Sec+ Final Exam Review
The ____ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products. Choose one answer. a. Twofish b. RSA c. Blowfish d. AES
RSA
____ involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain. Choose one answer. a. Scam b. Cyberterrorism c. Phishing d. Identity theft
Identity theft
An advantage of TPM is that malicious software cannot attack it. Answer: True False
True
Block ciphers are considered more secure than stream ciphers because they are more random. Answer: True False
True
Cryptography is used in the encryption process but not in the steganography process. Answer: True False
True
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature. Answer: True False
True
IPsec is an optional protocol with IPv4 but not with IPv6. Answer: True False
True
One of the duties of a CA is to distribute public key certificates. Answer: True False
True
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system. Answer: True False
True
Recent employment trends indicate that employees with security certifications are in high demand. Answer: True False
True
NTRUEncrypt uses ____ cryptography that relies on a set of points in space. Choose one answer. a. linear b. matrix-based c. quantum d. lattice-base
lattice-base
According to Panda, over 30 million new specimens of malware were created in a ten month period in 2010. Answer: True False
False
According to researchers at GTRI, a password with fewer than 7 characters will be vulnerable very soon. Answer: True False
False
Cryptography cannot be applied to entire disks. Answer: True False
False
Cryptography cannot protect data as it is being transported across a network. Answer: True False
False
Digital certificates cannot be used to identify objects other than users. Answer: True False
False
EFS uses GPG to encrypt and decrypt files. Answer: True False
False
In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm. Answer: True False
False
Most HSMs are PAN-based appliances that can provide services to multiple devices. Answer: True False
False
PGP and SSL function at the same layer of the Open System Interconnection (OSI) model. Answer: True False
False
RC6 is used in WEP encryption. Answer: True False
False
SSL is more likely to be faster than IPSEC. Answer: True False
False
The FBI defines cyberterrorism as any premeditated, politically motivated attack against information, computer systems, computer programs, and data owned and operated by government and military organizations. Answer: True False
False
The demand for IT professionals who know how to secure networks and computers is at an all-time low. Answer: True False
False
____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it. Choose one answer. a. Blocking b. Cloning c. Hashing d. Encrypting
Hashing
_______ can be used to ensure the integrity of a message or file. Choose one answer. a. Metadata b. Checksum c. Hashing d. Stream cipher
Hashing
ESP is a(n) _______________ protocol. Choose one answer. a. SHTTP b. SSL c. IPsec d. PKI
IPsec
_________ is referred to as a transparent protocol. Choose one answer. a. SSL b. SSH c. PGP d. IPsec
IPsec
____ certificates are frequently used to secure e-mail transmissions and typically only require the user's name and e-mail address in order to receive this certificate. Choose one answer. a. Public digital b. Private digital c. Personal digital d. Server digital
Personal digital
____ is text that has no formatting (such as bolding or underlining) applied. Choose one answer. a. Simpletext b. Plaintext c. Simple text d. Plain text
Plain text
The entity requesting a digital certificate usually sends their public key to the CA who issues and signs the certificate with the CA's __________. Choose one answer. a. Public hash b. Public key c. Private key d. Private hash
Private key
____ involves public-key cryptography standards, trust models, and key management. Choose one answer. a. Private key infrastructure b. Shared key infrastructure c. Public key infrastructure d. Network key infrastructure
Public key infrastructure
____ attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop and share keys as well as to detect eavesdropping. Choose one answer. a. Symmetric cryptography b. Analog cryptography c. Quantum cryptography d. Reactive cryptography
Quantum cryptography
The primary function of a(n) ____ is to verify the identity of the individual. Choose one answer. a. DA b. PA c. RA d. CA
RA
A hash that is created from a set of data can be reversed. Answer: True False
False
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it? Choose one answer. a. $100,000 b. $500,000 c. $1,000,000 d. $250,000
$250,000
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts. Choose one answer. a. 10 to 14 b. 13 to 14 c. 14 to 16 d. 12 to 15
10 to 14
____ is designed to replace DES. Choose one answer. a. Twofish b. 3DES c. RSA d. AES
3DES
In MD5, the length of a message is padded to ____ bits. Choose one answer. a. 64 b. 512 c. 32 d. 128
512
Annually, the number of malware attacks against online banking is increasing by ____ and about _____ of banks reported loses from thoe attacks. Choose at least one answer. a. 60,000 b. 75% c. 55% d. 100,000 e. 70,000 f. 85% f. 85%
60,000 85%
Approximately ____ percent of households in the United States use the Internet for managing their finances. Choose one answer. a. 80 b. 60 c. 90 d. 70
80
The____ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES. Choose one answer. a. 3DES b. Twofish c. AES d. RSA
AES
The basis for a digital signature rests on the ability of ____ keys to work in both directions. Choose one answer. a. asymmetric b. unique c. shared d. symmetric
Asymmetric
____ encryption uses two keys instead of only one and these keys are mathematically related. Choose one answer. a. Symmetric b. Public key c. Asymmetric d. Shared
Asymmetric
____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it. a. Asymmetric encryption b. Elliptic encryption c. Symmetric encryption d. Private encryption
Asymmetric encryption
Choose the statement(s) below that are correct concerning USB drives and attacks. Choose at least one answer. a. About one out of every 6 attacks came by USB flash drive devices. b. As long as you always know where your USB flash drive has been used it is safe from infection. c. Attackers leave infected USB flash drives in public places, hoping someone will pick them up and insert them into their computers. d. USB flash drives are inherently safe from attacks due to Universal Serial Bus design.
Attackers leave infected USB flash drives in public places, hoping someone will pick them up and insert them into their computers.
____ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter. Choose one answer. a. Accounting b. Encryption c. Authorization d. Authentication
Authentication
The algorithm ____ is a block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits. Choose one answer. a. RSA b. AES c. Blowfish d. 3DES
Blowfish
The PIV standard is applied by the DOD in applying a(n) ________ infrastructure to issue common access cards. Choose one answer. a. Bridge trust model b. PKI c. Transport encryption d. IPsec
Bridge trust model
A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates. Choose one answer. a. DA b. RA c. PA d. CA
CA
The ____ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components. Choose one answer. a. DP b. CP c. AP d. LP
CP
____ ensures that only authorized parties can view information. Choose one answer. a. Security b. Integrity c. Confidentiality d. Availability
Confidentiality
Select the five fundamental security principles in designing defenses against attacks. Choose at least one answer. a. Diversity b. Complexity c. Layering d. Obscurity e. Limiting f. Depth g. Simplicity
Diversity Layering Obscurity Limiting Simplicity
___________ certificates reduce the need to store multiple copies of the signing certificate. Choose one answer. a. Single-sided b. Dual-key c. EV-SSL d. Class 1
Dual-key
____ was first proposed in the mid-1980s and it uses sloping curves. Choose one answer. a. FCC b. RSA c. ECC d. IKE
ECC
____ attacks are responsible for half of all malware delivered by Web advertising. Choose one answer. a. Melissa b. Slammer c. Fake antivirus d. "Canadian Pharmacy"
Fake antivirus
____ ensures that the information is correct and no unauthorized person or malicious software has altered that data. Choose one answer. a. Integrity b. Encryption c. Availability d. Confidentiality
Integrity
Which of the following would NOT be found in a digital certificate? Choose one answer. a. Owner's gender b. Owner's address c. Issuer's public key d. Owner's public key
Issuer's public key
One of the most famous ancient cryptographers was ____. Choose one answer. a. Caesar Augustus b. Albert Einstein c. Julius Caesar d. Isaac Newton
Julius Caesar
M-of-N control is a technique used in: Choose one answer. a. Key recovery b. Third party trust c. Bridge trust model d. Key escrow
Key recovery
____ takes plaintext of any length and creates a hash 128 bits long. Choose one answer. a. RSA b. SHA1 c. MD5 d. MD2
MD2
Select the correct statement(s) below concerning PGP and GPG. Choose at least one answer. a. None are correct b. Their keys are interchangable with each other c. Both are examples of asymmetric encryption d. They are essentially the same except one is designed primarily for Windows and the other primarily for Linux
None are correct
The ____ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users. Choose one answer. a. Intermediate Authority b. Repudiation Authority c. Registration Authority d. Certificate Authority
Repudiation Authority
____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions. Choose one answer. a. SHTTP b. HTTPS c. SFTP d. Telnets
SHTTP
Since telnet is a cleartext protocol, a more secure alternative would be: Choose one answer. a. SSH b. S/Telnet c. Slogin d. RSH
SSH
TLS is an extension of ____. Choose one answer. a. Telnet b. HTTP c. FTP d. SSL
SSL
____ is a protocol developed by Netscape for securely transmitting documents over the Internet. Choose one answer. a. TLS b. EAP c. PEAP d. SSL
SSL
To understand information security by examining its goals and accomplishments, one must: Choose at least one answer. a. First, ensure that people are properly trained in security procedures b. Second, protect information that provides value to people and organizations c. Second, implement policies that provide guarantees that procedures are being followed d. First, ensure that protective measures are properly implemented
Second, protect information that provides value to people and organizations First, ensure that protective measures are properly implemented
____ certificates enable clients connecting to the Web server to examine the identity of the server's owner. Choose one answer. a. Private digital b. Server digital c. Personal digital d. Public digital
Server digital
A comprehensive definition of information security is: that which protects the _______ , _______ , and availability of information on the devices that ________, ___________ , and transmit the information through products, people, and procedures. a. Store b. Confidentiality c. Usability d. Manipulate e. Integrity f. Create
Store Confidentiality Manipulate Integrity
Select the correct statements regarding stream and block ciphers. Choose at least one answer. a. Stream ciphers tend to be slower as the size of the plaintext increases b. Block ciphers reset the entire document to its original state after processing it c. Block ciphers can randomize the blocks of plaintext to be encrypted d. Stream ciphers are less prone to attack
Stream ciphers tend to be slower as the size of the plaintext increases Block ciphers can randomize the blocks of plaintext to be encrypted
With most _________ the final step in the process is to combine the cipher stream with the plaintext to create the ciphertext. Choose one answer. a. Asymmetric algorithms b. Symmetric ciphers c. Quantum cryptography d. Hash algorithms
Symmetric ciphers
____ can protect the confidentiality of an e-mail message by ensuring that no one has read it. Choose one answer. a. Asymmetric encryption b. Symmetric encryption c. Standard encryption d. Public encryption
Symmetric encryption
The ____ is essentially a chip on the motherboard of the computer that provides cryptographic services. Choose one answer. a. TPM b. SCM c. ODS d. reference monitor
TPM
What does it mean when your web browser displays a padlock icon next to a digital certificate? Choose all that apply. Choose at least one answer. a. The CA certifies the Web site is the registered owner of the domain name b. The certificate creates a cryptographic connection to protect communications c. The CA has verified the identity of the organization d. The CA certifies the organization is authorized to operate the Web site e. The CA has verified the existence and identity of the web site owner f. The CA has identified the existence of the organization
The CA has verified the identity of the organization The CA has identified the existence of the organization The CA has verified the existence and identity of the web site owner
PKI can best be defined as: Choose one answer. a. The framework for security infrastructure management b. The framework for digital certificate management c. The framework for certifying users of security applications d. The framework for supporting public key enabled security services
The framework for digital certificate management
Select the true statement(s) about public keys. Choose at least one answer. a. They use the Diffie-Hellman algorithm b. They should not be posted publicly on the Internet c. They are used to encrypt content to be decrypted with the matching private key d. They automatically create a digital signature to verify the sender is who they claim to be e. They are used to decrypt content encrypted with the matching private key
They are used to encrypt content to be decrypted with the matching private key They are used to decrypt content encrypted with the matching private key
Self-encrypting HDD is commonly found in copiers and multifunction printers as well as point-of-sale systems used in government, financial, and medical environments. Answer: True False
True
Steganography can use image files, audio files, or even video files to contain hidden information. Answer: True False
True
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security. Answer: True False
True
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques. Answer: True False
True
____ is a relatively recent cryptographic hash function that has received international recognition and adoption by standards organizations, including the International Organization for Standardization (ISO). Choose one answer. a. Twofish b. Blowfish c. Rijndal d. Whirlpool
Whirlpool
In information security, a loss can be ____. Choose one answer. a. theft of information b. a delay in transmitting information that results in a financial penalty c. the loss of good will or a reputation d. all of the above
all of the above
Select the five steps of an attack. a. Replace software on systems b. Paralyze networks and devices c. Probe for information d. Hide evidence of an attack e. Penetrate defenses f. Modify security settings g. Circulate to other systems
b. Paralyze networks and devices c. Probe for information e. Penetrate defenses f. Modify security settings g. Circulate to other systems
With the ____ model, there is one CA that acts as a "facilitator" to interconnect all other CAs. Choose one answer. a. bridge trust b. third-party trust c. distributed trust d. transitive trust
bridge trust
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____. Choose one answer. a. cyberterrorism b. spam c. phishing d. cybercrime
cybercrime
Key ____ removes all private and public keys along with the user's identification information in the CA. Choose one answer. a. escrow b. destruction c. renewal d. generation
destruction
The ____ model is the basis for digital certificates issued to Internet users. Choose one answer. a. related trust b. third-party trust c. managed trust d. distributed trust
distributed trust
Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA. Choose one answer. a. management b. escrow c. renewal d. destruction
escrow
At the ____ stage of the certificate life cycle, the certificate can no longer be used. Choose one answer. a. suspension b. revocation c. creation d. expiration
expiration
The most basic type of cryptographic algorithm is a ____ algorithm. Choose one answer. a. block b. key c. hash d. digest
hash
An information security ____ position focuses on the administration and management of plans, policies, and people. Choose one answer. a. manager b. engineer c. inspector d. auditor
manager
A ____ is a number divisible only by itself and 1. Choose one answer. a. prime number b. prime decimal c. compound number d. neutral number
prime number
Symmetric encryption is also called ____ cryptography. Choose one answer. a. symmetric key b. public key c. shared key d. private key
private key
At the ____ stage of the certificate life cycle, the certificate is no longer valid. Choose one answer. a. revocation b. creation c. expiration d. suspension
revocation
The position of ____ is generally an entry-level position for a person who has the necessary technical skills. Choose one answer. a. CISO b. security manager c. security technician d. security administrator
security technician
A class 2 certificate is known as a ____ certificate. Choose one answer. a. signing digital b. server digital c. personal digital d. code-signing
server digital
The simplest type of stream cipher is a ____ cipher. Choose one answer. a. substitution b. lock c. loop d. shift
substitution
A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party. Choose one answer. a. third-party b. distributed c. mutual d. web of
third-party
A ____ cipher rearranges letters without changing them. Choose one answer. a. transposition b. block c. loop d. substitution
transposition