Which of the following algorithm is a symmetric encryption algorithm?
RSA
Diffie-Hellman
SHA-256
DES
Which of the following attacks are active attacks? - Replay - Modification of Message - Denial of Service
Replay
Modification of Message
Denial of Service
All of the above
Which of the following statement(s) regarding symmetric encryption is/are not true?
The encryption key is the same as decryption key
Symmetric key encryption is slower than asymmetric key encryption
AES can be speed up using hardware module
All of the above statements are not true
Which of the following encryption algorithm is NOT used in 4G LTE?
SNOW 3G
AES
3DES
ZUC
Asymmetric encryption can solve the __________ problem(s) of symmetric encryption.
Key distribution
Integrity
Efficiency
Which of the following statement regarding SHA-1 is true?
CWI Amsterdam and Google had performed a collision attack against SHA-1, publishing two dissimilar PDF files which produce the same SHA-1 hash.
CWI Amsterdam and Google had invented a polynomial time algorithm to find two different integers which produce the same SHA-1 hash.
CWI Amsterdam and Google had performed a one-wayness attack against SHA-1, such that given any random 160-bit string, they can re-construct a PDF file which produces this SHA-1 hash.
CWI Amsterdam and Google had invented a polynomial time algorithm to find the input of the hash function x, for any given 160-bit integer y such that H(x)=y where H( ) is the SHA-1 function.
The security of Diffie-Hellman Algorithm relies on the __________ problem.
Factorisation
Subset sum
Discrete logarithm (DL)
Learning with errors (LWE)
IPSec is used to secure the __________ layer.
Application
TCP
Network Layer (IP)
Physical
X.509 is a standard of __________ .
Digital Signature
Email Security
Wireless LAN Security
Digital Security
Which of the following activities are examples of Intrusion? A) Cracking password B) Distributing pirated software C) Using e-banking service from a web browser in a library public computer during opening hours
Both A and B
Both B and C
Both A and C
SSH is an encrypted version of ______
MIME
HTTP
TELNET
Internet Protocol
Cloning of 4G SIM card can be done using __________ attack.
Man-in-the-middle
SQL Injection
Side Channel
Which of the following statement(s) describe(s) correctly the difference(s) between a virus and a worm?
A virus cannot be spread without a human action, but a worm has the capacity to travel without any human action.
A virus does not have the dormant phase, but a worm does have.
In the propagation phase, a virus searches for other systems but a worm only searchers for other programs running within the same system.
All of the above are correct
Which of the following is/are the limitation(s) of a firewall?
Cannot protect from attacks bypassing it
Cannot protect against internal threat
All of the above are limitations of a firewall
There is no limitation of a firewall
What are two security services provided by signcryption?
Confidentiality and Integrity
Confidentiality and Availability
Integrity and Availability
What is meant by "Access Control"?
A. The act of keeping unauthorised personel out of a system.
B. The act of allowing only authorised users into a system.
C. Authentication
A loss of integrity is unauthorised modification of data during the communication.
IPSec encapsulation mode provides protection to the entire IP packet.
Machine learning based intrusion detection systems are likely to produce false positives during traffic analysis.
DDoS attacks cannot be launched at the application layer.
Which of the following is an example aspect of network security?
Wireless security
Physical security
Human input errors
Ciphertext-only capability means that: ______________.
Only decryption can be performed on the ciphertexts
The adversary can only access to the ciphertexts
The adversary can only decrypt chosen ciphertexts
PGP provides confidentiality through the use of ____________________.
Symmetric block encryption
Radix-64
Digital signatures
In IPSec, authentication NOT applied to the entire original IP packet is ______________.
Cipher mode
Transport mode
Tunnel mode
Which is FALSE regarding VPN?
VPN server should be placed in front of firewall if the firewall needs to inspect the packet payloud.
VPN server can only be established by IP security.
VPN can build multiple overlaying networks that share the same physical network.
How does a TCP flooding attack occur?
Transport layer security (TLS) only secures communication between email servers and does not protect between client and server. This means all intermediate hops see plaintext. Hackers and government agencies can utilise this to their advantage. Google uses their key to encrypt emails and can decrypt the emails when requested.
During a TCP flood attack the attacker repeatedly send SYN packets to every port on the target server, often using fake IP addresses. These packets appear legitimate to the server as it tries to establish communication with a SYN-ACK packet. This basically overloads the server and it cannot establish communication due to the large amount of requests occurring.
A TCP flooding attack occurs by an attacker establishing a worm inside the victim system. This worm repeatedly attempts to connect to the system via SYN-ACK packets. These appear legeitimate as they come from within the host system and therefore bypass protection like firewalls and IPSec. This constant connections overload the systems resources causing it to reach capacity, and not be able to accept any legitimate connections.
If the server does not allocate any resource to maintain the connections during the TCP handshake, will the attack still be successful?
Domain Validated Certificates have to be verified offline?
If Alice wants to use PGP, she is required to egister at a CA to get a certificate?
In IPSec, transport mode provides protection to the entire IP packet?
Attack surfaces in networks include both physical and wireless communication channels?
If a certificate of a CA is self-signed, such a CA cannot be the root CA.
Which statement(s) is/are true about the TOR network?
If there are 5 intermediate Tor routers between the user and web server, the middle one knows neither the user IP nor the server IP.
For per communication session, each TOR router will use its own key to encrypt the message.
Tor can hide the IP address of the users from all intermediate Tor routers.
Which statement(s) is/are true about the secure key distribution?
Alice can use public key of Bob to encrypt the private message encryption key in the presence of MITM attackers.
A security association is defined by the HMAC output that’s computed on the packets
Two parties can run the DH key exchange protocol to generate the key after mutual verification of their identities.
Which way(s) is/are not trusted for obtaining the CA’s certificate?
The certificate is installed on your mobile phone’s operating system.
The certificate is loaded from a USB, which is mailed from the CA service provider.
The certificate is sent by a chat bot via an end-to-end encrypted messaging app.
Which statement(s) is/are not true regarding the security of IPSec-based (Tunnel Mode) VPN service?
IPSec-based VPN reveals the IP address of the sender host.
IPSec-based VPN prevents from traffic analysis.
IPSec-based VPN reveals the IP addresses of the gateways which establish the tunnel.
In PGP, the signature of message is generated before compression. Which statement(s) is/are the reason of doing this?
The signature cannot be applied on the compressed message.
The compression algorithm might not be deterministic.
The compression algorithm can reduce the redundancy of the message.
Why is the checksum in the header field of an IP packet insufficient for offering security?
Checksum is not encrypted
Checksum only checks some parts of the payload
Checksum itself can be changed and forged
Which statement/s is(are) not true about the Anti-Replay service of IPSec?
The sequence number of packets cannot be a negative number.
The sliding window will be moved based on a time parameter defined in advance, e.g., after 1 minute, the window is advanced.
The receiver will accept the packets with a sequence number within the current sliding window and mark them as “received”.
Which of the following is/are a service provided by PGP email encryption?
Allow content filtering on encrypted emails
Ensure the confidentiality of all email fields
Provide a distributed key management service
What is the ultimate goal of CONFidentiality in network applications?
The encryption and decryption key remains secret
Both parties in a connection are confident about the security of their communication
The message m exchanged between two parties remains secret during the transmission
It is sufficient to rely solely on transport layer security?
What is a countermeasure to TCP flooding attacks?
Firewalls
Recycle list of half-opened connections
SYN cookies
Allocate backlog memory to a large amount
Encryption of IP header
Sliding window replay mechanism
We generate a signature prior to compression so the signature does not depend on the compression algorithm.
Why does compression take place before encryption in PGP?
Compression takes place before encryption to reduce the size of the message.
Compression is done prior to encryption to reduce redundancy. Compressing after encryption would mean the encryption would also have to be compressed, which would lower efficiency and speed.
Compression is done prior to encryption to increase the validity of the encryption.
What are some limitations of PGP?
Misuse
Leakage
No forward secrecy
Lack of non-repudiation and authentication in compromised scenarios
Lack of encryption
Headers can be targeted by hackers to reveal IP addresses
Email service providers (eg. gmail) do not deploy end-to-end email encryption because it is too expensive?
TLS (transport layer security) hides the IP address of clients?
What are some services offered by IPSec?
Messages Authentication (Integrity)
Key Management (Authenticity)
Anti-replay (Availability)
The Internet Key Exchange (IKE) used in IPSec is based off of the Diffie-Hellman key exchange method?
What is true about ESP tunnel mode?
ESP tunnel mode encrypts the IP paylod but not the IP header
ESP tunnel mode allows for traffic analysis
ESP tunnel mode disables traffic analysis
ESP tunnel mode authenticates the IP payloud and selected portions of the IP header
What is true about AH transport mode?
Authenticates entire IP packet
Encrypts IP payload
Encypts entire IP packet
Authenticates IP payloud and selected portions of the IP header
