хомяк убийца
Quiz von , erstellt am more than 1 year ago

- at Quiz am #2 Information security and data protection, erstellt von хомяк убийца am 13/05/2018.

956
21
0
хомяк убийца
Erstellt von хомяк убийца vor mehr als 6 Jahre
Schließen

#2 Information security and data protection

Frage 1 von 60

1

This is the process of determining whether someone or something is, in fact, who or what it is declared to be.

Wähle eine der folgenden:

  • Conditional access

  • Authentication

  • Identification

  • Anonymizer

  • Authorization

Erklärung

Frage 2 von 60

1

In the original description, the Diffie-Hellman exchange by itself does not provide ____ of the communicating parties and is thus vulnerable to a man-in-the-middle attack

Wähle eine der folgenden:

  • Password

  • Two factor authentication

  • Security token

  • Authentication

Erklärung

Frage 3 von 60

1

Why would reusing a ticket as a replay attack is Kerberos not be successful?

Wähle eine der folgenden:

  • The tickets are encrypted

  • The tickets are digitally signed

  • The tickets are used a token

  • The tickets are time stamped

Erklärung

Frage 4 von 60

1

What is Man in the middle attack?

Wähle eine der folgenden:

  • The attackers catch our employee in the middle of them and start applying physical pressure on them

  • The attacker (man) hides inside (in the middle of) a crowd to sneak past the guards and cameras

  • The hacker jacks in a network and records all the information sent over the network

Erklärung

Frage 5 von 60

1

What is encryption strength is based on? Please select the best answer

Wähle eine der folgenden:

  • The strength of the algorithm, the length of the key, and the secrecy of the key

  • The length of the key, the type of algorithm, and the strength of the key

  • The privacy of the key, the length of the algorithm, and the strength of the key

  • The strength of the key, the length of the algorithm, and the privacy of the key

Erklärung

Frage 6 von 60

1

One form of ‘something you have’ is the _____ and USB tokens

Wähle eine der folgenden:

  • Fingerprint

  • Tokens

  • Identification

  • Password

  • Digital signatures

Erklärung

Frage 7 von 60

1

The process based on some physical, genetic, or otherwise human characteristic that cannot be duplicated is also known as (Please select the best answer)

Wähle eine der folgenden:

  • Password authentication

  • Physical authentication

  • Fingerprint authentication

  • Biometric authentication

Erklärung

Frage 8 von 60

1

What is a good way to make users in a network safer in the internet

Wähle eine der folgenden:

  • Get a slow connection so they cannot download too much

  • Deny all internet access

  • All of the above

  • None of the above

  • Set up a filtering proxy server so you can check all the incoming traffic

Erklärung

Frage 9 von 60

1

When an attacker captures part of a communication and later sends the communication segment to the server whilst pretending to be the user it is known as a

Wähle eine der folgenden:

  • It is known as the Man in the middle attack

  • It is known as the TCP/IP spoofing attack

  • It is known as the Back door attack

  • It is known as the Replay attack

Erklärung

Frage 10 von 60

1

In which of the following attack does the attacker capture a portion of the communication between two parties, modifies it, and inserts

Wähle eine der folgenden:

  • Man-in-the-middle attack

  • Spoofing

  • Sniffing

  • Denial-of-service

Erklärung

Frage 11 von 60

1

A password represents

Wähle eine der folgenden:

  • Something you have

  • None of the above

  • Something you are

  • Something you know

  • All of the above

Erklärung

Frage 12 von 60

1

List the main aspects of information security: I. Confidentiality II. Integrity III. Availability IV. Consistency

Wähle eine der folgenden:

  • I-III-IV

  • I-III

  • I-II-III

  • I only

  • II-III-IV

Erklärung

Frage 13 von 60

1

Which of the following describes the challenge-response

Wähle eine der folgenden:

  • A workstation or system that generates a random challenge string that the user enters when prompted along with the proper PIN (Personal Identification Number)

  • A workstation or system that generates a random ID that the user enters when prompted along with the proper PIN (Personal Identification Number)

  • A special hardware device that is used to generate random text in a cryptography system

  • The authentication mechanism in the workstation or system does not determine if the owner should be authenticated.

Erklärung

Frage 14 von 60

1

Consider the Diffie-Hellman scheme with a common prime p=7 and primitive root (generator) g=3 if the user A has private key XA = 3, what is A’s public key RA?

Wähle eine der folgenden:

  • 6

  • 8

  • 9

  • 16

Erklärung

Frage 15 von 60

1

Suppose Bob wants to send a secret message to Alice using public key cryptography. Then Bob should

Wähle eine der folgenden:

  • Encrypt the message with Alice’s public key and send Alice the message

  • Encrypt the message with Alice’s private key and send the encrypted message to Alice

  • Encrypt the message with his public key and send Alice the message

  • Encrypt the message with his private key and send the encrypted message to Alice

Erklärung

Frage 16 von 60

1

Suppose Bob wants to send Alice a digital signature for the message m. To create the digital signature

Wähle eine der folgenden:

  • Bob applies a hash function to m and then encrypts the result with his private key

  • Bob applies a hash function to m and then encrypts the result with his public key

  • Bob applies a hash function to m and then encrypts the result with Alice’s public key

  • Bob encrypts m with his private key and then applies a hash function to the result

Erklärung

Frage 17 von 60

1

Suppose Alice receives from Bob a message m along with a digital signature for the message m. To verify that the message was not changed and that Bob indeed sent the message, Alice

Wähle eine der folgenden:

  • Applies Bob's public key to the digital signature, applies the has function to m, and compares the results of the two operations;

  • Applies Bob's public key to the digital signature, then a de-hashing function to the result. She then compares the results of this last operation with the message m;

  • Applies a de-hashing function to the digital signature and compare the result to m;

  • No correct answer;

Erklärung

Frage 18 von 60

1

Suppose a CA contains Bob's certificate, which binds Bob's public key to Bob. This certificate is signed with

Wähle eine der folgenden:

  • The CA's private key

  • Bob’s public key

  • The CA's public key

  • Bob’s private key

Erklärung

Frage 19 von 60

1

A well designed and configured ____ is like having a single point of entry into your building with a security guard at the door allowing only authorized personnel into the building.

Wähle eine der folgenden:

  • Network Adapter

  • Antivirus Software

  • Intrusion Detection System

  • Firewall

Erklärung

Frage 20 von 60

1

Which security action should be finished before access is given to the network?

Wähle eine der folgenden:

  • Identification and authorization

  • Identification and authentication

  • Authentication and authorization

  • Authentication and password

Erklärung

Frage 21 von 60

1

Which of the following types of encryption would BEST to use for a large amount of data?

Wähle eine der folgenden:

  • Asymmetric

  • Symmetric

  • RSA

  • Hash

Erklärung

Frage 22 von 60

1

Which statement correctly describes the difference between a secure cipher and a secure hash?

Wähle eine der folgenden:

  • A hash produces a variable output for any input size; a cipher does not.

  • A cipher can be reversed; a hash cannot.

  • A cipher produces the same size output for any input size; a hash does not.

Erklärung

Frage 23 von 60

1

This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies.

Wähle eine der folgenden:

  • Decryption

  • Cryptanalysis

  • Cryptography

  • Brute force cracking

Erklärung

Frage 24 von 60

1

Making sure that the data has not been changed unintentionally, due to an accident or malice, is:

Wähle eine der folgenden:

  • Auditability

  • Availability

  • Integrity

  • Confidentiality

Erklärung

Frage 25 von 60

1

Which of the following appears when an asset of the system become lost, unavailable or unusable?

Wähle eine der folgenden:

  • Interception

  • Interruption

  • Interpretation

  • Modification

  • Fabrication

Erklärung

Frage 26 von 60

1

Show incorrect kind of threats

Wähle eine der folgenden:

  • Interception

  • Interruption

  • Interpretation

  • Modification

  • Fabrication

Erklärung

Frage 27 von 60

1

Bock cipher maps each plaintext block to :

Wähle eine der folgenden:

  • Same length cipher text block

  • Different length cipher text block

  • The same letter

  • No answer

Erklärung

Frage 28 von 60

1

What is vulnerability?

Wähle eine der folgenden:

  • A weakness in the security system

  • A Method which uses flaws to have more access, privileges or resources to the system

  • A method which used to eliminate or reduce threats

  • A kind of auth to system

Erklärung

Frage 29 von 60

1

A(n) _____ application monitors all incoming and outgoing network traffic and block unauthorized packets from getting through

Wähle eine der folgenden:

  • Antivirus

  • Intrusion Detection System (IDS)

  • Personal Firewall

  • Network Monitor

Erklärung

Frage 30 von 60

1

What is assumed by cipher in cryptography ?

Wähle eine der folgenden:

  • Algorithm for performing encryption and decryption

  • Encrypted message

  • None of mentioned

  • Raw message

  • All of mentioned

Erklärung

Frage 31 von 60

1

What is assumed by ciphertext in cryptography?

Wähle eine der folgenden:

  • Algorithm for performing encryption and decryption

  • Encrypted message

  • None of mentioned

  • Raw message

  • All of mentioned

Erklärung

Frage 32 von 60

1

What is assumed by plaintext in cryptography?

Wähle eine der folgenden:

  • Algorithm for performing encryption and decryption

  • Encrypted message

  • None of mentioned

  • Raw message

  • All of mentioned

Erklärung

Frage 33 von 60

1

In cryptography, what is key?

Wähle eine der folgenden:

  • Info used to cipher, known only to sender and receiver

  • Algorithm for transforming plaintext to ciphertext

  • Encrypted message

  • Recovering plaintext from ciphertext

  • Converting plaintext to ciphertext

Erklärung

Frage 34 von 60

1

What is cryptoanalysis?

Wähle eine der folgenden:

  • Study of principles/methods deciphering ciphertext without knowing key

  • Info used to cipher, known only to sender and receiver

  • Algorithm for transforming plaintext to ciphertext

  • Recovering plaintext from ciphertext

  • Converting plaintext to ciphertext

Erklärung

Frage 35 von 60

1

In asymmetric key cryptography, the public key for decryption is kept by:

Wähle eine der folgenden:

  • Sender

  • Receiver

  • Sender and receiver

  • Everyone in the network

  • All the connected devices to the network

Erklärung

Frage 36 von 60

1

Which of these are threats against to modern computer?

Wähle eine der folgenden:

  • Network attacks, firewall and worms

  • Viruses, worms and encryption

  • Network attacks, viruses and worms

  • Viruses, network encryptions and worms

Erklärung

Frage 37 von 60

1

How the industry solves the threats ?

Wähle eine der folgenden:

  • Firewall, IDS, Kerberos, blogs

  • IDS, firewall, authentication, policies

  • Virus, worms, attacks, web-sites

  • Network attacks, IDS, worms, virus

Erklärung

Frage 38 von 60

1

Which one of the following algorithm is not used in asymmetric key cryptography?

Wähle eine der folgenden:

  • RSA algorithm

  • Diffle-Hellman algorithm

  • DES algorithm

  • DSA algorithm

Erklärung

Frage 39 von 60

1

In cryptography, the order of the order of the letters in a message in rearranged by

Wähle eine der folgenden:

  • Transpositionalcip ciphers

  • substitution ciphers

  • All kinds of the ciphers

  • None of the mentioned

Erklärung

Frage 40 von 60

1

What is data encryption standard (DES)?

Wähle eine der folgenden:

  • Block cipher

  • stream cipher

  • bit cipher

  • none of the mentioned

Erklärung

Frage 41 von 60

1

Cryptanalysis is used:

Wähle eine der folgenden:

  • To find some insecurity in cryptographic scheme

  • to increase the speed

  • to encrypt the data

  • none of the mentioned

Erklärung

Frage 42 von 60

1

Cryptographic hash function takes an arbitrary block of data and returns

Wähle eine der folgenden:

  • Fixed site bit string

  • variable size bit string

  • none of the mentioned

  • both of the mentioned

Erklärung

Frage 43 von 60

1

A substitution cipher substitutions one symbol with

Wähle eine der folgenden:

  • Keys

  • Others

  • Multi Parties

  • Single Party

Erklärung

Frage 44 von 60

1

An asymmetric-key(or public key ) cipher uses

Wähle eine der folgenden:

  • 1 key

  • 2 key

  • 3 key

  • 4 key

Erklärung

Frage 45 von 60

1

In the computer industry the “What you have” method is use of?

Wähle eine der folgenden:

  • Passwords

  • Smart cards

  • Digital certificates’

Erklärung

Frage 46 von 60

1

A smartcard represents

Wähle eine der folgenden:

  • None of the above

  • Something you are

  • All of the above

  • Something you have

  • Something you know

Erklärung

Frage 47 von 60

1

Convert one symbol of plaintext immediately into a symbol of cipher text (example:Caesar cipher)

Wähle eine der folgenden:

  • Encryption

  • Plaintext

  • Block cipher

  • stream ciphers

Erklärung

Frage 48 von 60

1

Interruption is

Wähle eine der folgenden:

  • Asset lost, unusable, unavailable

  • Unauthorized access

  • Unauthorized change, tamper of data

  • Ex. Unauthorized add data to a DB

Erklärung

Frage 49 von 60

1

Modification is

Wähle eine der folgenden:

  • Unauthorized change, tamper of data

  • Asset lost, unusable, unavailable

  • Unauthorized access

  • Ex. Unauthorized add data to a DB

Erklärung

Frage 50 von 60

1

Which are the examples of DEFENCE?

Wähle eine der folgenden:

  • Firewalls, router access control list, spam filters, virus scanners

  • Employee communication, policy on company Intranet

  • Audit logs, intrusion detection system, network traffic monitoring

  • Network attacks, IDS, worms, virus

Erklärung

Frage 51 von 60

1

Which are the examples of DETERRENCE?

Wähle eine der folgenden:

  • Employee communication, policy on company Intranet

  • Firewalls, router access control list, spam filters, virus scanners

  • Audit logs, intrusion detection system, network traffic monitoring

  • Network attacks, IDS, worms, virus

Erklärung

Frage 52 von 60

1

Which are the examples of DETECTION?

Wähle eine der folgenden:

  • Audit logs, intrusion detection system, network traffic monitoring

  • Employee communication, policy on company Intranet

  • Firewalls, router access control list, spam filters, virus scanners

  • Network attacks, IDS, worms, virus

Erklärung

Frage 53 von 60

1

What is encryption?

Wähle eine der folgenden:

  • Is the process of encoding a message so that its meaning is not obvious

  • Is the reverse process, transforming an encrypted message back into its normal, original form

  • Is the process of preventing any attacks from the hackers

Erklärung

Frage 54 von 60

1

In password protection, this is a random string of data or number used to modify a password hash

Wähle eine oder mehr der folgenden:

  • Nonce

  • Ssl

  • One time password

  • Secret key

  • Public key

Erklärung

Frage 55 von 60

1

Using public key cryptography suppose Bob wants to send a secret message to Alice and Alice wants to be sure that the message was indeed sent by Bob. Then Bob should:

Wähle eine der folgenden:

  • Encrypt the message with his private key, encrypt the result with Ailce’s public key and then send Alice the message

  • • Encrypt the message with his private key , encrypt yhe result with alices’ private key, and then send Alicce the message

  • • Encrypt the message with his public key, encrypt the result with Alice’s public key, and then send Alice the message

Erklärung

Frage 56 von 60

1

Which statement correctly describes the difference between a secure cipher and a secure hash?

Wähle eine der folgenden:

  • Cipher can be reversed, hash cannot

  • A hash can be reversed, a cipher cannot

  • A hash production a variable output fot any input size, a cipher does not

  • A cipher produces the same size output for any input size, a hash does not

Erklärung

Frage 57 von 60

1

This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies

Wähle eine der folgenden:

  • • Brute force cracking

  • • Decryption

  • • Cryptoanalysis

  • • Cryptography

Erklärung

Frage 58 von 60

1

A well designed and configured _____ is like having single point of entry into your building with a security guard at the door allowing only authorized personnel into the building

Wähle eine der folgenden:

  • Firewall

  • Network adapter

  • Antivirus software

  • Intrusion detection system

Erklärung

Frage 59 von 60

1

Suppose a CA contains Bob’s certificate, which binds Bob’s public key to Bob. This certificate is signed with

Wähle eine der folgenden:

  • The CA’s private key

  • Bobs public key

  • The CAs public key

  • Bobs private key

Erklärung

Frage 60 von 60

1

Suppose Alice receives from Bob a message m with digital signature for one message m. To verify that the message was not changed and that Bob indeed sent the message, Alice

Wähle eine der folgenden:

  • Applies Bob’s public key to the digital signature applies to the hash function to m, and compares the results of the two operations.

  • Applies bobs public key to the digital signature, then a de-hashing function to the result. She then compares the result of this operation with the message m

  • Applies a de-hashing function to the digital signature and compares the result m

  • No correct answer

Erklärung