хомяк убийца
Quiz by , created more than 1 year ago

- at Quiz on #2 Information security and data protection, created by хомяк убийца on 13/05/2018.

956
21
0
хомяк убийца
Created by хомяк убийца over 6 years ago
Close

#2 Information security and data protection

Question 1 of 60

1

This is the process of determining whether someone or something is, in fact, who or what it is declared to be.

Select one of the following:

  • Conditional access

  • Authentication

  • Identification

  • Anonymizer

  • Authorization

Explanation

Question 2 of 60

1

In the original description, the Diffie-Hellman exchange by itself does not provide ____ of the communicating parties and is thus vulnerable to a man-in-the-middle attack

Select one of the following:

  • Password

  • Two factor authentication

  • Security token

  • Authentication

Explanation

Question 3 of 60

1

Why would reusing a ticket as a replay attack is Kerberos not be successful?

Select one of the following:

  • The tickets are encrypted

  • The tickets are digitally signed

  • The tickets are used a token

  • The tickets are time stamped

Explanation

Question 4 of 60

1

What is Man in the middle attack?

Select one of the following:

  • The attackers catch our employee in the middle of them and start applying physical pressure on them

  • The attacker (man) hides inside (in the middle of) a crowd to sneak past the guards and cameras

  • The hacker jacks in a network and records all the information sent over the network

Explanation

Question 5 of 60

1

What is encryption strength is based on? Please select the best answer

Select one of the following:

  • The strength of the algorithm, the length of the key, and the secrecy of the key

  • The length of the key, the type of algorithm, and the strength of the key

  • The privacy of the key, the length of the algorithm, and the strength of the key

  • The strength of the key, the length of the algorithm, and the privacy of the key

Explanation

Question 6 of 60

1

One form of ‘something you have’ is the _____ and USB tokens

Select one of the following:

  • Fingerprint

  • Tokens

  • Identification

  • Password

  • Digital signatures

Explanation

Question 7 of 60

1

The process based on some physical, genetic, or otherwise human characteristic that cannot be duplicated is also known as (Please select the best answer)

Select one of the following:

  • Password authentication

  • Physical authentication

  • Fingerprint authentication

  • Biometric authentication

Explanation

Question 8 of 60

1

What is a good way to make users in a network safer in the internet

Select one of the following:

  • Get a slow connection so they cannot download too much

  • Deny all internet access

  • All of the above

  • None of the above

  • Set up a filtering proxy server so you can check all the incoming traffic

Explanation

Question 9 of 60

1

When an attacker captures part of a communication and later sends the communication segment to the server whilst pretending to be the user it is known as a

Select one of the following:

  • It is known as the Man in the middle attack

  • It is known as the TCP/IP spoofing attack

  • It is known as the Back door attack

  • It is known as the Replay attack

Explanation

Question 10 of 60

1

In which of the following attack does the attacker capture a portion of the communication between two parties, modifies it, and inserts

Select one of the following:

  • Man-in-the-middle attack

  • Spoofing

  • Sniffing

  • Denial-of-service

Explanation

Question 11 of 60

1

A password represents

Select one of the following:

  • Something you have

  • None of the above

  • Something you are

  • Something you know

  • All of the above

Explanation

Question 12 of 60

1

List the main aspects of information security: I. Confidentiality II. Integrity III. Availability IV. Consistency

Select one of the following:

  • I-III-IV

  • I-III

  • I-II-III

  • I only

  • II-III-IV

Explanation

Question 13 of 60

1

Which of the following describes the challenge-response

Select one of the following:

  • A workstation or system that generates a random challenge string that the user enters when prompted along with the proper PIN (Personal Identification Number)

  • A workstation or system that generates a random ID that the user enters when prompted along with the proper PIN (Personal Identification Number)

  • A special hardware device that is used to generate random text in a cryptography system

  • The authentication mechanism in the workstation or system does not determine if the owner should be authenticated.

Explanation

Question 14 of 60

1

Consider the Diffie-Hellman scheme with a common prime p=7 and primitive root (generator) g=3 if the user A has private key XA = 3, what is A’s public key RA?

Select one of the following:

  • 6

  • 8

  • 9

  • 16

Explanation

Question 15 of 60

1

Suppose Bob wants to send a secret message to Alice using public key cryptography. Then Bob should

Select one of the following:

  • Encrypt the message with Alice’s public key and send Alice the message

  • Encrypt the message with Alice’s private key and send the encrypted message to Alice

  • Encrypt the message with his public key and send Alice the message

  • Encrypt the message with his private key and send the encrypted message to Alice

Explanation

Question 16 of 60

1

Suppose Bob wants to send Alice a digital signature for the message m. To create the digital signature

Select one of the following:

  • Bob applies a hash function to m and then encrypts the result with his private key

  • Bob applies a hash function to m and then encrypts the result with his public key

  • Bob applies a hash function to m and then encrypts the result with Alice’s public key

  • Bob encrypts m with his private key and then applies a hash function to the result

Explanation

Question 17 of 60

1

Suppose Alice receives from Bob a message m along with a digital signature for the message m. To verify that the message was not changed and that Bob indeed sent the message, Alice

Select one of the following:

  • Applies Bob's public key to the digital signature, applies the has function to m, and compares the results of the two operations;

  • Applies Bob's public key to the digital signature, then a de-hashing function to the result. She then compares the results of this last operation with the message m;

  • Applies a de-hashing function to the digital signature and compare the result to m;

  • No correct answer;

Explanation

Question 18 of 60

1

Suppose a CA contains Bob's certificate, which binds Bob's public key to Bob. This certificate is signed with

Select one of the following:

  • The CA's private key

  • Bob’s public key

  • The CA's public key

  • Bob’s private key

Explanation

Question 19 of 60

1

A well designed and configured ____ is like having a single point of entry into your building with a security guard at the door allowing only authorized personnel into the building.

Select one of the following:

  • Network Adapter

  • Antivirus Software

  • Intrusion Detection System

  • Firewall

Explanation

Question 20 of 60

1

Which security action should be finished before access is given to the network?

Select one of the following:

  • Identification and authorization

  • Identification and authentication

  • Authentication and authorization

  • Authentication and password

Explanation

Question 21 of 60

1

Which of the following types of encryption would BEST to use for a large amount of data?

Select one of the following:

  • Asymmetric

  • Symmetric

  • RSA

  • Hash

Explanation

Question 22 of 60

1

Which statement correctly describes the difference between a secure cipher and a secure hash?

Select one of the following:

  • A hash produces a variable output for any input size; a cipher does not.

  • A cipher can be reversed; a hash cannot.

  • A cipher produces the same size output for any input size; a hash does not.

Explanation

Question 23 of 60

1

This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies.

Select one of the following:

  • Decryption

  • Cryptanalysis

  • Cryptography

  • Brute force cracking

Explanation

Question 24 of 60

1

Making sure that the data has not been changed unintentionally, due to an accident or malice, is:

Select one of the following:

  • Auditability

  • Availability

  • Integrity

  • Confidentiality

Explanation

Question 25 of 60

1

Which of the following appears when an asset of the system become lost, unavailable or unusable?

Select one of the following:

  • Interception

  • Interruption

  • Interpretation

  • Modification

  • Fabrication

Explanation

Question 26 of 60

1

Show incorrect kind of threats

Select one of the following:

  • Interception

  • Interruption

  • Interpretation

  • Modification

  • Fabrication

Explanation

Question 27 of 60

1

Bock cipher maps each plaintext block to :

Select one of the following:

  • Same length cipher text block

  • Different length cipher text block

  • The same letter

  • No answer

Explanation

Question 28 of 60

1

What is vulnerability?

Select one of the following:

  • A weakness in the security system

  • A Method which uses flaws to have more access, privileges or resources to the system

  • A method which used to eliminate or reduce threats

  • A kind of auth to system

Explanation

Question 29 of 60

1

A(n) _____ application monitors all incoming and outgoing network traffic and block unauthorized packets from getting through

Select one of the following:

  • Antivirus

  • Intrusion Detection System (IDS)

  • Personal Firewall

  • Network Monitor

Explanation

Question 30 of 60

1

What is assumed by cipher in cryptography ?

Select one of the following:

  • Algorithm for performing encryption and decryption

  • Encrypted message

  • None of mentioned

  • Raw message

  • All of mentioned

Explanation

Question 31 of 60

1

What is assumed by ciphertext in cryptography?

Select one of the following:

  • Algorithm for performing encryption and decryption

  • Encrypted message

  • None of mentioned

  • Raw message

  • All of mentioned

Explanation

Question 32 of 60

1

What is assumed by plaintext in cryptography?

Select one of the following:

  • Algorithm for performing encryption and decryption

  • Encrypted message

  • None of mentioned

  • Raw message

  • All of mentioned

Explanation

Question 33 of 60

1

In cryptography, what is key?

Select one of the following:

  • Info used to cipher, known only to sender and receiver

  • Algorithm for transforming plaintext to ciphertext

  • Encrypted message

  • Recovering plaintext from ciphertext

  • Converting plaintext to ciphertext

Explanation

Question 34 of 60

1

What is cryptoanalysis?

Select one of the following:

  • Study of principles/methods deciphering ciphertext without knowing key

  • Info used to cipher, known only to sender and receiver

  • Algorithm for transforming plaintext to ciphertext

  • Recovering plaintext from ciphertext

  • Converting plaintext to ciphertext

Explanation

Question 35 of 60

1

In asymmetric key cryptography, the public key for decryption is kept by:

Select one of the following:

  • Sender

  • Receiver

  • Sender and receiver

  • Everyone in the network

  • All the connected devices to the network

Explanation

Question 36 of 60

1

Which of these are threats against to modern computer?

Select one of the following:

  • Network attacks, firewall and worms

  • Viruses, worms and encryption

  • Network attacks, viruses and worms

  • Viruses, network encryptions and worms

Explanation

Question 37 of 60

1

How the industry solves the threats ?

Select one of the following:

  • Firewall, IDS, Kerberos, blogs

  • IDS, firewall, authentication, policies

  • Virus, worms, attacks, web-sites

  • Network attacks, IDS, worms, virus

Explanation

Question 38 of 60

1

Which one of the following algorithm is not used in asymmetric key cryptography?

Select one of the following:

  • RSA algorithm

  • Diffle-Hellman algorithm

  • DES algorithm

  • DSA algorithm

Explanation

Question 39 of 60

1

In cryptography, the order of the order of the letters in a message in rearranged by

Select one of the following:

  • Transpositionalcip ciphers

  • substitution ciphers

  • All kinds of the ciphers

  • None of the mentioned

Explanation

Question 40 of 60

1

What is data encryption standard (DES)?

Select one of the following:

  • Block cipher

  • stream cipher

  • bit cipher

  • none of the mentioned

Explanation

Question 41 of 60

1

Cryptanalysis is used:

Select one of the following:

  • To find some insecurity in cryptographic scheme

  • to increase the speed

  • to encrypt the data

  • none of the mentioned

Explanation

Question 42 of 60

1

Cryptographic hash function takes an arbitrary block of data and returns

Select one of the following:

  • Fixed site bit string

  • variable size bit string

  • none of the mentioned

  • both of the mentioned

Explanation

Question 43 of 60

1

A substitution cipher substitutions one symbol with

Select one of the following:

  • Keys

  • Others

  • Multi Parties

  • Single Party

Explanation

Question 44 of 60

1

An asymmetric-key(or public key ) cipher uses

Select one of the following:

  • 1 key

  • 2 key

  • 3 key

  • 4 key

Explanation

Question 45 of 60

1

In the computer industry the “What you have” method is use of?

Select one of the following:

  • Passwords

  • Smart cards

  • Digital certificates’

Explanation

Question 46 of 60

1

A smartcard represents

Select one of the following:

  • None of the above

  • Something you are

  • All of the above

  • Something you have

  • Something you know

Explanation

Question 47 of 60

1

Convert one symbol of plaintext immediately into a symbol of cipher text (example:Caesar cipher)

Select one of the following:

  • Encryption

  • Plaintext

  • Block cipher

  • stream ciphers

Explanation

Question 48 of 60

1

Interruption is

Select one of the following:

  • Asset lost, unusable, unavailable

  • Unauthorized access

  • Unauthorized change, tamper of data

  • Ex. Unauthorized add data to a DB

Explanation

Question 49 of 60

1

Modification is

Select one of the following:

  • Unauthorized change, tamper of data

  • Asset lost, unusable, unavailable

  • Unauthorized access

  • Ex. Unauthorized add data to a DB

Explanation

Question 50 of 60

1

Which are the examples of DEFENCE?

Select one of the following:

  • Firewalls, router access control list, spam filters, virus scanners

  • Employee communication, policy on company Intranet

  • Audit logs, intrusion detection system, network traffic monitoring

  • Network attacks, IDS, worms, virus

Explanation

Question 51 of 60

1

Which are the examples of DETERRENCE?

Select one of the following:

  • Employee communication, policy on company Intranet

  • Firewalls, router access control list, spam filters, virus scanners

  • Audit logs, intrusion detection system, network traffic monitoring

  • Network attacks, IDS, worms, virus

Explanation

Question 52 of 60

1

Which are the examples of DETECTION?

Select one of the following:

  • Audit logs, intrusion detection system, network traffic monitoring

  • Employee communication, policy on company Intranet

  • Firewalls, router access control list, spam filters, virus scanners

  • Network attacks, IDS, worms, virus

Explanation

Question 53 of 60

1

What is encryption?

Select one of the following:

  • Is the process of encoding a message so that its meaning is not obvious

  • Is the reverse process, transforming an encrypted message back into its normal, original form

  • Is the process of preventing any attacks from the hackers

Explanation

Question 54 of 60

1

In password protection, this is a random string of data or number used to modify a password hash

Select one or more of the following:

  • Nonce

  • Ssl

  • One time password

  • Secret key

  • Public key

Explanation

Question 55 of 60

1

Using public key cryptography suppose Bob wants to send a secret message to Alice and Alice wants to be sure that the message was indeed sent by Bob. Then Bob should:

Select one of the following:

  • Encrypt the message with his private key, encrypt the result with Ailce’s public key and then send Alice the message

  • • Encrypt the message with his private key , encrypt yhe result with alices’ private key, and then send Alicce the message

  • • Encrypt the message with his public key, encrypt the result with Alice’s public key, and then send Alice the message

Explanation

Question 56 of 60

1

Which statement correctly describes the difference between a secure cipher and a secure hash?

Select one of the following:

  • Cipher can be reversed, hash cannot

  • A hash can be reversed, a cipher cannot

  • A hash production a variable output fot any input size, a cipher does not

  • A cipher produces the same size output for any input size, a hash does not

Explanation

Question 57 of 60

1

This is a trial and error method used to decode encrypted data through exhaustive effort rather than employing intellectual strategies

Select one of the following:

  • • Brute force cracking

  • • Decryption

  • • Cryptoanalysis

  • • Cryptography

Explanation

Question 58 of 60

1

A well designed and configured _____ is like having single point of entry into your building with a security guard at the door allowing only authorized personnel into the building

Select one of the following:

  • Firewall

  • Network adapter

  • Antivirus software

  • Intrusion detection system

Explanation

Question 59 of 60

1

Suppose a CA contains Bob’s certificate, which binds Bob’s public key to Bob. This certificate is signed with

Select one of the following:

  • The CA’s private key

  • Bobs public key

  • The CAs public key

  • Bobs private key

Explanation

Question 60 of 60

1

Suppose Alice receives from Bob a message m with digital signature for one message m. To verify that the message was not changed and that Bob indeed sent the message, Alice

Select one of the following:

  • Applies Bob’s public key to the digital signature applies to the hash function to m, and compares the results of the two operations.

  • Applies bobs public key to the digital signature, then a de-hashing function to the result. She then compares the result of this operation with the message m

  • Applies a de-hashing function to the digital signature and compares the result m

  • No correct answer

Explanation