Chapter 15

TLS is a newer cryptographic protocol standard, dervived from SSL. True False

True

The central problem with anomaly detection systems is that the false alarm rate must be extremely low, or else system administrators will learn to ignore the alarms. True False

True

____ layer security generally has been standardized on IPSec. -Network -Transport -Data-link -Application -all of the above

Network

____ is a symmetric stream cipher. -DES -AES -RC4 -twofish -all of the above

RC4

A code that misuses its environment is called ____. -a backdoor -a trap door -a worm -a Trojan horse -all of the above

a Trojan horse

Asymmetric key cryptography is a common technique for distribution of keys for symmetric-key cryptography. True False

True

Asymmetric key cryptography is generally more computationally expensive than symmetric key cryptography. True False

True

A decryption function has the form: F: K -> (M -> C), where K is the domain of possibly keys, M is the domain of possible messages, and C is the domain of possible ciphertexts. True False

False

A firewall is an effective defense against denial-of-service attacks. True False

False

Biometric devices are currently too large and expensive to be used for normal computer authentication. True False

False

IPSec is a transport-layer protocol that uses symmetric key encryption for data, and public-key encryption for key exchange. True False

False

In SSL, symmetric key cryptogaphy is used to establish asymmetric session keys that can be used for encryption of data between client and server. True False

False

It is easier to protect against malicious misuse than against accidental misuse. True False

False

On Unix systems, the term "salt" is used for bogus easily-guessed passwords that are inserted into the password file to entrap potential hackers. True False

False

RSA cryptography works by performing aseries of transformations that are based on substitution and permutation operations. True False

False

Sec is an application-level protocol, similar to HTTPS. True False

False

The essential property of an authentication algorithm is that one can compute m such that E_k(m) = c, only if one posesses k. True False

False

Tripwire can distinguish between an authorized and an unauthorized change. True False

False

Generally, it is impossible to prevent denial-of-service attacks. True False

True

IPSec is a network layer protocol that uses symmetric key encryption for data, and public-key encryption for key exchange. True False

True

If an unauthorized user modifies a file, this is an attack on -Integrity -Availability -Privacy -Confidentiality -Civil liberty -None of these

Integrity

Which of the following is true of SSL? -It provides security at the data-link layer. -It is a simple protocol with limited options. -It is commonly used for secure communication on the Internet. -It was designed by Microsoft. -all of the above

It is commonly used for secure communication on the Internet.

SSL (Secure Socket Layer) establishes a secured, bidirectional tunnel for arbitrary binary data between two hosts. True False

True

SSL depends on the server having a digitally signed certificate that is obtained by the client from a trusted source. True False

True

SSL depends on the server providing the client a certificate signed with the private key of a trusted certification authority. True False

True

Spyware is not considered a crime in most countries. True False

True

A denial of service attack is ____. -aimed at gaining information -aimed at stealing resources -aimed at disrupting legitimate use of a system -generally not network based -all of the above

aimed at disrupting legitimate use of a system

Worms ____. -use the spawn mechanism to ravage system performance -can shut down an entire network -continue to grow as the Internet expands -are application programs with hidden malware -all of the above

all of the above

A ____ is a public key digitally signed by a trusted party. -key ring -digital certificate -message digest -digital key -all of the above

digital certificate

Dynamically linked shared libraries provide an avenue for a ________ attack. -trojan horse -man-in-the-middle -denial of service -replay -macro virus -none of these

trojan horse

The most common method used by attackers to breach security is ____. -masquerading -message modification -session hijacking -phishing -all of the above

masquerading

The "stack crashing" technique penetrates system security by -modifying a saved subprogram return address -penetrating the network protocol stack -guessing a user's password -causing the system to crash, by corrupting the runtime stack -decrypting the content of the user's stack -none of these

modifying a saved subprogram return address

A ____ virus changes each time it is installed to avoid detection by antivirus software. -polymorphic -tunneling -multipartite -stealth -all of the above

polymorphic

In a paired-password system, ____. -the user specifies two passwords -the computer supplies one part of a password and the user enters the other part -passwords must contain equal amounts of numbers and digits paired together -two users must enter their own separate password to gain access to the system -all of the above

the computer supplies one part of a password and the user enters the other part