IS607 M06 Quiz 6 CH 7 & CH 5
Which information security objective verifies the action to create an object or verifies an object's existence by an entity other than the creator? A. Certification B. Validation C. Witnessing D. Authorization
A. Certification Witnessing is verifying the action used to create an object or verify an object's existence. Certification is a similar concept but allows for the endorsement of information by a trusted party. Ahead: Cryptographic Principles, Concepts, and Terminology Complexity: Hard Subject: Chapter 7 Taxonomy: Understand Title: Cryptography
True or False? A network protocol governs how networking equipment interacts to deliver data across the network. A. True B. False
A. True Ahead: TCP/IP and How It Works Complexity: Easy Subject: Chapter 5 Title: Networks and Telecommunications
True or False? The computer game Solitaire operates at the Application Layer of the Open Systems Interconnection (OSI) Reference Model. A. True B. False
B. False The Application Layer is responsible for interacting with end users through application software and thus includes all programs on a computer that allow users to interact with the network. For example, email software is included in this layer because it must transmit and receive messages over the network, whereas a simple game like Solitaire does not fit in this layer because it does not require the network to operate. Ahead: The Open Systems Interconnection Reference Model Complexity: Hard Subject: Chapter 5 Title: Networks and Telecommunications
True or False? The U.S. government currently has no standard for creating cryptographic keys for classified applications. A. True B. False
B. False The U.S. government currently has no standard for creating cryptographic keys for unclassified applications. Ahead: Principles of Certificates and Key Management Complexity: Medium Subject: Chapter 7 Title: Cryptography
True or False? A packet-filtering firewall remembers information about the status of a network communication. A. True B. False
B. False A packet-filtering firewall compares received traffic with a set of rules that define what traffic it will permit to pass through the firewall. A stateful inspection firewall remembers information about the status of a network communication. Ahead: Basic Network Security Defense Tools Complexity: Medium Subject: Chapter 5 Title: Networks and Telecommunications
Which cryptographic attack is relevant in only asymmetric key systems and hash functions? A. Chosen plaintext B. Ciphertext only C. Known plaintext D. Chosen ciphertext
D. Chosen ciphertext In a chosen-ciphertext attack, cryptanalysts submit data, which is coded with the same cipher and key as they are trying to break, to the decryption device to see either the plaintext output or the effect the decrypted message has on a system. Ahead: Symmetric and Asymmetric Key Cryptography Complexity: Medium Subject: Chapter 7 Taxonomy: Remember Title: Cryptography
What is the only unbreakable cipher when it is used properly? A. Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) B. Blowfish C. Rivest-Shamir-Adelman (RSA) D. Vernam
D. Vernam The Vernam cipher, also known as a one-time pad, is unbreakable provided that the key is at least as long as the message and that each key is only used one time. Ahead: Symmetric and Asymmetric Key Cryptography Complexity: Medium Subject: Chapter 7 Taxonomy: Remember Title: Cryptography
True or False? The Physical Layer of the Open Systems Interconnection (OSI) Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium. A. True B. False
A. True Ahead: The Open Systems Interconnection Reference Model Complexity: Medium Subject: Chapter 5 Title: Networks and Telecommunications
What is the maximum value for any octet in an Internet Protocol version 4 (IPv4) address? A. 513 B. 255 C. 129 D. 65
B. 255 Each of the four octets in an IPv4 address may contain any integer value between 0 and 255. Ahead: TCP/IP and How It Works Complexity: Medium Subject: Chapter 5 Taxonomy: Remember Title: Networks and Telecommunications
True or False? In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data and has no choice as to what that data might be. A. True B. False
B. False In a ciphertext-only attack (COA), the cryptanalyst has access to only a segment of encrypted data. In a KPA, the cryptanalyst possesses certain pieces of information before and after encryption. Ahead: Symmetric and Asymmetric Key Cryptography Complexity: Hard Subject: Chapter 7 Title: Cryptography Authorization
