CECS 378 MIDTERM

__________ is a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. Question options: 1) Session key 2) Subkey 3) Key distribution technique 4) Ciphertext key

Key distribution technique

__________ controls access based on comparing security labels with security clearances. Question options: 1) MAC 2) DAC 3) RBAC 4) MBAC

MAC

_________ attacks have several approaches, all equivalent in effort to factoring the product of two primes. Question options: 1) Mathematical 2) Brute-force 3) Chosen ciphertext 4) Timing

Mathematical

__________ is a procedure that allows communicating parties to verify that received or stored messages are authentic. Question options: 1) Cryptanalysis 2) Decryption 3) Message authentication 4) Collision resistance

Message authentication

For stream-oriented transmission over noisy channel you would typically use _______ mode. Question options: 1) ECB 2) CTR 3) OFB 4) CBC

OFB

_________ is the original message or data that is fed into the algorithm as input. Question options: 1) Plaintext 2) Encryption algorithm 3) Decryption algorithm 4) Ciphertext

Plaintext

__________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. Question options: 1) Availability 2) System Integrity 3) Privacy 4) Data Integrity

Privacy

__________ is based on the roles the users assume in a system rather than the user's identity. Question options: 1) DAC 2) RBAC 3) MAC 4) URAC

RBAC

__________ defines user authentication as "the process of verifying an identity claimed by or for a system entity". Question options: 1) RFC 4949 2) RFC 2298 3) RFC 2493 4) RFC 2328

RFC 4949

The _________ scheme has reigned supreme as the most widely accepted and implemented approach to public-key encryption. Question options: 1) SHA-1 2) HMAC 3) MD5 4) RSA

RSA

__________ is a block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n. Question options: 1) DSS 2) RSA 3) SHA 4) AES

RSA

__________ specifies the minimum requirements for telecommunications infrastructure of data centers. Question options: 1) TIA-492 2) RFC-4949 3) NIST-7883 4) RSA-298

RSA-298

In 2005, NIST announced the intention to phase out approval of _______ and move to a reliance on the other SHA versions by 2010. Question options: 1) SHA-1 2) SHA-512 3) SHA-256 4) SHA-2

SHA-1

The DSS makes use of the _________ and presents a new digital signature technique, the Digital Signature Algorithm (DSA). Question options: 1) HMAC 2) XOR 3) RSA 4) SHA-1

SHA-1

The _______ module performs end-to-end encryption and obtains session keys on behalf of users. Question options: 1) PKM 2) RCM 3) SSM 4) CCM

SSM

__________ is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients. Question options: 1) User 2) Client 3) Data owner 4) Server

Server

________ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. Question options: 1) System Integrity 2) Data Integrity 3) Availability 4) Confidentiality

System Integrity

_________ are analogous to a burglar guessing a safe combination by observing how long it takes to turn the dial from number to number. Question options: 1) Digital standards 2) Mathematical attacks 3) Ciphers 4) Timing attacks

Timing attacks

"The plaintext is 64 bits in length and the key is 56 bits in length; longer plaintext amounts are processed in 64-bit blocks" is a description of the DES algorithm. Question options:1) True2) False

True

A brute-force approach involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. Question options:1) True2) False

True

A constraint is a defined relationship among roles or a condition related to roles. Question options:1) True2) False

True

A data center generally includes backup power supplies. Question options:1) True2) False

True

A good technique for choosing a password is to use the first letter of each word of a phrase. Question options:1) True2) False

True

A hash function such as SHA-1 was not designed for use as a MAC and cannot be used directly for that purpose because it does not rely on a secret key. Question options:1) True2) False

True

A message authentication code is a small block of data generated by a secret key and appended to a message. Question options:1) True2) False

True

A query language provides a uniform interface to the database. Question options:1) True2) False

True

A smart card contains an entire microprocessor. Question options:1) True2) False

True

A user may belong to multiple groups. Question options:1) True2) False

True

Access control is the central element of computer security. Question options:1) True2) False

True

An ABAC model can define authorizations that express conditions on properties of both the resource and the subject. Question options:1) True2) False

True

An access right describes the way in which a subject may access an object. Question options:1) True2) False

True

An auditing function monitors and keeps a record of user accesses to system resources. Question options:1) True2) False

True

An important element in many computer security services and applications is the use of cryptographic algorithms. Question options:1) True2) False

True

Any program that is owned by, and SetUID to, the "superuser" potentially grants unrestricted access to the system to any user executing that program. Question options:1) True2) False

True

Availability assures that systems work promptly and service is not denied to authorized users. Question options:1) True2) False

True

Computer security is essentially a battle of wits between a perpetrator who tries to find holes and the administrator who tries to close them. Question options:1) True2) False

True

Computer security is protection of the integrity, availability, and confidentiality of information system resources. Question options:1) True2) False

True

Cryptographic hash functions generally execute faster in software than conventional encryption algorithms such as DES. Question options:1) True2) False

True

Data integrity assures that information and programs are changed only in a specified and authorized manner. Question options:1) True2) False

True

Depending on the application, user authentication on a biometric system involves either verification or identification. Question options:1) True2) False

True

Encryption becomes the last line of defense in database security. Question options:1) True2) False

True

Enrollment creates an association between a user and the user's biometric characteristics. Question options:1) True2) False

True

HMAC can be proven secure provided that the embedded hash function has some reasonable cryptographic strengths. Question options:1) True2) False

True

Hardware is the most vulnerable to attack and the least susceptible to automated controls. Question options:1) True2) False

True

Identification is the means of establishing the validity of a claimed identity provided by a user. Question options:1) True2) False

True

Identifiers should be assigned carefully because authenticated identities are the basis for other security services. Question options:1) True2) False

True

In a biometric scheme some physical characteristic of the individual is mapped into a digital representation. Question options:1) True2) False

True

In the context of security our concern is with the vulnerabilities of system resources. Question options:1) True2) False

True

In using encryption, we need to decide what to encrypt and where the encryption gear should be located. Question options:1) True2) False

True

It is possible to convert any block cipher into a stream cipher by using the cipher feedback (CFB) mode. Question options:1) True2) False

True

Key distribution can be achieved for two parties A and B by a third party selecting the key and physically delivering it to A and B. Question options:1) True2) False

True

Many security administrators view strong security as an impediment to efficient and user-friendly operation of an information system. Question options:1) True2) False

True

Many users choose a password that is too short or too easy to guess. Question options:1) True2) False

True

Modes of operation are the alternative techniques that have been developed to increase the security of symmetric block encryption for large sequences of data. Question options:1) True2) False

True

Network security is extremely important in a facility in which such a large collection of assets is concentrated in a single place and accessible by external network connections. Question options:1) True2) False

True

One desirable property of a stream cipher is that the ciphertext be of the same length as the plaintext. Question options:1) True2) False

True

Public-key cryptography is asymmetric. Question options:1) True2) False

True

RSA is a block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n. Question options:1) True2) False

True

Reliable input is an access control requirement. Question options:1) True2) False

True

SHA is perhaps the most widely used family of hash functions. Question options:1) True2) False

True

SHA-3 algorithms must be designed to resist any potentially successful attack on SHA-2 functions. Question options:1) True2) False

True

SQL Server allows users to create roles that can then be assigned access rights to portions of the database. Question options:1) True2) False

True

Security specifically tailored to databases is an increasingly important component of an overall organizational security strategy. Question options:1) True2) False

True

Some form of protocol is needed for public-key distribution. Question options:1) True2) False

True

Symmetric encryption is also referred to as secret-key or single-key encryption. Question options:1) True2) False

True

Symmetric encryption is used primarily to provide confidentiality. Question options:1) True2) False

True

The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of computing discrete logarithms. Question options:1) True2) False

True

The National Bureau of Standards is now the National Institute of Standards and Technology. Question options:1) True2) False

True

The appeal of HMAC is that its designers have been able to prove an exact relationship between the strength of the embedded hash function and the strength of HMAC. Question options:1) True2) False

True

The ciphertext-only attack is the easiest to defend against. Question options:1) True2) False

True

The database management system makes use of the database description tables to manage the physical database. Question options:1) True2) False

True

The default set of rights should always follow the rule of least privilege or read-only access. Question options:1) True2) False

True

The first step in devising security services and mechanisms is to develop a security policy. Question options:1) True2) False

True

The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not authenticate the participants. Question options:1) True2) False

True

The more critical a component or service, the higher the level of availability required. Question options:1) True2) False

True

The one-way hash function is important not only in message authentication but also in digital signatures. Question options:1) True2) False

True

The principal objectives of computer security are to prevent unauthorized users from gaining access to resources, to prevent legitimate users from accessing resources in an unauthorized manner, and to enable legitimate users to access resources in an authorized manner. Question options:1) True2) False

True

The secret key is input to the encryption algorithm. Question options:1) True2) False

True

The strength of a hash function against brute-force attacks depends solely on the length of the hash code produced by the algorithm. Question options:1) True2) False

True

The value of a primary key must be unique for each tuple of its table. Question options:1) True2) False

True

Two disadvantages to database encryption are key management and inflexibility. Question options:1) True2) False

True

Two of the most important applications of public-key encryption are digital signatures and key management. Question options:1) True2) False

True

Unlike RSA, DSS cannot be used for encryption or key exchange. Question options:1) True2) False

True

User authentication is the basis for most types of access control and for user accountability. Question options:1) True2) False

True

User authentication is the fundamental building block and the primary line of defense. Question options:1) True2) False

True

X.800 architecture was developed as an international standard and focuses on security in the context of networks and communications. Question options:1) True2) False

True

The __________ component deals with the management and control of the ways entities are granted access to resources. Question options: 1) resource management 2) access management 3) privilege management 4) policy management

access management

Cryptographic systems are generically classified by _________. Question options: 1) the type of operations used for transforming plaintext to ciphertext 2) the number of keys used 3) the way in which the plaintext is processed 4) all the above

all the above

A(n) __________ is a user who has administrative responsibility for part or all of the database. Question options: 1) administrator 2) database relations manager 3) application owner 4) end user other than application owner

application owner

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________. Question options: 1) risk 2) asset 3) attack 4) vulnerability

attack

A ________ attack involves trying all possible private keys. Question options: 1) mathematical 2) timing 3) brute-force 4) chosen ciphertext

brute-force

A __________ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. Question options: 1) mode of operation 2) hash function 3) cryptanalysis 4) brute-force attack

brute-force attack

To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol. Question options: 1) eavesdropping 2) Trojan horse 3) challenge-response 4) denial-of-service

challenge-response

If the analyst is able to get the source system to insert into the system a message chosen by the analyst, then a ________ attack is possible. Question options: 1) known-plaintext 2) chosen-plaintext 3) chosen ciphertext 4) chosen text

choosen-plaintext

A __________ type of attack exploits properties of the RSA algorithm. Question options: 1) timing 2) brute-force 3) chosen ciphertext 4) mathematical

chosen ciphertext

__________ is the scrambled message produced as output. Question options: 1) Plaintext 2) Ciphertext 3) Secret key 4) Cryptanalysis

ciphertext

A __________ is when an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path. Question options: 1) client attack 2) eavesdropping attack 3) host attack 4) Trojan horse attack

client attack

A ___________ is the portion of the data center that houses data processing equipment. Question options: 1) computer room 2) main distribution area 3) entrance room 4) horizontal distribution area

computer room

A loss of _________ is the unauthorized disclosure of information. Question options: 1) confidentiality 2) integrity 3) authenticity 4) availability

confidentiality

Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the ___________. Question options: 1) identification step 2) verification step 3) authentication step 4) corroboration step

corroboration step

A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken. Question options: 1) attack 2) countermeasure 3) adversary 4) protocol

countermeasure

Transmitted data stored locally are referred to as __________. Question options: 1) ciphertext 2) DES 3) data at rest 4) ECC

data at rest

The assurance that data received are exactly as sent by an authorized entity is __________. Question options: 1) authentication 2) data confidentiality 3) access control 4) data integrity

data integrity

A(n) __________ is a structured collection of data stored for use by one or more applications. Question options: 1) attribute 2) database 3) tuple 4) inference

database

Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences. Question options: 1) unauthorized disclosure 2) deception 3) disruption 4) usurpation

deception

The _________ is the encryption algorithm run in reverse. Question options: 1) decryption algorithm 2) ciphertext 3) plaintext 4) secret key

decryption algorithm

The __________ is the encryption algorithm run in reverse. Question options: 1) decryption algorithm 2) plaintext 3) ciphertext 4) encryption algorithm

decryption algorithm

The _________ prevents or inhibits the normal use or management of communications facilities. Question options: 1) passive attack 2) traffic encryption 3) denial of service 4) masquerade

denial of service

A __________ is created by using a secure hash function to generate a hash value for a message and then encrypting the hash code with a private key. Question options: 1) digital signature 2) keystream 3) one-way hash function 4) secret key

digital signature

A threat action in which sensitive data are directly released to an unauthorized entity is __________. Question options: 1) corruption 2) disruption 3) intrusion 4) exposure

disruption

An end user who operates on database objects via a particular application but does not own any of the database objects is the __________. Question options: 1) application owner 2) end user other than application owner 3) foreign key 4) administrator

end user other than application owner

Each individual who is to be included in the database of authorized users must first be __________ in the system. Question options: 1) verified 2) authenticated 3) identified 4) enrolled

enrolled

The most common means of human-to-human identification are __________. Question options: 1) facial characteristics 2) signatures 3) retinal patterns 4) fingerprints

facial characteristics

There are _____ modes of operation defined by NIST that are intended to cover virtually all the possible applications of encryption for which a block cipher could be used. Question options: 1) three 2) five 3) seven 4) seven

five

On average, __________ of all possible keys must be tried in order to achieve success with a brute-force attack. Question options: 1) one-fourth 2) half 3) two-thirds 4) three-fourths

half

__________ systems identify features of the hand, including shape, and lengths and widths of fingers. Question options: 1) Signature 2) Hand geometry 3) Fingerprint 4) Palm print

hand geometry

The purpose of a __________ is to produce a "fingerprint" of a file, message, or other block of data. Question options: 1) secret key 2) digital signature 3) keystream 4) hash function

hash function

A ________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. Question options: 1) low 2) normal 3) moderate 4) high

high

__________ houses cross-connects and active equipment for distributing cable to the equipment distribution area. Question options: 1) Main distribution area 2) Equipment distribution area 3) Horizontal distribution area 4) Zone distribution area

horizontal distribution area

A __________ is directed at the user file at the host where passwords, token passcodes, or biometric templates are stored. Question options: 1) eavesdropping attack 2) denial-of-service attack 3) client attack 4) host attack

host attack

__________ is the process of performing authorized queries and deducing unauthorized information from the legitimate responses received. Question options: 1) Perturbation 2) Inference 3) Compromise 4) Partitioning

inference

__________ encompasses intrusion detection, prevention and response. Question options: 1) Intrusion management 2) Security assessments 3) Database access control 4) Data loss prevention

intrusion management

Combined one byte at a time with the plaintext stream using the XOR operation, a __________ is the output of the pseudorandom bit generator. Question options: 1) keystream 2) digital signature 3) secure hash 4) message authentication code

keystream

A concept that evolved out of requirements for military information security is ______. Question options: 1) reliable input 2) mandatory access control 3) open and closed policies 4) discretionary input

mandatory access control

An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user. Question options: 1) masquerade 2) interception 3) repudiation 4) inference

masquerade

Although the _________ attack is a serious threat, there are simple countermeasures that can be used such as constant time calcs, random delays or blinding computations. Question options: 1) timing 2) chosen ciphertext 3) mathematical 4) none of the above

none of the above

A(n) __________ is a resource to which access is controlled. Question options: 1) object 2) owner 3) world 4) subject

object

A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources. Question options: 1) passive attack 2) inside attack 3) outside attack 4) active attack

passive attack

A __________ is a password guessing program. Question options: 1) password hash 2) password cracker 3) password biometric 4) password salt

password cracker

A ________ is a key used between entities for the purpose of distributing session keys. Question options: 1) permanent key 2) session key 3) distribution key 4) all of the above

permanent key

The original message or data that is fed into the algorithm is __________. Question options: 1) encryption algorithm 2) secret key 3) decryption algorithm 4) plaintext

plaintext

A _________ is defined to be a portion of a row used to uniquely identify a row in a table. Question options: 1) foreign key 2) query 3) primary key 4) data perturbation

primary key

An institution that issues debit cards to cardholders and is responsible for the cardholder's account and authorizing transactions is the _________. Question options: 1) cardholder 2) auditor 3) issuer 4) processor

processor

Digital signatures and key management are the two most important applications of __________ encryption. Question options: 1) private-key 2) public-key 3) preimage resistant 4) advanced

public-key

A __________ strategy is one in which the system periodically runs its own password cracker to find guessable passwords. Question options: 1) user education 2) proactive password checking 3) reactive password checking 4) computer-generated password

reactive password checking

In relational database parlance, the basic building block is a __________, which is a flat table. Question options: 1) attribute 2) tuple 3) primary key 4) relation

relation

The basic building block of a __________ is a table of data, consisting of rows and columns, similar to a spreadsheet. Question options: 1) relational database 2) query set 3) DBMS 4) perturbation

relational database

A __________ attack involves an adversary repeating a previously captured user response. Question options: 1) client 2) replay 3) Trojan horse 4) eavesdropping

replay

A __________ is a named job function within the organization that controls this computer system. Question options: 1) user 2) role 3) permission 4) session

role

The exact substitutions and transformations performed by the algorithm depend on the ________. Question options: 1) ciphertext 2) decryption algorithm 3) secret key 4) encryption algorithm

secret key

A __________ is any action that compromises the security of information owned by an organization. Question options: 1) security mechanism 2) security attack 3) security policy 4) security service

security attack

Recognition by fingerprint, retina, and face are examples of __________. Question options: 1) face recognition 2) dynamic biometrics 3) static biometrics 4) token authentication

static biometrics

The final permission bit is the _________ bit. Question options: 1) superuser 2) kernel 3) set user 4) sticky

sticky

A _________ protects against an attack in which one party generates a message for another party to sign. Question options: 1) data authenticator 2) strong hash function 3) weak hash function 4) digital signature

strong hash function

A __________ is an entity capable of accessing objects. Question options: 1) group 2) object 3) subject 4) owner

subject

The _________ attack exploits the common use of a modular exponentiation algorithm in RSA encryption and decryption but can be adapted to work with any implementation that does not run in fixed time. Question options: 1) mathematical 2) timing 3) chosen ciphertext 4) brute-force

timing

__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. Question options: 1) Traffic padding 2) Traffic routing 3) Traffic control 4) Traffic integrity

traffic padding

In a relational database rows are referred to as _________. Question options: 1) relations 2) attributes 3) views 4) tuples

tuples

If the only form of attack that could be made on an encryption algorithm is brute-force, then the way to counter such attacks would be to __________. Question options: 1) use longer keys 2) use shorter keys 3) use more keys 4) use less keys

use longer keys

The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords. Question options: 1) reactive password checking 2) proactive password checking 3) computer-generated password 4) user education

user education

A _________ is a virtual table. Question options: 1) tuple 2) query 3) view 4) DBMS

view

A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________. Question options: 1) countermeasure 2) vulnerability 3) adversary 4) risk

vulnerability

SHA-1 produces a hash value of __________ bits. Question options: 1) 256 2) 160 3) 384 4) 180

160

Public-key encryption was developed in the late ________. Question options: 1) 1950s 2) 1970s 3) 1960s 4) 1980s

1970's

Subject attributes, object attributes and environment attributes are the three types of attributes in the __________ model. Question options: 1) DSD 2) RBAC 3) ABAC 4) SSD

ABAC

The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the __________. Question options: 1) SHA 2) RSA 3) AES 4) DSS

AES

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance. Question options: 1) Audit control 2) Resource control 3) System control 4) Access control

Access control

__________ is verification that the credentials of a user or other system entity are valid. Question options: 1) Adequacy 2) Authentication 3) Authorization 4) Audit

Authentication

_________ is the granting of a right or permission to a system entity to access a system resource. Question options: 1) Authorization 2) Authentication 3) Control 4) Monitoring

Authoritization

For general-purpose block-oriented transmission you would typically use _______ mode. Question options: 1) CBC 2) CTR 3) CFB 4) OFB

CBC

For general-purpose stream-oriented transmission you would typically use _______ mode. Question options: 1) CTR 2) CFB 3) ECB 4) CBC

CFB

______ mode is typically used for a general-purpose block-oriented transmission and is useful for high-speed requirements. Question options: 1) ECB 2) OFB 3) CFB 4) CTR

CTR

__________ refers to setting a maximum number with respect to roles. Question options: 1) Cardinality 2) Prerequisite 3) Exclusive 4) Hierarchy

Cardinality

__________ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization. Question options: 1) Constraints 2) Mutually Exclusive Roles 3) Cardinality 4) Prerequisites

Constraints

__________ is the traditional method of implementing access control. Question options: 1) MAC 2) RBAC 3) DAC 4) MBAC

DAC

The most widely used encryption scheme is based on the _________ adopted in 1977 by the National Bureau of Standards. Question options: 1) AES 2) 3DES 3) CES 4) DES

DES

The National Institute of Standards and Technology has published Federal Information Processing Standard FIPS PUB 186, known as the __________. Question options: 1) XOR 2) MD5 3) MAC 4) DSS

DSS

The __________ uses an algorithm that is designed to provide only the digital signature function and cannot be used for encryption or key exchange. Question options: 1) ECC 2) RSA 3) DSS 4) XOR

DSS

_________ is an organization that produces data to be made available for controlled release, either within the organization or to external users. Question options: 1) Client 2) Data owner 3) User 4) Server

Data owner

___________ was the first published public-key algorithm. Question options: 1) NIST 2) Diffie-Hellman 3) RC4 4) RSA

Diffie-Hellman

The principal attraction of __________ compared to RSA is that it appears to offer equal security for a far smaller bit size, thereby reducing processing overhead. Question options: 1) ECC 2) MD5 3) Diffie-Hellman 4) none of the above

ECC

__________ allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide. Question options: 1) EFT 2) POS 3) BTM 4) ATF

EFT

"Each block of 64 plaintext bits is encoded independently using the same key" is a description of the CBC mode of operation. Question options:1) True2) False

False

A foreign key value can appear multiple times in a table. Question options:1) True2) False

False

A single countermeasure is sufficient for SQLi attacks. Question options:1) True2) False

False

A user program executes in a kernel mode in which certain areas of memory are protected from the user's use and certain instructions may not be executed. Question options:1) True2) False

False

A view cannot provide restricted access to a relational database so it cannot be used for security purposes. Question options:1) True2) False

False

AES uses a Feistel structure. Question options:1) True2) False

False

An individual's signature is not unique enough to use in biometric applications. Question options:1) True2) False

False

Assurance is the process of examining a computer product or system with respect to certain criteria. Question options:1) True2) False

False

Contingency planning is a functional area that primarily requires computer security technical measures. Question options:1) True2) False

False

Cryptanalytic attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. Question options:1) True2) False

False

Depending on the details of the overall authentication system, the registration authority issues some sort of electronic credential to the subscriber. Question options:1) True2) False

False

External devices such as firewalls cannot provide access control services. Question options:1) True2) False

False

Fixed server roles operate at the level of an individual database. Question options:1) True2) False

False

If both sender and receiver use the same key the system is referred to as asymmetric. Question options:1) True2) False

False

Keylogging is a form of host attack. Question options:1) True2) False

False

Like the MAC, a hash function also takes a secret key as input. Question options:1) True2) False

False

Memory cards store and process data. Question options:1) True2) False

False

One disadvantage of the link encryption approach is that the message must be decrypted each time it enters a frame switch. Question options:1) True2) False

False

Plaintext is the scrambled message produced as output. Question options:1) True2) False

False

Public-key algorithms are based on simple operations on bit patterns. Question options:1) True2) False

False

SHA-1 is considered to be very secure. Question options:1) True2) False

False

SHA-2 shares the same structure and mathematical operations as its predecessors and this is a cause for concern. Question options:1) True2) False

False

Security labels indicate which system entities are eligible to access certain resources. Question options:1) True2) False

False

Security mechanisms typically do not involve more than one particular algorithm or protocol. Question options:1) True2) False

False

Site security of the data center itself includes barriers to entry, coupled with authentication techniques for gaining physical access. Question options:1) True2) False

False

Stream ciphers are far more common than block ciphers. Question options:1) True2) False

False

The "A" in the CIA triad stands for "authenticity". Question options:1) True2) False

False

The advantage of a stream cipher is that you can reuse keys. Question options:1) True2) False

False

The authentication function determines who is trusted for a given purpose. Question options:1) True2) False

False

The operations performed during a round consist of circular shifts, and primitive Boolean functions based on DSS, MD5, SHA, and RSA. Question options:1) True2) False

False

The purpose of the DSS algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages. Question options:1) True2) False

False

Threats are attacks carried out. Question options:1) True2) False

False

Timing attacks are only applicable to RSA. Question options:1) True2) False

False

To create a relationship between two tables, the attributes that define the primary key in one table must appear as attributes in another table, where they are referred to as a foreign key. Question options:1) True2) False

False

Traditional RBAC systems define the access rights of individual users and groups of users. Question options:1) True2) False

False

Triple DES takes a plaintext block of 64 bits and a key of 56 bits to produce a ciphertext block of 64 bits. Question options:1) True2) False

False

User authentication is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic. Question options:1) True2) False

False

Issued as RFC 2104, __________ has been chosen as the mandatory-to-implement MAC for IP Security. Question options: 1) RSA 2) SHA-3 3) DSS 4) HMAC

HMAC