CS445 Test 1

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

In S/MIME, the message is first encrypted by (A). Then both (A) and the encrypted message are encrypted again by (B). What are the correct terms for (A) and (B)?

(A) | (B) Shared | Receiver's Secret | Public Key | Key

CIDR (Classless Interdomain Routing) was created to mitigate the wastage of IP address space. In the notation 205.16.37.32/28, how many IP addresses are available for hosts?

16

Some ranges of IP addresses are assigned for private network. Which one of the following is such a private address range?

192.168.0.0 - 192.168.255.255

In RSA algorithm, the parameters are given as following: p = 11, q = 3. Then n = 33. In this case, what is the value of the Totient Function Φ(n)?

20

Consider a perfect one-way hash algorithm that generates 256-bit hash value. To create a hash collision with 50% chance, how many message should be tried? (Hint: This is called the level of safety.)

2^128

An IP packet size is 4200 bytes. If it is going to be transported over Ethernet, how many fragmented packets will be generated?

3

Since the key length of DES is only 56 bits, you can perform multiple DES encryptions to increase the effective key size. With Double DES, what is the effective key size?

57

The following picture describes the packet structure in IPsec tunnel mode (Entire IP packet becomes the payload of the new IPsec packet.) What is the correct numbers for the protocol types A,B and C? Refer to the table for the protocol numbers. Quiz 3 Question 11

A |B|C 50|4|6

ICMPv6 assumes additional roles on the network. As a result, when using ICMPv6 _______ and IGMP are no longer necessary

ARP

Which protocol is used for determining the MAC address of the destination device when the source device knows only the IP address of the destination?

ARP

_______ is used to resolve a logical (IP) address to a physical (MAC) address.

ARP

Which protocol is used for routing packets between ASes (or ISPs)?

BGP

Why is the RSA algorithm considered secure?

Because it is difficult to factor N to two prime numbers

After launching a brute-force attack on the AES, how did the Cryptool software figure out the right key?

By looking for the lowest entropy value

Among the following encryption modes, which mode allows random access to any block while producing different ciphertext blocks for the same plaintext blocks?

CTR (Counter)

Frequency analysis can be used best for breaking which algorithm?

Caesar's Cipher

One of the following methods uses a different mechanism for encryption. Find it.

Columnar Transposition

What protocol is responsible for dynamically assigning an IP address to network hosts?

DHCP

_______ makes it possible for web browsers to find web servers and for email clients to find their respective servers, since it converts host names to an IP address.

DNS

Which security principle is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack?

Defense in Depth

Packet analysis can also help _______ understand protocol and application behavior to see how routines behave, as well as help determine if it is the application OR the network that is causing slow response times.

Developers

In IKE, which public key algorithm is used for key exchange in modified form?

Diffie-Hellman

RSA algorithm has the following feature. In other words, you can encrypt plaintext with a private key. This does not give any confidentiality, but serves a different purpose. Where can you best use this feature?

Digital Signature

There are two types of IPsec headers, AH (Authentication Header) and ESP (Encapsulated Security Payload) what is the major difference between them?

ESP allows encryption

What standard network protocol is used to access directories and files, and to transfer files from one host to another over a TCP-based network?

FTP

If you right click on either a header or a field value and select "Prepare a Filter", Wireshark will create and run the filter in the display filter area.

False

In Cloudshark, you can use _______ to see where the endpoints are in the world.

GEOIP

Wireshark Legacy utilized _______ or the GIMP Toolkit, a multi-platform toolkit for creating graphical user interfaces.

GTK+

What protocol provides the ability to exchange resources, such as displaying a web page in your browser?

HTTP

_______ carries error, routing and control messages. It does NOT exchange data between systems.

ICMP

Specifies the format of packets or datagrams, and the addressing scheme. Handles the logical addressing in the TCP/IP protocol suite. Decides where a packet is to be sent next, choosing the best path using a routing table.

IP

There are three most important goals in computer security. Which one of the following is one of three goals?

Integrity (WRONG ANSWERS : Controllability, Vulnerability, Accountability)

In Wireshark you can use the _______ found on the right-hand side of the packet list, where the coloring rules help you see indications of problems, so you can quickly go to trouble spots.

Intelligent Scrollbar

Diffie-Hellman key exchange algorithm is considered secure because?

It is hard to compute discrete logarithm

IPsec header includes a 32-bit sequence number. What is the purpose of it?

It is used to prevent replay attack

A switch is in fact a generalized multi-port bridge. Find a correct explanation about switch.

It offers a full-duplex communication

What is the advantage of ECC algorithm compared with RSA?

It requires a smaller key for the same level of security

Choose an incorrect description on AES

It simulates one-time pad

The last part of frame formation is the frame header where we add the source and destination _______ address.

MAC

The following tasks except one are performed by TCP. Find the one that is not the function of TCP.

Multicasting

TCP options must be in multiples of four (4) bytes. If 10 bytes of option are added to the TCP header, two single byte _______ will be added to the options header.

No-Operation

When the DNS query answer comes from the local DNS's cache, what is it called?

Non-authoritative answer

Which one of the following is considered perfect cipher?

One-time pad

Choose an incorrect description about email security.

PGP uses X.509 digital certificate.

Since a public key can be faked by attackers, there is a certification infrastructure called PKI. Find a correct description on it.

PKI forms a hierarchy

Chose an incorrect description on packet fragmentation.

Packets can be reassembled in any intermediate routers

Modern cipher algorithms use a combination of two elementary operations. What are they?

Permutation and Substitution

Which device connects two segments of the same LAN and extends the collision domain?

Repeater

Refer to the following figure. Upon receiving a signed document, which key is used to verify the digital signature? Image on Quiz II Question 8.

Sender's Public Key

What is the disadvantage of asymmetric key cryptography (or public key) compared with symmetric key cryptography?

Slower

You can quickly begin capturing traffic by selecting an active _______ on the main screen.

Sparkline

The protocol suite for the Internet that provides a set of guidelines for networking protocols to enable computers to communicate over a network.

TCP/IP

_______ uses UDP as the transport-layer protocol

TFTP

Find a correct description about MAC address.

The first 24-bit is vendor code

Refer to the following figure. It shows an Ethernet frame. Using a packet sniffer, you observe that the value in the "Length or Type" field is "0x0800". What can you infer from that? Image on Quiz II, Question 11

The frame is an Ethernet II frame

Traceroute algorithm sends a series of packets to the destination with varying TTL values. When the TTL value becomes 0 in a router, what happens?

The router drops the packet and sends an ICMP packet to the sender

In email applications such as MIME, S/MIME or PGP, an encoding scheme called base 64 (or radix 64) is used. What is the purpose of it?

To send binary data over text-only channel.

A significant improvement since moving from GTK to Qt, is that Wireshark now provides a native interface for OSX that doesn't require the use of X11

True

Connectionless protocol used as an alternative to TCP when reliability is not an issue.

UDP

To get help in Wireshark, you can right click on a protocol and select _______

Wiki Protocol Page

The TCP _______ is the amount of information that a machine can receive during a session and still be able to process the data.

Window Size

In the expert system the color _______ provides information about typical workflow such as TCP window update or connection finish.

gray

IPv6 uses _______ to communicate with multiple hosts.

multicast

Transmission Control Protocol _______

supports sliding windows

In order to capture ONLY FTP traffic, use _______ as a capture filter.

tcp port 21

The _______ layer is responsible for transporting data using a connection-oriented connectionless protocol. The PDU at this point is a segment, and the address is a port address.

transport


Kaugnay na mga set ng pag-aaral

Document A: Declaration of Independence (Focus on the Principle of EQUALITY)

View Set

Chapter 14: Arterial Puncture Procedures

View Set

Chapter 7 - Promulgated Addenda, Notices and Other Forms: Practice Questions

View Set

AP World History Chapter 28 Key Terms

View Set

PSY 160: Chapter 1: Foundations of Psychiatric-Mental Health Nursing - ML5

View Set

african american history chapter 6-9

View Set