Security Q1 Questions
5. The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the ______ A. SHA B. RSA C. AES D. DSS
AES
__________ is the scrambled message produced as output. A. Plaintext B. Ciphertext C. Secret key D. Cryptanalysis
Ciphertext
_________ is a procedure that allows communicating parties to verify that received or stored messages are authentic. A. Cryptanalysis B. Decryption C. Message authentication D. Collision resistance
Message authentication
__________ is a block cipher in which the plaintext and ciphertext are integers between 0 and some n A. DSS B. RSA C. SHA D. AES
RSA
__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. A. Traffic padding B. Traffic routing C. Traffic control D. Traffic integrity
Traffic padding
A __________ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. A. mode of operation B. hash function C. cryptanalysis D. brute-force attack
brute-force attack
A __________ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. A. mode of operation B. hash function C. cryptanalysis D. brute-force attack
brute-force attack
A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken. A. attack B. countermeasure C. adversary D. protocol
countermeasure
Transmitted data stored locally are referred to as __________. A. ciphertext B. DES C. data at rest D. ECC
data at rest
The assurance that data received are exactly as sent by an authorized entity is __________. A. authentication B. data confidentiality C. access control D. data integrity
data integrity
Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences. A. unauthorized disclosure B. deception C. disruption D. usurpation
deception
The __________ is the encryption algorithm run in reverse. A. decryption algorithm B. plaintext C. ciphertext D. encryption algorithm
decryption algorithm
The _________ prevents or inhibits the normal use or management of communications facilities. A. passive attack B. traffic encryption C. denial of service D. masquerade
denial of service
A __________ is created by using a secure hash function to generate a hash value for a message and then encrypting the hash code with a private key. A. digital signature B. keystream C. one-way hash function D. secret key
digital signature
A threat action in which sensitive data are directly released to an unauthorized entity is __________. A. corruption B. disruption C. intrusion D. exposure
exposure
4. On average, __________ of all possible keys must be tried in order to achieve success with a brute-force A. one-fourth B. half C. two-thirds D. three-fourths
half
The purpose of a __________ is to produce a "fingerprint" of a file, message, or other block of data. A. secret key B. digital signature C. keystream D. hash function
hash function
A ________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A. low B. normal C. moderate D.high
high
Combined one byte at a time with the plaintext stream using the XOR operation, a __________ is the output of the pseudorandom bit generator. A. keystream B. digital signature C. secure hash D. message authentication code
keystream
An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user. A. masquerade B. interception C. repudiation D. inference
masquerade
A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources. A. passive attack B. inside attack C. outside attack D. active attack
passive attack
The original message or data that is fed into the algorithm is __________ A. encryption algorithm B. secret key C. decryption algorithm D. plaintext
plaintext
Digital signatures and key management are the two most important applications of __________ encryption. A. private-key B. public-key C. preimage resistant D. advanced
public-key
A __________ is any action that compromises the security of information owned by an organization. A. security mechanism B. security attack C. security policy D. security service
security attack
A _________ protects against an attack in which one party generates a message for another party to sign. A. data authenticator B. strong hash function C. weak hash function D. digital signature
strong hash function
A back-end appliance is a hardware device that sits between servers and storage systems and encrypts all data going from the server to the storage system and decrypts data going in the opposite direction
true
A block cipher processes the plaintext input in fixed-size blocks and produces a block of ciphertext of equal size for each plaintext block.
true
A cryptanalytic attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.
true
A digital signature is data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.
true
A loss of availability is the disruption of access to or use of information or an information system.
true
A pseudorandom stream is one that is unpredictable without knowledge of the input key and which has an apparently random character
true
A stream cipher processes the input elements continuously, producing output one element at a time.
true
A(n) attack is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.
true
A(n) countermeasure is any means taken to deal with a security at tack.
true
A(n) risk assessment is periodically assessing the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission or organizational information.
true
Also referred to as single- key encryption, the universal technique for providing confidentiality for transmitted or stored data is symmetric encryption.
true
Computer Security is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.
true
Confidentiality, Integrity, and Availability form what is often referred to as the CIA Triad.
true
Establishing, maintaining, and implementing plans for emergency response, backup operations, and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a contingency plan.
true
In July 1998 the Electronic Frontier Foundation (EFF) announced that it had broken a DES encryption using a special purpose "DES cracker" machine.
true
In the United States, student grade information is an asset whose confidentiality is regulated by the FERPA (Family Educational Rights and Privacy Act.
true
Library-based tape encryption is provided by means of a co-processor board embedded in the tape drive and tape library hardware
true
Misappropriation and misuse are attacks that result in usurpation threat consequences.
true
Public-key encryption was first publicly proposed by Diffie and Hellman in 1976.
true
Release of message contents and traffic analysis are two types of passive attacks.
true
Replay, masquerade, modification of messages, and denial of service are example of active attacks.
true
Security implementation involves four complementary courses of action: prevention, detection, response, and recovery.
true
The OSI security architecture focuses on security attacks, mechanisms, and services.
true
The assets of a computer system can be categorized as hardware, software, communication lines and networks, and data.
true
The assets of a computer system can be categorized as hardware, software, communication lines and networks, and data.
true
The decryption algorithm takes the ciphertext and the secret key and produces the original plaintext
true
The public and private key is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption
true
The purpose of the Diffie-Hellman Key Agreement algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages.
true
The simplest approach to multiple block encryption is known as electronic codebook (ECB) mode, in which plaintext is handled b bits at a time and each block of plaintext is encrypted using the same key
true
The two criteria used to validate that a sequence of numbers is random are independence and uniform distribution.
true
There are two general approaches to attacking a symmetric encryption scheme: cryptanalytic attacks and brute-force attacks.
true
If the only form of attack that could be made on an encryption algorithm is brute-force, then the way to counter such attacks would be to __________. A. use longer keys B. use shorter keys C. use more keys D. use less keys
use longer keys
A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________. A. countermeasure B. vulnerability C. adversary D. risk
vulnerability
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________. A. risk B. asset C. attack D. vulnerability
vulnerability
