COMPUTER AND NETWORK SECURITY (CISS-3360) QUIZ 3-6
Caesar Cipher
A ________ is one of the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A.
Firewall
A ___________ controls the flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network.
Firewall
A _____________ contains rules that define the types of traffic that can come and go through a network.
Technical Control
A control that is carried out or managed by a computer system is the definition of ________.
Risk
A countermeasure, without a corresponding __________, is a solution seeking a problem; you can never justify the cost.
True
A crypto accelerator offloads cryptographic routines from the main processor to cards that have chipsets designed for fast encryption.
Network Access Control (NAC)
A method to restrict access to a network based on identity or other rules is the definition of ________.
False
A packet-filtering firewall remembers information about the status of a network communication.
True
A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.
Vulnerability
A threat source can be a situation or method that might accidentally trigger a(n) ____________.
Threat Source
An attacker or event that might exploit a vulnerability is a(n) ____________.
False
An organization can choose to plan for any interruption time frame, but in many BIAs, restoration plans assume that access to primary resources will not be possible for at least 60 days.
False
Annual loss expectancy (ALE) means the process of identifying, assessing, prioritizing, and addressing risks.
True
Border firewalls simply separate the protected network from the Internet.
True
Decryption is the act of unscrambling ciphertext into plaintext.
False
Disaster refers to the amount of harm a threat can cause by exploiting a vulnerability.
True
Dynamic Host Configuration Protocol (DHCP) means a protocol used on IP networks to provide configuration details automatically to client computers.
True
Encryption is the act of scrambling plaintext into ciphertext.
Corrective
Forensics and incident response are examples of ___________ controls.
False
IP addresses are eight-byte addresses that uniquely identify every device on the network.
False
IPv6 addresses are 64-bit numbers.
Chosen-ciphertext attack
In a ________, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.
Chosen-Plaintext Attack
In a ________, the cryptanalyst can encrypt any information and observe the output. This is best for the cryptanalyst.
False
In a chosen-plaintext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.
False
In an asymmetric key system, where everyone shares the same secret, compromising one copy of the key compromises all copies.
Business Continuity Plan
It is necessary to create and/or maintain a plan that makes sure your company continues to operate in the face of disaster. This is known as a ________.
False
Most enterprises are essentially prepared for a disaster when it happens.
True
NAC works on wired and wireless networks.
Reconnaissance
Network ________ is gathering information about a network for use in a future attack.
True
One of the OSI Reference Model layers, the Network Layer, is responsible for the logical implementation of the network.
False
One of the OSI Reference Model layers, the Transport Layer, creates, maintains, and disconnects communications that take place between processes over the network.
False
One of the OSI Reference Model layers,the Transport Layer, is responsible for maintaining communication sessions between computers.
CAST
Organizations currently use several symmetric algorithms, including ________, which is a substitution-permutation algorithm similar to DES. Unlike DES, its authors made its design criteria public. This 64-bit symmetric block cipher can use keys from 40 to 256 bits. Although it is patented (U.S. patent 5,511,123), its inventors, C.M. Adams and S.E. Tavares, made it available for free use.
True
Symmetric key cryptography is a type of cryptography that cannot secure correspondence until after the two parties exchange keys.
Simulation Test
The ________ identifies staff reaction and response times as well as inefficiencies or previously unidentified vulnerabilities. All members of the staff involved in operations or procedures participate in the test.
Checklist Test
The ________ is a simple review of a plan by managers and the business continuity team to make sure that contact numbers are current and that the plan reflects the company's priorities and structure.
All of the Above
The formal process of monitoring and controlling risk focuses on _____________ new risks.
False
The most common way to conduct a full-interruption test is at the primary site.
True
The proportion of value of a particular asset likely to be destroyed by a given risk, expressed as a percentage, is exposure factor (EF).
True
The term annual rate of occurrence (ARO) describes the annual probability that a stated threat will be realized.
True
The term network access control (NAC) describes a method to restrict access to a network based on identity or other rules.
True
The traceroute command displays the path that a particular packet follows so you can identify the source of potential network problems.
Ciphertext-only Attack (COA)
There are four basic forms of a cryptographic attack. In a ________, the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data mightbe.
False
Unencrypted information is ciphertext.
Data Encryption Standard (DES)
What name is given to an encryption cipher that is a product cipher with a 56-bit key consisting of 16 iterations of substitution and transformation?
Simple Substitution Cipher
What name is given to an encryption cipher that uniquely maps any letter to any other letter?
Digital Signature
What name is given to an object that uses asymmetric encryption to bind a message or data to a specific entity?
Asymmetric Key Cryptography
What term is used to describe a type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption, so that correspondents do not first have to exchange secret information to communicate securely?
One-Way Algorithm
What term is used to describe an encryption algorithm that has no corresponding decryption algorithm?
Session Layer
Which OSI Reference Model layer creates, maintains, and disconnects communications that take place between processes over the network?
Application Layer
Which OSI Reference Model layer includes all programs on a computer that interact with the network?
Presentation Layer
Which OSI Reference Model layer is responsible for the coding of data?
Physical Layer
Which OSI Reference Model layer must translate the binary ones and zeros of computer language into the language of the transport medium?
An encryption cipher that uses multiple encryption schemes in succession.
Which of the following is the definition of Vigenèrecipher?
Brute-Force Attack
Without any knowledge of the key, an attacker with access to an encrypted message and the decryption cipher could try every possible key to decode the message. This is referred to as ________.
both A and B
You can use quantitative risk analysis for all risks on the risk register;however, the amount of effort required may be overkill for _____________ risks.
Dynamic Host Configuration Protocol (DHCP)
________ allows the computer to get its configuration information from the network instead of the network administrator providing the configuration information to the computer. It provides a computer with an IP address, subnet mask, and other essential communication information, simplifying the network administrator's job.
Security gap
________ is the difference between the security controls you have in place and the controls you need to have in place in order to address all vulnerabilities.
Disaster recovery
__________ is rapidly becoming an increasingly important aspect of enterprisecomputing.
Risk
___________ is the likelihood that a particular threat exposes a vulnerability that could damage your organization.