CS166 - Midterm 1

The __________ is the encryption algorithm run in reverse. A. decryption algorithm B. plaintext C. ciphertext D. encryption algorithm

A.

A _________ protects against an attack in which one party generates a message for another party to sign. A. data authenticator B. strong hash function C. weak hash function D. digital signature

B

Digital signatures and key management are the two most important applications of __________ encryption. A. private-key B. public-key C. preimage resistant D. advanced

B

For general-purpose stream-oriented transmission you would typically use _______ mode. A. CTR B. CFB C. ECB D. CBC

B

If the analyst is able to get the source system to insert into the system a message chosen by the analyst, then a ________ attack is possible. A. known-plaintext B. chosen-plaintext C. chosen ciphertext D. chosen text

B

Public-key encryption was developed in the late ________. A. 1950s B. 1970s C. 1960s D. 1980s

B

Public-key encryption was first publicly proposed by __________ in 1976. A. Electronic Frontier Foundation (EFF) B. Diffie and Hellman C. Rivest-Shamir D. Ellis and Cocks

B

There are _____ modes of operation defined by NIST that are intended to cover virtually all the possible applications of encryption for which a block cipher could be used. A. three B. five C. seven D. nine

B

_________ is a block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n. A. DSS B. RSA C. SHA D. AES

B

On average, __________ of all possible keys must be tried in order to achieve success with a brute-force attack. A. one-fourth B. half C. two-thirds D. three-fourths

B.

__________ is the scrambled message produced as output. A. Plaintext B. Ciphertext C. Secret key D. Cryptanalysis

B.

For stream-oriented transmission over noisy channel you would typically use _______ mode. A. ECB B. CTR C. OFB D. CBC

C

The _______ module performs end-to-end encryption and obtains session keys on behalf of users. A. PKM B. RCM C. SSM D. CCM

C

The exact substitutions and transformations performed by the algorithm depend on the ________. A. ciphertext B. decryption algorithm C. secret key D. encryption algorithm

C

The purpose of the __________ algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages. A. Diffie-Hellman Key Conference B. Diffie-Hellman Key Exchange C. Diffie-Hellman Key Agreement D. Diffie-Hellman Key Crossover

C

Transmitted data stored locally are referred to as __________ . A. ciphertext B. DES C. data at rest D. ECC

C

__________ is a procedure that allows communicating parties to verify that received or stored messages are authentic. A. Cryptanalysis B. Decryption C. Message authentication D. Collision resistance

C

__________ is a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. A. Session key B. Subkey C. Key distribution technique D. Ciphertext key

C

The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the __________. A. SHA B. RSA C. AES D. DSS

C.

Confidentiality, integrity and availability form what is often referred to as the

CIA triad

_________ is the process of attempting to discover the plaintext or key.

Cryptanalysis

A __________ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. A. mode of operation B. hash function C. cryptanalysis D. brute-force attack

D

Cryptographic systems are generically classified by _________. A. the type of operations used for transforming plaintext to ciphertext B. the number of keys used C. the way in which the plaintext is processed D. all of the above

D

The most widely used encryption scheme is based on the _________ adopted in 1977 by the National Bureau of Standards. A. AES B. 3DES C. CES D. DES

D

The purpose of a __________ is to produce a "fingerprint" of a file, message, or other block of data. A. secret key B. digital signature C. keystream D. hash function

D

______ mode is typically used for a general-purpose block-oriented transmission and is useful for high-speed requirements. A. ECB B. OFB C. CFB D. CTR

D

The original message or data that is fed into the algorithm is __________. A. encryption algorithm B. secret key C. decryption algorithm D. plaintext

D.

In the US student grade information is a asset whose confidentiality is regulated by:

FERPA (Family Educational Rights and Privacy act)

"Each block of 64 plaintext bits is encoded independently using the same key" is a description of the CBC mode of operation.

False

"The plaintext is 64 bits in length and the key is 56 bits in length; longer plaintext amounts are processed in 64-bit blocks" is a description of the DES algorithm.

False

AES uses a Feistel structure.

False

Cryptanalytic attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained.

False

If both sender and receiver use the same key the system is referred to as asymmetric.

False

Like the MAC, a hash function also takes a secret key as input.

False

Plaintext is the scrambled message produced as output.

False

Public-key algorithms are based on simple operations on bit patterns

False

Security mechanisms typically do not involve more than one particular algorithm or protocol

False

Stream ciphers are far more common than block ciphers.

False

The A in CIA triad stands for authenticity

False

The advantage of a stream cipher is that you can reuse keys

False

The purpose of the DSS algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages.

False

Triple DES takes a plaintext block of 64 bits and a key of 56 bits to produce a ciphertext block of 64 bits.

False

A brute-force approach involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained.

True

A message authentication code is a small block of data generated by a secret key and appended to a message.

True

An important element in many computer security services and applications is the use of cryptographic algorithms.

True

Availability ensures that systems works properly and service is not denied to authorized users

True

In using encryption, we need to decide what to encrypt and where the encryption gear should be located.

True

It is possible to convert any block cipher into a stream cipher by using the cipher feedback (CFB) mode.

True

Key distribution can be achieved for two parties A and B by a third party selecting the key and physically delivering it to A and B.

True

Modes of operation are the alternative techniques that have been developed to increase the security of symmetric block encryption for large sequences of data

True

One desirable property of a stream cipher is that the ciphertext be of the same length as the plaintext.

True

One disadvantage of the link encryption approach is that the message must be decrypted each time it enters a frame switch.

True

Public-key cryptography is asymmetric.

True

Some form of protocol is needed for public-key distribution.

True

Symmetric encryption is also referred to as secret-key or single-key encryption.

True

Symmetric encryption is used primarily to provide confidentiality.

True

The National Bureau of Standards is now the National Institute of Standards and Technology.

True

The ciphertext-only attack is the easiest to defend against.

True

The secret key is input to the encryption algorithm.

True

The strength of a hash function against brute-force attacks depends solely on the length of the hash code produced by the algorithm.

True

Two of the most important applications of public-key encryption are digital signatures and key management.

True

A(n) ____ is a threat that is carried out, if successful, leads to an undesirable violation of security, or threat consequences

active attack

An assault on system security that derives from a intelligent act that is deliberate attempt to evade security services and violate the security policy of a system is called:

attack

___ is the disruption of access to or use of information on an information system

availability

A _________ is a hardware device that sits between servers and storage systems and encrypts all data going from the server to the storage system and decrypts data going in the opposite direction.

back-end appliance

A ________ cipher processes the input one block of elements at a time, producing an output block for each input block.

block

A __________ processes the plaintext input in fixed-size blocks and produces a block of ciphertext of equal size for each plaintext block.

block cipher

There are two general approaches to attacking a symmetric encryption scheme: cryptanalytic attacks and __________ attacks.

brute-force

Protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, confidentiality of information system resources is called:

computer security

a loss of ___ is the unauthorized disclosure of information

confidentiality

Establishing, maintaining, and implementing plans for emergency response, backup operations, and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a __________ plan

contingency

A ___ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken; is any means taken to deal with a security attack

countermeasure

A __________ attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.

cryptanalytic

The assets of a computer system can be categorized as hardware, software, communication lines and networks, and _______________.

data

The __________ algorithm takes the ciphertext and the secret key and produces the original plaintext.

decryption

A __________ is data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery

digital signature

The simplest approach to multiple block encryption is known as __________ mode, in which plaintext is handled b bits at a time and each block of plaintext is encrypted using the same key.

electronic codebook (ECB)

could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals:

high level - breach of security

__________ is provided by means of a co-processor board embedded in the tape drive and tape library hardware.

library-based tape encryption

The OSI security architecture focuses on security attacks, __________, and services

mechanisms

A(n) ____ is an attempt to learn or make use of information from the system that does not affect system resources

passive attack

___ assures that individuals controlled or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

privacy

A __________ stream is one that is unpredictable without knowledge of the input key and which has an apparently random character.

psuedorandom

The __________ is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption.

public and private key

A(n) _________ assessment is periodically assessing the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission or organizational information

risk

A symmetric encryption scheme has five ingredients: plaintext, encryption algorithm, ciphertext, decryption algorithm and _________.

secret key

A __________ processes the input elements continuously, producing output one element at a time.

stream cipher

Also referred to as single-key encryption, the universal technique for providing confidentiality for transmitted or stored data is __________ .

symmetric encryption

___ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system

system integrity

The two criteria used to validate that a sequence of numbers is random are independence and _________ .

uniform distribition

Misappropriation and misuse are attacks that result in ________ threat consequences

usurpation

A flaw or weaknesses in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy:

vulnerability

A ________ is a key used between entities for the purpose of distributing session keys. A. permanent key B. session key C. distribution key D. all of the above

A

A __________ is created by using a secure hash function to generate a hash value for a message and then encrypting the hash code with a private key. A. digital signature B. keystream C. one way hash function D. secret key

A

Combined one byte at a time with the plaintext stream using the XOR operation, a __________ is the output of the pseudorandom bit generator. A. keystream B. digital signature C. secure hash D. message authentication code

A

For general-purpose block-oriented transmission you would typically use _______ mode. A. CBC B. CTR C. CFB D. OFB

A

If the only form of attack that could be made on an encryption algorithm is brute-force, then the way to counter such attacks would be to __________ . A. use longer keys B. use shorter keys C. use more keys D. use less keys

A

In July 1998 the __________ announced that it had broken a DES encryption using a special purpose "DES cracker" machine. A. Electronic Frontier Foundation (EFF) B. Diffie and Hellman C. Rivest-Shamir D. Ellis and Cocks

A

The _________ is the encryption algorithm run in reverse. A. decryption algorithm B. ciphertext C. plaintext D. secret key

A

_________ is the original message or data that is fed into the algorithm as input. A. Plaintext B. Encryption algorithm C. Decryption algorithm D. Ciphertext

A