Master of Science in Cyber Security Exam

3rd Semester
Sri Lanka Institute of Information Technology
Name:-……………………………………………………………….. No:-
…………………………………..
PART ONE (30 Minutes)

⚫Multiple Choice Questions (MCQs) - 100 Marks

(25 Questions, 4 marks each)

1. What is the primary purpose of a firewall in network security?

a) To encrypt data c) To scan for viruses
b) To block unauthorized access d) To monitor network traffic
2. Which of the following is a symmetric encryption algorithm?
a) RSA b) DSA c) AES d) ECC

3. The concept of defense in depth can be best described as:

a) Using multiple antivirus programs c) A single strong firewall
b) Layered security measures d) Outsourcing security
management

4. Which of the following is an example of a zero-day vulnerability?

a) A known exploit with a patch available
b) An exploit discovered and used by attackers before a patch is available
c) A publicly disclosed vulnerability
d) A theoretical vulnerability

5. In Public Key Infrastructure (PKI), what is the role of a Certificate

Authority (CA)?
a) Issuing digital certificates c) Encrypting messages
b) Storing private keys d) Managing firewall rules

6. Which type of malware encrypts a user’s data and demands

payment for the decryption key?
a) Spyware b) Trojan
 c) d) Worm
Ransomware

7. What is the primary goal of a Denial of Service (DoS) attack?

a) To gain unauthorized access c) To disrupt service availability
b) To steal data d) To monitor network traffic

8. What is the main purpose of penetration testing?

a) To ensure system backups are c) To monitor network traffic
working
d) To update antivirus definitions
b) To find and exploit security
vulnerabilities

9. Which of the following is a common hashing algorithm used to

ensure data integrity?
a) AES b) RSA c) MD5 d) DES

10. The General Data Protection Regulation (GDPR) is legislation

enacted to protect the data privacy of individuals in:
a) The United States c) Canada
b) The European Union d) Australia

11. Which type of attack involves sending a large number of packets

to a target to consume its resources?
a) Phishing c) Denial of Service (DoS)
b) Man-in-the-Middle d) SQL Injection

12. What does the principle of least privilege entail?

a) Users have maximum permissions by default
b) Users have only the permissions necessary to perform their duties
c) All users have administrative rights
d) Permissions are granted based on seniority

13. Which protocol is used for secure communication over a

computer network?
a) FTP b) HTTP c) SSH d) SMTP

14. Which of the following best describes a buffer overflow?

a) A type of malware
b) A method of secure data storage
c) A situation where a program writes more data to a buffer than it can hold
 d) A type of encryption

15. What is the primary purpose of an Intrusion Detection System

(IDS)?
a) To prevent unauthorized access
b) To detect and alert on potential security breaches
c) To create backups of data
d) To manage user accounts

16. Social engineering attacks primarily target:

a) Network hardware c) Human psychology
b) Software vulnerabilities d) Encryption algorithms

17. Which of the following is an example of multi-factor

authentication (MFA)?
a) Username and password c) PIN code only
b) Fingerprint and smart card d) Security question

18. What does the term “phishing” refer to in cybersecurity?

a) Scanning for vulnerabilities
b) Decrypting encrypted messages
c) Tricking individuals into disclosing sensitive information
d) Installing antivirus software

19. The CIA triad in cybersecurity stands for:

a) Control, Integrity, Availability c) Confidentiality, Invasion, Access
b) Confidentiality, Integrity, d) Control, Invasion, Access
Availability

20. Which of the following best describes “SQL Injection”?

a) Injecting malicious code into a web application
b) Injecting malicious SQL statements into an entry field
c) Exploiting a software bug to gain unauthorized access
d) Using SQL for data encryption

21. What is a honeypot in the context of cybersecurity?

a) A type of malware
b) A decoy system designed to attract attackers
c) A secure storage device for encryption keys
 d) A tool for monitoring network traffic

22. In cybersecurity, what does the term “air gap” refer to?
a) Wireless network security
b) A physical separation of a system from unsecured networks
c) Encryption of data in transit
d) Virtual private networks (VPNs)

23. Which type of attack exploits human error to gain access to

sensitive information?
a) Phishing b) DDoS c) Rootkit d) Brute
force

24. What is the purpose of a digital signature?

a) To encrypt data
b) To verify the authenticity and integrity of a message
c) To manage user authentication
d) To prevent data loss

25. Which of the following is not a type of malware?

a) Virus
b) Trojan
horse
c) Firewall
d) Spyware
Master of Science in Cyber Security Exam
3rd Semester
Sri Lanka Institute of Information Technology
Name:-……………………………………………………………….. No:-
…………………………………..
PART TWO (03 Hours and 30 Minutes)

⚫ Descriptive Questions - 100 Marks

(5 Questions, 4 sub-questions each, 5 marks per sub-question)

1. Question on Network Security

- Explain the concept of Virtual Private Networks (VPNs).
- Describe how IPsec enhances VPN security.
- Compare and contrast VPNs with proxy servers.
- Discuss potential vulnerabilities in VPN connections.

2. Question on Cryptography
- Explain the difference between symmetric and asymmetric encryption.
- Describe how the Diffie-Hellman key exchange works.
- What is a digital certificate, and why is it important in cryptography?
- Discuss the role of hash functions in ensuring data integrity.

3. Question on Cyber Threats

- What is a zero-day exploit, and why is it significant?
- Explain the difference between phishing and spear-phishing.
- Describe the concept of Advanced Persistent Threats (APTs).
- Discuss measures that can be taken to protect against ransomware.

4. Question on Incident Response

 - Outline the steps of an effective incident response plan.
- Describe the importance of digital forensics in incident response.
- What is the role of communication during a cybersecurity incident?
- Discuss the challenges in handling insider threats during an incident.

5. Question on Compliance and Legal Issues

- Explain the main objectives of the GDPR.
- Discuss the implications of the Sarbanes-Oxley Act (SOX) for cybersecurity.
- What are the key principles of the NIST Cybersecurity Framework?
- Describe the concept of data breach notification laws and their importance.
Master of Science in Cyber Security Exam
3rd Semester
Sri Lanka Institute of Information Technology
Name:-……………………………………………………………….. No:-
…………………………………..
PART THREE (01 Hours and 30 Minutes)

⚫ Advanced Descriptive Questions - 100 Marks

(6 Questions, 3 sub-questions each, 11 marks per sub-question, 3
questions to be attempted)

1. Advanced Cryptography
- Explain the concept and application of homomorphic encryption.
- Discuss the potential impact of quantum computing on cryptography.
- Describe the Elliptic Curve Cryptography (ECC) and its advantages over RSA.

2. Cybersecurity Management
- Outline a comprehensive risk management framework for an enterprise.
- Discuss the importance of security awareness training in an organization.
- Describe how security metrics and KPIs can be used to enhance cybersecurity.

3. Network Defense and Security

- Explain the concept of Network Function Virtualization (NFV) and its benefits
for network security.
- Discuss the role of artificial intelligence in enhancing network security.
- Describe how intrusion prevention systems (IPS) differ from intrusion
detection systems (IDS).

4. Emerging Threats
- Analyze the security challenges posed by the Internet of Things (IoT).
- Discuss the implications of cloud computing for cybersecurity.
- Describe the concept of zero trust architecture and its implementation.

5. Digital Forensics
 - Explain the process of acquiring digital evidence from a compromised system.
- Discuss the challenges of mobile device forensics.
- Describe the role of digital forensics in legal proceedings.

6. Application Security
- Explain the principles of secure software development lifecycle (SDLC).
- Discuss common web application vulnerabilities and their mitigations.
- Describe the role of penetration testing in securing applications.
Master of Science in Cyber Security Exam
3rd Semester
Sri Lanka Institute of Information Technology
Name:-……………………………………………………………….. No:-
…………………………………..
PART FOUR (01 Hours and 30 Minutes)

⚫ Essay Topics - 100 Marks

(Choose 1, 300 words)

1. Discuss the future of artificial intelligence in cybersecurity and

its potential to transform threat detection and response
mechanisms.
2. Analyze the impact of regulatory compliance on cybersecurity
practices within multinational corporations.
3. Evaluate the effectiveness of multi-factor authentication (MFA)
in preventing cyber attacks.
4. Discuss the ethical implications of government surveillance
programs on individual privacy and cybersecurity.
Master of Science in Cyber Security Exam
3rd Semester
Sri Lanka Institute of Information Technology

MARKING SCHEME STRUCTURE

PART 01 Final Mark Calculation

- Each correct answer: 4 marks Each part contributes equally to
the final score, normalized to
- Incorrect/No answer: 0 marks
100 marks. The final score will
Total: 25 questions * 4 marks = be computed as: [(Part 1 score +
100 marks Part 2 score + Part 3 score +
Part 4 score) / 4].

PART 02
- Each sub-question: 5 marks
- Each question total: 20 marks
Total: 5 questions * 20 marks =
100 marks

PART 03
- Each sub-question: 11 marks
- Each question total: 33 marks
Total for 3 questions: 3
questions * 33 marks = 99 marks
(rounded to 100 marks for simplicity)
PART 04
- Introduction: 10 marks
- Main body: 60 marks
- Conclusion: 20 marks
- Clarity and coherence: 10 marks

Total: 100 marks