different versions
b. All of the above
c. Same OS & same versions
d. Different OS & different versions

The correct answer is: All of the above

Question
Which is not an approach to virtualization

Select one:
a. Partial virtualization
b. Lightweight virtualization
c. Full virtualization
d. Para virtualization

The correct answer is: Partial virtualization

Question
Live migration of VMs helps in

Select one:
a. Maintenance
b. Load balancing
c. All of the above
d. Availability

The correct answer is: All of the above

Question
Live migration involves

Select one:
a. Downtime of a few minutes
b. Loss of service
c. Downtime of a few milliseconds
d. No downtime

The correct answer is: Downtime of a few milliseconds

Question
Full virtualization

Select one:
a. Simulates hardware within software
b. Has VMs with the same OS
c. Clones images
d. Alters the guest OS

The correct answer is: Simulates hardware within software

Question
VMM is

Select one:
a. A virtual machine
b. Hardware
c. Host OS
d. A layer of software

The correct answer is: A layer of software

Question
VMM facilitates sharing of

Select one:
a. Memory & I/O
b. CPU, memory & I/O
c. CPU & memory
d. I/O & CPU

The correct answer is: CPU, memory & I/O

Question
The BEST way to define Virtualization in cloud computing is

Select one:
a. Virtualization enables simulating compute, network, and storage service platforms from the underlying virtual hardware
b. Virtualization enables abstracting compute, network, and storage service platforms from the underlying physical hardware
c. Virtualization enables realization of compute, network, and storage service platforms from the underlying virtual hardware
d. Virtualization enables emulating compute, network, and storage service platforms from the underlying virtual hardware
The correct answer is: Virtualization enables abstracting compute, network, and storage service platforms from the underlying physical hardware

Question
Which one of these statement is NOT fully correct

Select one:
a. Cloud is an exact equivalent of grid computing
b. Cloud makes notion of “Pay for what you use”, “infinite availability- use as much you want”.
c. Cloud can exist without Virtualization, although it will be difficult and inefficient.
d. As per NIST, one of the essential charecteristics of a cloud computing infrastructure is "Measured Service".

The correct answer is: Cloud is an exact equivalent of grid computing

Question
Which one of the followings is NOT an essential charecteristics of cloud infrastructure as per NIST?

Select one:
a. Broad Network Access
b. Resources Pooling
c. Rapid Elasticity
d. Independent of devices'form factor

The correct answer is: Independent of devices'form factor

Question
Cloud service consist of

Select one:
a. Software, Hardware, Infrastructure
b. Platform, Software, Infrastructure
c. Platform, Hardware, Infrastructure

The correct answer is: Platform, Software, Infrastructure

Question
What does Virtualization do? Select the BEST answer.

Select one:
a. Each “guest” OS is managed by a Virtual Machine Monitor (VMM), also known as a hypervisor.
b. It is a means of separating hardware from a single operating system.
c. All of the above
d. Virtualization allows multiple operating system instances to run concurrently on a single computer

The correct answer is: All of the above

Question
Which one is NOT generally a change after Virtualization?

Select one:
a. Virtual machines can be provisioned to any system
b. Hardware-independence of operating system and applications
c. Can manage OS and application as a single unit by encapsulating them into virtual machines.
d. Software and hardware tightly coupled

The correct answer is: Software and hardware tightly coupled

Question
A configured client server network is required to be provisioned. You would go for

Select one:
a. SaaS
b. IaaS
c. NaaS
d. PaaS

The correct answer is: IaaS

Question
What are the goals of Hypervisor design?

Select one:
a. Scalability
b. All of the above
c. Reliability
d. Isolation

The correct answer is: All of the above

Question
Which one of the statement is generally NOT correct for Microkernelized Hypervisor?

Select one:
a. Drivers run within guests
b. Simple partitioning functionality
c. Increase reliability and minimize lowest level of the TCB
d. Contains its own drivers model

The correct answer is: Contains its own drivers model

Question
In multiple VM processing, CPU is alloted to the different processes in form of:

Select one:
a. Space slices by the OS
b. Different CPUs are allocated to different processes
c. Time slices by the OS
d. Frequecy slices by the OS

The correct answer is: Time slices by the OS

Question
Which of the statement is generally NOT correct for Full Virtualization?

Select one:
a. This is known as hardware-assisted virtualization, and improves performance significantly
b. The biggest advantage to this approach is its flexibility.
c. There are significant performance problems in trying to emulate a complete set of hardware in software
d. Hypervisor provides a fully emulated machine in which an operating system can run

The correct answer is: This is known as hardware-assisted virtualization, and improves performance significantly

Question
Which of the following is true of cloud computing?

Select one:
a. It's always going to be less expensive and more secure than local computing.
b. Only a few small companies are investing in the technology, making it a risky venture.
c. You can access your data from any computer in the world, as long as you have an Internet connection.

The correct answer is: You can access your data from any computer in the world, as long as you have an Internet connection.

Question
Which of the following is deployment model?

Select one:
a. Public
b. Private
c. All of the above
d. Hybrid

The correct answer is: All of the above

Question
The ________ cloud infrastructure is operated for the exclusive use of an organization.

Select one:
a. All of the mentioned
b. Public
c. Community
d. Private

The correct answer is: Private

Question
Following is not a feature of Cloud Computing:

Select one:
a. Rapid Provisioning
b. On Demand
c. None of the above
d. Unambiguous
e. Shared Pool

The correct answer is: Unambiguous

Question
Cloud computing is

Select one:
a. Utility computing
b. Peer to peer computing
c. Mobile computing
d. All of these

The correct answer is: Utility computing

Question
Bare metal hypervisor sits on top of

Select one:
a. None of the above
b. Physical Hardware
c. Virtualized hardware
d. Operating System

The correct answer is: Physical Hardware

Question
In Amdahl'S law, maximum speedup of a system can be achieved using the following parameters:

Select one:
a. Number of Processors and the number of nodes in a cluster
b. Number of Processors and the amount of Memory System added
c. Number of Processors and fraction of application that needs sequential calculation
d. Number of Processors and the number of servers

The correct answer is: Number of Processors and fraction of application that needs sequential calculation

Question
Which is generally NOT a Multi-tenants Deployment Modes for Application Server

Select one:
a. Fully isolated Application server
b. Optimized Application Server
c. Virtualized Application Server
d. Shared Application Server

The correct answer is:Optimized Application Server

Question
Best-effort preemptable leases are generally defined as:

Select one:
a. A preemptable lease can be safely paused without disrupting the computation that takes place inside the lease
b. Best effort lease cannot preempted
c. A preemptable lease cannot be safely paused without disrupting the computation that takes place inside the lease
d. A preemptable lease can be paused while disrupting the computation that takes place inside the lease

The correct answer is: A preemptable lease can be safely paused without disrupting the computation that takes place inside the lease

Question
Which of the following is most refined and restrictive service model?

Select one:
a. PaaS
b. All of the mentioned
c. CaaS
d. IaaS

The correct answer is: PaaS

Question
All cloud computing applications suffer from the inherent _______ that is intrinsic in their WAN connectivity.

Select one:
a. All of the mentioned
b. Propagation
c. noise
d. latency

The correct answer is: latency

Question
Most security problems in cloud stem from
i) Loss of Control   ii) Lack of trust    iii) Multi-tenancy   iv) Private cloud

Select one:
a. ii, iii & iv
b. i, iii & iv
c. i, ii & iii
d. i, iii & iv

The correct answer is:i, ii & iii

Question
Appear IQ, Mendix, Amazon Web Services (AWS) Elastic Beanstalk, Google App Engine and Heroku, are some of the example of providing services for:

Select one:
a. IaaS
b. None
c. SaaS
d. PaaS

The correct answer is:PaaS

Question
Multi-tenancy deployment mode is

Select one:
a. Shared Application Server
b. All of the above
c. Shared  Virtual Server
d. Virtualized Application Server

The correct answer is:All of the above

Question
A threat model helps in

Select one:
a. Evaluate Solutions
b. Analysing security problems
c. Design Mitigation strategies
d. All of the above

The correct answer is:All of the above

Question
Which one is NOT a purchase model of SaaS?
Select one:
a. Subscription
b. Purchase of licenses
c. Rent
d. Lease

The correct answer is:Purchase of licenses

Question
Best-effort preemptable leases are generally defined as:

Select one:
a. A preemptable lease can be paused while disrupting the computation that takes place inside the lease
b. A preemptable lease cannot be safely paused without disrupting the computation that takes place inside the lease
c. A preemptable lease can be safely paused without disrupting the computation that takes place inside the lease
d. Best effort lease cannot be preempted

The correct answer is:A preemptable lease can be safely paused without disrupting the computation that takes place inside the lease
Question
How 'Best-Effort Lease' can be scheduled even if there are not enough resources?

Select one:
a. The use of Server suspension/resumption allows this to happen
b. The use of API allows this to happen
c. The use of VM suspension/resumption allows this to happen.
d. The use of Hypervisor suspension allows this to happen

The correct answer is:The use of VM suspension/resumption allows this to happen.

Question
Consider these statements and state which are true.
i)   Encoding and encryption change the data format.
ii)  Encoding is a reversible process, while encryption is not.
iii) Both Encoding and Encryption are reversible processes.
iv)  Any third party will be able to reverse an encoded data,but not an encrypted data.

Select one:
i), iii) and iv)
ii) and iv)
i) and iv)
i), ii) and iv)

The correct answer is: i), iii) and iv)

Question
Which of the following attacks is not an attack on Integrity?

Select one:
Modification
Replay
Denial Of Service
Masquerading

The correct answer is:: Denial Of Service

Question
I sent a data set {A,B,C,D} to a recipient which got received as {B,A,D,C}.

Select one:
Data security is compromised
Data integrity is lost
Confidentiality is lost
Data availability is compromised

The correct answer is:: Data integrity is lost

Question
A website login mechanim employs both password and verifying a PIN number sent via SMS to registered mobile.

This scenario provides ______
Select one:
High convenience but low security
High convenience and good security
Low convenience and low security
Low convenience but good security

The correct answer is:: Low convenience but good security

Question
A fake email posing as a legitimate email from bank is 

Select one:
Attack on Availability
Masquerading attack
Denial of Service (DOS) attack
Attack on Confidentiality

The correct answer is:: Masquerading attack

Question
Which of these mechanims provide data integrity ?
i) DES Encryption
ii) Asymmetric encryption
iii) SHA Hashing
iv) Hashed-MAC

Select one:
i and iv
i and iii
ii and iii
iii and iv

The correct answer is:: iii and iv

Question
Email attachments typically employ
Select one:
Base64 encoding
Base16 encoding
UTF-8 encoding
URL encoding

The correct answer is:: Base64 encoding

Question
The combination of key exchange, hash and encryption algorithms is termed as _______ in SSL/TLS.     

Select one:
TLS Handshake
Protocol suite
Cipher suite
TLS Records

The correct answer is:: Cipher suite

Question
The protocol ‘POP’ stands for-

Select one:
Personal Office Protocol
Post Office Protocol
Privacy Overall Protocol
Privacy Over Protocol

The correct answer is:: Post Office Protocol

Question
Which is the most secure way to remote login?

Select one:
SSH with public keys
Telnet with password
SSH with password
Telnet with public keys

The correct answer is:: SSH with public keys


Question
The Application layer protocol required for Electronic Mail is:

Select one:
SMTP
HTTP
FTP
SIP

The correct answer is: SMTP

Question
Which of these statements regarding HTTP is true.

Select one:
HTTPS adds security to HTTP POST and PUT messages as this is where password exchange is done.
HTTPS uses the same HTTP message format but  adds a handshake+encryption mechanism.
HTTPS introduces new messages HANDSHAKE and ALERT for bringing in security in HTTP.
HTTPS does not add security to HTTP GET and HEAD messages

The correct answer is: HTTPS uses the same HTTP message format but  adds a handshake + encryption mechanism.

Question
Which of these statements is true?

Select one:
a. IMAP provides security, but is optional in email
b. SMTP has a mechanism to enable TLS mode to enforce security.
c. Email mandates use of IMAP so that security is enforced
d. If TLS mode in SMTP is set forwarding will fail

The correct answer is:  SMTP has a mechanism to enable TLS mode to enforce security.
Question
For SSL which is the advised cryptographic algorithm?

Select one:
twofish 128
aes 192
aes 128
blowfish

The correct answer is:: aes 128

Question
In SSL handshake, Server Hello message typically contains

Select one:
List of ciphers for the session and extensions list
Selected cipher for the session and random bytes
Selected cipher for the session and public key of server
Random bytes and public key of server

The correct answer is: Selected cipher for the session and random bytes

Question
Pretty Good Privacy (PGP) is employed in

Select one:
FTP and WWW Security
Email and FTP Security
Email security
Email and WWW Security

The correct answer is:: Email security

Question
What is the common term present in HTTP request and status line?

Select one:
HTTP version number
URL
Method
None of the mentioned

The correct answer is:: HTTP version number

Question
A session symmetric key between two keys is used:

Select one:
Only once
Two times
Multiple times
Dependent on other conditions

The correct answer is:: Only once

Question
Which one of the following is a cryptographic protocol used to secure HTTP connection?

Select one:
Stream Control Transmission Protocol (SCTP)
Pretty Good Privacy (PGP)
Secure Mime(SMIME)
Transport Layer Security (TLS)

The correct answer is:: Transport Layer Security (TLS)

Question
The services provided by application layer are:

Select one:
Network virtual terminal
File transfer, access, and management
Mail service
All of the mentioned

The correct answer is:: All of the mentioned

Question
A group having 30 members uses Symmetric Key Encryption for message transmission.   How many secret keys are needed if all the members need to send secret messages to each other?

Select one:
30
60
435
900

The correct answer is: 435

Question
DES is no longer a recommended cipher because...

Select one:
A. it produces reflexive keys in pairs which are weak
B. it requires more computing power
C. it can be brute forced as it is 56-bit
D. major flaws were found in the rounds of DES

The correct answer is: it can be brute forced as it is 56-bit

Question
I - me@gmail.com - tried to email a .jar file to Dinesh. dinesh@company.com . But it got blocked by gmail while attaching.Then I tried sending a .txt file to Dinesh which went through fine. What do you infer? .jar files cannot be sent as

Select one:
A. it is blocked by gmail as .jar files are bigger in size
B. Email uses SMTP which is a Text protocol
C. it is blocked by company.com
D. it is blocked by gmail as it could contain viruses.

The correct answer is: it is blocked by gmail as it could contain viruses.

Question
What is the protocol used between Message User Agent (MUA) and Message Transfer Agent (MTA) in email system.

Select one:
A. HTTP
B. SMTP
C. IMAP
D. POP3

The correct answer is: SMTP


Question
IPSec defines these two protocols:

Select one:
A. PGP; ESP
B. AH; ESP
C. AH; SSL
D. PGP: SSL

The correct answer is: AH; ESP

Question
HTTPS implicitly uses Server certificates. These Server certificates contain ______

Select one:
A. Server's public key, algorithm used and digital signature
B. Server's public key and private key
C. Server's private key, algorithm used and digital signature
D. Server's public key and digital signature

The correct answer is: Server's public key, algorithm used and digital signature

Question
Asymmetric encryption has

Select one:
A. one key for encryption and another key for decryption
B. two keys - one key for public encryption and another for private encryption
C. one public key for doing encryption and decryption and another private key only for decryption
D. only one public key which is shared

The correct answer is: one key for encryption and another key for decryption

Question
Instead of storing plaintext passwords, AES encrypted passwords are stored in database.

In such a system, Which of these statements is true ?

Select one:
a. if database admin knows the key, there is no security
b. Password Authentication becomes slow
c. Changing passwords will not be possible
d. even if database admin knows the key, original passwords cannot get revealed.


The correct answer is: if database admin knows the key, there is no security

Question
IP Header contains

Select one:
A. Source and destination IP addresses and priority numbers
B. Source and destination IP addresses and IP version number
C. Source and destination IP addresses and Port numbers
D. Source and destination IP addresses and sequence numbers

The correct answer is: Source and destination IP addresses and IP version number



Question
Pick the most relevant option. I sent a data set {J,K,L,M,N} to a recipient which got received as {J,K,N}.

Select one:
A. Data integrity is lost
B. Data availability is compromised
C. Both Confidentiality and integrity are compromised
D. Data Confidentiality is compromised

The correct answer is: Data integrity is lost

Question
A data center is secured with 3 outer gates - Og1, Og2, Og3    locked by separate keys - Kog1, Kog2, Kog3 - given to    three personnel - P1, P2, P3.
These 3 outer gates lead to 2 inner gates - Ig1, Ig2 - which provide main corridor access. The matching keys - Kig1, Kig2 are given to P2 and P4. The order of acessibility from most access to least access for the personnel is ____________

Select one:
A. P2, P1, P3, P4
B. P1, P2, P3, P4
C. P4, P3, P2, P1
D. P2, P4, P1, P3

The correct answer is: P2, P1, P3, P4

Question
Pick the closest in meaning to non-repudiation. Manu sends data to Naren. Paari is sniffing the data transfer.

Select one:
A. Naren can verify that data was indeed sent by Manu.
B. Paari is unable to get the original data.
C. Manu can verify if data reached Naren without any change.
D. Naren can verify if the data got changed by Paari

The correct answer is: Naren can verify that data was indeed sent by Manu.

Question
The modes  of IP-Sec are

Select one:
A. Padding mode and Non-padding mode.
B. Secure and Unsecure Mode
C. Tunnel Mode and Transport Mode
D. SPD and SAD mode

The correct answer is: Tunnel Mode and Transport Mode

Question
Of these, Which is the most secure way to remote login?

Select one:
A. SSH with public keys
B. Telnet with password
C. Telnet with public keys
D. SSH with password

The correct answer is: SSH with public keys

Question
Megha's uses a 4-digit bank ATM PIN. Guna peeped in,as Megha keyed-in and found the last two digits of her PIN. Knowing that Megha does not use 0 in her PIN, what is the maximum attempts for Guna to get her PIN correct ?

Select one:
A. 18
B. 81
C. 19
D. 90

The correct answer is: 81

Question
When using HTTPS, a sniffer in a local LAN will be able to

Select one:
A. sniff only the websites/domain but not the URLs
B. sniff only the websties/domain but not the IP addresses
C. sniff only the URLs in the data exchange but not the posted/downloaded data contents.
D. sniff only the HTTP headers in the requests and response

The correct answer is: sniff only the websites/domain but not the URLs

Mid-Sem Paper Solutions:

Marks: 10

Mid-Sem Paper Solutions:



Question:
Q.1 Choose the most appropriate architectural pattern (one) for the 5 descriptions below. Give reasons for choosing the pattern (in 1-2 line maximum)

• Wants a system that quickly can analyze enormous volumes of data by sorting the data and then analyzing the grouped data. -> Map-Reduce
• Wants to set up a set of equal distributed computational entities that are connected via a common protocol to share their services and provide high availability and scalability. -> Peer-to-peer

Answer: