IST-110 Chapter 4

In IPsec a _____________ hour lifetime is typical

24

Rule-based access control uses ________________________________ to help determine whether to grant access.

Access Control Lists

_________________ allows an organization to trace actions, errors, and mistakes during an audit or investigation.

Accountability

__________________ access controls are the policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access. These controls focus on personnel and business practices.

Administrative

Ciphertext of 64 or 128 bits

Block Cipher

The algorithm takes data one chunk at a time.

Block Cipher

Typically output data is larger than input data.

Block Cipher

Shifting a set of letters a specific number of places is referred to as a __________ cipher

Caesar

A(n) _______________ level is a system's threshold for specific errors or mistakes allowed before triggering a red flag.

Clipping

An organization may not be able to have a guard dog, so instead it deploys a motion detector with a spotlight and a barking sound.

Compensative Control

_________________ controls restore the system back to a state of confidentiality, integrity, and availability. They can also restore systems to normal after unauthorized activity occurs.

Corrective

Operating systems use ________________________ to protect user files and system data with passwords.

Data Encryption Standard

________________________________ is a symmetric algorithm that encrypts using a 56-bit key.

Data Encryption Standard

Protocols, such as Transport Layer Security, Internet Protocol Security, and Secure Shell use this asymmetric algorithm:

Diffie-Hellman

In the U.S., the National Security Agency (NSA) uses _____________________________ for digital signature generation and key exchange.

Elliptic Curve Cryptography

_____________________ is the process of scrambling data so that an unauthorized party cannot easily read it.

Encryption

Access control deterrents stop cyber criminals from gaining unauthorized access to information systems and sensitive data.

False

Asymmetric encryption systems are more efficient and can handle more data than Symmetric encryption.

False

Detective controls prevent cyber criminals from gaining unauthorized access to information systems and sensitive data.

False

In a public-key encryption system, any person can encrypt a message using the public key of the sender.

False

Modern encryption algorithms no longer use transposition as part of the algorithm.

False

Only block ciphers use DES.

False

With MAC, an object can be a user or a process.

False

With modern technology, the security of encryption lies in the secrecy of the algorithm, not the keys.

False

_________________________________ (or IKE) is a fundamental component of IPsec Virtual Private Networks (VPNs).

Internet Key Exchange

_________________ is a centralized network authentication system used in many operating systems.

Kerberos

The approach used to embed data in a cover-image is using _________________________________.

Least Significant Bits

Data __________ technology secures data by replacing sensitive information with a non-sensitive version.

Masking

___________________ applies a null value to a particular field, which completely prevents visibility of the data.

Nulling out

______________ access controls restore resources, functions, and capabilities after a violation of a security policy. These controls can repair damage, in addition to stopping any further damage.

Recovery

Browsers use ____________________________ algorithm to establish a secure connection.

Rivest-Shamir-Adleman

_________________________ is the discovery that hidden information exists.

Steganalysis

Encrypts plaintext one byte or one bit at a time.

Stream Cipher

Generally does not increase the original message size

Stream Cipher

Typically a faster process

Stream Cipher

A cipher key stored in computer memory may be susceptible to Trojan Horse programs.

True

A firewall that blocks access to a port or service that cyber criminals can exploit is considered preventive control.

True

All cipher methods use a key to encrypt or decrypt a message.

True

As key length increase, the keyspace increases exponentially.

True

Authorization is automatic and does not require users to perform additional steps after a user proves his or her identity.

True

DACs are discretionary because an object owner with certain access permissions can pass on those permissions to another subject.

True

Data retention, media disposal, and compliance requirements all provide accountability.

True

Defining authorization rules is the first step in controlling access.

True

Encryption requires a key.

True

In a public-key encryption system, the receiver is the only one that can decrypt it using their private key.

True

Keyspace is the number of possibilities that a specific key length can generate

True

Modern day cryptographic methods ensure secure communications.

True

One-time Pad uses plaintext twice when creating an encrypted text.

True

Organizations widely accept the use of RBAC to manage computer permissions within a system, or application, as a best practice.

True

Private-key encryption uses a symmetric algorithm.

True

The ElGamal algorithm is free for use because no one holds the patent.

True

The Vigenère cipher key is chosen by the sender and receiver.

True

The human eye cannot recognize changes made with LSB.

True

The terms passphrase, passcode, passkey, or PIN are generically referred to as password.

True

With asymmetric encryption the key that creates the ciphertext is the not same key used to decrypt the ciphertext.

True

With data masking, the shuffling technique works well for financial information in a test database.

True

With symmetric encryption the sender and receiver know the pre-shared key before any encrypted communication begins.

True

Key _____[a]_____ notifies all interested parties that a certain cipher key has been compromised and should no longer be used. Key _____[b]_____ erases old cipher keys in a manner that prevents malicious attackers from recovering them.

a-Revocation b-Destruction

Obfuscation is the art of making the message confusing, _____[a]_____, or harder to _____[b]_____.

a-ambiguous b-understand

The ____[a]____ and use of codes is cryptography. Studying and ____[b]____ codes is cryptanalysis.

a-development b-breaking

Physical access controls are actual barriers deployed to prevent direct contact with systems. The goal is to prevent _____[a]_____ users from gaining physical access to facilities, _____[b]_____, and other organizational assets.

a-unauthorized b-equipment

Software _____[a]_____ protects software from unauthorized access or modification. It inserts a secret message into the program as proof of _____[b]_____. Note: No partial credit awarded for this question

a-watermarking b-ownership

Modern cryptography uses computationally secure _______________ to make sure that cyber criminals cannot easily compromise protected information.

algorithms

Authorization controls what a user can and cannot do on the network after successful _____________________.

authentication

An ______________-level policy defines access permissions based on an employee's standing within the organization.

authority

Encryption converts the plaintext into _______________, which is an unreadable, disguised message.

ciphertext

A Mandatory Access Control system restricts a subject based on the security _____________________ of the object and the label attached to the user.

classification

What is another term for plaintext?

cleartext

Public key (encrypted) + private key (decrypt) = ___________________________

confidentiality

Implementing biometrics uses a reader or scanning device, software that converts the scanned information into digital form, and a _____________ that stores biometric data for comparison

database

Implementing accountability consists of technologies, policies, procedures, and _______________.

education

A permutation is a way of arranging all _____________ of a set.

elements

A ________________ membership policy defines authorization based on membership in a specific group.

group

Logical access controls are the _________________ and software solutions used to manage access to resources and systems

hardware

In practice, most attacks on cryptographic systems involve attacking the key _______________________, rather than the algorithm.

management system

Smart cards have an embedded _______________ that can communicate with the host computer or card reader.

microchip

Withdrawing cash from an ATM is another example of ___________________ authentication. he user must have the bankcard and know the PIN before the ATM will dispense cash.

multifactor

Psec is a suite of protocols developed to achieve secure services over ________________. IPsec services allow for authentication, integrity, access control, and confidentiality.

networks

Software ________________ translates software into a version equivalent to the original but one that is harder for attackers to analyze.

obfuscation

Symmetric algorithms use the same pre-shared key, sometimes called a secret key ________, to encrypt and decrypt data.

pair

One common method to employ discretionary access controls is with ____________________. The owner of a file can specify what __________________ (read/write/execute) other users may have.

permissions (same word used)

With modern technology, communicating parties use _____-domain algorithms for encryption.

public

Secure Shell is a protocol that provides a secure ______________ access connection to network devices.

remote

Longer keys are more secure; however, they are also more _______________ intensive.

resource

For an authorized user, a preventive access control means _________________.

restrictions

Cryptology is the science of making and breaking __________ codes.

secret

An ACL is a _____________________ list of permit or deny statements that filter traffic based on certain criteria such as the source or destination IP address.

sequential

Another term for key length is key __________.

size

Individuals in countries that censor media also use ____________ steganography to get their messages out by misspelling words on purpose or making obscure references.

social

___________________ conceals a message in another file such as a graphic, audio, or other text file.

steganography

A unique identifier ensures the proper association between allowed activities and subjects. A ________________ is the most common method used to identify a user.

username

A5 is a stream cipher that provides ________ privacy.

voice