CS445 Test 1
In S/MIME, the message is first encrypted by (A). Then both (A) and the encrypted message are encrypted again by (B). What are the correct terms for (A) and (B)?
(A) | (B) Shared | Receiver's Secret | Public Key | Key
CIDR (Classless Interdomain Routing) was created to mitigate the wastage of IP address space. In the notation 205.16.37.32/28, how many IP addresses are available for hosts?
16
Some ranges of IP addresses are assigned for private network. Which one of the following is such a private address range?
192.168.0.0 - 192.168.255.255
In RSA algorithm, the parameters are given as following: p = 11, q = 3. Then n = 33. In this case, what is the value of the Totient Function Φ(n)?
20
Consider a perfect one-way hash algorithm that generates 256-bit hash value. To create a hash collision with 50% chance, how many message should be tried? (Hint: This is called the level of safety.)
2^128
An IP packet size is 4200 bytes. If it is going to be transported over Ethernet, how many fragmented packets will be generated?
3
Since the key length of DES is only 56 bits, you can perform multiple DES encryptions to increase the effective key size. With Double DES, what is the effective key size?
57
The following picture describes the packet structure in IPsec tunnel mode (Entire IP packet becomes the payload of the new IPsec packet.) What is the correct numbers for the protocol types A,B and C? Refer to the table for the protocol numbers. Quiz 3 Question 11
A |B|C 50|4|6
ICMPv6 assumes additional roles on the network. As a result, when using ICMPv6 _______ and IGMP are no longer necessary
ARP
Which protocol is used for determining the MAC address of the destination device when the source device knows only the IP address of the destination?
ARP
_______ is used to resolve a logical (IP) address to a physical (MAC) address.
ARP
Which protocol is used for routing packets between ASes (or ISPs)?
BGP
Why is the RSA algorithm considered secure?
Because it is difficult to factor N to two prime numbers
After launching a brute-force attack on the AES, how did the Cryptool software figure out the right key?
By looking for the lowest entropy value
Among the following encryption modes, which mode allows random access to any block while producing different ciphertext blocks for the same plaintext blocks?
CTR (Counter)
Frequency analysis can be used best for breaking which algorithm?
Caesar's Cipher
One of the following methods uses a different mechanism for encryption. Find it.
Columnar Transposition
What protocol is responsible for dynamically assigning an IP address to network hosts?
DHCP
_______ makes it possible for web browsers to find web servers and for email clients to find their respective servers, since it converts host names to an IP address.
DNS
Which security principle is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack?
Defense in Depth
Packet analysis can also help _______ understand protocol and application behavior to see how routines behave, as well as help determine if it is the application OR the network that is causing slow response times.
Developers
In IKE, which public key algorithm is used for key exchange in modified form?
Diffie-Hellman
RSA algorithm has the following feature. In other words, you can encrypt plaintext with a private key. This does not give any confidentiality, but serves a different purpose. Where can you best use this feature?
Digital Signature
There are two types of IPsec headers, AH (Authentication Header) and ESP (Encapsulated Security Payload) what is the major difference between them?
ESP allows encryption
What standard network protocol is used to access directories and files, and to transfer files from one host to another over a TCP-based network?
FTP
If you right click on either a header or a field value and select "Prepare a Filter", Wireshark will create and run the filter in the display filter area.
False
In Cloudshark, you can use _______ to see where the endpoints are in the world.
GEOIP
Wireshark Legacy utilized _______ or the GIMP Toolkit, a multi-platform toolkit for creating graphical user interfaces.
GTK+
What protocol provides the ability to exchange resources, such as displaying a web page in your browser?
HTTP
_______ carries error, routing and control messages. It does NOT exchange data between systems.
ICMP
Specifies the format of packets or datagrams, and the addressing scheme. Handles the logical addressing in the TCP/IP protocol suite. Decides where a packet is to be sent next, choosing the best path using a routing table.
IP
There are three most important goals in computer security. Which one of the following is one of three goals?
Integrity (WRONG ANSWERS : Controllability, Vulnerability, Accountability)
In Wireshark you can use the _______ found on the right-hand side of the packet list, where the coloring rules help you see indications of problems, so you can quickly go to trouble spots.
Intelligent Scrollbar
Diffie-Hellman key exchange algorithm is considered secure because?
It is hard to compute discrete logarithm
IPsec header includes a 32-bit sequence number. What is the purpose of it?
It is used to prevent replay attack
A switch is in fact a generalized multi-port bridge. Find a correct explanation about switch.
It offers a full-duplex communication
What is the advantage of ECC algorithm compared with RSA?
It requires a smaller key for the same level of security
Choose an incorrect description on AES
It simulates one-time pad
The last part of frame formation is the frame header where we add the source and destination _______ address.
MAC
The following tasks except one are performed by TCP. Find the one that is not the function of TCP.
Multicasting
TCP options must be in multiples of four (4) bytes. If 10 bytes of option are added to the TCP header, two single byte _______ will be added to the options header.
No-Operation
When the DNS query answer comes from the local DNS's cache, what is it called?
Non-authoritative answer
Which one of the following is considered perfect cipher?
One-time pad
Choose an incorrect description about email security.
PGP uses X.509 digital certificate.
Since a public key can be faked by attackers, there is a certification infrastructure called PKI. Find a correct description on it.
PKI forms a hierarchy
Chose an incorrect description on packet fragmentation.
Packets can be reassembled in any intermediate routers
Modern cipher algorithms use a combination of two elementary operations. What are they?
Permutation and Substitution
Which device connects two segments of the same LAN and extends the collision domain?
Repeater
Refer to the following figure. Upon receiving a signed document, which key is used to verify the digital signature? Image on Quiz II Question 8.
Sender's Public Key
What is the disadvantage of asymmetric key cryptography (or public key) compared with symmetric key cryptography?
Slower
You can quickly begin capturing traffic by selecting an active _______ on the main screen.
Sparkline
The protocol suite for the Internet that provides a set of guidelines for networking protocols to enable computers to communicate over a network.
TCP/IP
_______ uses UDP as the transport-layer protocol
TFTP
Find a correct description about MAC address.
The first 24-bit is vendor code
Refer to the following figure. It shows an Ethernet frame. Using a packet sniffer, you observe that the value in the "Length or Type" field is "0x0800". What can you infer from that? Image on Quiz II, Question 11
The frame is an Ethernet II frame
Traceroute algorithm sends a series of packets to the destination with varying TTL values. When the TTL value becomes 0 in a router, what happens?
The router drops the packet and sends an ICMP packet to the sender
In email applications such as MIME, S/MIME or PGP, an encoding scheme called base 64 (or radix 64) is used. What is the purpose of it?
To send binary data over text-only channel.
A significant improvement since moving from GTK to Qt, is that Wireshark now provides a native interface for OSX that doesn't require the use of X11
True
Connectionless protocol used as an alternative to TCP when reliability is not an issue.
UDP
To get help in Wireshark, you can right click on a protocol and select _______
Wiki Protocol Page
The TCP _______ is the amount of information that a machine can receive during a session and still be able to process the data.
Window Size
In the expert system the color _______ provides information about typical workflow such as TCP window update or connection finish.
gray
IPv6 uses _______ to communicate with multiple hosts.
multicast
Transmission Control Protocol _______
supports sliding windows
In order to capture ONLY FTP traffic, use _______ as a capture filter.
tcp port 21
The _______ layer is responsible for transporting data using a connection-oriented connectionless protocol. The PDU at this point is a segment, and the address is a port address.
transport