CISSP Multiple Choice
An employee believes their password was compromised while at work by a visitor shoulder-surfing in the employee's workspace. Which of the following has been violated? A. Confidentiality B. Availability C. Authenticity D. Integrity
A
Polyalphabetic encryption techniques use multiple alphabets for each successive character replacement, making analysis much more difficult. A. TRUE B. FALSE
A
Reduction analysis: A. Reduces the system's risk to a given target level by effectively applying countermeasures B. Reduces the system's threats to a given target level by analyzing those threats C. Is a planned activity for identifying and assessing threats and vulnerabilities D. Identifies and reduces exploitable vulnerabilities
A
Test outputs should be compared against expected outputs. A. TRUE B. FALSE
A
Which agile development model uses timeboxing as a key element? A. The Dynamic Systems Development Model (DSDM) B. eXtreme Programming C. Scrum D. Feature Driven Development (FDD)
A
Which describes the symmetric cipher "Blowfish"? A. Extremely fast, and uses very little memory B. Keys range from 32 to 448 bits C. Feistal-type blocks of 64 bits in length D. All of the above
A
Which intrusion detection system's efficiency decreases with encryption? A. NIDS B. HIDS C. SIDS D. PIDS
A
Which of the following is NOT a natural environmental threat that an organization faces? A. Environmentalist Strike B. Floods C. Storms D. Earthquake
A
Which of the following layers of the OSI model offer non-repudiation services? A. Application B. Data-Link C. Presentation D. Physical
A
Which of the following layers of the OSI model offers reliability of transmission services? A. Application Layer B. Data-Link Layer C. Transport D. Physical Layer
A
Which symmetric cipher is a Feistal-type block cipher with 64-128 bit blocks? A. CAST B. SAFER C. Blowfish D. Twofish
A
Wi-Fi Protected Access (WPA-2) uses Advanced Encryption Standard (AES) and Temporal Key Integrity Protocol (TKIP). A. TRUE B. FALSE
A
Transactions that serve no business value other than to test or exercise a system are: A. Mock transactions B. Dummy transactions C. Synthetic transactions D. False transactions
C
An emerging concept of highly-interconnected physical devices with embedded sensor and communications capabilities is called: A. Internet devices B. Internet of things C. Internet of people D. Interconnected homes
B
Asynchronous encrypt and decrypt requests are processed immediately. A. TRUE B. FALSE
B
What are the three phases of the cryptographic lifecycle? A. Weakened, compromised, and broken B. Strong, weakened, and compromised C. Operational, post-operational, and obsolete D. Installed, used, and recovered
B
What type of analysis emphasizes the formal study of what your organization is doing currently and where it will be in the future? A. Cost Benefit B. Gap C. Requirement D. Vulnerability
B
Which cable has a relatively low-speed transmission medium consisting of two insulated wires that are arranged in a regular spiral pattern? A. Fiber optic B. Twisted pair C. Coax D. None of the above
B
You are advising a non-profit organization on disaster recovery plans. In case a disaster affects the main IT centers for the organization, they will need to be able to operate from an alternate location. Budget for the solution is limited, but the organi A. Warm site B. Cold site C. Shared site D. Hot site
B
The best exercise type to use in order to validate a specific functional response in your recovery plan is a: A. Structured Walk-through B. Tabletop Exercise C. Parallel Test D. Simulation Test
D
The monitoring of outbound network traffic for indicators of compromise is called: A. Outland monitoring B. Inland monitoring C. Ingress monitoring D. Egress monitoring
D
The trait in object-oriented technology and programming that allows data to be stored in different objects at different levels is: A. Inheritance B. Encapsulation C. Polymorphism D. Polyinstantiation
D
To maintain the security architecture, of the following, which is true? A. Business needs change; technology changes; personnel change; threats adapt and grow; constant reassessment and improvement is necessary B. Metrics and reporting are required to ensure continuous improvement C. Maturity models assist in determining whether an organization is focused on optimization D. All of the above
D
Which of the following describes a virus which often resides on a machine by infecting a template and can cross platform boundaries as long as the application is present? A. Multipartite B. Companion C. Email D. Macro
D
Which of the following is NOT an information assurance strategy? A. Certification and accreditation B. Information auditing C. Information integrity D. None of the above
D
What is the best protection measure against unauthorized access to personal privacy information records in an area where systems are accessed by multiple employees? A. The use of CHAP B. Time of day restrictions C. The use of smart cards D. Sign in sheets
C
Which of the following is NOT a consideration when choosing data retention policies? A. Cost of data retention B. Data retrieval and use C. Human resources D. Inherent aggregation
C
Which protocol offers native encryption capability, for both authentication and data transfer? A. NNTP B. POP C. IMAP D. IM
C
You have been assigned the task of selecting a hash algorithm for your organization to be specifically used to ensure the integrity of certain sensitive files. It must use a 128-bit hash value. Which of the following is your best selection? A. AES B. SHA C. MD5 D. DES
C
Administrative law is concerned with confining government power, curtailing governmental abuses, ensuring procedural adherence, and ensuring performance of statutory duties.
T
A customer requests to connect their LAN to the internet. Which of the following devices do you recommend using to meet this goal? A. Router B. Hub C. Switch D. Cable
A
Defining technology security architecture in relationship with other technology domains is a benefit of the enterprise security architecture. A. TRUE B. FALSE
A
In defining and maintaining the enterprise security architecture, which aspect describes the creating of a catalog of inputs? A. Document current technology positions B. Actual placement and layout and interconnectivity in implementation C. Compare the current architecture to the target D. Results in a strategic roadmap for migrating from current to target (typically, over 3-5 years)
A
In which of the following alternative site configurations is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility? A. Hot Site B. Mobile Site C. Warm Site D. Cold Site
A
Remote Access does what of the following? A. Provides administrators and end users with the ability to access resources from a distant location B. Is one of the lease exploited IT capabilities today C. Enforces authentication D. Employs strong authentication
A
The Capability Maturity Model Integration (CMMI) has three constellations. Which of the following is not one of the constellations? A. Design B. Acquisition C. Development D. Services
A
The software development model that is designed for large mainframe systems and requires an environment where developers work directly with users is: A. JAD B. RAD C. MPM D. CASE
A
Which of the following does NOT describe a State machine model? A. Creates one-to-one relationships between subjects and objects B. Defines what actions will be permitted at any point in time to ensure a secure state is preserved C. Describes a system as it moves from one point in time to another D. Time is crucial; state can only change at certain times
A
Which of the following forms of attack can be used to disrupt even the best physical and logical security mechanism to gain access to a system? A. Social Engineering Attack B. Cross Site Scripting Attack C. Distributed Denial of Service Attack D. Advanced Persistent Attack
A
Which of the following is the technology of indoor environmental comfort? A. HVAC B. CCTV C. Lighting D. Fire Suppression
A
Which of the following plans is a comprehensive statement of consistent actions to be taken before, during, and after a disruptive event that causes a significant loss of information systems resources? A. Disaster recovery plan B. Contingency plan C. Business Continuity plan D. Continuity of Operations plan
A
Which one of the following is designed to protect the goodwill and reputation a merchant or vendor invests in its products? A. Trademark B. Patent C. Copyright D. Trade Secret
A
All of the following describes link encryption except: A. Encrypts the message payload B. Performed by the end-user C. Requires decrypting and re-encrypting at each communications node D. Encrypts the routing information
B
Encryption is converting a message from ciphertext to plaintext. A. TRUE B. FALSE
B
In defining and maintaining the enterprise security architecture, the gap analysis describes the security functionality in terms of generic components, component flows, and nodes.
B
Information flow models help ensure that high-level actions (inputs) do not affect what low-level users can see (outputs). A. TRUE B. FALSE
B
List the token-based authentication steps in the correct order. A. Token Device Challenge>Response>Challenge>Authentication>Valid Certificate B. Challenge>Response> Token Device Challenge>Valid Certificate >Authentication C. Challenge>Response> Token Device Challenge>Authentication>Valid Certificate D. Token Device Challenge>Response> Challenge>Valid Certificate >Authentication
B
Managing the dialogue between two or more communicating devices is called: A. Communications Management B. Session Management C. Dialogue Management D. Transport Management
B
The Investigative phase of the incident response process includes detection, identification, and notification. A. TRUE B. FALSE
B
The security concept of operation is developed from whose perspective? A. Vendor B. System user C. Program manager D. System engineer
B
Which software development model releases multiple beta versions and solicits frequent user feedback? A. Iterative Development B. Prototyping C. Spiral D. Cleanroom
B
You are building a personal e-commerce site and seek a simple security solution which does not require each customer to have an individual key. Which of the following encryption method below is your best solution? A. Asymmetric Encryption B. Symmetric Encryption C. S/MIME D. PGP
B
Weaknesses of TELNET include which of the following? (SELECT ALL THAT APPLY) A. Emergency services location problem B. Limited to UserID/password authentication C. No encryption D. Usernames/passwords can be brute forced
B, C, D
Of the following plans, which is designed to protect critical business processes from natural or man-made failures or disasters and the consequential loss of capital due to the unavailability of normal business operations? A. Disaster Recovery Plan B. Contingency Plan C. Business Continuity Plan D. Crisis Communication Plan
C
Single sign-on (SSO) benefits do NOT include which the following? A. Efficient log-on B. No requirement for multiple passwords C. Single point of failure D. Ubiquitous enforcement of standards
C
When malware infects a host and allows it to be used in a botnet for DDoS attacks, the host is said to be what kind of host? A. Trojan B. Worm C. Zombie D. Virus
C
Which does NOT describe one-time pads? A. Unbreakable by most cryptanalysis B. Requires a key the length of the message C. May or may not be visible; may affect quality of the original D. Keys must be randomly generated
C
Which of the following is a software protection mechanism where all references to information and all changes to authorizations must pass through a small portion of the operating system? A. Processor privilege states B. Security controls for buffer overflows C. Security kernels D. Memory protection
C
Which of the following is best described as small changes in an algorithm or key that will result in massive changes to the message? A. Hash rounding B. Diffusion C. Avalanche effect D. Transposition snowball
C
Which of the following processes identifies the threats that can impact the business continuity of operations? A. Function analysis B. Risk analysis C. Business impact analysis D. Requirement analysis
C
You are required to implement a hashing method in your organization's enterprise that can resist forgery and is not susceptible to a man-in-the-middle attack. Which of the following methods will you use to achieve the task? A. MD2 B. NTLM C. MAC D. SHA4
C
A minimum security baseline is a set of standards: A. That are applied enterprise wide to ensure a consistent level of compliance. B. That are applied to a minimum set of controls to ensure a minimum level of compliance C. That are based on regulatory requirements D. That are not based on a systematic review of risks
A
As an operational system engineer you are responsible for verifying that a software build meets its data requirements and correctly generates projected displays and reports. Which type of testing is best used to achieve your goals? A. Functional B. Reliability C. Regression D. Performance
A
Management should decide when a system should be returned to operational status in which phase of the incident response process? A. Recovery Phase B. Triage Phase C. Investigative Phase D. Post-incident Phase
A
Modifying identifying information so as to make communication appear to come from a trusted source is known as: A. Spoofing B. Eavesdropping C. Emanations D. Sniffing
A
To authenticate the remote computer, which of the following protocols uses public-key cryptography? A. SSH B. SSL C. FTP D. WEP
A
What are the three major steps to designing an awareness and training program? A. Designing the program, developing the materials, and implementing the program B. Designing the program, implementing the program, and evaluating the program C. Organizing the program, developing the materials, evaluating the program D. Designing the program, implementing the program, evaluating the students
A
Which of the following attacks allow bypassing access control lists on routers and aids an aggressor in identity hiding? A. MAC Spoofing Attack B. DNS Cache Poisoning C. DDos Attack D. Mask Attack
A
Which of the following describes the type of anti-virus software that looks for suspicious sections of code generally found in malware? A. Heuristic scanners B. Activity monitors C. Change detection D. Anti-malware policies
A
Which of the following is true about maintaining the chain of custody of a digital investigation? A. Keep a log of every person who had physical custody of the evidence, documenting the actions that they performed on the evidence and at what time B. Using sound, repeatable collection techniques that allow for the demonstration of the accuracy and integrity of the evidence C. Using sound scientific methods to determine the characteristics of the evidence D. Ensuring that the contamination and destruction of the scene are kept to a minimum
A
Which one best describes the religious law? A. Punishments may take any and all forms B. Social mores and norms which dictate behavior have been inculcated into law C. Judges are distinct from attorneys, and are actively involved in fact-finding (to include investigations) D. Characterized by heavy reliance on legislative law instead of jurisprudence
A
Which one is a benefit of a enterprise security architecture? A. Present and document various elements of the security architecture in order to ensure strategic alignment B. Provide an understanding of the impact on security posture of development and implementation within other domains C. Support, enable, and extend security policies and standards D. All of the above
A
Which one of the following is a characteristic of tort law? A. Damages usually entail monetary restitution, which can be compensatory, punitive, or statutory B. Punishments usually include fines, inability to practice a profession, and possibly incarceration C. Behaviors or conduct seen as harmful to the public or society D. Punishments may include loss of personal freedom (to include death) or monetary fines
A
Which one of the following tests the system's hardware, software, and configuration in an environment like its eventual operational setting? A. Certification B. Accreditation C. Recertification D. None of the above
A
Which phase of the incident response process is triggered by awareness? A. Triage Phase B. Investigative Phase C. Recovery Phase D. Post-incident Phase
A
Which security model describes strict layers of subjects and objects (active and passive parties, respectively) and defines clear rules of interaction between them? A. Multilevel lattice models B. Matrix-based models C. Non-interference models D. Information flow models
A
Which symmetric cipher is used in Bluetooth? A. SAFER B. Blowfish C. RC5 D. Twofish
A
Which type of law is derived from court decisions and codification of British law dating back to the 12th century? A. Common Law B. Criminal Law C. Tort Law D. Administrative Law
A
With public key cryptography, confidential messages with proof of origin are encrypted with the sender's private key and the public key of the recipient. A. TRUE B. FALSE
A
Which of the following statements about incremental backup are true? (CHECK ALL THAT APPLY) A. It is the fastest method of backing up data B. It backs up only the files changed since the most recent backup and clears the archive bit C. A full restoration of data will be slower, since all increments must be restored D. It is the slowest method for taking a data backup
A, B, C
In managing security services effectively, incident management handles which of the following? (check all that apply) A. Prioritization B. Training C. Automatic scanning of media and attachments D. Protocol-anomaly-based systems
A, B
Which of the following are considered biometric access control systems? (check all that apply) A. Iris pattern B. Vascular patterns C. Keystroke dynamics D. Cipher locks
A, B, C
Which of the following statements about incremental backup are true? (CHECK ALL THAT APPLY) A. It is the fastest method of backing up data B. It backs up only the files changed since the most recent backup and clears the archive bit C. A full restoration of data will be slower, since all increments must be restored D. It is the slowest method for taking a data backup
A,B,C
A basic control component of an industrial control system (ICS) that is most often used is called a: A. Process control system B. Programmable logic controller C. Remote terminal unit D. Master terminal unit
B
Copyright conveys exclusive rights to the owner of markings the public uses to identify that owner's goods and products. A. TRUE B. FALSE
B
Many organizations purchase insurance policies to provide various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques are being employed? A. Risk avoidance B. Risk transfer C. Risk acceptance D. Risk insurance
B
Place the attack methodology in the correct order. A. Target acquisition> Target analysis>Target access>Target appropriation>Target ownership B. Target analysis> Target acquisition >Target access>Target appropriation>Target ownership C. Target access >Target acquisition> Target analysis >Target appropriation>Target ownership D. Target appropriation> Target acquisition> Target analysis>Target access >Target ownership
B
Positive testing has the objective of determining if an application can handle invalid input or unexpected user behavior. A. TRUE B. FALSE
B
Substitution is mixing the location of plaintext throughout the ciphertext adding a level of complexity to the process. A. TRUE B. FALSE
B
What type of risk remains after the implementation of new or enhanced controls? A. Substantial B. Residual C. Inherent D. Obsolete
B
Which layer is not part of the OSI model? A. Application B. Internet C. Data Link D. Session
B
Which of the following categories of access control implementation includes implementing security services such as smart cards, biometrics, access control lists, firewalls, and intrusion detection systems? A. Administrative Access Control B. Logical Access Control C. Biometric Access Controls D. Physical Access Control
B
Which of the following electronically stored information (ESI) are not considered reasonably accessible? A. Manual-access disks B. Backup tapes for disaster recovery C. Hard drives D. Auto-access optical disks
B
Which of the following incident handling process phases is responsible for defining rules, collaborating personnel workforce, creating a backup plan, and testing the plans for an enterprise? A. Identification Phase B. Preparation Phase C. Containment Phase D. Recovery Phase
B
Which of the following refers to a location away from the computer center where document copies and backup media are kept? A. Storage Area network B. Off-site storage C. On-site storage D. Network attached storage
B
Which of the most common Cloud service types allow applications to be created and run on remote infrastructure? A. Infrastructure as a Service (IaaS) B. Platform as a Service (PaaS) C. Software as a Service (SaaS) D. Security as a Service (SEaaS)
B
Which one of the following is true about the criminal law? A. Divided into intentional torts, wrongs against a person or property, dignitary wrongs, economic wrongs, negligence, nuisance, and strict liability B. Punishments may include loss of personal freedom (to include death) or monetary fines C. Punishments usually include fines, inability to practice a profession, and possibly incarceration D. Deals with the governance of public bodies
B
Which of the following is not a characteristic of continuous monitoring? A. Measures security posture B. Leverages automated data feeds C. Enables prioritization of remedies D. Informs managers of HR issues
D
Which of the following is not one of the four typical elements of a DBMS? A. Database engine B. Hardware platform C. Application software D. None of the above
D
Which of the following is true for Interface testing? A. Offers flexible usage and input combos B. Promotes user feedback C. Has decreased reliability D. Is effective in large environment simulations
D
Which of the following terms refers to a mechanism which proves that the sender really sent a specific message? A. Integrity B. Confidentiality C. Authentication D. Non-repudiation
D
Which of the following uses a Key Distribution Center (KDC) to authenticate a principle? A. CHAP B. PAP C. TACACS D. Kerberos
D
Which one of the following describes the Information Technology Security Evaluation Criteria (ITSEC)? A. Vendor has the option to define a set of requirements from a menu of possible options into a Security Target (ST) B. Vendors develop products (Targets of Evaluation, or ToEs) and have them evaluated against the ST C. Addresses all three Triad elements D. All of the above
D
Which one of the following is NOT a common security service in the system security architecture? A. Access control services B. Audit and monitoring services C. Boundary control services D. Groups and protection services
D
Which one of the following is a common system component in the system security architecture? A. Processor B. Storage C. OS D. All of the above
D
Which regulatory guidance pertains to any company that is publicly traded on U.S. markets? A. The Health Insurance Portability and Accountability Act (HIPAA) B. The Computer Fraud and Abuse Act (CFAA) C. The Payment Card Industry Data Security Standard (PCI DSS) D. The Sarbanes-Oxley Act (SOX)
D
A digital certificate in a Public Key Infrastructure is: A. A delegated function from the certificate authority B. An entity that issues manages keys C. Electronic credentials used to certify an online identity D. A central, accessible location where public keys are stored
C
All of the following is true about trade secrets EXCEPT: A. Provides competitive advantage or equal footing B. Is not disclosed in legal proceedings C. Registered with a government registrar D. Must generally be not known and provide benefit to the company
C
An organization is seeking to implement a hot site and wants to sustain a live database server at the alternate site. Which of the following solutions will be the best for the organization? A. Electronic vaulting B. Remote journaling C. Remote mirroring D. Transaction logging
C
Attempting to crack a password by using common words from a text file is known as what kind of attack? A. Brute force B. Shoulder surfing C. Dictionary D. SQL Injection
C
Cross-functional teams formed to conceptualize, design, test, produce, and deliver a product are called: A. Facilitated Workshops B. Framework Teams (FTs) C. Integrated Product Teams (IPTs) D. Release Planning Teams (RPTs)
C
What is the correct order in which the ISC2 Code of Ethics should be upheld? A. Advance and protect the profession; Provide diligent and competent service to principals; Act honorably, honestly, justly, responsibly, and legally; Protect society, the commonwealth, and the infrastructure. B. Protect society, the commonwealth, and the infrastructure; Provide diligent and competent service to principals; Act honorably, honestly, justly, responsibly, and legally; Advance and protect the profession. C. Protect society, the commonwealth, and the infrastructure; Act honorably, honestly, justly, responsibly, and legally; Provide diligent and competent service to principals; Advance and protect the profession. D. Act honorably, honestly, justly, responsibly, and legally; Protect society, the commonwealth, and the infrastructure; Provide diligent and competent service to principals; Advance and protect the profession.
C
What protocol solicits MAC address from devices on the network without requiring authentication? A. PPP B. SSH C. ARP D. RIP
C
What two cryptographic implementations does Kerberos use? A. AES and RSA B. RSA and DES C. DES and RC4 D. AES and RC4
C
Which network topology's use of tokens allows prediction of node transmission delay and can be used as LAN or network backbone? A. Bus B. Star C. Ring D. Mesh
C
Which of the following approaches for identifying appropriate BIA interviewees includes reviewing the enterprise's functional positions? A. Executive management interviews B. Overlaying system technology C. Organizational chart reviews D. Organizational process models
C
Which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises? A. Evacuation drill B. Walk-through drill C. Structured walk-through test D. Table top exercise
C
Which of the following is responsible for maintaining certificates in a public key infrastructure (PKI)? A. Domain Controller B. Certificate User C. Certification Authority D. Public Authentication Server
C
Which security operation control enables checks and balances to reduce fraud? A. Least privilege B. Need-to-know C. Separation of duties D. Job rotation
C
Wireless transmission technologies include all of the following except? A. Direct-sequence spread spectrum B. Frequency-hopping spread spectrum C. Time division multiple access D. Code division single access
D
Information will not be disclosed to any unauthorized person on a local network via which of the following cryptographic system services? A. Authentication B. Non-Repudiation C. Integrity D. Confidentiality
D
Network information services (NIS) are used for what processes? A. Inadvertent disclosure of files B. Using an unauthorized client C. Incorrect mapping of User IDs between server and client D. Manage user credentials across a group of machines in a UNIX environment
D
Protection practices that can be used to prevent man-in-the-middle attacks include? A. Strong access controls B. Encryption/checksum C. IDS D. All of the above
D
Which of the following activities is NOT an example of a technical control? A. Auditing B. Network Architecture C. System Access D. Data Backup
D
Which of the following is NOT associated with the access control principles? A. Separation of duties B. Compartmentalization C. Least privilege D. Job rotation
D
Which of the following is correct about dynamic testing? A. Happens with no prior knowledge of the system B. Happens with full knowledge of the system C. Observes the system without being executed D. Observes the system while being executed
D
Which formula can be used to calculate the Annualized Loss Expectancy (ALE)? A) SLE (Single Loss Expectancy) + ARO (Annualized Rate of Occurrence) B) Asset Value * EF (Exposure Factor) C) Asset Value * EF (Exposure Factor) * ARO (Annualized Rate of Occurrence) D) SLE (Single Loss Expectancy) * ARO (Annualized Rate of Occurrence) * Asset Value
c
Which of the following protocols can be used to translate a physical address, such as an Ethernet address, into a logical IP address? A) ARP B) PPP C) RARP D) ICMP E) SLIP
c RARP (Reverse Address Resolution Protocol) is a protocol that can be used to translate a physical address, such as an Ethernet address, into an IP address. RARP is commonly used by diskless workstations, which often only know their hardware interface addresses when booted. They must discover their IP addresses from an external source, such as a RARP server. In this case, the host broadcasts its physical address and a RARP server replies with the host's IP address. On the other hand, ARP (Address Resolution Protocol) is a network layer protocol used to convert an IP address into a physical address, such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the network. The host on the network that has the IP address in the request then replies with its physical hardware address. On the other hand, ICMP (Internet Control Message Protocol) is a message control and error-reporting protocol that uses IP datagrams. In contrast, SLIP and PPP are two communication protocols which allow a computer connected to a server via a serial line (such as a modem) to become a actual node on the internet.
Which of the following statements are true regarding cryptography? A) The Diffie-Helman algorithm takes a message of arbitrary length and generates a 128-bit message digest B) The strength of a RSA public key encryption is based on the difficulty of finding the discreet logarithm in a finite field C) In a digitally signed message, the entire message is encrypted using the public key of the sender D) The RC5 algorithm is a method where subjects exchange secret keys over a non-secure medium, without exposing the keys. E) None of the statements are true
e. The strength of a RSA public key encryption is based on the difficulty of factoring the product of large prime numbers, and NOT based on the difficulty of finding the discreet logarithm in a finite field. The RSA algorithm can be used for encryption, key exchange, and digital signatures. The MD5 algorithm, not the Diffie-Hellman algorithm, is a message digest algorithm that takes a message of arbitrary length and generates a 128-bit message digest. On the other hand, the Diffie-Hellman key exchange is a method where subjects exchange secret keys over a non-secure medium without exposing the keys. Lastly, in a digital signed message, only the message digest is encrypted using the private key of the sender. The entire message is NOT encrypted and the public key is NOT used by the sender to encrypt the data.
Which of the following are NOT operating modes of the DES encryption algorithm? A) CBC B) ECB C) CFB D) OFB E) CBE
e. DES has four modes of operations: CBC - Cipher Block Chaining. In CBC mode, each plaintext block is XORed with the previous cipher text block and then encrypted. ECB - Electronic Code Book. In ECB mode, each plaintext block is encrypted independently with the block cipher. CFB - Cipher Feedback. In CFB mode, the previous cipher text block is encrypted and the output produced is combined with the plaintext block using XOR to produce the current cipher text block. OFB - Output Feedback. OFB mode is similar to CFB mode except that the quantity XORed with each plaintext block is generated independently of both the plaintext and cipher text.
Which of the following is NOT addressed by the Clark-Wilson Integrity Model? A) Procedures that take the system from one valid state to another B) Procedures that test the constrained data items to conform to integrity constraints C) Data not subject to integrity controls D) Data subject to integrity controls E) Procedures that prevent a subject at a lower level of integrity from invoking a subject at a higher level of integrity
e. The Clark-Wilson model involves two primary elements for achieving data integrity — the well-formed transaction and separation of duties. Well-formed transactions prevent users from manipulating data, thus ensuring the internal consistency of data. Separation of duties prevents authorized users from making improper modifications, thus preserving the external consistency of data by ensuring that data in the system reflects the real-world data it represents. The model defines the following terms: TP - transaction procedures. Procedures that take the system from one valid state to another. IVP - integrity verification procedures. Procedures that test the constrained data items to conform to integrity constraints CDI - constrained data items. Data subject to integrity controls. UDI- unconstrained data items. Data not subject to integrity controls On the other hand, the Biba Integrity Model, NOT the Clark-Wilson model specifies procedures that prevent a subject at a lower level of integrity from invoking a subject at a higher level of integrity.