INFOTC 2910 Midterm: Multiple Choice

A. CBC

For general-purpose block-oriented transmission you would typically use _______ mode. A. CBC B. CTR C. CFB D. OFB

D. DSS

The National Institute of Standards and Technology has published Federal Information Processing Standard FIPS PUB 186, known as the __________. A. XOR B. MD5 C. MAC D. DSS

B. access management

The __________ component deals with the management and control of the ways entities are granted access to resources. A. resource management B. access management C. privilege management D. policy management

D. user education

The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords. A. reactive password checking B. proactive password checking C. computer-generated password D. user education

C. DSS

The __________ uses an algorithm that is designed to provide only the digital signature function and cannot be used for encryption or key exchange. A. ECC B. RSA C. DSS D. XOR

D. sticky

The final permission bit is the _________ bit. A. superuser B. kernel C. set user D. sticky

B. exclusion

The security classification for a restricted area containing a security interest is _____. A. controlled B. exclusion C. unrestricted D. limited

A. permanent key

A ________ is a key used between entities for the purpose of distributing session keys. A. permanent key B. session key C. distribution key D. all of the above

D. high

A ________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A. low B. normal C. moderate D. high

C. network-based IDS

A ________ monitors network traffic for particular network segments or devices and analyzes network, transport, and application protocols to identify suspicious activity. A. host-based IDS B. security intrusion C. network-based IDS D. intrusion detection

A. plaintext

31. _________ is the original message or data that is fed into the algorithm as input. A. Plaintext B. Encryption algorithm C. Decryption algorithm D. Ciphertext

B. Apprentice

A (n) __________ is a hacker with minimal technical skill who primarily uses existing attack toolkits. A. Master B. Apprentice C. Journeyman D. Activist

C. brute-force

A ________ attack involves trying all possible private keys. A. mathematical B. timing C. brute-force D. chosen ciphertext

D. HMAC

Issued as RFC 2104, __________ has been chosen as the mandatory-to-implement MAC for IP Security. A. RSA B. SHA-3 C. DSS D. HMAC

B. deception

Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences. A. unauthorized disclosure B. deception C. disruption D. usurpation

B. verification step

Presenting or generating authentication information that corroborates the binding between the entity and the identifier is the ___________. A. identification step B. verification step C. authentication step D. corroboration step

B. 1970s

Public-key encryption was developed in the late ________. A. 1950s B. 1970s C. 1960s D. 1980s

B. 160

SHA-1 produces a hash value of __________ bits. A. 256 B. 160 C. 384 D. 180

D. security intrusion

A _________ is a security event that constitutes a security incident in which an intruder gains access to a system without having authorization to do so. A. intrusion detection B. IDS C. criminal enterprise D. security intrusion

A. host-based IDS

A _________ monitors the characteristics of a single host and the events occurring within that host for suspicious activity. A. host-based IDS B. security intrusion C. network-based IDS D. intrusion detection

B. replay

A __________ attack involves an adversary repeating a previously captured user response. A. client B. replay C. Trojan horse D. eavesdropping

B. role

A __________ is a named job function within the organization that controls this computer system. A. user B. role C. permission D. session

B. password cracker

A __________ is a password guessing program. A. password hash B. password cracker C. password biometric D. password salt

C. subject

A __________ is an entity capable of accessing objects. A. group B. object C. subject D. owner

B. security attack

A __________ is any action that compromises the security of information owned by an organization. A. security mechanism B. security attack C. security policy D. security service

D. host attack

A __________ is directed at the user file at the host where passwords, token passcodes, or biometric templates are stored. A. eavesdropping attack B. denial-of-service attack C. client attack D. host attack

A. client attack

A __________ is when an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path. A. client attack B. eavesdropping attack C. host attack D. Trojan horse attack

C. reactive password checking

A __________ strategy is one in which the system periodically runs its own password cracker to find guessable passwords. A. user education B. proactive password checking C. reactive password checking D. computer-generated password

C. chosen ciphertext

A __________ type of attack exploits properties of the RSA algorithm. A. timing B. brute-force C. chosen ciphertext D. mathematical

B. mandatory access control

A concept that evolved out of requirements for military information security is ______ . A. reliable input B. mandatory access control C. open and closed policies D. discretionary input

B. vulnerability

A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________. A. countermeasure B. vulnerability C. adversary D. risk

A. confidentiality

A loss of _________ is the unauthorized disclosure of information. A. confidentiality B. integrity C. authenticity D. availability

C. dust

A prevalent concern that is often overlooked is ________. A. overvoltage B. undervoltage C. dust D. noise

C. limited

A restricted area within close proximity of a security interest has a classification of ______. A. exclusion B. controlled C. limited D. unrestricted

D. exposure

A threat action in which sensitive data are directly released to an unauthorized entity is __________. A. corruption B. disruption C. intrusion D. exposure

A. passive attack

A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources. A. passive attack B. inside attack C. outside attack D. active attack

A. object

A(n) __________ is a resource to which access is controlled. A. object B. owner C. world D. subject

B. countermeasure

A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken. A. attack B. countermeasure C. adversary D. protocol

A. timing

Although the _________ attack is a serious threat, there are simple countermeasures that can be used such as constant time calcs, random delays or blinding computations. A. timing B. chosen ciphertext C. mathematical D. none of the above

A. unrestricted

An area of a facility that has no security interest is classified as _________. A. unrestricted B. controlled C. limited D. exclusion

C. attack

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________. A. risk B. asset C. attack D. vulnerability

A. masquerade

An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user. A. masquerade B. interception C. repudiation D. inference

C. issuer

An institution that issues debit cards to cardholders and is responsible for the cardholder's account and authorizing transactions is the _________. A. cardholder B. auditor C. issuer D. processor

B. chosen-plaintext

If the analyst is able to get the source system to insert into the system a message chosen by the analyst, then a ________ attack is possible. A. known-plaintext B. chosen-plaintext C. chosen ciphertext D. chosen text

A. SHA-1

In 2005, NIST announced the intention to phase out approval of _______ and move to a reliance on the other SHA versions by 2010. A. SHA-1 B. SHA-512 C. SHA-256 D. SHA-2

C. ABAC

Subject attributes, object attributes and environment attributes are the three types of attributes in the __________ model. A. DSD B. RBAC C. ABAC D. SSD

D. SHA-1

The DSS makes use of the _________ and presents a new digital signature technique, the Digital Signature Algorithm (DSA). A. HMAC B. XOR C. RSA D. SHA-1

D. CAK

The ______ is an optional key that may be present on any PIV card, does not require PIN entry, and whose purpose is to authenticate the card and therefore its possessor. A. VIS B. BIO C. CHUID D. CAK

C. SSM

The _______ module performs end-to-end encryption and obtains session keys on behalf of users. A. PKM B. RCM C. SSM D. CCM

A. analyzer

The ________ is responsible for determining if an intrusion has occurred. A. analyzer B. host C. user interface D. sensor

B. timing

The _________ attack exploits the common use of a modular exponentiation algorithm in RSA encryption and decryption, but can be adapted to work with any implementation that does not run in fixed time. A. mathematical B. timing C. chosen ciphertext D. brute-force

A. decryption algorithm

The _________ is the encryption algorithm run in reverse. A. decryption algorithm B. ciphertext C. plaintext D. secret key

A. LAN monitor agent

The _________ module analyzes LAN traffic and reports the results to the central manager. A. LAN monitor agent B. host agent C. central manager agent D. architecture agent

C. denial of service

The _________ prevents or inhibits the normal use or management of communications facilities. A. passive attack B. traffic encryption C. denial of service D. masquerade

D. RSA

The _________ scheme has reigned supreme as the most widely accepted and implemented approach to public-key encryption. A. SHA-1 B. HMAC C. MD5 D. RSA

D. data integrity

The assurance that data received are exactly as sent by an authorized entity is __________. A. authentication B. data confidentiality C. access control D. data integrity

C. secret key

The exact substitutions and transformations performed by the algorithm depend on the ________. A. ciphertext B. decryption algorithm C. secret key D. encryption algorithm

A. facial characteristics

The most common means of human-to-human identification are __________. A. facial characteristics B. signatures C. retinal patterns D. fingerprints

D. DES

The most widely used encryption scheme is based on the _________ adopted in 1977 by the National Bureau of Standards. A. AES B. 3DES C. CES D. DES

A. ECC

The principal attraction of __________ compared to RSA is that it appears to offer equal security for a far smaller bit size, thereby reducing processing overhead. A. ECC B. MD5 C. Diffie-Hellman D. none of the above

C. host agent

The purpose of the ________ module is to collect data on security related events on the host and transmit these to the central manager. A. central manager agent B. LAN monitor agent C. host agent D. architecture agent

D. all of the above

The role of physical security is affected by the operating location of the information system, which can be characterized as ______ . A. static B. portable C. mobile D. all of the above

B. five

There are _____ modes of operation defined by NIST that are intended to cover virtually all the possible applications of encryption for which a block cipher could be used. A. three B. five C. seven D. nine

C. challenge-response

To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol. A. eavesdropping B. Trojan horse C. challenge-response D. denial-of-service

D. CTR

______ mode is typically used for a general-purpose block-oriented transmission and is useful for high-speed requirements. A. ECB B. OFB C. CFB D. CTR

A. supporting

_______ facilities include electrical power, communication services, and environmental controls such as heat and humidity. A. Supporting B. Information C. Physical D. All of the above

B. vandalism

_______ includes destruction of equipment and data. A. Misuse B. Vandalism C. Theft D. Unauthorized physical access

C. water sensors

_______ should be located on the floor of computer rooms as well as under raised floors, and should cut off power automatically in the event of a flood. A. Smoke detectors B. UPS C. Water sensors D. Equipment power off switches

A. System Integrity

________ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. A. System Integrity B. Data Integrity C. Availability D. Confidentiality

C. information system hardware

________ includes data processing and storage equipment, transmission and networking facilities, and offline storage media. A. Supporting facilities B. Physical facilities C. Information system hardware D. Infrastructure facilities

D. logical

________ security protects computer-based data from software-based and communication- based threats. A. Infrastructure B. Premises C. Physical D. Logical

A. premises

________ security provides perimeter security, access control, smoke and fire detection, fire suppression, some environmental protection, and usually surveillance systems, alarms, and guards. A. Premises B. Infrastructure C. Logical D. Physical

A. Human-caused

________ threats are specifically designed to overcome prevention measures and seek the most vulnerable point of attack. A. Human-caused B. Technical C. EMI D. Environmental

D. Timing attacks

_________ are analogous to a burglar guessing a safe combination by observing how long it takes to turn the dial from number to number. A. Digital standards B. Mathematical attacks C. Ciphers D. Timing attacks

B. Activists

_________ are either individuals or members of a larger group of outsider attackers who are motivated by social or political causes. A. State-sponsored organizations B. Activists C. Cyber criminals D. Others

A. Mathematical

_________ attacks have several approaches, all equivalent in effort to factoring the product of two primes. A. Mathematical B. Brute-force C. Chosen ciphertext D. Timing

D. Anomaly detection

_________ involves the collection of data relating to the behavior of legitimate users over a period of time. A. Profile based detection B. Signature detection C. Threshold detection D. Anomaly detection

A. Authorization

_________ is the granting of a right or permission to a system entity to access a system resource. A. Authorization B. Authentication C. Control D. Monitoring

A. EFT

__________ allows an issuer to access regional and national networks that connect point of sale devices and bank teller machines worldwide. A. EFT B. POS C. BTM D. ATF

C. Privacy

__________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed. A. Availability B. System Integrity C. Privacy D. Data Integrity

A. MAC

__________ controls access based on comparing security labels with security clearances. A. MAC B. DAC C. RBAC D. MBAC

A. RFC 4949

__________ defines user authentication as "the process of verifying an identity claimed by or for a system entity". A. RFC 4949 B. RFC 2298 C. RFC 2493 D. RFC 2328

D. Access control

__________ implements a security policy that specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance. A. Audit control B. Resource control C. System control D. Access control

B. Signature detection

__________ involves an attempt to define a set of rules or attack patterns that can be used to decide if a given behavior is that of an intruder. A. Profile based detection B. Signature detection C. Threshold detection D. Anomaly detection

C. Key distribution technique

__________ is a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. A. Session key B. Subkey C. Key distribution technique D. Ciphertext key

B. RBAC

__________ is based on the roles the users assume in a system rather than the user's identity. A. DAC B. RBAC C. MAC D. URAC

A. traffic padding

__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. A. Traffic padding B. Traffic routing C. Traffic control D. Traffic integrity

C. DAC

__________ is the traditional method of implementing access control. A. MAC B. RBAC C. DAC D. MBAC

B. Authentication

__________ is verification that the credentials of a user or other system entity are valid. A. Adequacy B. Authentication C. Authorization D. Audit

A. Constraints

__________ provide a means of adapting RBAC to the specifics of administrative and security policies in an organization. A. Constraints B. Mutually Exclusive Roles C. Cardinality D. Prerequisites

A. Cardinality

__________ refers to setting a maximum number with respect to roles. A. Cardinality B. Prerequisite C. Exclusive D. Hierarchy

B. Hand geometry

__________ systems identify features of the hand, including shape, and lengths and widths of fingers. A. Signature B. Hand geometry C. Fingerprint D. Palm print

B. Diffie-Hellman

___________ was the first published public-key algorithm. A. NIST B. Diffie-Hellman C. RC4 D. RSA

D. all of the above

Cryptographic systems are generically classified by _________. A. the type of operations used for transforming plaintext to ciphertext B. the number of keys used C. the way in which the plaintext is processed D. all of the above

D. enrolled

Each individual who is to be included in the database of authorized users must first be __________ in the system. A. verified B. authenticated C. identified D. enrolled

A. theft

Eavesdropping and wiretapping fall into the ________ category. A. theft B. vandalism C. misuse D. unauthorized physical access

B. CFB

For general-purpose stream-oriented transmission you would typically use _______ mode. A. CTR B. CFB C. ECB D. CBC

C. OFB

For stream-oriented transmission over noisy channel you would typically use _______ mode. A. ECB B. CTR C. OFB D. CBC

C. static biometrics

Recognition by fingerprint, retina, and face are examples of __________. A. face recognition B. dynamic biometrics C. static biometrics D. token authentication

B. 40% and 60%

Relative humidity should be maintained between ________ to avoid the threats from both low and high humidity. A. 20% and 80% B. 40% and 60% C. 50% and 50% D. 30% and 70%