Skip to content
Digital Forensicseasy Premium

Digital Forensics: Network Security Architecture and Cryptographic Protocols

Published:

Questions

30

Duration

30 min

Faculty-reviewed

0

Updated

20 May 2026

Score, per-question explanations and topic breakdown shown right after you submit.

About this mock

This FACT-aligned mock test exercises the network security architecture and cryptographic protocols block of the digital forensics syllabus. Thirty single-best-answer questions sweep IPSec including AH (RFC 4302), ESP (RFC 4303), transport versus tunnel mode, and IKEv2 (RFC 7296). It covers VPN families from PPTP, deprecated since the MS-CHAPv2 break of 2012, through L2TP over IPSec, OpenVPN, and modern WireGuard, and contrasts site-to-site with remote-access deployments. Firewall types from packet filtering through stateful inspection to next-generation firewalls appear alongside the default-deny philosophy of NIST SP 800-41 and the DMZ or screened-subnet pattern. IDS versus IPS, signature-based versus anomaly-based detection, password storage under bcrypt, scrypt, and Argon2, the EAP family with EAP-TLS and PEAP, Kerberos with its AS, TGS, and KDC roles under RFC 4120, X.509 certificate fields under RFC 5280, and LDAP distinguished names under RFC 4514 round out the authentication and directory block.

This mock is intended for MSc and BSc forensic science aspirants targeting the FACT entrance examination and for working professionals preparing for CISSP, Security+, or CHFI papers. The Indian PKI material covering the Controller of Certifying Authorities under Section 17 of the IT Act 2000 and Class 3 Digital Signature Certificates is included.

Topics covered:

  • IPSec architecture: AH, ESP, IKEv2 and transport versus tunnel mode
  • VPN protocols and topologies including PPTP, L2TP over IPSec, OpenVPN, WireGuard
  • Firewall design, default-deny policy, DMZ and IDS versus IPS
  • Password storage, the EAP family, Kerberos AS-TGS-KDC and LDAP DN structure
  • Digital signatures, X.509 fields and PKI components CA, RA, CRL, OCSP
  • CCA India and Digital Signature Certificates under the IT Act 2000
  • TLS 1.3, the TLS handshake, Secure Electronic Transaction and HSTS
  • 802.1X NAC, multi-factor authentication and Zero Trust under NIST SP 800-207

Use this set as a calibration exercise before attempting full-length FACT digital forensics papers. Allow 30 minutes.

Sources & references

Questions in this mock are written and verified against the following sources. Citations are recorded per question and shown in the explanation after submission.

  • Stallings, William

    Cryptography and Network Security: Principles and Practice, 7th Edition, Chapter on Electronic Payment Security

    cited in 7 questions
  • IETF RFC 5280

    Internet X.509 Public Key Infrastructure Certificate and CRL Profile (2008)

    Open source
    cited in 2 questions
  • NIST SP 800-41 Revision 1

    Guidelines on Firewalls and Firewall Policy (2009), Section on Policy Design

    Open source
    cited in 2 questions
  • NIST SP 800-92

    Guide to Computer Security Log Management, Sections on Log Aggregation and Correlation

    Open source
    cited in 1 question
  • NIST SP 800-63B

    Digital Identity Guidelines: Authentication and Lifecycle Management, Section on Authenticator Types

    Open source
    cited in 1 question
  • IETF RFC 8200

    Internet Protocol, Version 6 (IPv6) Specification, Section on Header Format

    Open source
    cited in 1 question
  • Information Technology Act, 2000

    Section 17 on the Controller of Certifying Authorities; Section 35 on Issuance of DSC

    Open source
    cited in 1 question
  • IETF RFC 8446

    The Transport Layer Security (TLS) Protocol Version 1.3 (2018)

    Open source
    cited in 1 question
  • IETF RFC 4514

    LDAP: String Representation of Distinguished Names

    Open source
    cited in 1 question
  • IETF RFC 7296

    Internet Key Exchange Protocol Version 2 (IKEv2)

    Open source
    cited in 1 question
  • Tanenbaum, Andrew S.; Wetherall, David J.

    Computer Networks, 5th Edition (Pearson), Chapter on Network Security and Virtual Private Networks

    cited in 1 question
  • IEEE Standards Association

    IEEE 802.1X-2020, Port-Based Network Access Control

    Open source
    cited in 1 question
  • IETF RFC 4862

    IPv6 Stateless Address Autoconfiguration, Section on Router Advertisement Processing

    Open source
    cited in 1 question
  • Kurose, James F.; Ross, Keith W.

    Computer Networking: A Top-Down Approach, 7th Edition (Pearson), Chapter on Network Security and IPSec

    cited in 1 question
  • IETF RFC 5246

    The Transport Layer Security (TLS) Protocol Version 1.2, Section on the Handshake Protocol

    Open source
    cited in 1 question
  • IETF RFC 5216

    The EAP-TLS Authentication Protocol (2008)

    Open source
    cited in 1 question
  • NIST SP 800-207

    Zero Trust Architecture (August 2020)

    Open source
    cited in 1 question
  • NIST FIPS PUB 180-4

    Secure Hash Standard (SHS) defining the SHA-2 family including SHA-256

    Open source
    cited in 1 question
  • IETF RFC 6797

    HTTP Strict Transport Security (HSTS)

    Open source
    cited in 1 question
  • NIST SP 800-94

    Guide to Intrusion Detection and Prevention Systems (IDPS), Section on Detection vs Prevention

    Open source
    cited in 1 question
  • OWASP Foundation

    OWASP Password Storage Cheatsheet, Sections on Argon2, bcrypt, scrypt and Salting

    Open source
    cited in 1 question
  • IETF RFC 4120

    The Kerberos Network Authentication Service (V5), Section on the Key Distribution Centre

    Open source
    cited in 1 question

How our mocks are built

Questions are written and edited by the ForensicSpot team and cited from peer-reviewed forensic textbooks, official syllabi and primary case law. Each one is verified before publishing. Detailed explanations show after you submit, so the test stays a real test. See a mistake? Tell us.

Common questions

What does the Digital Forensics: Network Security Architecture and Cryptographic Protocols mock cover?+

This FACT-aligned mock test exercises the network security architecture and cryptographic protocols block of the digital forensics syllabus. Thirty single-best-answer questions sweep IPSec including AH (RFC 4302), ESP (RFC 4303), transport versus tunnel mode, and IKEv2 (RFC 7296). It covers VPN families from PPTP, deprecated since the MS-CHAPv2 break of 2012, through L2TP over IPSec, OpenVPN, and modern WireGuard, and contrasts site-to-site with remote-access deployments. Firewall types from pac

How many questions and how long is the test?+

30 multiple-choice questions, 30 minutes total. Difficulty: easy. Tier: Premium.

Who is this mock for?+

Forensic science students and aspirants who want timed, exam-style practice with explanations and verified source citations on Digital Forensics, FACT. Useful for postgraduate entrance preparation and for BSc / MSc forensic students testing their recall under time.

Are the questions reviewed?+

Each question carries a verified source citation. Faculty review for individual questions is in progress.

Do I need an account to take this mock?+

Yes, a free ForensicSpot account is required to start a timed attempt — this lets you save progress, see per-question explanations after submission, and track your topic-level performance over time.

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.