1601 final exam part 1

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Diffie-Hellman

Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?

Bob's public key

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

Alice's private key

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?"

Decryption

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Alice's public key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

Security risks will increase.

From a security perspective, what should organizations expect will occur as they become more dependent upon the Internet of Things (IoT)?

Integrity

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

Payment Card Industry Data Security Standard (PCI DSS)

Gwen's company is planning to accept credit cards over the Internet. Which one of the following governs this type of activity and includes provisions that Gwen should implement before accepting credit card transactions?

22

Matthew captures traffic on his network and notices connections using ports 20, 22, 23, and 80. Which port normally hosts a protocol that uses secure, encrypted connections?

Rivest-Shamir-Adelman (RSA)

What is NOT a symmetric encryption algorithm?

Unencrypted email

What is NOT an effective key distribution method for plaintext encryption keys?

Collaboration

Jody would like to find a solution that allows real-time document sharing and editing between teams. Which technology would best suit her needs?

Home agent (HA)

With the use of Mobile IP, which device is responsible for keeping track of mobile nodes (MNs) and forwarding packets to the MN's current network?

Software as a Service (SaaS)

Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

96.67%

Juan's web server was down for an entire day last September. It experienced no other downtime during that month. Which one of the following represents the web server uptime for that month?

Bring Your Own Device (BYOD)

Ron is the IT director at a medium-sized company and is constantly bombarded by requests from users who want to select customized mobile devices. He decides to allow users to purchase their own devices. Which type of policy should Ron implement to include the requirements and security controls for this arrangement?

TRUE

TRUE OR FALSE Application service providers (ASPs) are software companies that build applications hosted in the cloud and on the Internet.

TRUE

TRUE OR FALSE For businesses and organizations under recent compliance laws, data classification standards typically include private, confidential, internal use only, and public domain categories.

FALSE

TRUE OR FALSE In the Remote Access Domain, if private data or confidential data is compromised remotely, you should set automatic blocking for attempted logon retries.

TRUE

TRUE OR FALSE Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.

FALSE

TRUE OR FALSE Regarding the Internet of Things (IoT), a business involved in utilities, critical infrastructure, or environmental services can benefit from traffic-monitoring applications.

TRUE

TRUE OR FALSE The System/Application Domain holds all the mission-critical systems, applications, and data.

FALSE

TRUE OR FALSE The asset protection policy defines an organization's data classification standard.

TRUE

TRUE OR FALSE The director of IT security is generally in charge of ensuring that the Workstation Domain conforms to policy.

TRUE

TRUE OR FALSE The most critical aspect of a WAN services contract is how the service provider supplies troubleshooting, network management, and security management services.

FALSE

TRUE OR FALSE The weakest link in the security of an IT infrastructure is the server.

TRUE

TRUE OR FALSE Unified messaging allows you to download both voice and email messages to a smartphone or tablet.

512 bits

What is NOT a valid encryption key length for use with the Blowfish algorithm?

Vernam

What is the only unbreakable cipher when it is used properly?

Factoring large primes

What mathematical problem forms the basis of most modern cryptographic algorithms?

Wired Equivalent Privacy (WEP)

What standard is NOT secure and should never be used on modern wireless networks?

Hash

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

Nonrepudiation

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

Interoperability

Which Internet of Things (IoT) challenge involves the difficulty of developing and implementing protocols that allow devices to communicate in a standard fashion?

Applying security updates promptly

Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements?

Quantum cryptography

Which approach to cryptography provides the strongest theoretical protection?

Chosen plaintext

Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?

Guideline

Which element of the security policy framework offers suggestions rather than mandatory actions?

Policy

Which element of the security policy framework requires approval from upper management and applies to the entire organization?

Certification

Which information security objective allows trusted entities to endorse information?

Password protection

Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations?

Intrusion prevention system (IPS)

Which network device is capable of blocking network connections that are identified as potentially malicious?

Online Certificate Status Protocol (OCSP)

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?"

Secure

Which of the following is NOT one of the four fundamental principles outlined by the Internet Society that will drive the success of Internet of Things (IoT) innovation?

Health Insurance Portability and Accountability Act (HIPAA)

Which one of the following governs the use of Internet of Things (IoT) by healthcare providers, such as physicians and hospitals?

Identification number

Which one of the following is NOT a good technique for performing authentication of an end user?

Global adoption of non-IP networking

Which one of the following is NOT a market driver for the Internet of Things (IoT)?

E-commerce

Which one of the following is NOT an area of critical infrastructure where the Internet of Things (IoT) is likely to spur economic development in less developed countries?

Telephone call

Which one of the following is NOT an example of store-and-forward messaging?

Health monitoring

Which one of the following is an example of a business-to-consumer (B2C) application of the Internet of Things (IoT)?

Username

Which one of the following is typically used during the identification phase of a remote access connection?

Mean time to repair (MTTR)

Which one of the following measures the average amount of time that it takes to repair a system, application, or component?

Internet Engineering Task Force

Which organization pursues standards for Internet of Things (IoT) devices and is widely recognized as the authority for creating standards on the Internet?

Distributed denial of service

Which risk is most effectively mitigated by an upstream Internet service provider (ISP)?

Selecting multiple items from a list

Which scenario presents a unique challenge for developers of mobile applications?

Applying strong encryption

Which security control is most helpful in protecting against eavesdropping on wireless LAN (WLAN) data transmissions that would jeopardize confidentiality?

Symmetric, stream, substitution

Which set of characteristics describes the Caesar cipher accurately?"

Deidentification

Which technology can be used to protect the privacy rights of individuals and simultaneously allow organizations to analyze data in aggregate?

Threat

Which term describes any action that could damage an asset?

Transposition

Which type of cipher works by rearranging the characters in a message?


Ensembles d'études connexes

Chapter 15 Drugs Affecting Inflammation and Infection

View Set

catherine's lines - proof scene 4

View Set

Computer Terms in TLE/Computer 6

View Set

Chapter 4 ACCT (Extra credit/Concept videos)

View Set

Chapt 15 Christianity & The Formation of Europe

View Set