CSS 1008 Chapter 10

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following is one of the most popular symmetric algorithms of recent years? A: AES B: RSA C: DES D: IPsec

A: AES

Which of the following provides confidentiality? A: Encryption B: Decryption C: Hashing D: Key management

A: Encryption

Which of the following tasks is part of the disposal phase of the SDLC? A: Authorization B: Conducting risk assessment C: Archiving information and sanitization of media D: Adding hardware and software

C: Archiving information and sanitization of media

Which of the following is a component of PKI? A: Certification authority B: Registration authority C: Client nodes D: All of the above

D: All of the above

Which of the following statements about asymmetric key cryptography is true? A: Asymmetric key cryptography uses one shared key. B: Asymmetric key cryptography is also called private key cryptography. C: Asymmetric key cryptography uses two keys called public keys. D: Asymmetric key cryptography is also called public key cryptography.

D: Asymmetric key cryptography is also called public key cryptography.

Public key cryptography uses which of the following? A: A shared key B: A public key C: A private key D: Both a public and a private key

D: Both a public and a private key

Which of the following is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted? A: NIST B: GLBA C: MITRE D: OWASP

D: OWASP

Identification of compliance requirements is done during which of the following phases of the SDLC? A: Initiation B: Development/acquisition C: Implementation/assessment D: Operations/maintenance

A: Initiation

Which of the following is a hybrid of a beta and a final release version of a software product? A: Release candidate B: Alpha phase C: General availability D: Go live

A: Release candidate

Which of the following issues and maintains digital certificates? A: Registration authority B: Certification authority C: Public key infrastructure D: Client nodes

B: Certification authority

Which of the following is the most common web application security flaw? A: Failure to validate output B: Failure to validate input C: Dynamic data validation D: Static data validation

B: Failure to validate input

Symmetric key cryptography uses which of the following? A: One public key B: One shared key C: Two public keys D: One public and one private key

B: One shared key

Which of the following components of PKI performs the administrative functions, including verifying the identity of users and organizations requesting a digital certificate? A: Certification authority B: Registration authority C: Client nodes D: Digital certificate

B: Registration authority

Which of the following is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization? A: ISO B: SAMM C: OWASP D: SDLC

B: SAMM

Which of the following provides a standardized process for all phases of any system development or acquisition effort? A: COTS B: SDLC C: NIST D: CIA

B: SDLC

Which of the following is used to associate a public key with an identity? A: Encryption B: Digital hash C: Digital certificate D: Digital signature

C: Digital certificate

Which of the following is the process of creating a numeric value that represents the original text? A: Encryption B: Decryption C: Hashing D: Key management

C: Hashing

Which of the following is not a best practice for cryptographic key management? A: Keys should be transmitted and stored by secure means. B: Keys should be properly destroyed when their lifetime ends. C: Keys should be presented in clear text. D: Key values should be random, and the full spectrum of the keyspace should be used.

C: Keys should be presented in clear text.

In which phase of the SDLC are systems and products in place and operating, enhancements and/or modifications to the system are being developed and tested, and hardware and software components are added or replaced? A: Initiation B: Development/acquisition C: Operations/maintenance D: Implementation/assessment

C: Operations/maintenance

Which of the following statements about symmetric key cryptography is not true? A: Symmetric key cryptography uses one shared key. B: Symmetric algorithms can provide confidentiality. C: Symmetric algorithms can provide nonrepudiation and authenticity. D: Symmetric key cryptography uses a single secret key.

C: Symmetric algorithms can provide nonrepudiation and authenticity.


Conjuntos de estudio relacionados

Live Virtual Machine Lab 6.1: Module 06 Wireless Configuration Techniques and Standards

View Set

AP Biology photosynthesis test AP answers

View Set

TX Prin. of Real Estate ONE Ch. Ten 10.4

View Set

Primary tissue structure and function

View Set