Welcome to our comprehensive guide on the Accenture Technical Assessment. In this series, we provide some of the most frequently asked questions from the exam, with a focus on Network & Security Fundamentals. The key topics covered include:
- Basics of Networking
- Network Security
- Encryption Standards & Algorithms
- Network Security Devices
- Attack Types
- Firewalls
For each of these topics, we offer 10 practice questions along with detailed answers and explanations to help you prepare thoroughly for your upcoming exam.
Basics of Networking
Which protocol is responsible for assigning IP addresses dynamically in a network?
Options:
A. HTTP
B. FTP
C. DHCP
D. ICMP
Answer: C. DHCP
Explanation: DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses to devices in a network.
Which layer of the OSI model is responsible for reliable communication and flow control? Options:
A. Transport
B. Network
C. Data Link
D. Application
Answer: A. Transport
Explanation: The Transport layer (Layer 4) manages flow control, error checking, and reliable communication using protocols like TCP.
What is the main function of a router in a network?
Options:
A. Broadcast packets
B. Block unauthorized access
C. Forward data packets between networks
D. Translate domain names to IP addresses
Answer: C. Forward data packets between networks
Explanation: Routers connect multiple networks and direct data traffic between them.
Which of the following is a valid IP address in IPv4 format?
Options:
A. 300.168.0.1
B. 192.168.1.1
C. 255.255.255.500
D. 127.0.1.300
Answer: B. 192.168.1.1
Explanation: IPv4 addresses consist of four octets (0-255), so only B is valid.
In which OSI layer does the HTTP protocol operate?
Options:
A. Transport
B. Network
C. Session
D. Application
Answer: D. Application
Explanation: HTTP operates at the Application layer (Layer 7) of the OSI model.
Here’s an OSI (Open Systems Interconnection) model chart that explains the seven layers and their uses:
| Layer Number | Layer Name | Function/Use |
|---|---|---|
| 7 | Application | Interfaces with end-user software and manages network services like email, file transfer (FTP), and web browsing (HTTP, HTTPS). |
| 6 | Presentation | Ensures data is in a readable format, handles data encryption, compression, and translation between different data formats (e.g., JPEG, MP4). |
| 5 | Session | Manages and controls the connections between computers, handling session establishment, maintenance, and termination. |
| 4 | Transport | Ensures reliable data transfer between hosts. Manages flow control, error checking, and data segmentation. Protocols like TCP and UDP operate here. |
| 3 | Network | Handles routing, addressing, and packet forwarding. Determines the best path for data transfer between devices. Protocols like IP, ICMP work at this layer. |
| 2 | Data Link | Provides node-to-node data transfer, error detection and correction, and defines the format of data on the network. Ethernet and MAC addresses function at this layer. |
| 1 | Physical | Transmits raw data over physical media (e.g., cables, radio waves). Defines hardware specifications like cables, switches, and voltage levels. |
This model is fundamental to understanding how data is transmitted across networks, with each layer having specific responsibilities to ensure smooth communication between systems.
What does the term “latency” refer to in networking?
Options:
A. The amount of data transmitted
B. The time delay in data transmission
C. The speed of the network
D. The number of users on the network
Answer: B. The time delay in data transmission
Explanation: Latency refers to the delay between the request and receipt of data in a network.
What device is typically used to extend the range of a wireless network?
Options:
A. Switch
B. Router
C. Repeater
D. Bridge
Answer: C. Repeater
Explanation: A repeater amplifies signals to extend the range of a wireless network.
In the OSI model, which layer is responsible for translating between different data formats? Options:
A. Presentation
B. Session
C. Network
D. Transport
Answer: A. Presentation
Explanation: The Presentation layer (Layer 6) is responsible for data format translation and encryption.
What type of network is restricted to a single building or campus?
Options:
A. WAN
B. LAN
C. PAN
D. MAN
Answer: B. LAN
Explanation: LAN (Local Area Network) is confined to a small geographical area such as a building.
What technology is used to reduce collisions in Ethernet networks?
Options:
A. Token Ring
B. Hub
C. CSMA/CD
D. Broadcast
Answer: C. CSMA/CD
Explanation: Carrier Sense Multiple Access/Collision Detection (CSMA/CD) helps manage data collisions in Ethernet networks.
To which class does the IP address 225.101.0.205 belong?
Options:
 A) Class A
B) Class B
C) Class C
D) Class D
Answer: D Class D
Explanation: The IP address 225.101.0.205 falls within the range of Class D IP addresses, which are from 224.0.0.0 to 239.255.255.255. Class D addresses are reserved for multicasting, meaning they are used for sending data to multiple destinations at once, such as in streaming media applications.
Here’s the IPv4 classes information presented in a table format, including the public IP range, private IP range, subnet mask, and common usage:
| Class | Public IP Range | Private IP Range | Subnet Mask | Used For |
|---|---|---|---|---|
| Class A | 1.0.0.0 – 126.255.255.255 | 10.0.0.0 – 10.255.255.255 | 255.0.0.0 ( /8 ) | Large networks (e.g., large corporations) |
| Class B | 128.0.0.0 – 191.255.255.255 | 172.16.0.0 – 172.31.255.255 | 255.255.0.0 ( /16 ) | Medium-sized networks (e.g., universities) |
| Class C | 192.0.0.0 – 223.255.255.255 | 192.168.0.0 – 192.168.255.255 | 255.255.255.0 ( /24 ) | Small networks (e.g., home or small businesses) |
| Class D | 224.0.0.0 – 239.255.255.255 | N/A | N/A | Multicasting (e.g., streaming media) |
| Class E | 240.0.0.0 – 255.255.255.255 | N/A | N/A | Experimental or research purposes |
 Network Security
Which of the following is a form of two-factor authentication (2FA)?
Options:
A. Password and CAPTCHA
B. Password and fingerprint
C. Username and password
D. Password and PIN
Answer: B. Password and fingerprint
Explanation: 2FA involves combining two different types of credentials, such as something you know (password) and something you have (fingerprint).
What is the main purpose of a VPN (Virtual Private Network)?
Options:
A. Increase internet speed
B. Encrypt communication over public networks
C. Block malware
D. Prevent unauthorized users from accessing the LAN
Answer: B. Encrypt communication over public networks
Explanation: VPNs secure communications by encrypting data sent over public networks.
Which of the following is considered a strong password policy?
Options:
A. Passwords containing only lowercase letters
B. Passwords of at least 8 characters, including symbols and numbers
C. Passwords that expire every 2 years
D. Passwords that use common dictionary words
Answer: B. Passwords of at least 8 characters, including symbols and numbers
Explanation: Strong passwords should contain a mix of characters, symbols, and numbers.
Which protocol is commonly used to secure HTTP traffic?
Options:
A. SSH
B. SSL/TLS
C. FTP
D. IMAP
Answer: B. SSL/TLS
Explanation: SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are used to secure HTTP, forming HTTPS.
What is a key feature of the “zero trust” security model?
Options:
A. Trust but verify
B. Allow all traffic from internal networks
C. Always verify, never trust
D. Rely on firewalls alone
Answer: C. Always verify, never trust
Explanation: The zero trust model assumes no one is trusted by default, both inside and outside the network.
What type of attack involves overwhelming a network or service with excessive traffic?
Options:
A. Phishing
B. Man-in-the-Middle
C. DoS/DDoS
D. SQL Injection
Answer: C. DoS/DDoS
Explanation: Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks flood a network or service with traffic to make it unavailable.
A “honeypot” in network security is:
Options:
A. A type of encryption algorithm
B. A decoy system designed to lure attackers
C. A firewall rule
D. A malware scanner
Answer: B. A decoy system designed to lure attackers
Explanation: Honeypots are systems designed to detect, deflect, or study attacks by acting as bait.
Which type of attack attempts to intercept and manipulate communication between two parties? Options:
A. Phishing
B. Man-in-the-Middle
C. Ransomware
D. Brute Force
Answer: B. Man-in-the-Middle
Explanation: A Man-in-the-Middle attack occurs when an attacker intercepts and manipulates the communication between two parties.
What is the function of a DMZ in a network architecture?
Options:
A. To isolate internal resources from public access
B. To filter spam emails
C. To block malicious traffic
D. To encrypt internal communications
Answer: A. To isolate internal resources from public access
Explanation: A DMZ (Demilitarized Zone) is a network area that is exposed to the public while protecting internal resources.
Which of the following is a method of data encryption?
Options:
A. AES
B. SMTP
C. FTP
D. HTTP
Answer: A. AES
Explanation: AES (Advanced Encryption Standard) is a widely used encryption algorithm.
Which of the following is used for establishing a VPN connection?
Options:
A. NGINX
B. ZeuS
C. HAProxy
D. Openswan
Correct Answer:
D. Openswan
Explanation:
Openswan is an open-source VPN implementation of the IPsec (Internet Protocol Security) protocol. It is commonly used for establishing secure Virtual Private Network (VPN) connections between different networks.
- NGINX is a web server and reverse proxy that is primarily used for load balancing and serving web content.
- ZeuS is malware, specifically a banking Trojan, not related to VPN connections.
- HAProxy is a load balancer and proxy server used for distributing network traffic among multiple servers.
Encryption Standards & Algorithms
What does AES stand for in encryption?
Options:
A. Asynchronous Encryption Standard
B. Advanced Encryption Standard
C. Algorithmic Encryption Scheme
D. Applied Encryption System
Answer: B. Advanced Encryption Standard
Explanation: AES (Advanced Encryption Standard) is a symmetric encryption algorithm widely used for securing data.
Which encryption algorithm uses two different keys for encryption and decryption?
Options:
A. DES
B. AES
C. RSA
D. Blowfish
Answer: C. RSA
Explanation: RSA is an asymmetric encryption algorithm that uses a public key for encryption and a private key for decryption.
What type of encryption uses the same key for both encryption and decryption?
Options:
A. Symmetric encryption
B. Asymmetric encryption
C. Public-key encryption
D. Hashing
Answer: A. Symmetric encryption
Explanation: Symmetric encryption uses the same key for both encryption and decryption, such as AES and DES.
Which of the following encryption methods is considered outdated and vulnerable to attacks? Options:
A. AES
B. RSA
C. DES
D. ECC
Answer: C. DES
Explanation: DES (Data Encryption Standard) has a 56-bit key, which is now considered weak and easily breakable, leading to its replacement by AES.
What is the primary purpose of encryption in data security?
Options:
A. To compress data for faster transmission
B. To prevent unauthorized access to data
C. To ensure data integrity
D. To detect network intrusions
Answer: B. To prevent unauthorized access to data
Explanation: Encryption converts data into a secure format to prevent unauthorized access.
What is the difference between hashing and encryption?
Options:
A. Hashing is reversible; encryption is not
B. Encryption provides data integrity; hashing provides confidentiality
C. Hashing is irreversible; encryption is reversible
D. Encryption is faster than hashing
Answer: C. Hashing is irreversible; encryption is reversible
Explanation: Hashing creates a fixed-size output that cannot be reversed, while encryption can be reversed with the correct key.
Which of the following algorithms is a hashing function?
Options:
A. AES
B. RSA
C. SHA-256
D. ECC
Answer: C. SHA-256
Explanation: SHA-256 (Secure Hash Algorithm) is a hashing function used to generate fixed-size hash values from input data.
In encryption, what is a “key”?
Options:
A. A device used to encrypt files
B. A random string used to encrypt or decrypt data
C. A mathematical formula that compresses data
D. A digital certificate used to verify identity
Answer: B. A random string used to encrypt or decrypt data
Explanation: In encryption, a key is a string of characters used to transform plaintext into ciphertext and vice versa.
What does the term “public key” in encryption refer to?
Options:
A. A key that encrypts data but cannot decrypt it
B. A key that is shared with everyone for encryption purposes
C. A key used to generate random numbers
D. A key that must remain private to the user
Answer: B. A key that is shared with everyone for encryption purposes
Explanation: In public-key cryptography, the public key is shared with others for encrypting messages, while the private key is kept secret for decryption.
Which encryption algorithm is based on the difficulty of factoring large numbers?
Options:
A. RSA
B. AES
C. DES
D. ECC
Answer: A. RSA
Explanation: RSA’s security is based on the computational difficulty of factoring large prime numbers.
Â
Network Security Devices
Which device is primarily used to prevent unauthorized access to or from a private network? Options:
A. Switch
B. Firewall
C. Router
D. Hub
Answer: B. Firewall
Explanation: A firewall filters incoming and outgoing network traffic based on security rules, blocking unauthorized access.
What is the function of an Intrusion Detection System (IDS)?
Options:
A. Block unauthorized traffic
B. Monitor network traffic for suspicious activity
C. Encrypt network data
D. Route network traffic
Answer: B. Monitor network traffic for suspicious activity
Explanation: IDS systems monitor network traffic and detect potential security threats.
Which device can automatically block suspicious traffic after detecting it?
Options:
A. IDS
B. IPS
C. Router
D. Load balancer
Answer: B. IPS
Explanation: An Intrusion Prevention System (IPS) can actively block malicious traffic in real time after detecting it.
Which network security device acts as a proxy and inspects HTTPS traffic?
Options:
A. Web Application Firewall (WAF)
B. Router
C. IDS
D. VPN
Answer: A. Web Application Firewall (WAF)
Explanation: A WAF protects web applications by filtering and monitoring HTTP and HTTPS traffic.
What is the main function of a load balancer in network security?
Options:
A. Distribute traffic across multiple servers
B. Encrypt traffic between servers
C. Filter incoming traffic
D. Detect and prevent intrusions
Answer: A. Distribute traffic across multiple servers
Explanation: A load balancer ensures that traffic is evenly distributed to prevent server overload.
Which device is often deployed to analyze and filter out email-based attacks?
Options:
A. Firewall
B. Anti-spam gateway
C. Router
D. Switch
Answer: B. Anti-spam gateway
Explanation: Anti-spam gateways filter and block email-based threats like phishing and malware.
What does a DMZ (Demilitarized Zone) in network security typically contain?
Options:
A. Public-facing servers
B. Confidential internal databases
C. End-user devices
D. Firewalls and routers
Answer: A. Public-facing servers
Explanation: A DMZ is a segment of a network that hosts public-facing services like web servers while isolating internal resources.
A UTM (Unified Threat Management) device is designed to:
Options:
A. Block all incoming traffic
B. Provide a comprehensive set of security features in one device
C. Control routing of traffic between subnets
D. Monitor internal data breaches
Answer: B. Provide a comprehensive set of security features in one device
Explanation: UTM devices integrate multiple security functions such as firewall, IDS/IPS, antivirus, and VPN into one appliance.
Which of the following is an example of a stateful firewall?
Options:
A. A firewall that only examines IP addresses
B. A firewall that tracks the state of active connections
C. A firewall that allows all incoming traffic
D. A firewall that blocks all traffic by default
Answer: B. A firewall that tracks the state of active connections
Explanation: Stateful firewalls track active connections and make filtering decisions based on the state of the connection.
Which device is typically used to connect multiple VLANs (Virtual Local Area Networks)?
Options:
A. Router
B. Switch
C. Firewall
D. Load Balancer
Answer: A. Router
Explanation: Routers are used to connect different VLANs and facilitate communication between them.
Â
 Firewalls
What is the main purpose of a firewall in network security?
Options:
A. Encrypt network traffic
B. Block unauthorized access to or from a private network
C. Distribute network traffic
D. Monitor traffic for threats
Answer: B. Block unauthorized access to or from a private network
Explanation: Firewalls inspect incoming and outgoing traffic to block unauthorized access based on predefined security rules.
Which type of firewall operates at the application layer of the OSI model?
Options:
A. Packet-filtering firewall
B. Stateful firewall
C. Application-layer firewall
D. Circuit-level gateway
Answer: C. Application-layer firewall
Explanation: Application-layer firewalls inspect traffic at the application layer, filtering data based on specific applications or services.
What is the difference between a stateful firewall and a stateless firewall?
Options:
A. Stateless firewalls track the state of network connections
B. Stateful firewalls remember the state of active connections
C. Stateful firewalls do not filter traffic
D. Stateless firewalls encrypt network traffic
Answer: B. Stateful firewalls remember the state of active connections
Explanation: Stateful firewalls monitor the state of active connections and make filtering decisions based on the context of the traffic.
Which type of firewall examines the data content (payload) of packets?
Options:
A. Packet-filtering firewall
B. Deep packet inspection (DPI) firewall
C. Circuit-level firewall
D. Stateless firewall
Answer: B. Deep packet inspection (DPI) firewall
Explanation: DPI firewalls analyze both the header and the data content (payload) of packets for detailed filtering and threat detection.
A firewall rule configured to block all inbound traffic except HTTP and HTTPS would be an example of:
Options:
A. Implicit deny
B. Explicit allow
C. Stateful filtering
D. Application-layer filtering
Answer: B. Explicit allow
Explanation: This rule explicitly allows HTTP (port 80) and HTTPS (port 443) traffic while blocking all other incoming traffic.
In what scenario would a firewall be configured in a “deny-all” mode?
Options:
A. When allowing unrestricted network access
B. When traffic is only allowed if explicitly permitted
C. When all traffic is filtered based on content
D. When ensuring performance optimization
Answer: B. When traffic is only allowed if explicitly permitted
Explanation: A deny-all configuration blocks all traffic unless specific rules are created to allow it.
Which type of firewall operates by analyzing the headers of individual packets?
Options:
A. Application-layer firewall
B. Packet-filtering firewall
C. Stateful firewall
D. Proxy firewall
Answer: B. Packet-filtering firewall
Explanation: Packet-filtering firewalls operate by analyzing the headers of packets, such as IP addresses, ports, and protocol types, to allow or block traffic.
What is a “proxy firewall”?
Options:
A. A firewall that inspects and filters traffic at the network layer
B. A firewall that acts as an intermediary between clients and servers
C. A firewall that prevents internal users from accessing external websites
D. A firewall that blocks all incoming connections
Answer: B. A firewall that acts as an intermediary between clients and servers
Explanation: A proxy firewall filters traffic by serving as a middleman, managing requests and responses between clients and external servers.
Which firewall architecture is often used to protect internal networks from external threats while allowing public access to certain resources like web servers?
Options:
A. DMZ
B. Stateful firewall
C. VPN
D. NAT
Answer: A. DMZ
Explanation: A DMZ (Demilitarized Zone) architecture places public-facing servers in a separate network segment to protect internal resources from external threats.
In firewall rule configuration, what does “implicit deny” mean?
Options:
A. All traffic is allowed unless explicitly blocked
B. All traffic is blocked unless explicitly allowed
C. Traffic from external sources is always blocked
D. Traffic is encrypted by default
Answer: B. All traffic is blocked unless explicitly allowed
Explanation: Implicit deny means that all traffic is blocked by default, and only explicitly allowed traffic can pass through the firewall.
 Attack Types
What is the primary goal of a ransomware attack?
Options:
A. To disable a system with excessive traffic
B. To steal sensitive data
C. To encrypt a victim’s data and demand payment for decryption
D. To exploit a software vulnerability for remote access
Answer: C. To encrypt a victim’s data and demand payment for decryption
Explanation: Ransomware attacks encrypt data on a victim’s system, demanding a ransom for the decryption key.
In which attack does an attacker try all possible password combinations to gain unauthorized access?
Options:
A. Phishing
B. SQL Injection
C. Brute Force
D. Man-in-the-Middle
Answer: C. Brute Force
Explanation: In a brute force attack, the attacker systematically tries every possible combination of characters until the correct password is found.
What type of attack targets vulnerabilities in web applications by injecting malicious code into a database query?
Options:
A. Phishing
B. Cross-Site Scripting (XSS)
C. SQL Injection
D. Denial-of-Service
Answer: C. SQL Injection
Explanation: SQL Injection exploits vulnerabilities in web applications by injecting malicious SQL queries into the input fields, manipulating the database.
Which type of attack redirects traffic from a legitimate site to a malicious one, usually by compromising DNS servers?
Options:
A. DNS Spoofing
B. Man-in-the-Middle
C. Phishing
D. SQL Injection
Answer: A. DNS Spoofing
Explanation: DNS Spoofing redirects traffic by altering DNS entries, leading users to malicious websites instead of legitimate ones.
What is the main goal of a social engineering attack?
Options:
A. To exploit software vulnerabilities
B. To trick individuals into revealing sensitive information
C. To flood a network with traffic
D. To execute malicious code on a server
Answer: B. To trick individuals into revealing sensitive information
Explanation: Social engineering attacks manipulate individuals into divulging confidential information, such as passwords or account details.
What is a “buffer overflow” attack?
Options:
A. An attack that overwhelms a network with traffic
B. An attack that exploits a vulnerability by sending more data than a buffer can handle
C. An attack that targets weak passwords
D. An attack that encrypts the victim’s files
Answer: B. An attack that exploits a vulnerability by sending more data than a buffer can handle
Explanation: A buffer overflow occurs when an attacker sends more data than a program can store in its buffer, leading to the execution of malicious code.
What type of malware restricts access to data or systems until a ransom is paid?
Options:
A. Trojan
B. Worm
C. Ransomware
D. Spyware
Answer: C. Ransomware
Explanation: Ransomware encrypts data and demands payment from victims for the decryption key.
What kind of attack involves repeatedly sending ping requests to a network to overwhelm the target system?
Options:
A. DDoS
B. SQL Injection
C. Man-in-the-Middle
D. Trojan
Answer: A. DDoS
Explanation: A Distributed Denial-of-Service (DDoS) attack overwhelms a system by sending a flood of ping requests from multiple sources.
In a phishing attack, what is typically impersonated to trick users?
Options:
A. A hardware device
B. A legitimate website or service
C. A software application
D. A local network
Answer: B. A legitimate website or service
Explanation: Phishing attacks impersonate trusted entities, such as banks or social media platforms, to trick users into providing sensitive information.
What type of attack exploits a vulnerability that is unknown to the software vendor and has no fix available?
Options:
A. Zero-Day Attack
B. Man-in-the-Middle
C. DDoS
D. Trojan
Answer: A. Zero-Day Attack
Explanation: Zero-day attacks exploit software vulnerabilities that are unknown to the vendor, making them difficult to defend against since no patches or fixes are available.
Please note, these practice questions are intended for reference purposes only, to help you familiarize yourself with the type of content you may encounter in the actual exam. Use them as a guide to strengthen your understanding and boost your confidence before taking the test.
Good luck with your preparation!
