Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 8: Secure Programming With C and Openssl

arrow
Exam 1: Introduction to Security Concepts42 Questionsadd course
Exam 2: Software Engineering and Security42 Questionsadd course
Exam 3: Essential Public Key Infrastructure42 Questionsadd course
Exam 4: Trust and Threat Model42 Questionsadd course
Exam 5: Java Programming Security42 Questionsadd course
Exam 6: Java Api-Level Security Features42 Questionsadd course
Exam 7: Authentication and Authorization With Java42 Questionsadd course
Exam 8: Secure Programming With C and Openssl42 Questionsadd course
Exam 9: Secure Programming With Perl42 Questionsadd course
Exam 10: Identity Management42 Questionsadd course
Exam 11: Security Topics42 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

As part of a shell program or batch program, OpenSSL commands are usually run in interactive mode.

Free
(True/False)
4.9/5
(43)
Question 1
Correct Answer:
Verified

False

What is the core path for hashing with EVP API?

Free
(Essay)
4.8/5
(40)
Question 2
Correct Answer:
Verified

The core path for hashing with EVP API is as follows:
* EVP_get_digestbyname( ) : Obtain algorithm type by algorithm name. Supported name strings are MD2, MD4, MD5, MDC2, SHA1, DSS1, and RIPEMD. Both SHA1 and DSS1 are implementations of the SHA1 algorithm.
* EVP_DigestInit( , type) : Initialize context according to the algorithm type.
* EVP_DigestUpdate( , , ) : Adding data for computation from inputValue with length inputLength to the context.
* EVP_DigestFinal( , , ) : Create the hash, also called message digest, from the context, output the result to outputValue, and result length to outputLength.

Briefly describe DES and its variants.

Free
(Essay)
4.8/5
(47)
Question 3
Correct Answer:
Verified

The data encryption standard (DES), dating back to 1976, is a cipher selected as an official federal information processing standard (FIPS) for the United States. It is certainly the most widely used cipher internationally. It uses fixed 64-bit blocks and 64-bit keys with 8- bits parity. The 54-bit key (64 - 8) is generally considered too small, and some DES keys have been broken in less than 24 hours. Most DES users now use Triple DES (3DES). In 3DES, data is encrypted with DES to produce ciphertext, and then a second key is used to "decrypt" the ciphertext. Finally, the data is encrypted again with either the original key (two-key 3DES) or with a third key (three-key 3DES). 3DES is secure but slow. A quicker alternative is DES-X, which increases the key size by XORing extra key material before and after DES.

What is the general algorithm for a stack overrun attack?

(Essay)
4.9/5
(33)
Question 4

____ encoding is very useful when binary data needs to transfer correctly among platforms with different code pages over the Internet.

(Multiple Choice)
4.9/5
(42)
Question 5

Totally strong type checking is possible to achieve.

(True/False)
4.8/5
(36)
Question 6

Buffer overflow provides the ability to overwrite a return address causing ____.

(Multiple Choice)
4.9/5
(32)
Question 7

The OpenSSL command-line tool executable is called ____ on UNIX.

(Multiple Choice)
4.8/5
(30)
Question 8

The ____ option in the ca command is used to generate the CRL.

(Multiple Choice)
4.8/5
(38)
Question 9

Describe the structure of a configuration file for OpenSSL.

(Essay)
4.8/5
(30)
Question 10

One common buffer overflow attack is called the ____________________, where the target is to overwrite internal data of a program.

(Short Answer)
4.7/5
(41)
Question 11

Describe the memory arrangement of a C program.

(Essay)
4.9/5
(35)
Question 12

____ is a block cipher designed by Xuejia Lai and James L. Massey in 1991.

(Multiple Choice)
4.9/5
(39)
Question 13

OpenSSL provides a single API set that serves as an interface to all hashing and symmetric cryptography algorithms: the ____ interface.

(Multiple Choice)
4.9/5
(42)
Question 14

A ____ cipher is a symmetric cipher in which the input digits are encrypted one at a time.

(Multiple Choice)
4.9/5
(45)
Question 15

OpenSSL provides the APIs ____ for Base64 encoding.

(Multiple Choice)
4.9/5
(30)
Question 16

OpenSSL contains a minimal CA application that ships with the toolkit.

(True/False)
4.7/5
(29)
Question 17

____ is a symmetric block cipher designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms.

(Multiple Choice)
4.7/5
(37)
Question 18

What causes a buffer overflow?

(Essay)
4.8/5
(39)
Question 19

C is "close to the machine," as the abstractions the language introduced are readily grounded in the concrete data types and operations supplied by conventional computers

(True/False)
4.9/5
(35)
Question 20
Showing 1 - 20 of 42
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)