Test 1 + 2 + 3 +4 - Applied Cryptography - Network Security Essentials Applications and Standards 6th

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

A connection-oriented integrity service deals with individual messages without regard to any larger context and generally provides protection against message modification only.

False

A loss of confidentiality is the unauthorized modification or destruction of information.

False

A means of generating predictable PGP session keys is needed.

False

AES (Advanced Encryption Standard) uses a Feistel structure.

False

Cryptographic hash functions generally execute slower in software than conventional encryption algorithms such as DES (Data Encryption Standard).

False

Data integrity is the protection of data from unauthorized disclosure.

False

Data origin authentication provides protection against the duplication or modification of data units.

False

Each PGP entity must maintain a file of its own public/private key pairs as well as a file of private keys of correspondents.

False

IEEE 802.11 defines seven services that need to be provided by the wireless LAN to achieve functionality equivalent to that which is inherent to wired LANs.

False

If an opponent captures an unexpired service granting ticket and tries to use it they will be denied access to the corresponding service.

False

If the lifetime stamped on a ticket is very short (e.g., minutes) an opponent has a greater opportunity for replay.

False

Information access threats exploit service flaws in computers to inhibit use by legitimate users.

False

It is not necessary for a certification authority to maintain a list of certificates issued by that CA that were not expired but were revoked.

False

It is not required for two parties to share a secret key in order to communicate securely with conventional encryption.

False

Kerberos relies exclusively on asymmetric encryption and makes use of public key encryption.

False

Message encryption alone provides a secure form of authentication.

False

Microsoft Explorer originated SSL.

False

One desirable property of a stream cipher is that the ciphertext be longer in length than the plaintext.

False

PGP (Pretty Good Privacy) provides confidentiality through the use of asymmetric block encryption.

False

PGP has a very rigid public-key management scheme.

False

Patient allergy information is an example of an asset with a moderate requirement for integrity.

False

Phase 3 completes the setting up of a secure connection of the Handshake Protocol.

False

Private key encryption is used to produce digital signatures which provide an enhanced form of message authentication.

False

Public-key encryption is also referred to as conventional encryption, secret-key, or single-key encryption.

False

Smaller block sizes mean greater security but reduced encryption/decryption speed.

False

The SSL Record Protocol is used before any application data is transmitted.

False

The WAP architecture is designed to cope with the two principal limitations of wireless Web access: the limitations of the mobile node and the high data rates of wireless digital networks.

False

The certificate message is required for any agreed on key exchange method except fixed Diffie-Hellman.

False

The encryption of the compressed message plus the MAC must increase the content length by more than 1024 bytes.

False

The integration service enables transfer of data between a station on an IEEE 802.11 LAN and a station on an integrated IEEE 802.x LAN.

False

The most commonly used symmetric encryption algorithms are stream ciphers.

False

The most complex part of Wireless Transport Layer Security is the Change Cipher Spec Protocol.

False

The pairwise master key is derived from the group key.

False

The security of symmetric encryption depends on the secrecy of the algorithm, not the secrecy of the key.

False

The security of the Diffie-Hellman key exchange lies in the fact that, while it is relatively easy to calculate exponentials modulo a prime, it is very easy to calculate discrete logarithms.

False

The two important aspects of encryption are to verify that the contents of the message have not been altered and that the source is authentic.

False

There are clear boundaries between network security and internet security.

False

To enhance security an encrypted message is not accompanied by an encrypted form of the session key that was used for message encryption.

False

Unlike traditional publishing environments, the Internet is three-way and vulnerable to attacks on the Web servers.

False

User certificates generated by a CA need special efforts made by the directory to protect them from being forged.

False

WAP was not designed to work with all wireless network technologies.

False

A basic service set may be isolated or it may connect to a backbone distribution system through an access point, which functions as a bridge and a relay point.

True

A message component includes the actual data to be stored or transmitted as well as a filename and a timestamp that specifies the time of creation.

True

A session key is destroyed at the end of a session.

True

As a default, PGP compresses the message after applying the signature but before encryption.

True

Because of the mathematical properties of the message authentication code function it is less vulnerable to being broken than encryption.

True

Ciphertext is the scrambled message produced as output..

True

E-mail is the most common distributed application that is widely used across all architectures and vendor platforms.

True

EEE 802.11 is a standard for wireless LANs.

True

Even in the case of complete encryption there is no protection of confidentiality because any observer can decrypt the message by using the sender's public key.

True

Federated identity management is a concept dealing with the use of a common identity management scheme across multiple enterprises and numerous applications and supporting many thousands, even millions, of users.

True

For symmetric encryption to work the two parties to an exchange must share the same key, and that key must be protected from access by others.

True

In addition to providing authentication, a message digest also provides data integrity and performs the same function as a frame check sequence.

True

In developing a particular security mechanism or algorithm one must always consider potential attacks on those security features.

True

In the ECB (Electronic Code Book) mode of encryption if an attacker reorders the blocks of ciphertext then each block will still decrypt successfully, however, the reordering may alter the meaning of the overall data sequence.

True

Kerberos version 4 did not fully address the need to be of general purpose.

True

One notable approach to WAP assumes that the mobile device implements TLS over TCP/IP and the wireless network supports transfer of IP packets.

True

One of the major roles of public-key encryption is to address the problem of key distribution.

True

One way to classify Web security threats is in terms of the location of the threat: Web server, Web browser, and network traffic between browser and server.

True

PGP (Pretty Good Privacy) incorporates tools for developing public-key certificate management and a public-key trust model.

True

Pervasive security mechanisms are not specific to any particular OSI (Open Systems Interconnection) security service or protocol layer.

True

Ports are logical entities defined within the authenticator and refer to physical network connections.

True

Public key algorithms are based on mathematical functions rather than on simple operations on bit patterns.

True

Public key algorithms are useful in the exchange of conventional encryption keys.

True

Random numbers play an important role in the use of encryption for various network security applications.

True

SSl/TLS includes protocol mechanisms to enable two TCP users to determine the security mechanisms and services they will use.

True

Server authentication occurs at the transport layer, based on the server possessing a public/private key pair.

True

Sessions are used to avoid the expensive negotiation of new security parameters for each connection that shares security parameters.

True

The CIA (Confidentiality, Integrity, Availability) triad embodies the fundamental security objectives for both data and for information and computing services.

True

The Change Cipher Spec Protocol is one of the three SSL-specific protocols that use the SSL Record Protocol.

True

The DS can be a switch, a wired network, or a wireless network.

True

The Feistel structure is a particular example of the more general structure used by all symmetric block ciphers.

True

The TLS Record Format is the same as that of the SSL Record Format.

True

The WTLS Record Protocol takes user data from the next higher layer and encapsulates these data in a PDU (Protocal Data unit).

True

The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets.

True

The actual method of key generation depends on the details of the authentication protocol used.

True

The advantage of a block cipher is that you can reuse keys.

True

The automated key distribution approach provides the flexibility and dynamic characteristics needed to allow a number of users to access a number of servers and for the servers to exchange data with each other.

True

The ciphertext-only attack is the easiest to defend against because the opponent has the least amount of information to work with.

True

The emphasis in dealing with passive attacks is on prevention rather than detection.

True

The essence of a symmetric block cipher is that a single round offers inadequate security but that multiple rounds offer increasing security.

True

The first element of the Cipher Suite parameter is the key exchange method.

True

The key exchange protocol is vulnerable to a man- in-the-middle attack because it does not authenticate the participants.

True

The key legitimacy field is derived from the collection of signature trust fields in the entry.

True

The main advantage of HMAC over other proposed hash based schemes is that HMAC can be proven secure, provided that the embedded hash function has some reasonable cryptographic strengths.

True

The more critical a component or service, the higher the level of availability required.

True

The primary advantage of a stream cipher is that stream ciphers are almost always faster and use far less code than do block ciphers.

True

The principal drawback of 3DES is that the algorithm is relatively sluggish in software.

True

The principal underlying standard for federated identity is the Security Assertion Markup Language (SAML) which defines the exchange of security information between online business partners.

True

The private key is known only to its owner.

True

The shared master secret is a one-time 48-byte value generated for a session by means of secure key exchange.

True

The strength of a hash function against brute-force attacks depends solely on the length of the hash code produced by the algorithm.

True

The ticket-granting ticket is encrypted with a secret key known only to the authentication server and the ticket granting server.

True

There is a natural tendency on the part of users and system managers to perceive little benefit from security investment until a security failure occurs.

True

Triple DES (Data Encryption Standard) was first standardized for use in financial applications in ANSI standard X9.17 in 1985.

True

Viruses and worms are two examples of software attacks.

True

WML (Wireless Markup Language) presents mainly text-based information that attempts to capture the essence of the Web page.

True

WTLS (Wireless Transport Layer Security) provides security services between the mobile device and the WAP gateway.

True

With the introduction of the computer the need for automated tools for protecting files and other information stored on the computer became evident.

True

X.509 is based on the use of public-key cryptography and digital signatures.

True


Ensembles d'études connexes

Teach Like A Champion (63 Techniques)

View Set

BIOL228: Terrestrial Vertebrates

View Set

Mon, ma, mes, ton, ta, tes, son, sa, ses

View Set

Principles of Marketing Ch.12 Book/Vocab Notes

View Set

SMM Chapter 4: Rules of Engagement for SMM

View Set

Exam 1 - MGMT 443 Mendez Chico State

View Set

Managerial Accounting and Cost Concepts

View Set

MGT 363 Flores Ch. 3 Quiz Review

View Set