Fundamentals of IT and Cybersecurity Chapter 4 Study Guide

What are examples of administrative access controls?

policies and procedures, background checks, hiring practices

A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?

3DES

Alice and Bob use a pre-shared key to exchange a confidential message. If Bob wants to send a confidential message to Carol, what key should he use?

A new pre-shared key

What is the name of the method in which letters are rearranged to create the ciphertext?

Transposition

The IT department is tasked to implement a system that controls what a user can and cannot do on the corporate network. Which process should be implemented to meet the requirement?

a set of attributes that describes user access rights

Before data is sent out for analysis, which technique can be used to replace sensitive data in nonproduction environments to protect the underlying information?

data masking substitution

A warning banner that lists the negative outcomes of breaking company policy is displayed each time a computer user logs in to the machine. What type of access control is implemented?

deterrent

Which processes are examples of logical access controls?

firewalls to monitor traffic intrusion detection system (IDS) to watch for suspicious network activity biometrics to validate physical characteristics

What is the most difficult part of designing a cryptosystem?

key management

Which method is used by steganography to hide text in an image file?

least significant bit

Smart cards and biometrics are considered to be what type of access control?

logical

Which term describes the technology that protects software from unauthorized access or modification?

watermarking

In which situation would a detective control be warranted?

when the organization needs to look for prohibited activity

What is the term used to describe the science of making and breaking secret codes?

Cryptology

Which terms are used to describe cipher keys?

Key length, key space

What happens as the key length increases in an encryption application?

Keyspace increases exponentially.

What term is used to describe the technology that replaces sensitive information with a nonsensitive version?

Masking

Which 128-bit block cipher encryption algorithm does the US government use to protect classified information?

AES

Which algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?

AES

What encryption algorithm uses one key to encrypt data and a different key to decrypt data?

Asymmetric

Which statement describes a characteristics of block ciphers?

Block ciphers result in output data that is larger than the input data most of the time

Which access control should the IT department use to restore a system back to its normal state?

Corrective

Which access control strategy allows an object owner to determine whether to allow access to the object?

DAC

Which asymmetric algorithm provides an electronic key exchange method to share the secret key?

Diffie-Hellman

What cryptographic algorithm is used by the NSA and includes the use of elliptical curves for digital signature generation and key exchange?

ECC

Alice and Bob are using public key encryption to exchange a message. Which key should Alice use to encrypt a message to Bob?

Public key of Bob

Which protocols use asymmetric key algorithms?

Secure Shell (SSH) Secure Sockets Layer (SSL) Pretty Good Privacy (PGP)

An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement?

administrative

Passwords, passphrases, and PINs are examples of which security term?

authentication

Which type of cipher is able to encrypt a fixed-length block of plaintext into a 128-bit block of ciphertext at any one time?

block

An organization has implemented antivirus software. What type of security control did the company implement?

recovery control

What term is used to describe concealing data in another file such as a graphic, audio, or other text file?

steganography

What type of cipher encrypts plaintext one byte or one bit at a time?

stream

Which devices represent examples of physical access controls?

swipe cards video cameras locks

What encryption algorithm uses the same pre-shared key to encrypt and decrypt data?

symmetric