Security + Chapter 3 Review Questions

3. Alexei was given a key to a substitution cipher. The key showed that the entire alphabet was rotated 13 steps. What type of cipher is this? A. AES B. XAND13 C. ROT13 D. Alphabetic

C. ROT13

11. A(n) _____ is not decrypted but is only used for comparison purposes. A. key B. stream C. digest D. algorithm

C. digest

12. Which of these is NOT a characteristic of a secure hash algorithm? A. Collisions should be rare. B. A message cannot be produced from a predefined hash. C. The results of a hash function should not be reversed. D. The hash should always be the same fixed size.

A. Collisions should be rare.

19. What is a characteristic of the Trusted Platform Module (TPM)? A. It provides cryptographic services in hardware instead of software B. It allows the user to boot a corrupted disk and repair it C. It is available only on Windows computers running BitLocker D. It includes a pseudorandom number generator (PRNG)

A. It provides cryptographic services in hardware instead of software

10. Proving that a user sent an email message is known as _____. A. non-repudiation B. repudiation C. integrity D. availability

A. non-repudiation

20. Which of these has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form? A. Trusted Platform Module (TPM) B. Hardware Security Module (HSM) C. self-encrypting hard disk drives (SED) D. encrypted hardware-based USB devices

B. Hardware Security Module (HSM)

2. What is the latest version of the Secure Hash Algorithm? A. SHA-2 B. SHA-3 C. SHA-4 D. SHA-5

B. SHA-3

13. Alyosha was explaining to a friend the importance of protecting a cryptographic key from cryptoanalysis. He said that the key should not relate in a simple way to the cipher text. Which protection is Alyosha describing? A. diffusion B. confusion C. integrity D. chaos

B. confusion

6. Public key systems that generate random public keys that are different for each session are called _____. A. Public Key Exchange (PKE) B. perfect forward secrecy C. Elliptic Curve Diffie-Hellman (ECDH) D. Diffie-Hellman (DH)

B. perfect forward secrecy

7. What is data called that is to be encrypted by inputting it into a cryptographic algorithm? A. opentext B. plaintext C. cleartext D. ciphertext

B. plaintext

8. Which of these is NOT a basic security protection for information that cryptography can provide? A. authenticity B. risk loss C. integrity D. confidentiality

B. risk loss

4. Abram was asked to explain to one of his coworkers the XOR cipher. He showed his coworker an example of adding two bits, 1 and 1. What is the result of this sum? A. 2 B. 1 C. 0 D. 16

C. 0

14. Which of these is the strongest symmetric cryptographic algorithm? A. Data Encryption Standard B. Triple Data Encryption Standard C. Advanced Encryption Standard D. RC 1

C. Advanced Encryption Standard

15. If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? A. Alice's private key B. Bob's public key C. Alice's public key D. Bob's private key

C. Alice's public key

5. Which of the following key exchanges uses the same keys each time? A. Diffie-Hellman-RSA (DHRSA) B. Diffie-Hellman Ephemeral (DHE) C. Diffie-Hellman (DH) D. Elliptic Curve Diffie-Hellman (ECDH)

C. Diffie-Hellman (DH)

18. At a staff meeting one of the technicians suggested that the enterprise protect its new web server by hiding it and not telling anyone where it is located. Iosif raised his hand and said that security through obscurity was a poor idea. Why did he say that? A. It is an unproven approach and has never been tested. B. It would be too costly to have one isolated server by itself. C. It would be essentially impossible to keep its location a secret from everyone. D. It depends too heavily upon non-repudiation in order for it to succeed.

C. It would be essentially impossible to keep its location a secret from everyone.

1. The Hashed Message Authentication Code (HMAC) _____. A. encrypts only the message B. encrypts only the key C. encrypts the key and the message D. encrypts the DHE key only

C. encrypts the key and the message

16. Egor wanted to use a digital signature. Which of the following benefits will the digital signature not provide? A. verify the sender B. prove the integrity of the message C. verify the receiver D. enforce nonrepudiation

C. verify the receiver

17. Illya was asked to recommend the most secure asymmetric cryptographic algorithm to his supervisor. Which of the following did he choose? A. SHA-2 B. ME-312 C. BTC-2 D. RSA

D. RSA

9. Which areas of a file cannot be used by steganography to hide data? A. in areas that contain the content data itself B. in the file header fields that describe the file C. in data that is used to describe the content or structure of the actual data D. in the directory structure of the file system

D. in the directory structure of the file system