Friday, 15 January 2016

Network Security - Computer Awareness Quiz and Study Notes

Network security in an important chapter from latest bank exam jobs point of view. Today we are sharing quiz and study notes related to this chapter. These study notes is useful for IBPS SO Exam computer notes for specialist officer exam.

Network Security - Computer Awareness Quiz and Study Notes

 Q1. An error in computer program is called:
a) Hacking
b) Virus
c) Bug
d) None of These

Q2. ______was the first technique that posed a serious threat to virus scanners:
a) Vulnerability Code
b) Polymorphic Code
c) Antimorphic Code
d) None of These

Q3. A/an ______ is a system susceptibility or flaw:
a) Error
b) Vulnerability
c) Virus
d) None of These

Q4. _______vulnerability is one for which at least one working attack exists:
a) Democratic
b) Exploitable
c) Dominative 
d) None of These
Q5. CVE stands for:
a) Common Vulnerabilities Exposures
b) Cyber Vulnerabilities Exposures
c) Cycolic Vulnerabilities Exposures
d) None of These

Q6. _____ is unauthorized access to or use of data, systems, server or networks including any attempt to probe scan or test the vulnerability of a system, server or network or to breach security or authentication measures without express authorization of the owner of the system, server or network:
a) Hacking
b) Cracking
c) Viruses 
d) None of These

Q7. ISP refers to:
a) Information Security Policy
b) Internet Security Policy
c) Internal Security Policy
d) None of These

Q8. _____is a computer program that is loaded into a computer without the owner's knowledge:
a) Hack Material
b) Viruses
c) Both of Above
d) None of These

Q9. Which among the following is correct regarding the Boot Sector Viruses:
a) These viruses are resides in the boot sector of a floppy or hard disk.
b) Such viruses are activated every time a computer boots from an infected disk
c) Virus remains in memory until an uninfected floppy disk is inserted into the floppy drive
d) All of the Above
e) None of These

Q10. _______viruses infect executable program files:
a) File Infector Viruses
b) Macro Viruses
c) Multi Partite Viruses
d) None of These

Q11. _____ infections have cost more money and taken more time to repair than any other virus type:
a) File Infector Viruses
b) Multi Partite Viruses
c) Macro Viruses
d) None of These

Q12. _____was virus first appeared on Friday, March 26, 1999 and spread all over the world faster than any virus seen before:
a) 9 Melissa
b) 10 Melissa
c) 99 Melissa
d) None of These

Q13. 9 Melissa was a _____macro virus:
a) Microsoft Word
b) Microsoft Excel
c) Internet
d) Microsoft Power Point
e) None of These

Q14. A ______is a harmful computer program that has been hidden inside of something benign, such as an email attachment or even an innocent looking program:
a) Trojan Horses
b) Worms
c) Macro Viruses
d) None of These

Q15. Which among the following is correct about the Antivirus Programs:
a) They contain a database of signatures for all known viruses and worms
b) The software searches a  computer for the presence of these signatures
c) Both of Above
d) None of These


  2. SQL Queries Study Material for IBPS IT Officer


  4. IBPS PO/SO/Clerk Computer Notes : NETWORK TOPOLOGIES

  5. Computer Glossary : IBPS PO/SO Exam Special Computer Notes

  6. IBPS SO (Specialist Officer) IT-Notes Study Capsule 2

  7. IBPS SO (Specialist Officer) IT-Notes Study Capsule 1

  8. Computer Knowledge Questions Answers - Download PDF


  10. Computer for IBPS IT officer exams pdf

  11. Computer - Some Important Abbreviations

  12. Computer Knowledge Full Forms for Bank exams and clerical and other exams SSC

  13. IBPS IT Officer Exam Study Material: OSI Layer

  14. IBPS IT Officer- Computer Study Notes Network TCP IT Protocol

  15. IBPS IT Officer Study Material: Relational Data Models

  16. IBPS IT Officer Study Material: DBMS Study Notes Part - I

  17. Computer Notes- Networking and Internet for IBPS Bank Exam

  18. IBPS PO COMPUTER AWARENESS CAPSULE - Computer Knowledge Section Study Material for IBPS Exams

  19. Codd Rules:IBPS IT Officer Exam Notes

  20. Computer Knowledge MCQs pdf for IBPS Bank Exam

Computer Network Security Notes for Bank Exam

Computer Network security is a specialized field in computer networking that involves securing a computer network infrastructure. Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network and the resources accessed through the network from unauthorized access and also ensure that employees have adequate access to the network and resources to work.

A network security system typically relies on layers of protection and consists of multiple components including networking monitoring and security software in addition to hardware and appliances. All components work together to increase the overall security of the computer network.
Many network security threats today are spread over the Internet. The most common include:
  • Viruses, worms, and Trojan horses
  • Spyware and adware
  • Zero-day attacks, also called zero-hour attacks
  • Hacker attacks
  • Denial of service attacks
  • Data interception and theft
  • Identity theft
Issues in Network Security:
  • Authentication: Process of verifying identity of a user
  • Integrity: Data that arrives is the same as that is sent
  • Confidentiality: Sensitive information should not be visible to eavesdropper – use encryption
  • Non – Repudiation: Assurance that any transaction that takes place can subsequently be proved to have taken place
  • Authorization: Assigning access rights to users
How Does Network Security Work?
Network security is accomplished through hardware and software. The software must be constantly updated and managed to protect you from emerging threats.
A network security system usually consists of many components. Ideally, all components work together, which minimizes maintenance and improves security.
Network security components often include:
  • Anti-virus and anti-spyware
  • Firewall, to block unauthorized access to your network
  • Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day or zero-hour attacks
  • Virtual Private Networks (VPNs), to provide secure remote access

Computer Networking for banking exams- ibps exams-sbi po

Computer networking is an important section in many govt. exams like IBPS PO, IBPS SO, IBPS Clerical Exam, SBI PO, SBI clerical and others. It becomes very significant to have knowledge of computer networking for Bank Exams.
  1. What is a Computer Network?
Network Topologies Study Notes for bank Exam Simple, simple , a NETWORK by connecting two or more computers. These connections or arrangements are called Computer Networks.  These computers in the Computer Network may attached with cables, telephone lines, radio waves, satellites or infrared light,beams, wireless etc.
A Computer Network is a collection of Computers and Devices which are connected via communicating devices and transmission media to enable transmission of meaningful data and information between them.

. What Are Networks Used For?
A simplified but worthwhile description of the uses of computer networks might be as follows:
 Sharing of hardware: For example, several PCs might be networked together in a wired or wireless local area network (LAN) to share a printer.·
 Sharing of information: Distributed databases, e-mail, the World Wide Web and so on are examples of this. Here the sharing involves both LANs and wide area networks (WANs), especially the latter.·

OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. A reference model is a conceptual framework for understanding relationships. The purpose of the OSI reference model is to guide vendors and developers so the digital communication products and software programs they create willinteroperate, and to facilitate clear comparisons among communications tools. Most vendors involved in telecommunications make an attempt to describe their products and services in relation to the OSI model. And although useful for guiding discussion and evaluation, OSI is rarely actually implemented, as few network products or standard tools keep all related functions together in well-defined layers as related to the model. The TCP/IP protocols, which define the Internet, do not map cleanly to the OSI model.

2. Overview of the Layers
The layers collectively are often referred to as the protocol stack.
The Open Systems Interconnect (OSI) model has seven layers. This article describes and explains them, beginning with the 'lowest' in the hierarchy (the physical) and proceeding to the 'highest' (the application). The layers are stacked this way:
  • Application
  • Presentation
  • Session
  • Transport
  • Network
  • Data Link
  • Physical
a. Physical Layer
 This is concerned with the nature of the physical media (metal or optical cable, free-space microwave, etc.) used to send signals, the nature of the signals themselves, and so on.·

 There is also the question of signal form; the signals themselves may be in the form of pure 0-1 bits, or may be in the form of certain frequencies. In· addition there are questions concerning how a receiver distinguishes two bits which are adjacent in time.

 A major issue is the form of the medium, both in terms of the materials it uses and its topology. A basic wired Ethernet, for example, consists of cable conducting electrical signals; the connections could also be wireless. More complicated networks, including Ethernets, may consist of more than one cable, with all of them connected via a hub. The latter has become common even at the household level.·

b. Data Link Layer

 For example, in an Ethernet, this layer is concerned with ensuring that two network stations connected to the same cable do not try to access the line at the same time. For this· reason the Ethernet operation is an example of what is called a Medium Access Control (MAC) Protocol.

 Here is an overview of how the Ethernet MAC protocol works, using a “listen before talk” approach. When a network node has a message ready to send, it fir·st senses the cable to see if any node is currently sending. If so, it generates a random backoff time, waiting this amount of time before trying again. If the node does not “hear” any other node sending, it will go ahead and send.

 There is a small chance that another node actually had been sending but due to signal propagation delay the transmission had not yet reached the first node. In that case a collision will occur, destroying both messages. Both nodes will sense the collision, and again wait random amounts of time before trying again.·

 This layer also does the setting up of frames of bits (i.e. sets of consecutive bits sent along the wire), which not only include the message itself but also information such as (say, in the Ethernet case) the Ethernet ID number of the destination machine.·

 Messages may be broken up into pieces before being sent. This may be handled at the transport level (see below), but may also be done at the data link level·

c. Network Layer

 This is the routing layer. Questions addressed in this layer include: If in our example above· saturn wants to send a message to holstein, how is that accomplished? Obviously its first step is to send the message to mars; how does saturn know this? How can alternate routes be found if traffic congestion occurs?
  • Routing: routes frames among networks.
  • Subnet traffic control: routers (network layer intermediate systems) can instruct a sending station to "throttle back" its frame transmission when the router's buffer fills up.
  • Frame fragmentation: if it determines that a downstream router's maximum transmission unit (MTU) size is less than the frame size, a router can fragment a frame for transmission and re-assembly at the destination station.
  • Logical-physical address mapping: translates logical addresses, or names, into physical addresses.
  • Subnet usage accounting: has accounting functions to keep track of frames forwarded by subnet intermediate systems, to produce billing information.

d. Transport Layer

 Suppose· saturn’s message to holstein consists of a large file transfer, say 100 megabytes. This transfer will take a long time (by network standards), and we certainly don’t want it to monopolize the network during that time. We also must deal with the fact that the buffer space at holstein won’t be large enough to deal with a 100-megabyte message. Also, one 100-megabyte message would have a sizable probability of having at least one bit in error, and if so, we would have to retransmit the entire message!

 So, the file transfer must be done in pieces. But we don’t want to burden the user at· saturn with the task of breaking up the 100 megabytes into pieces, nor do we want to burden the user at holstein with the reassembly of the messages. Instead, the network software (again, typically in the OS) should provide these services, which it does at the transport layer, as for example is the case with TCP.
The transport layer provides:
  • Message segmentation: accepts a message from the (session) layer above it, splits the message into smaller units (if not already small enough), and passes the smaller units down to the network layer. The transport layer at the destination station reassembles the message.
  • Message acknowledgment: provides reliable end-to-end message delivery with acknowledgments.
  • Message traffic control: tells the transmitting station to "back-off" when no message buffers are available.
  • Session multiplexing: multiplexes several message streams, or sessions onto one logical link and keeps track of which messages belong to which sessions (see session layer).

e. Session Layer

 This layer is concerned with· management of a session, i.e. the duration of a connection between two network nodes. The word connection here does not mean something physical, but rather refers to an agreement between two nodes that some chunks of data with some relation to each other will be exchanged for some time. Actually, TCP does this in some senses, as does the socket interface to TCP, which is very much like the interfaces for reading or writing a file (described in more detail later).

f. Presentation Layer

 This layer deals with such matters as translating between character· codes, if the source uses one and the destination the other. In the old days, this could mean ASCII at one end and EBCDIC on the other end. Today, though, it could mean for example two different coding systems for Chinese characters, Big 5 and GB.

g. Application Layer

 You can write programs at the application layer yourself, and of course you use many programs written by others, such as· ftp, Web browsers, e-mail utilities, and so on.
  • Resource sharing and device redirection
  • Remote file access
  • Remote printer access
  • Inter-process communication
  • Network management
  • Directory services
  • Electronic messaging (such as mail)
  • Network virtual terminals

3. Network Security

 System and network technology· is a key technology for a wide variety of applications. Security is crucial to networks and applications. Although, network security is a critical requirement in emerging networks, there is a significant lack of security methods that can be easily implemented.

There exists a “communication gap” between the developers of security technology and developers of networks. Network design is a well-developed process that is based on the Op·en Systems Interface (OSI) model. The OSI model has several advantages when designing networks.

It offers modularity, flexibility, ease-of-use, and standardization of protocols. The protocols of different layers can be easily combined to create stacks which allow modular development. The implementation of individual layers can be changed later without making other adjustments, allowing flexibility in development. In contrast to network design, secure network design is not a well-developed process.·

When considering network security, it must be emphasized that the whole network is secure. Network security does not only concern the security in the computers at each end of the communication chain. When transmitting data the communication channel should not be vulnerable to attack.·

A possible hacker could target the communication channel, obtain the data, decrypt it and re-insert a false message. Securing the network is just as important as securing the computers and encrypting the message.·

4. Internet Attack Methods

 Internet attacks methods are broken down into categories. Some attacks gain system knowledge or personal information, such as eavesdropping and phishing. Attacks can also interfere with the system’s intended function, such as viruses, worms and trojans. The other form of attack is when the system’s resources are consumes uselessly, these can be caused by denial of service (DoS) attack. Other forms of network intrusions also exist, such as land attacks, smurf attacks, and teardrop attacks. These attacks are not as well known as DoS attacks, but they are used in some form or another even if they aren’t mentioned by name.·

a. Eavesdropping
 Interception of communications by an unauthorized party is called eavesdropping.·
Passive eavesdropping is when the person only secretly listens to the networked messages. On the other hand, active eavesdropping is when the intruder listens and inserts something into the communication stream. This can lead to the messages being distorted. Sensitive information can be stolen this way.

b. Viruses
 Viruses are self-replication programs that use files to infect and propagate [8]. Once a file is opened, the virus will activate within the system.·

c. Worms
A worm is similar to a virus because they both are self-replicating, but the worm does not require a file to allow it to propagate . There are two main types of worms, mass-mailing worms and network-aware worms. Mass mailing worms use email as a means to infect other computers. Network-aware worms are a major problem for the Internet
A network-aware worm selects a target and once the worm accesses the target host, it can infect it by means of a Trojan or otherwise.

d. Worms
A worm is similar to a virus because they both are self-replicating, but the worm does not require a file to allow it to propagate [8]. There are two main types of worms, mass-mailing worms and network-aware worms. Mass mailing worms use email as a
means to infect other computers. Network-aware worms are a major problem for the Internet. A network-aware worm selects a target and once the worm accesses the target host, it can infect it by means of a Trojan or otherwise.

e. Trojans
 Trojans appear to be benign programs to the user, but will actually have some malicious purpose. Trojans usually carry some payload such as a virus.·

f. Phishing

 Phishing is an attempt to obtain confidential information from an individual, group, or organization. Phishers trick users into disclosing personal data, such as credit card numbers, online banking credentials, and other sensitive information.·

g. IP Spoofing Attacks

 Spoofing means to have the address of the computer mirror the address of a trusted computer in order to gain access to other computers. The identity of the intruder is hidden by different means making detection and prevention difficult. With the current IP protocol technology, IP-spoofed packets cannot be eliminated.·

h. Denial of Service
 Denial of Service is an attack when the system receiving too many requests cannot return communication with the requestors. The system then consumes resources waiting for the handshake to complete. Eventually, the system cannot respond to any more requests rendering it without service·

Some important Quick Notes on Computer Network for Bank Exam 


No comments:

Post a Comment