CECS 378 MIDTERM
__________ is a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. Question options: 1) Session key 2) Subkey 3) Key distribution technique 4) Ciphertext key
Key distribution technique
__________ controls access based on comparing security labels with security clearances. Question options: 1) MAC 2) DAC 3) RBAC 4) MBAC
MAC
_________ attacks have several approaches, all equivalent in effort to factoring the product of two primes. Question options: 1) Mathematical 2) Brute-force 3) Chosen ciphertext 4) Timing
Mathematical
__________ is a procedure that allows communicating parties to verify that received or stored messages are authentic. Question options: 1) Cryptanalysis 2) Decryption 3) Message authentication 4) Collision resistance
Message authentication
For stream-oriented transmission over noisy channel you would typically use _______ mode. Question options: 1) ECB 2) CTR 3) OFB 4) CBC
OFB
_________ is the original message or data that is fed into the algorithm as input. Question options: 1) Plaintext 2) Encryption algorithm 3) Decryption algorithm 4) Ciphertext
Plaintext
__________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Question options: 1) Availability 2) System Integrity 3) Privacy 4) Data Integrity
Privacy
__________ is based on the roles the users assume in a system rather than the user's identity. Question options: 1) DAC 2) RBAC 3) MAC 4) URAC
RBAC
__________ defines user authentication as "the process of verifying an identity claimed by or for a system entity". Question options: 1) RFC 4949 2) RFC 2298 3) RFC 2493 4) RFC 2328
RFC 4949
The _________ scheme has reigned supreme as the most widely accepted and implemented approach to public-key encryption. Question options: 1) SHA-1 2) HMAC 3) MD5 4) RSA
RSA
__________ is a block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n. Question options: 1) DSS 2) RSA 3) SHA 4) AES
RSA
__________ specifies the minimum requirements for telecommunications infrastructure of data centers. Question options: 1) TIA-492 2) RFC-4949 3) NIST-7883 4) RSA-298
RSA-298
In 2005, NIST announced the intention to phase out approval of _______ and move to a reliance on the other SHA versions by 2010. Question options: 1) SHA-1 2) SHA-512 3) SHA-256 4) SHA-2
SHA-1
The DSS makes use of the _________ and presents a new digital signature technique, the Digital Signature Algorithm (DSA). Question options: 1) HMAC 2) XOR 3) RSA 4) SHA-1
SHA-1
The _______ module performs end-to-end encryption and obtains session keys on behalf of users. Question options: 1) PKM 2) RCM 3) SSM 4) CCM
SSM
__________ is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients. Question options: 1) User 2) Client 3) Data owner 4) Server
Server
________ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. Question options: 1) System Integrity 2) Data Integrity 3) Availability 4) Confidentiality
System Integrity
_________ are analogous to a burglar guessing a safe combination by observing how long it takes to turn the dial from number to number. Question options: 1) Digital standards 2) Mathematical attacks 3) Ciphers 4) Timing attacks
Timing attacks
"The plaintext is 64 bits in length and the key is 56 bits in length; longer plaintext amounts are processed in 64-bit blocks" is a description of the DES algorithm. Question options:1) True2) False
True
A brute-force approach involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. Question options:1) True2) False
True
A constraint is a defined relationship among roles or a condition related to roles. Question options:1) True2) False
True
A data center generally includes backup power supplies. Question options:1) True2) False
True
A good technique for choosing a password is to use the first letter of each word of a phrase. Question options:1) True2) False
True
A hash function such as SHA-1 was not designed for use as a MAC and cannot be used directly for that purpose because it does not rely on a secret key. Question options:1) True2) False
True
A message authentication code is a small block of data generated by a secret key and appended to a message. Question options:1) True2) False
True
A query language provides a uniform interface to the database. Question options:1) True2) False
True
A smart card contains an entire microprocessor. Question options:1) True2) False
True
A user may belong to multiple groups. Question options:1) True2) False
True
Access control is the central element of computer security. Question options:1) True2) False
True
An ABAC model can define authorizations that express conditions on properties of both the resource and the subject. Question options:1) True2) False
True
An access right describes the way in which a subject may access an object. Question options:1) True2) False
True
An auditing function monitors and keeps a record of user accesses to system resources. Question options:1) True2) False
True
An important element in many computer security services and applications is the use of cryptographic algorithms. Question options:1) True2) False
True
Any program that is owned by, and SetUID to, the "superuser" potentially grants unrestricted access to the system to any user executing that program. Question options:1) True2) False
True
Availability assures that systems work promptly and service is not denied to authorized users. Question options:1) True2) False
True
Computer security is essentially a battle of wits between a perpetrator who tries to find holes and the administrator who tries to close them. Question options:1) True2) False
True
Computer security is protection of the integrity, availability, and confidentiality of information system resources. Question options:1) True2) False
True
Cryptographic hash functions generally execute faster in software than conventional encryption algorithms such as DES. Question options:1) True2) False
True
Data integrity assures that information and programs are changed only in a specified and authorized manner. Question options:1) True2) False
True
Depending on the application, user authentication on a biometric system involves either verification or identification. Question options:1) True2) False
True
Encryption becomes the last line of defense in database security. Question options:1) True2) False
True
Enrollment creates an association between a user and the user's biometric characteristics. Question options:1) True2) False
True
HMAC can be proven secure provided that the embedded hash function has some reasonable cryptographic strengths. Question options:1) True2) False
True
Hardware is the most vulnerable to attack and the least susceptible to automated controls. Question options:1) True2) False
True
Identification is the means of establishing the validity of a claimed identity provided by a user. Question options:1) True2) False
True
Identifiers should be assigned carefully because authenticated identities are the basis for other security services. Question options:1) True2) False
True
In a biometric scheme some physical characteristic of the individual is mapped into a digital representation. Question options:1) True2) False
True
In the context of security our concern is with the vulnerabilities of system resources. Question options:1) True2) False
True
In using encryption, we need to decide what to encrypt and where the encryption gear should be located. Question options:1) True2) False
True
It is possible to convert any block cipher into a stream cipher by using the cipher feedback (CFB) mode. Question options:1) True2) False
True
Key distribution can be achieved for two parties A and B by a third party selecting the key and physically delivering it to A and B. Question options:1) True2) False
True
Many security administrators view strong security as an impediment to efficient and user-friendly operation of an information system. Question options:1) True2) False
True
Many users choose a password that is too short or too easy to guess. Question options:1) True2) False
True
Modes of operation are the alternative techniques that have been developed to increase the security of symmetric block encryption for large sequences of data. Question options:1) True2) False
True
Network security is extremely important in a facility in which such a large collection of assets is concentrated in a single place and accessible by external network connections. Question options:1) True2) False
True
One desirable property of a stream cipher is that the ciphertext be of the same length as the plaintext. Question options:1) True2) False
True
Public-key cryptography is asymmetric. Question options:1) True2) False
True
RSA is a block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n. Question options:1) True2) False
True
Reliable input is an access control requirement. Question options:1) True2) False
True
SHA is perhaps the most widely used family of hash functions. Question options:1) True2) False
True
SHA-3 algorithms must be designed to resist any potentially successful attack on SHA-2 functions. Question options:1) True2) False
True
SQL Server allows users to create roles that can then be assigned access rights to portions of the database. Question options:1) True2) False
True
Security specifically tailored to databases is an increasingly important component of an overall organizational security strategy. Question options:1) True2) False
True
Some form of protocol is needed for public-key distribution. Question options:1) True2) False
True
Symmetric encryption is also referred to as secret-key or single-key encryption. Question options:1) True2) False
True
Symmetric encryption is used primarily to provide confidentiality. Question options:1) True2) False
True
The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of computing discrete logarithms. Question options:1) True2) False
True
The National Bureau of Standards is now the National Institute of Standards and Technology. Question options:1) True2) False
True
The appeal of HMAC is that its designers have been able to prove an exact relationship between the strength of the embedded hash function and the strength of HMAC. Question options:1) True2) False
True
The ciphertext-only attack is the easiest to defend against. Question options:1) True2) False
True
The database management system makes use of the database description tables to manage the physical database. Question options:1) True2) False
True
The default set of rights should always follow the rule of least privilege or read-only access. Question options:1) True2) False
True
The first step in devising security services and mechanisms is to develop a security policy. Question options:1) True2) False
True
The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not authenticate the participants. Question options:1) True2) False
True
The more critical a component or service, the higher the level of availability required. Question options:1) True2) False
True
The one-way hash function is important not only in message authentication but also in digital signatures. Question options:1) True2) False
True
The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner. Question options:1) True2) False
True
The secret key is input to the encryption algorithm. Question options:1) True2) False
True
The strength of a hash function against brute-force attacks depends solely on the length of the hash code produced by the algorithm. Question options:1) True2) False
True
The value of a primary key must be unique for each tuple of its table. Question options:1) True2) False
True
Two disadvantages to database encryption are key management and inflexibility. Question options:1) True2) False
True
Two of the most important applications of public-key encryption are digital signatures and key management. Question options:1) True2) False
True
Unlike RSA, DSS cannot be used for encryption or key exchange. Question options:1) True2) False
True
User authentication is the basis for most types of access control and for user accountability. Question options:1) True2) False
True
User authentication is the fundamental building block and the primary line of defense. Question options:1) True2) False
True
X.800 architecture was developed as an international standard and focuses on security in the context of networks and communications. Question options:1) True2) False
True
The __________ component deals with the management and control of the ways entities are granted access to resources. Question options: 1) resource management 2) access management 3) privilege management 4) policy management
access management
Cryptographic systems are generically classified by _________. Question options: 1) the type of operations used for transforming plaintext to ciphertext 2) the number of keys used 3) the way in which the plaintext is processed 4) all the above
all the above
A(n) __________ is a user who has administrative responsibility for part or all of the database. Question options: 1) administrator 2) database relations manager 3) application owner 4) end user other than application owner
application owner
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________. Question options: 1) risk 2) asset 3) attack 4) vulnerability
attack
A ________ attack involves trying all possible private keys. Question options: 1) mathematical 2) timing 3) brute-force 4) chosen ciphertext
brute-force
A __________ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. Question options: 1) mode of operation 2) hash function 3) cryptanalysis 4) brute-force attack
brute-force attack
To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol. Question options: 1) eavesdropping 2) Trojan horse 3) challenge-response 4) denial-of-service
challenge-response
If the analyst is able to get the source system to insert into the system a message chosen by the analyst, then a ________ attack is possible. Question options: 1) known-plaintext 2) chosen-plaintext 3) chosen ciphertext 4) chosen text
choosen-plaintext
A __________ type of attack exploits properties of the RSA algorithm. Question options: 1) timing 2) brute-force 3) chosen ciphertext 4) mathematical
chosen ciphertext
__________ is the scrambled message produced as output. Question options: 1) Plaintext 2) Ciphertext 3) Secret key 4) Cryptanalysis
ciphertext
A __________ is when an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path. Question options: 1) client attack 2) eavesdropping attack 3) host attack 4) Trojan horse attack
client attack
A ___________ is the portion of the data center that houses data processing equipment. Question options: 1) computer room 2) main distribution area 3) entrance room 4) horizontal distribution area
computer room
A loss of _________ is the unauthorized disclosure of information. Question options: 1) confidentiality 2) integrity 3) authenticity 4) availability
confidentiality
Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the ___________. Question options: 1) identification step 2) verification step 3) authentication step 4) corroboration step
corroboration step
A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken. Question options: 1) attack 2) countermeasure 3) adversary 4) protocol
countermeasure
Transmitted data stored locally are referred to as __________. Question options: 1) ciphertext 2) DES 3) data at rest 4) ECC
data at rest
The assurance that data received are exactly as sent by an authorized entity is __________. Question options: 1) authentication 2) data confidentiality 3) access control 4) data integrity
data integrity
A(n) __________ is a structured collection of data stored for use by one or more applications. Question options: 1) attribute 2) database 3) tuple 4) inference
database
Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences. Question options: 1) unauthorized disclosure 2) deception 3) disruption 4) usurpation
deception
The _________ is the encryption algorithm run in reverse. Question options: 1) decryption algorithm 2) ciphertext 3) plaintext 4) secret key
decryption algorithm
The __________ is the encryption algorithm run in reverse. Question options: 1) decryption algorithm 2) plaintext 3) ciphertext 4) encryption algorithm
decryption algorithm
The _________ prevents or inhibits the normal use or management of communications facilities. Question options: 1) passive attack 2) traffic encryption 3) denial of service 4) masquerade
denial of service
A __________ is created by using a secure hash function to generate a hash value for a message and then encrypting the hash code with a private key. Question options: 1) digital signature 2) keystream 3) one-way hash function 4) secret key
digital signature
A threat action in which sensitive data are directly released to an unauthorized entity is __________. Question options: 1) corruption 2) disruption 3) intrusion 4) exposure
disruption
An end user who operates on database objects via a particular application but does not own any of the database objects is the __________. Question options: 1) application owner 2) end user other than application owner 3) foreign key 4) administrator
end user other than application owner
Each individual who is to be included in the database of authorized users must first be __________ in the system. Question options: 1) verified 2) authenticated 3) identified 4) enrolled
enrolled
The most common means of human-to-human identification are __________. Question options: 1) facial characteristics 2) signatures 3) retinal patterns 4) fingerprints
facial characteristics
There are _____ modes of operation defined by NIST that are intended to cover virtually all the possible applications of encryption for which a block cipher could be used. Question options: 1) three 2) five 3) seven 4) seven
five
On average, __________ of all possible keys must be tried in order to achieve success with a brute-force attack. Question options: 1) one-fourth 2) half 3) two-thirds 4) three-fourths
half
__________ systems identify features of the hand, including shape, and lengths and widths of fingers. Question options: 1) Signature 2) Hand geometry 3) Fingerprint 4) Palm print
hand geometry
The purpose of a __________ is to produce a "fingerprint" of a file, message, or other block of data. Question options: 1) secret key 2) digital signature 3) keystream 4) hash function
hash function
A ________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. Question options: 1) low 2) normal 3) moderate 4) high
high
__________ houses cross-connects and active equipment for distributing cable to the equipment distribution area. Question options: 1) Main distribution area 2) Equipment distribution area 3) Horizontal distribution area 4) Zone distribution area
horizontal distribution area
A __________ is directed at the user file at the host where passwords, token passcodes, or biometric templates are stored. Question options: 1) eavesdropping attack 2) denial-of-service attack 3) client attack 4) host attack
host attack
__________ is the process of performing authorized queries and deducing unauthorized information from the legitimate responses received. Question options: 1) Perturbation 2) Inference 3) Compromise 4) Partitioning
inference
__________ encompasses intrusion detection, prevention and response. Question options: 1) Intrusion management 2) Security assessments 3) Database access control 4) Data loss prevention
intrusion management
Combined one byte at a time with the plaintext stream using the XOR operation, a __________ is the output of the pseudorandom bit generator. Question options: 1) keystream 2) digital signature 3) secure hash 4) message authentication code
keystream
A concept that evolved out of requirements for military information security is ______. Question options: 1) reliable input 2) mandatory access control 3) open and closed policies 4) discretionary input
mandatory access control
An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user. Question options: 1) masquerade 2) interception 3) repudiation 4) inference
masquerade
Although the _________ attack is a serious threat, there are simple countermeasures that can be used such as constant time calcs, random delays or blinding computations. Question options: 1) timing 2) chosen ciphertext 3) mathematical 4) none of the above
none of the above
A(n) __________ is a resource to which access is controlled. Question options: 1) object 2) owner 3) world 4) subject
object
A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources. Question options: 1) passive attack 2) inside attack 3) outside attack 4) active attack
passive attack
A __________ is a password guessing program. Question options: 1) password hash 2) password cracker 3) password biometric 4) password salt
password cracker
A ________ is a key used between entities for the purpose of distributing session keys. Question options: 1) permanent key 2) session key 3) distribution key 4) all of the above
permanent key
The original message or data that is fed into the algorithm is __________. Question options: 1) encryption algorithm 2) secret key 3) decryption algorithm 4) plaintext
plaintext
A _________ is defined to be a portion of a row used to uniquely identify a row in a table. Question options: 1) foreign key 2) query 3) primary key 4) data perturbation
primary key
An institution that issues debit cards to cardholders and is responsible for the cardholder's account and authorizing transactions is the _________. Question options: 1) cardholder 2) auditor 3) issuer 4) processor
processor
Digital signatures and key management are the two most important applications of __________ encryption. Question options: 1) private-key 2) public-key 3) preimage resistant 4) advanced
public-key
A __________ strategy is one in which the system periodically runs its own password cracker to find guessable passwords. Question options: 1) user education 2) proactive password checking 3) reactive password checking 4) computer-generated password
reactive password checking
In relational database parlance, the basic building block is a __________, which is a flat table. Question options: 1) attribute 2) tuple 3) primary key 4) relation
relation
The basic building block of a __________ is a table of data, consisting of rows and columns, similar to a spreadsheet. Question options: 1) relational database 2) query set 3) DBMS 4) perturbation
relational database
A __________ attack involves an adversary repeating a previously captured user response. Question options: 1) client 2) replay 3) Trojan horse 4) eavesdropping
replay
A __________ is a named job function within the organization that controls this computer system. Question options: 1) user 2) role 3) permission 4) session
role
The exact substitutions and transformations performed by the algorithm depend on the ________. Question options: 1) ciphertext 2) decryption algorithm 3) secret key 4) encryption algorithm
secret key
A __________ is any action that compromises the security of information owned by an organization. Question options: 1) security mechanism 2) security attack 3) security policy 4) security service
security attack
Recognition by fingerprint, retina, and face are examples of __________. Question options: 1) face recognition 2) dynamic biometrics 3) static biometrics 4) token authentication
static biometrics
The final permission bit is the _________ bit. Question options: 1) superuser 2) kernel 3) set user 4) sticky
sticky
A _________ protects against an attack in which one party generates a message for another party to sign. Question options: 1) data authenticator 2) strong hash function 3) weak hash function 4) digital signature
strong hash function
A __________ is an entity capable of accessing objects. Question options: 1) group 2) object 3) subject 4) owner
subject
The _________ attack exploits the common use of a modular exponentiation algorithm in RSA encryption and decryption but can be adapted to work with any implementation that does not run in fixed time. Question options: 1) mathematical 2) timing 3) chosen ciphertext 4) brute-force
timing
__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. Question options: 1) Traffic padding 2) Traffic routing 3) Traffic control 4) Traffic integrity
traffic padding
In a relational database rows are referred to as _________. Question options: 1) relations 2) attributes 3) views 4) tuples
tuples
If the only form of attack that could be made on an encryption algorithm is brute-force, then the way to counter such attacks would be to __________. Question options: 1) use longer keys 2) use shorter keys 3) use more keys 4) use less keys
use longer keys
The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords. Question options: 1) reactive password checking 2) proactive password checking 3) computer-generated password 4) user education
user education
A _________ is a virtual table. Question options: 1) tuple 2) query 3) view 4) DBMS
view
A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________. Question options: 1) countermeasure 2) vulnerability 3) adversary 4) risk
vulnerability
SHA-1 produces a hash value of __________ bits. Question options: 1) 256 2) 160 3) 384 4) 180
160
Public-key encryption was developed in the late ________. Question options: 1) 1950s 2) 1970s 3) 1960s 4) 1980s
1970's
Subject attributes, object attributes and environment attributes are the three types of attributes in the __________ model. Question options: 1) DSD 2) RBAC 3) ABAC 4) SSD
ABAC
The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the __________. Question options: 1) SHA 2) RSA 3) AES 4) DSS
AES
__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance. Question options: 1) Audit control 2) Resource control 3) System control 4) Access control
Access control
__________ is verification that the credentials of a user or other system entity are valid. Question options: 1) Adequacy 2) Authentication 3) Authorization 4) Audit
Authentication
_________ is the granting of a right or permission to a system entity to access a system resource. Question options: 1) Authorization 2) Authentication 3) Control 4) Monitoring
Authoritization
For general-purpose block-oriented transmission you would typically use _______ mode. Question options: 1) CBC 2) CTR 3) CFB 4) OFB
CBC
For general-purpose stream-oriented transmission you would typically use _______ mode. Question options: 1) CTR 2) CFB 3) ECB 4) CBC
CFB
______ mode is typically used for a general-purpose block-oriented transmission and is useful for high-speed requirements. Question options: 1) ECB 2) OFB 3) CFB 4) CTR
CTR
__________ refers to setting a maximum number with respect to roles. Question options: 1) Cardinality 2) Prerequisite 3) Exclusive 4) Hierarchy
Cardinality
__________ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization. Question options: 1) Constraints 2) Mutually Exclusive Roles 3) Cardinality 4) Prerequisites
Constraints
__________ is the traditional method of implementing access control. Question options: 1) MAC 2) RBAC 3) DAC 4) MBAC
DAC
The most widely used encryption scheme is based on the _________ adopted in 1977 by the National Bureau of Standards. Question options: 1) AES 2) 3DES 3) CES 4) DES
DES
The National Institute of Standards and Technology has published Federal Information Processing Standard FIPS PUB 186, known as the __________. Question options: 1) XOR 2) MD5 3) MAC 4) DSS
DSS
The __________ uses an algorithm that is designed to provide only the digital signature function and cannot be used for encryption or key exchange. Question options: 1) ECC 2) RSA 3) DSS 4) XOR
DSS
_________ is an organization that produces data to be made available for controlled release, either within the organization or to external users. Question options: 1) Client 2) Data owner 3) User 4) Server
Data owner
___________ was the first published public-key algorithm. Question options: 1) NIST 2) Diffie-Hellman 3) RC4 4) RSA
Diffie-Hellman
The principal attraction of __________ compared to RSA is that it appears to offer equal security for a far smaller bit size, thereby reducing processing overhead. Question options: 1) ECC 2) MD5 3) Diffie-Hellman 4) none of the above
ECC
__________ allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide. Question options: 1) EFT 2) POS 3) BTM 4) ATF
EFT
"Each block of 64 plaintext bits is encoded independently using the same key" is a description of the CBC mode of operation. Question options:1) True2) False
False
A foreign key value can appear multiple times in a table. Question options:1) True2) False
False
A single countermeasure is sufficient for SQLi attacks. Question options:1) True2) False
False
A user program executes in a kernel mode in which certain areas of memory are protected from the user's use and certain instructions may not be executed. Question options:1) True2) False
False
A view cannot provide restricted access to a relational database so it cannot be used for security purposes. Question options:1) True2) False
False
AES uses a Feistel structure. Question options:1) True2) False
False
An individual's signature is not unique enough to use in biometric applications. Question options:1) True2) False
False
Assurance is the process of examining a computer product or system with respect to certain criteria. Question options:1) True2) False
False
Contingency planning is a functional area that primarily requires computer security technical measures. Question options:1) True2) False
False
Cryptanalytic attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. Question options:1) True2) False
False
Depending on the details of the overall authentication system, the registration authority issues some sort of electronic credential to the subscriber. Question options:1) True2) False
False
External devices such as firewalls cannot provide access control services. Question options:1) True2) False
False
Fixed server roles operate at the level of an individual database. Question options:1) True2) False
False
If both sender and receiver use the same key the system is referred to as asymmetric. Question options:1) True2) False
False
Keylogging is a form of host attack. Question options:1) True2) False
False
Like the MAC, a hash function also takes a secret key as input. Question options:1) True2) False
False
Memory cards store and process data. Question options:1) True2) False
False
One disadvantage of the link encryption approach is that the message must be decrypted each time it enters a frame switch. Question options:1) True2) False
False
Plaintext is the scrambled message produced as output. Question options:1) True2) False
False
Public-key algorithms are based on simple operations on bit patterns. Question options:1) True2) False
False
SHA-1 is considered to be very secure. Question options:1) True2) False
False
SHA-2 shares the same structure and mathematical operations as its predecessors and this is a cause for concern. Question options:1) True2) False
False
Security labels indicate which system entities are eligible to access certain resources. Question options:1) True2) False
False
Security mechanisms typically do not involve more than one particular algorithm or protocol. Question options:1) True2) False
False
Site security of the data center itself includes barriers to entry, coupled with authentication techniques for gaining physical access. Question options:1) True2) False
False
Stream ciphers are far more common than block ciphers. Question options:1) True2) False
False
The "A" in the CIA triad stands for "authenticity". Question options:1) True2) False
False
The advantage of a stream cipher is that you can reuse keys. Question options:1) True2) False
False
The authentication function determines who is trusted for a given purpose. Question options:1) True2) False
False
The operations performed during a round consist of circular shifts, and primitive Boolean functions based on DSS, MD5, SHA, and RSA. Question options:1) True2) False
False
The purpose of the DSS algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages. Question options:1) True2) False
False
Threats are attacks carried out. Question options:1) True2) False
False
Timing attacks are only applicable to RSA. Question options:1) True2) False
False
To create a relationship between two tables, the attributes that define the primary key in one table must appear as attributes in another table, where they are referred to as a foreign key. Question options:1) True2) False
False
Traditional RBAC systems define the access rights of individual users and groups of users. Question options:1) True2) False
False
Triple DES takes a plaintext block of 64 bits and a key of 56 bits to produce a ciphertext block of 64 bits. Question options:1) True2) False
False
User authentication is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic. Question options:1) True2) False
False
Issued as RFC 2104, __________ has been chosen as the mandatory-to-implement MAC for IP Security. Question options: 1) RSA 2) SHA-3 3) DSS 4) HMAC
HMAC
