Network and Info Security Quizzes 5 & 6

¡Supera tus tareas y exámenes ahora con Quizwiz!

Accelerometer

Peter is a design engineer at a mobile device manufacturing company. He is designing the core components included in their flagship mobile device being launched during year-end 2020. Peter wants to design a tablet component that would detect vibrations and movements and determine the device's orientation so that the screen image is always displayed upright. Which of the following components he should develop?

Green

Photoplethysmography uses which type of light to measure heart rate on a wearable device?

Tethering, USB-on-the-go (OTG), malicious USB cable, hotspots

Which of the following are categories of vulnerabilities in mobile device connections that can also be exploited by threat actors?

Nonrepudiation

A manager working in ABC Consulting shared a list of employees from his team who were eligible for an extra week off. Later, he claimed that he has never shared this list. Which principle or functionality of a secured communication can be used to substantiate or verify the manager's claim?

Blockchain

A new e-commerce startup with global operations is looking for a method to manage its supply-chain data for production. Instead of using bar codes, scanners, paper forms, and individual databases, making the system difficult to use, which method should be used to quickly track shipments?

Cryptography should be implemented because it allows information to be viewed only by authorized users and checks whether the information has been altered or changed by anybody. It also makes the information unclear, even if other users see it. Cryptography is a more advanced technology than steganography. These features make cryptography the right choice for the enterprise to implement.

ABC Enterprise is a global operation. As such, it needs to send regular, confidential messages and data between offices to communicate important market information, employee decisions, financial decisions, etc., for management consideration and senior-level decision making. Since these decisions impact the local employees and global businesses, they suspect that the data may be prone to attacks from threat actors internally and externally. While one of the senior systems administrators suggested implementing steganography to achieve this objective, the IT Department head at another branch suggested implementing cryptography. The management team has now called you for expert advice to select the best method to implement in the enterprise. What should your advice be, and why?

ECC, as it uses sloping curves to generate keys. This makes it very secure for smaller key sizes making it secure and the communication exchange extremely fast.

ABC Enterprises plans to upgrade its internal confidential communication channel for the senior management team, which is geographically spread out, to enhance communication speed and security. They have decided to use cryptography to achieve this but can't decide on which model. The CEO has come to you for your suggestion on whether to use RSA or ECC. What should you recommend to the CEO, and why?

Use encrypted USBs in the enterprise because they automatically encrypt the information and give Alex remote access to the drive to monitor and disable the user.

Alex is working for Alpha Technology as a system administrator. The enterprise's sales team uses multiple external drives, often containing confidential data, that they carry between their offices and their clients' offices. What should Alex do to ensure that data is secure if it is stolen or lost, and why?

Diffusion

Alex needs to find a method that can change a single character of plaintext into multiple characters of ciphertext. Which method should Alex use?

Team B has selected BAN.

Alpha Tech started a charitable competition in which every team is asked to submit a proposal for a public health contract asking for a new viral transmission mitigation app. Which team has selected the correct option?

Virtual desktop infrastructure (VDI)

Anola is the security administrator in XYZ consulting. She is asked to suggest a deployment method where the data is stored in a completely secure, centralized server and accessed by authorized employees using their own devices. Which deployment should Anola choose?

Cryptographic hash algorithms

Blockchain relies on which cryptographic algorithm to make it computationally infeasible to try to replace a block or insert a new block of information without the approval of all entities involved?

Malicious USB

Dan uses his personal laptop for writing the script for an upcoming high-budget, highly anticipated movie. To keep the script private, he decided not to connect his laptop to any network and updated his system with the latest virus definitions and security patches. Which of the following is Dan's laptop still vulnerable to?

Blockchain

Harry works at an automobile parts manufacturer. They sell these parts to retailers and deposit the proceeds in their bank. Using these funds, Harry pays the suppliers and employees. The Accounts Department maintains a ledger of all transactions of materials bought and sold. Similarly, the quality department and operations department also maintain a ledger of all transactions. Over the years, this process has become quite cumbersome, as growing data create confusion. Harry is looking at simplifying the process and has contacted you for a solution. Using which technology can this process be simplified and confusions avoided?

Infrared

In which of the following mobile device connectivity methods are light waves used as a communication channel?

Cellular

In which of the following mobile device connectivity methods are transmitters connected through a mobile telecommunication switching office (MTSO) that controls all of the transmitters in the cellular network and serves as the link between the cellular network and the wired telephone world?

all answer choices (jailbreaking is correct though)

James is a black hat hacker employed as an authorized officer at Apple. He has credentials and signed a non-disclosure agreement to perform advanced penetration testing on the iOS 6.1.6 operating system, and has already gained low-level access to the mobile device using a backdoor. The process by which John could design/create his own custom firmware to exploit underlying vulnerabilities and gain a higher level of access to a UNIX shell with root privileges, essentially allowing them to do anything on the device is ?

Data synchronization with a remote server or separate device

John has been appointed as a product manager at a large mobile device manufacturing company. He is designing the core features included in their flagship mobile device that will be launched during the holiday shopping season. Which of the following features should he primarily include?

all answer choices

John is asked to design a specialized device that does not have any security features but operates on the basis of trust that assumes all other devices or users can be trusted. Which security constraint for the embedded system should John use?

Asymmetric cryptographic

John needs to add an algorithm for his company communication process, in which encryption uses two keys. One is the public key, and the other one is a private key. Which algorithm will be suitable to achieve this?

Digital signature algorithm

John receives an encrypted document using asymmetric cryptography from Alex. Which process should Alex use along with asymmetric cryptography so that John can be sure that the received document is real, from Alex, and unaltered?

Infrared

Jordan has been asked by his organization to help them choose a mobile device communication channel for their new mobile device build. Which of the following mobile device communication channels should Jordan NOT suggest to his company?

ROT13

Kainat is asked to suggest a cipher in which the entire alphabet is rotated (as in, A=N, B=O), making it difficult to identify. Which cipher should she suggest?

Unified environment management (UEM) tool

Kelly is asked to choose a mobile management tool that provides a single management interface for all applications, content, and device management. Which of the following is the best one-step solution?

Corporate-owned, personally enabled (COPE)

Marcus is an information security architect at a product-based IT firm. He is responsible for developing policies for the most-secure mobile device enterprise-deploying model. The company will decide the level of choice and freedom for employees. Employees are supplied company-chosen and paid-for devices that they can use for both professional and personal activities. This action is performed under which enterprise deployment model?

Sponge

Which function in cryptography takes a string of any length as input and returns a string of any requested variable length?

Arduino

Sara is asked to create a controller for light sensors. When the light falls on the sensor, it needs to indicate when a particular object is moved from its original position. For this, she needs a credit card-sized motherboard with a microcontroller on it. Which option should she select?

Design a solution that keeps track of dates, times, locations of transactions, and geolocation of the authorized cell phone. When a user makes a purchase at a store, the bank can immediately check that the cell phone and the bank card are in the same place. If they are, the purchase is considered legitimate. But if they are not, then the payment is rejected.

Sean is an information security architect at a financial firm. As his first project, he must design and build an efficient, sure-shot, yet cost-effective solution to detect and prevent bank credit card fraud. How should Sean proceed?

Check the digest of the file with the original digest. If the values are different, it can be confirmed that the file has been tampered with.

Sigma Solutions use hash algorithms in the communications between departments while transferring confidential files. A human resource employee informed you that one of the employees' salary statements sent from her end looks tampered with and requested your help. Which of the following tasks would enable you to identify whether the file is tampered with or not, and how will you make the determination?

On-body detection

Simon is working in a telecom firm. Being an HOD, he was asked to suggest a lock pattern for their mobile devices with the following features: The device should have a prerecord of its user's walking and other body movement patterns, and on sensing any change in the regular movements, should be able to lock the device. Which lock pattern should Simon suggest?

Misconfiguration attack; the company should have configured a higher security hash algorithm rather than using the less-secure SHA-256.

Spectrum Technologies uses SHA-256 to share confidential information. The enterprise reported a breach of confidential data by a threat actor. You are asked to verify the cause of the attack that occurred despite implementing secure cryptography in communication. Which type of attack should you consider first, and why?

MDM, because it allows remote management and over the air updates.

Walter's organization is in the beginning stages of a new project. His team is tasked with finding a tool that must have the following features, allowing it to be remotely managed by the organization:1. It must be able to apply default device settings.2. It must be able to approve or quarantine new mobile devices.3. It must be able to configure emails, calendars, contacts, and Wi-Fi profile settings.4. It must be able to detect and restrict jailbroken and rooted devices. Which tool should Walter's team suggest, and why?

Tamper protection

Which alert utility can identify theft in a smart meter?

Symmetric cryptographic algorithm

Which algorithm encrypts and decrypts data using the same key?

Collision attack

Which attack sees an attacker attempt to determine the hash function's input strings that produce the same hash result?

Obfuscation

Which characteristic of cryptography makes information obscure or unclear, and by which the original information becomes impossible to be determined?

Asymmetric

Which cryptographic method should Susanne use to ensure that a document can be encrypted with a key and decrypted with a different key?

USB device encryption

Which encryption device you can use that has the following features? 1. It should allow administrators to remotely prohibit accessing the data on a device until it can verify the user status. 2. It can lock user access completely or even instruct the drive to initiate a self-destruct sequence to destroy all data.

Trusted platform module

Which encryption is a chip on the motherboard of a computer that provides cryptographic services?

Full disk encryption

Which encryption method in BitLocker prevents attackers from accessing data by booting from another OS or placing the hard drive in another computer?

Nonrepudiation

Which feature of cryptography is used to prove a user's identity and prevent an individual from fraudulently reneging on an action?

SED

Which of the following devices can perform cryptographic erase?

Arduino

Which of the following devices is similar to Raspberry Pi?

Watering hole attack

Which of the following is NOT an attack on cryptography?

Data in transit

Which of the following is a state of data, where data is transmitted across a network?

File-based encryption

Which of the following is the most secure encryption solution to adopt for a Google Android mobile device?

PRNG

Which of the following is used to create a sequence of numbers whose output is close to a random number?

Choose your own device (CYOD)

Which of the following mobile device enterprise deployment models are implemented so that employees in an organization are offered a suite of security, reliability, and durability choices that the company has already approved?

Accelerometer

Which of the following mobile device features senses movements that it then uses to ensure the screen is always oriented upright?

BAN

Which of the following sensors help generate security alerts to physicians regarding patient health?

Small form factor, mobile operating system, wireless data network interface for internet access, app stores, local nonremovable data storage

Which of the following sets consists of only the core features of a mobile or computing device?

Global positioning system (GPS), microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), removable storage media

Which of the following sets only lists additional features of a mobile device or a computing device?

A quantum computer is a computer that relies on qubits that can be both 0 and 1 at the same time.

Which of the following statements describe a quantum computer?

MDM

Which of the following tools allow a mobile device to be managed remotely by an organization and typically involve a server sending out management commands to mobile devices?

Opal

Which of the following uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors?

USB-on-the-go (OTG)

Which of the following vulnerabilities involves connecting a flash drive infected with malware to a mobile device?

Measuring heart rate by tracking changes in green light absorption, since human blood absorbs green light

Which one of the following is the most appropriate explanation of photoplethysmography?

AES

Wilson has requested your help to suggest an encryption method that will provide the highest security against attacks. Which encryption process should you suggest?

Ciphertext attack

Wireless data networks are particularly susceptible to which type of attack?

Choose your own device (CYOD)

Zyan works for ABC Technology. The enterprise wants to provide smartphones to all its employees. They can choose from a limited list of approved mobile devices. But they need to pay for the device themselves. The company will pay them a monthly stipend. Which deployment method should Zyan suggest to meet his company's needs?


Conjuntos de estudio relacionados

Chapter 10 Nutrition Strategies for Maximizing Performance

View Set

quiz #2 questions- elbow, radioulnar, wrist, EXPH 2200 EXAM/QUIZ combined questions

View Set

A&P 103B Mastering HW Digestive II

View Set

GRE Quantitative Reasoning Notes & Formulas

View Set

Chapter 1 Problem Set: Statistics

View Set

chapter 3 statistical association

View Set

Qualys Vulnerability Management v1

View Set

RN Concept-Based Assessment Level 2 Online Practice B

View Set