Midterm
Which of the following authentication techniques are vulnerable to sniffing attacks that replay the sniffed credential? Select all that apply.
1. passwords 2. passive tokens 3. biometric readers
If we combine "10101" with "01011" using Exclusive Or, which result do we get?
11110 (opposites generate a 1, same generates a 0)
SHA-1 produces a hash value of __________ bits.
160
When we place crypto in different protocol layers, we often balance two important properties:
Application transparency and network transparency
What does authentication do?
Associates an individual with an identity
In 2008, researchers at Princeton University demonstrated techniques to retrieve RAM contents after the computer had been powered off. They then extracted drive encryption keys from RAM and used them to decrypt an encrypted drive. This is called a(n):
Cold-boot attack
Which of the following security protections is used to prevent passive attacks?
Confidentiality
Alice transmits a message to Bob using a stream cipher. During transmission, an error causes a single bit in the ciphertext to change. How does this affect the decrypted message?
The decrypted message contains a 1-bit error in the same location.
The video stored on DVDs is encrypted. Where do we get the key to decrypt the DVD when we play it?
The key is stored in the player.
After encrypting a plaintext file and saving its ciphertext in a new file, what should the file encryption program do next? Select the safest alternative.
The program writes zeroes over the every data block in the plaintext file.
The language that's the foundation of most web pages is:
Hypertext Markup Language (HTML)
Volume encryption protects data on a computer against:
Theft
Secure Sockets Layer (SSL) has been replaced by:
Transport Layer Security (TLS)
A DVD player handles all key management.
True
The process of transforming an existing key into a new one is called:
Self-rekeying
The following are fundamental strategies for authenticating people on computer systems, except:
Something you make
An encryption algorithm that uses the same key for both encryption and decryption is:
Symmetric
A good hash function has the property that "the results of applying the function to a large set of inputs will produce outputs that are evenly distributed and apparently random".
True
A hash function that satisfies the properties of variable input size, fixed output size, efficiency, preimage resistant, second preimage resistant and collision resistance is referred to as a strong hash function.
True
A network attack in which someone forges network traffic would be considered an active attack.
True
After encrypting a plaintext file, it should actively erase the plaintext file's context and save the encryption.
True
An encryption application program, from a user's point of view, protects a file with a memorized password.
True
Browsers often store the cookies in individual files, each named for the server that owns the cookie. Whenever the browser visits a particular server, it includes the cookies received from that server.
True
Changing a single bit of a block cipher's input affects the entire output block.
True
Crypto techniques originally focused on confidentiality.
True
Dictionary attacks differ from trial and error attacks because dictionary attacks focus on likely passwords.
True
Eavesdropping without interfering with communications would be considered a passive attack.
True
Hash functions can be used for intrusion and virus detections.
True
If a certificate authority is not in a web browser's built-in list, then the browser cannot verify the certificate's digital signature and thus cannot tell if the certificate is legitimate.
True
It can be shown that some form of birthday attack will succeed against any hash scheme involving the use of cipher block chaining without a secret key, provided that either the resulting hash code is small enough or that a larger hash code can be decomposed into independent subcodes.
True
Keystroke loggers can be hardware or software based.
True
SQL supports queries to search and extract data from the database, plus other operations to add or update data in the database.
True
Self-rekeying transforms an existing encryption key into a new one using a pseudorandom number generator.
True
The Advanced Encryption Standard (AES) is stronger than the Data Encryption Standard (DES).
True
The one-way hash is a cryptographic function.
True
The way to measure the resistance of a hash algorithm to cryptanalysis is to compare its strength to the effort required for a brute-force attack.
True
Virtually all cryptographic hash functions involve the iterative use of a compression function.
True
When an attacker is attacking a password system, the average attack space estimates the number of guesses required before success is likely.
True
You can wrap a secret key with RSA.
True
An authentication system that requires the user to provide two different passwords and a fingerprint scan is an example of:
Two-factor authentication
Virtual private networking is used primarily for encrypting:
a connection between two sites across the internet.
Managing a website's subject matter and files and constructing web pages can be accomplished with:
a content management system
An attack that tricks a database management system into interpreting part of an entered password as an SQL expression is called:
command injection
To manage the site's contents and construct web pages, most modern sites use:
content management systems
Access control protects data on a computer against:
hostile users
A message authentication code is also known as a __________ hash function.
keyed
When encrypting data with a block cipher, each repetition is called a:
round
Encryption can help protect volumes in all of the following situations, except:
to prevent physical damage to a hard drive
The type of cipher that rearranges the text of a message is called:
transposition
File encryption protects data on a computer against all of the following, except:
trojan crypto
The principal application of IPsec is:
virtual private networking
A decryption procedure requires two inputs. Select all that apply.
1. ciphertext 2 key
Which of the following are true of client-side scripts? Select all that apply.
1. Appear as short procedures embedded in an HTML page 2. Are interpreted by browsers 3. Can be exploited by viruses and trojans
Which of the following are risks associated specifically with running scripts in a user's browser? Select all that apply.
1. Cross Site Scripting 2. Malicious script that damages client side resources
In a password system, increasing the work factor results in which of the following? Select all that apply.
1. Increases the size of the character set from which users choose passwords. 2. Increases the length of the password
Which of the following qualities of a good encryption algorithm apply to AES today? Select all that apply.
1. No practical weaknesses 2. Explicitly designed for encryption 3. Available for analysis 4. Security does not rely on its secrecy 5. Subjected to analysis
The steps below describe how to use an encryption program. Arrange the steps in their proper order.
1. Select file to encrypt 2. Provide the key to encrypt the file 3. The program encrypts the file and saves the encrypted copy 4. The program erases the plaintext version of the file and erases the key from RAM
Here is a list of features of various authentication tokens. Indicate all that are true for one-time password tokens.
1. Some tokens use a built-in counter to generate nonces. 2. Some tokens use a built-in clock to generate nonces. 3. The token contains a base secret.
Which of the following are true about a one-time pad? Select all that apply.
1. Theoretically impossible to crack 2. Uses a random stream of bits for its key stream
Bob and Kevin are both using crypto to communicate with other people. Bob doesn't want Kevin eavesdropping on his messages, and vice versa. They each need to choose algorithms and keys. Which of the following choices will protect one from eavesdropping by the other? Select all that apply.
1. Use different algorithms and different keys. 2. Use the same algorithm and different keys
Which of the following network protocols typically provide application transparency? Select all that apply.
1. Wi-Fi Protected Access 2. IPSec
Which of the following software can encrypt individual files? Select all that apply.
1. Windows built-in encryption 2. PKZIP 3. PGP
We need to create a three-factor authentication system. The system already uses a USB device that is unlocked with the user's fingerprint. Which of the following can we add to implement three separate factors?
A PIN entered via a built-in PIN pad
______ systematically stores data in a structured manner.
A database
We need to create a three-factor authentication system. The system already requires the user's fingerprint and memorized password. Which of the following can we add to implement three separate factors?
A procedure that requires the user's cell phone.
Bob needs to deploy an efficient block cipher. He has a choice between 128-bit AES and Triple DES using three different keys. Which of the following statements is most accurate about these choices?
AES is more efficient than triple DES and it provides better security
We have an operating system that includes built-in file encryption. When we consider the layers of system software, where does the file encryption reside?
Between the file system and the application layer
The effort required for a collision resistant attack is explained by a mathematical result referred to as the ___________ .
Birthday paradox
To provide both encryption and integrity protection, WPA2 uses AES encryption with:
CCM mode
__________ receives GET, POST, and other HTTP requests and returns a web page in response.
Content management system software
The principal purpose of a hash function is __________ .
Data integrity
An attack that blocks access to a system by other users is called:
Denial of service
Every valid public-key certificate contains a(n):
Digital Signature
Average attack space measures the time until success is certain.
False
Basic HTTP is a stateful protocol.
False
Biometrics are a favored form of authentication, as they are immune to sniffing attacks.
False
Biometrics have a fault tolerance of 0.
False
In HTTP tunneling, some protocols travel inside HTTP traffic.
False
In manual keying, two encryption keys are produced for each cryptonet or communicating pair and those keys are distributed to the appropriate endpoints.
False
Offline attacks are easily detected.
False
Passive tokens are favored, as they are immune to sniffing attacks.
False
Public-key certificates do not carry a range of effective dates, which means a certificate can be set to never expire.
False
Structured Query Language (SQL) is a front-end, object-oriented interface for databases.
False
Two factor authentication is using two passwords.
False
When you are biased in selecting a password, you choose your password from the entire search space.
False
Your fingerprint is a "something you have" factor.
False (something you are)
A protocol that establishes security associations (SAs) between a pair of hosts is:
Internet Key Exchange (IKE)
The __________ resistance guarantees that it is impossible to find an alternative message with the same hash value as a given message.
Second pre-image
In typical applications, does SSL provide application transparency?
No, because the SSL software is traditionally integrated into the application software package and is not supported unless the application specifically provides it.
An initialization vector is most similar to which of the following?
Nonce
There are three types of tokens; which of the following is not a correct type?
Offensive tokens
Requirements for a cryptographic hash function include ___________ which is the one-way property.
Pre-image resistance
__________ are measures of the number of potential collisions for a given hash value.
Preimages
We use cryptography to apply all of the following protections to network traffic, except:
Reliability
In a password system, the total number of possible passwords is called the:
Search space
Two users can construct a shared secret by sharing Diffie-Hellman private keys.
WPA2 with AES
__________ is when a search for malware in the HTML and other files returned to browsers by Web servers.
Web traffic scanning