fund of cyb - chpt. 9, Chapter 10 Quiz

false

In a known-plaintext attack (KPA), the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.

true

The financial industry created the ANSI X9.17 standard to define key management procedures.

true

The hash message authentication code (HMAC) is a hash function that uses a key to create a hash, or message digest.

512 bits

What is NOT a valid encryption key length for use with the Blowfish algorithm?

Uncrypted email

What is NOT an effective key distribution method for plaintext encryption keys?

hash

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

A border router can provide enhanced features to internal networks and help keep subnet traffic separate.

False

Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?

Hub

false

Product cipher is an encryption algorithm that has no corresponding decryption algorithm.

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

Switch

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?

Virtual LAN (VLAN)

Henry is creating a firewall rule that will allow inbound mail to the organization. What TCP port must he allow through the firewall?

25

What is the maximum value for any octet in an IPv4 IP address?

255

Henry's last firewall rule must allow inbound access to a Windows Terminal Server. What port must he allow?

3389

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

443 HTTP over SSL

false

A digitized signature is a combination of a strong hash of a message and a secret key.

false

A physical courier delivering an asymmetric key is an example of in-band key exchange

true

An algorithm is a repeatable process that produces the same result when it receives the same input.

Alice's public key

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?

true

Digital signatures require asymmetric key cryptography.

What protocol is responsible for assigning IP addresses to hosts on most networks?

Dynamic Host Configuration Protocol (DHCP)

A subnet mask is a partition of a network based on IP addresses.

False

Another name for a border firewall is a DMZ firewall.

False

IP addresses are eight-byte addresses that uniquely identify every device on the network.

False

Implicit deny is when firewalls look at message addresses to determine whether a message is being sent around an unending loop.

False

Internet Control Message Protocol (ICMP) is a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address.

False

David would like to connect a fibre channel storage device to systems over a standard data network. What protocol can he use?

Fibre Channel over Ethernet (FCoE)

What type of firewall security feature limits the volume of traffic from individual hosts?

Flood guard

integrity

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve?

true

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

true

Integrity-checking tools use cryptographic methods to make sure nothing and no one has modified the software.

true

Message authentication confirms the identity of the person who started a correspondence.

Hilda is troubleshooting a problem with the encryption of data. At which layer of the OSI Reference Model is she working?

Presentation

What firewall approach is shown in the figure?

Screened subnet

Barbara is investigating an attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?

Smurf

true

The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE).

false

The term certificate authority (CA) refers to a trusted repository of all public keys.

A firewall is a basic network security defense tool.

True

A network protocol governs how networking equipment interacts to deliver data across the network.

True

A wireless access point (WAP) is the connection between a wired and wireless network.

True

Internet Small Computer System Interface (iSCSI) is a storage networking standard used to link data storage devices to networks using IP for its transport layer.

True

TCP/IP is a suite of protocols that operates at both the Network and Transport layers of the OSI Reference Model.

True

The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.

True

The three main categories of network security risk are reconnaissance, eavesdropping, and denial of service.

True

Rivest-Shamir-Adelman (RSA)

What is NOT a symmetric encryption algorithm?

Gary is configuring a Smartphone and is selecting a wireless connectivity method. Which approach will provide him with the highest speed wireless connectivity?

Wi-Fi

What type of network connects systems over the largest geographic area?

Wide area network (WAN)

What wireless security technology contains significant flaws and should never be used?

Wired Equivalent Privacy (WEP)

What is NOT a service commonly offered by unified threat management (UTM) devices?

Wireless network access

diffle-hellman

Alice and Bob would like to communicate with each other using a session key but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?

Norm recently joined a new organization. He noticed that the firewall technology used by his new firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?

Application proxying

decryption

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message?

Karen would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy?

Captive portal

false

Cryptographic key distribution is typically done by phone.

The OSI Reference Model is a theoretical model of networking with interchangeable layers.

True

Quantum cryptography

Which approach to cryptography provides the strongest theoretical protection?

Chosen plaintext

Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works?

Certification

Which information security objective allows trusted entities to endorse information?

Symmetric, stream, substitution

Which set of characteristics describes the Caesar cipher accurately?

true

A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet.

true

A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is.

false

A private key cipher is also called an asymmetric key cipher.

true

A salt value is a set of random characters you can combine with an actual input key to create the encryption key.

true

A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.

vernam

What is the only unbreakable cipher when it is used properly

Factoring large primes

What mathematical problem forms the basis of most modern cryptographic algorithms?

Wired Equivalent Privacy (WEP)

What standard is NOT secure and should never be used on modern wireless networks?

Nonrepudiation

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

Online Certificate Status Protocol (OCSP)

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time?

Transposition

Which type of cipher works by rearranging the characters in a message?

false

You must always use the same algorithm to encrypt information and decrypt the same information.

The Transport Layer of the OSI Reference Model creates, maintains, and disconnects communications that take place between processes over the network.

False

The Data Link Layer of the OSI Reference Model is responsible for transmitting information on computers connected to the same local area network (LAN).

True

The Physical Layer of the OSI Reference Model must translate the binary ones and zeros of computer language into the language of the transport medium.

True

A packet-filtering firewall remembers information about the status of a network communication.

false

Bob's public key

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message?

Alice's private key

Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?

Network access control (NAC) works on wired and wireless networks.

True

Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?

VPN concentrator