Question 1

Match between columns
                        Premises: when an attacker intercepts and records messages for sending at a later time, though the receiver thinks that the bogus traffic is legitimate
identifies a specific entity as the source or origin of a given piece of data
takes the original data, divides it into digits, and encrypts each digit one at a time
traditional technique for detecting if data inadvertently changes during transmission
divides data into blocks of a fixed length, often 64 or 128 bits, for cryptographic operations
when an attacker monitors network traffic and records sensitive data such as user ID, passwords, accounts, or credit card numbers
provides identification of the specific entity involved in isolation from any other activity that the entity might want to perform
the U.S. federal government standard for digital signatures, proposed by NIST in August 1991
a fixed-size checksum created by cryptographic hash functions

Accepted Answer

The Answer of Data origin authentication and Snooping and Digital is...

Question 2

Describe the meet-in-the-middle attack.

Accepted Answer

The meet-in-the-middle attack is an attack that makes use of a space-time trade-off. If you are willing to use more CPU time, you can reduce the memory requirement. For breaking 2DES, the time-memory product remains at 2¹¹². The attacker attempts to find a value in each range and domain of the composition of two functions such that the forward mapping of one through the first function is the same as the inverse image of the other through the second function. In other words, the meet-in-the-middle attack quite literally attacks by finding the meeting point in the middle of the composed function.

Question 3

Describe a block cipher counter (CTR) mode of operation.

Accepted Answer

Diffie and Hellman in 1979 introduced the counter mode encryption, which is another way to turn a block cipher into a stream cipher. Counter mode requires using an n-bit string called a counter. The counter can be produced by any sequence-generation function that is guaranteed not to repeat for a long time. Since the counter generation is independent of the encryption/decryption process, random access is achievable. The ith ciphertext block, C_i , can be encrypted or decrypted in a random-access fashion. Compared with CBC mode, encrypting the ith block requires all of the i-1 prior blocks to be encrypted first.

Question 4

____ means people who know each other can securely send messages to their friends.

Accepted Answer

A)  Certificate Authority 
B)  PKI 
C)  Web of trust 
D)  Digital ring 
A)  Certificate Authority 
B)  PKI 
C)  Web of trust 
D)  Digital ring

Question 5

Describe the main characteristics of symmetric key encryption.

Accepted Answer

Symmetric key algorithms encrypt and dec

Question 6

____ occurs when an attacker maliciously changes data in transit or in a medium.

Accepted Answer

A)  Spoofing 
B)  Tampering 
C)  Replay attack 
D)  Snooping 
A)  Spoofing 
B)  Tampering 
C)  Replay attack 
D)  Snooping

Question 7

DES is considered weak by today's standards due to the fact that the key size is only 56 bits.

Accepted Answer

A) True 
 B)False

Question 8

The security of the RSA algorithm depends on two mathematic problems: the problem of factoring very large numbers, p and q , and the ____ problem.

Accepted Answer

A)  RSA 
B)  ElGamal 
C)  Diffie-Hellman 
D)  discrete logarithm 
A)  RSA 
B)  ElGamal 
C)  Diffie-Hellman 
D)  discrete logarithm

Question 9

What are the main characteristics of AES?

Accepted Answer

Due to its short key length, DES is not

Question 10

What are the differences between dictionary and brute-force attacks?

Accepted Answer

A "dictionary attack" is the technique o

Question 11

Symmetric key encryptions ensure confidentiality and data ____.

Accepted Answer

A)  integrity 
B)  privacy 
C)  availability 
D)  repudiation 
A)  integrity 
B)  privacy 
C)  availability 
D)  repudiation

Question 12

A(n) ____ uses a keystream composed of completely random digits.

Accepted Answer

A)  XOR pad 
B)  block cipher 
C)  keystream cipher 
D)  one-time pad 
A)  XOR pad 
B)  block cipher 
C)  keystream cipher 
D)  one-time pad

Question 13

____________________ is the assurance of nonalteration, meaning that the data either in transit or in storage has not been tampered.

Accepted Answer

The answer of ____________________ is the assurance of nonalteration, meaning...

Question 14

Parallel encryption is possible with a block cipher operating in CFB mode.

Accepted Answer

A) True 
 B)False

Question 15

The company RSA Data Security initially published ____ to promote and facilitate the use of public key techniques.

Accepted Answer

A)  ASN.1 
B)  Base64 
C)  PKCS 
D)  OID 
A)  ASN.1 
B)  Base64 
C)  PKCS 
D)  OID

Question 16

Schemes that involve hashing with secret keys are called ____ or keyed hashes.

Accepted Answer

A)  MACs 
B)  checksums 
C)  parity bits 
D)  parity keys 
A)  MACs 
B)  checksums 
C)  parity bits 
D)  parity keys

Question 17

____ encoding literally means a positional numbering system using a base of 64.

Accepted Answer

A)  ASN.1 
B)  Base64 
C)  OID 
D)  PKCS#64 
A)  ASN.1 
B)  Base64 
C)  OID 
D)  PKCS#64

Question 18

What is the format of a X.500 distinguished name?

Accepted Answer

X.500 is a set of computer networking st

Question 19

A(n) ____________________ attack is a form of cryptanalysis that presumes that the attacker is able to choose arbitrary plaintexts to be encrypted, in effect obtaining the corresponding ciphertexts.

Accepted Answer

The answer of A(n) ____________________ attack is a form of...

Question 20

A common use for cryptographic hash functions is to provide password-storage solutions.

Accepted Answer

A) True 
 B)False

Describe the meet-in-the-middle attack.

Describe a block cipher counter (CTR) mode of operation.

____ means people who know each other can securely send messages to their friends.

Describe the main characteristics of symmetric key encryption.

____ occurs when an attacker maliciously changes data in transit or in a medium.

DES is considered weak by today's standards due to the fact that the key size is only 56 bits.

The security of the RSA algorithm depends on two mathematic problems: the problem of factoring very large numbers, p and q , and the ____ problem.

What are the main characteristics of AES?

What are the differences between dictionary and brute-force attacks?

Symmetric key encryptions ensure confidentiality and data ____.

A(n) ____ uses a keystream composed of completely random digits.

____________________ is the assurance of nonalteration, meaning that the data either in transit or in storage has not been tampered.

Parallel encryption is possible with a block cipher operating in CFB mode.

The company RSA Data Security initially published ____ to promote and facilitate the use of public key techniques.

Schemes that involve hashing with secret keys are called ____ or keyed hashes.

____ encoding literally means a positional numbering system using a base of 64.

What is the format of a X.500 distinguished name?

A(n) ____________________ attack is a form of cryptanalysis that presumes that the attacker is able to choose arbitrary plaintexts to be encrypted, in effect obtaining the corresponding ciphertexts.

A common use for cryptographic hash functions is to provide password-storage solutions.

Software Engineering and Security

Essential Public Key Infrastructure

Trust and Threat Model

Java Programming Security

Java Api-Level Security Features

Authentication and Authorization With Java

Secure Programming With C and Openssl

Secure Programming With Perl

Identity Management

Security Topics

Filters

Exam 1: Introduction to Security Concepts

Describe the meet-in-the-middle attack.

Describe a block cipher counter (CTR) mode of operation.

____ means people who know each other can securely send messages to their friends.

Describe the main characteristics of symmetric key encryption.

____ occurs when an attacker maliciously changes data in transit or in a medium.

DES is considered weak by today's standards due to the fact that the key size is only 56 bits.

The security of the RSA algorithm depends on two mathematic problems: the problem of factoring very large numbers, p and q , and the ____ problem.

What are the main characteristics of AES?

What are the differences between dictionary and brute-force attacks?

Symmetric key encryptions ensure confidentiality and data ____.

A(n) ____ uses a keystream composed of completely random digits.

____________________ is the assurance of nonalteration, meaning that the data either in transit or in storage has not been tampered.

Parallel encryption is possible with a block cipher operating in CFB mode.

The company RSA Data Security initially published ____ to promote and facilitate the use of public key techniques.

Schemes that involve hashing with secret keys are called ____ or keyed hashes.

____ encoding literally means a positional numbering system using a base of 64.

What is the format of a X.500 distinguished name?

A(n) ____________________ attack is a form of cryptanalysis that presumes that the attacker is able to choose arbitrary plaintexts to be encrypted, in effect obtaining the corresponding ciphertexts.

A common use for cryptographic hash functions is to provide password-storage solutions.

Software Engineering and Security

Essential Public Key Infrastructure

Trust and Threat Model

Java Programming Security

Java Api-Level Security Features

Authentication and Authorization With Java

Secure Programming With C and Openssl

Secure Programming With Perl

Identity Management

Security Topics

Filters