Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 9: Confidentiality and Privacy Controls

Full screen (f)
exit full mode
Question
Identify the type of information below that is least likely to be considered "sensitive" by an organization.

A)financial statements
B)legal documents
C)strategic plans
D)product cost information
Use Space or
up arrow
down arrow
to flip the card.
Question
Classification of confidential information is the responsibility of whom,according to COBIT5?

A)external auditor
B)information owner
C)IT security professionals
D)management
Question
Janus Corporation uses a tool that embeds a code into all of its digital documents.It then scours the internet,searching for codes that it has embedded into its files.When Janus finds an embedded code on the internet,it knows that confidential information has been leaked.Janus then begins identifying how the information was leaked and who was involved with the leak.Janus is using

A)data loss prevention software.
B)a keylogger.
C)a digital watermark.
D)a spybot.
Question
Encryption is a necessary part of which information security approach?

A)defense in depth
B)time based defense
C)cloud quarantine
D)synthetic defense
Question
Data masking is also referred to as

A)encryption.
B)tokenization.
C)captcha.
D)cookies.
Question
True or False: Encryption is one of the many ways to protect information in transit over the internet.
Question
Describe some steps you can take to minimize your risk of identity theft.
Question
Identify the first step in protecting the confidentiality of intellectual property below.

A)Identifying who has access to the intellectual property
B)Identifying the means necessary to protect the intellectual property
C)Identifying the weaknesses surrounding the creation of the intellectual property
D)Identifying what controls should be placed around the intellectual property
Question
After the information that needs to be protected has been identified,what step should be completed next?

A)The information needs to be placed in a secure,central area.
B)The information needs to be encrypted.
C)The information needs to be classified in terms of its value to the organization.
D)The information needs to be depreciated.
Question
Which of the following is not one of the basic actions that an organization must take to preserve the confidentiality of sensitive information?

A)identification of information to be protected
B)backing up the information
C)controlling access to the information
D)training
Question
A client approached Paxton Uffe and said,"Paxton,I need for my customers to make payments online using credit cards,but I want to make sure that the credit card data isn't intercepted.What do you suggest?" Paxton responded,"The most effective solution is to implement

A)a data masking program."
B)a virtual private network."
C)a private cloud environment."
D)an encryption system with digital signatures."
Question
What confidentiality and security risk does using VoIP present to organizations?

A)Internet e-mail communications can be intercepted.
B)Internet photographs can be intercepted.
C)Internet video can be intercepted.
D)Internet voice conversations can be intercepted.
Question
Which of the following is not one of the 10 internationally recognized best practices for protecting the privacy of customers' personal information?

A)Provide free credit report monitoring for customers.
B)Inform customers of the option to opt-out of data collection and use of their personal information.
C)Allow customers' browsers to decline to accept cookies.
D)Utilize controls to prevent unauthorized access to,and disclosure of,customers' information.
Question
The first steps in protecting the privacy of personal information is to identify

A)what sensitive information is possessed by the organization.
B)where sensitive information is stored.
C)who has access to sensitive information.
D)All of the above are first steps in protecting privacy.
Question
Information rights management software can do all of the following except

A)limiting access to specific files.
B)limit action privileges to a specific time period.
C)authenticate individuals accessing information.
D)specify the actions individuals granted access to information can perform.
Question
In developing policies related to personal information about customers,Folding Squid Technologies adhered to the Trust Services framework.The standard applicable to these policies is

A)security.
B)confidentiality.
C)privacy.
D)availability.
Question
Classification of confidential information is the responsibility of whom,according to COBIT5?

A)external auditor
B)information owner
C)IT security professionals
D)management
Question
Cindy Vindoolo logged on to her e-mail account to find that she had received 50 e-mails from a company called LifeCo that promised her extreme weight loss if she bought their diet pills.Cindy angrily deleted all 50 e-mails,realizing she was a victim of

A)telemarketing.
B)spam.
C)direct mail.
D)MLM.
Question
Which type of software blocks outgoing messages containing key words or phrases associated with an organization's sensitive data?

A)anti-virus software
B)data loss prevention software
C)a digital watermark
D)information rights software
Question
It is impossible to encrypt information

A)transmitted over the Internet.
B)stored on a hard drive.
C)printed on a report.
D)None of the above
Question
Using a combination of symmetric and asymmetric key encryption,Sofia Chiamaka sent a report to her home office in Bangalore,India.She received an e-mail acknowledgement that her report had been received,but a few minutes later she received a second e-mail that contained a different hash total than the one associated with her report.This most likely explanation for this result is that

A)the public key had been compromised.
B)the private key had been compromised.
C)the symmetric encryption key had been compromised.
D)the asymmetric encryption key had been compromised.
Question
Which systems use the same key to encrypt communications and to decrypt communications?

A)asymmetric encryption
B)symmetric encryption
C)hashing encryption
D)public key encryption
Question
Identify the item below that is not a step you could take to prevent yourself from becoming a victim of identity theft.

A)Shred all documents that contain your personal information.
B)Only print your initial and last name on your personal checks.
C)Do not place checks in your outgoing mail.
D)Refuse to disclose your social security number to anyone or any organization.
Question
If an organization asks you to disclose your social security number,yet fails to properly dispose of your private information once it has fulfilled its purpose,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Question
Under CAN-SPAM legislation,an organization that receives an opt-out request from an individual has ________ days to implement steps to ensure they do not send out any additional unsolicited e-mail to the individual again.

A)2
B)5
C)7
D)10
Question
An electronic document that certifies the identity of the owner of a particular public key.

A)asymmetric encryption
B)digital certificate
C)digital signature
D)public key
Question
Identify one weakness of encryption below.

A)Encrypted packets cannot be examined by a firewall.
B)Encryption provides for both authentication and non-repudiation.
C)Encryption protects the privacy of information during transmission.
D)Encryption protects the confidentiality of information while in storage.
Question
Which of the following is not true regarding virtual private networks (VPN)?

A)VPNs provide the functionality of a privately owned network using the Internet.
B)Using VPN software to encrypt information while it is in transit over the Internet in effect creates private communication channels,often referred to as tunnels,which are accessible only to those parties possessing the appropriate encryption and decryption keys.
C)It is more expensive to reconfigure VPNs to include new sites than it is to add or remove the corresponding physical connections in a privately owned network.
D)The cost of the VPN software is much less than the cost of leasing or buying the infrastructure (telephone lines,satellite links,communications equipment,etc.)needed to create a privately owned secure communications network.
Question
These are used to create digital signatures.

A)asymmetric encryption and hashing
B)hashing and packet filtering
C)packet filtering and encryption
D)symmetric encryption and hashing
Question
The system and processes used to issue and manage asymmetric keys and digital certificates are known as

A)asymmetric encryption.
B)certificate authority.
C)digital signature.
D)public key infrastructure.
Question
Encryption has a remarkably long and varied history.The invention of writing was apparently soon followed by a desire to conceal messages.One of the earliest methods,attributed to an ancient Roman emperor,was the simple substitution of numbers for letters,for example A = 1, B = 2,etc.This is an example of

A)a hashing algorithm.
B)symmetric key encryption.
C)asymmetric key encryption.
D)a public key.
Question
If an organization asks you to disclose your date of birth and your address,but refuses to let you review or correct the information you provided,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Choice and consent
Question
All of the following are associated with asymmetric encryption except

A)speed.
B)private keys.
C)public keys.
D)no need for key exchange.
Question
If an organization asks you to disclose your social security number,but decides to use it for a different purpose than the one stated in the organization's privacy policies,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Quality
Question
If an organization asks you to disclose your social security number,yet fails to permit you to opt-out before you provide the information,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Question
If an organization asks you to disclose your social security number,but fails to establish a set of procedures and policies for protecting your privacy,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Question
If an organization asks you to disclose your social security number,but fails to tell you about its privacy policies and practices,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Question
Identify the item below which is not a piece of legislation passed to protect individuals against identity theft or to secure individuals' privacy.

A)the Health Insurance Portability and Accountability Act
B)the Health Information Technology for Economic and Clinical Heath Act
C)the Financial Services Modernization Act
D)the Affordable Care Act
Question
If an organization asks you to disclose your date of birth and your address,but fails to establish any procedures for responding to customer complaints,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Monitoring and enforcement
Question
If an organization asks you to disclose your date of birth and your address,but fails to take any steps to protect your private information,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Quality
Question
A process that takes plaintext of any length and transforms it into a short code.

A)asymmetric encryption
B)encryption
C)hashing
D)symmetric encryption
Question
Which of the following is not one of the three important factors determining the strength of any encryption system?

A)key length
B)key management policies
C)encryption algorithm
D)privacy
Question
Hjordis Marika took a call from a client."Hjordis,I need to interact online in real time with our affiliate in India,and I want to make sure that our communications aren't intercepted.What do you suggest?" Hjordis responded,"The best solution is to implement

A)a virtual private network."
B)multifactor authentication."
C)a private cloud environment."
D)an asymmetric encryption system with digital signatures."
Question
Describe symmetric encryption and identify three limitations.
Question
In a private key system the sender and the receiver have ________,and in the public key system they have ________.

A)different keys; the same key
B)a decrypting algorithm; an encrypting algorithm
C)the same key; two separate keys
D)an encrypting algorithm; a decrypting algorithm
Question
Encryption has a remarkably long and varied history.Spies have been using it to convey secret messages ever since there were secret messages to convey.One powerful method of encryption uses random digits.Two documents are prepared with the same random sequence of numbers.The spy is sent out with one and the spy master retains the other.The digits are used as follows.Suppose that the word to be encrypted is SPY and the random digits are 352.Then S becomes V (three letters after S),P becomes U (five letters after P),and Y becomes A (two letters after Y,restarting at A after Z).The spy would encrypt a message and then destroy the document used to encrypt it.This is an early example of

A)a hashing algorithm.
B)asymmetric key encryption.
C)symmetric key encryption.
D)public key encryption.
Question
On June 17,2013,a laptop computer belonging to Thea Technologies was stolen from the trunk of Jamie Marcia's car while she was attending a conference.After reporting the theft,Jamie considered the implications for the company's network security and concluded there was little to worry about because

A)the computer was insured against theft.
B)the computer was protected by a password.
C)the data stored on the computer was encrypted.
D)it was unlikely that the thief would know how to access the company data stored on the computer.
Question
One way to circumvent the counterfeiting of public keys is by using

A)a digital certificate.
B)digital authority.
C)encryption.
D)cryptography.
Question
Asymmetric key encryption combined with the information provided by a certificate authority allows unique identification of

A)the user of encrypted data.
B)the provider of encrypted data.
C)both the user and the provider of encrypted data.
D)either the user or the provider of encrypted data.
Question
Which of the following descriptions is not associated with symmetric encryption?

A)a shared secret key
B)faster encryption
C)lack of authentication
D)separate keys for each communication party
Question
Information encrypted with the creator's private key that is used to authenticate the sender is

A)asymmetric encryption.
B)digital certificate.
C)digital signature.
D)public key.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/51
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 9: Confidentiality and Privacy Controls
1
Identify the type of information below that is least likely to be considered "sensitive" by an organization.

A)financial statements
B)legal documents
C)strategic plans
D)product cost information
A
2
Classification of confidential information is the responsibility of whom,according to COBIT5?

A)external auditor
B)information owner
C)IT security professionals
D)management
B
3
Janus Corporation uses a tool that embeds a code into all of its digital documents.It then scours the internet,searching for codes that it has embedded into its files.When Janus finds an embedded code on the internet,it knows that confidential information has been leaked.Janus then begins identifying how the information was leaked and who was involved with the leak.Janus is using

A)data loss prevention software.
B)a keylogger.
C)a digital watermark.
D)a spybot.
C
4
Encryption is a necessary part of which information security approach?

A)defense in depth
B)time based defense
C)cloud quarantine
D)synthetic defense
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
5
Data masking is also referred to as

A)encryption.
B)tokenization.
C)captcha.
D)cookies.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
6
True or False: Encryption is one of the many ways to protect information in transit over the internet.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
7
Describe some steps you can take to minimize your risk of identity theft.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
8
Identify the first step in protecting the confidentiality of intellectual property below.

A)Identifying who has access to the intellectual property
B)Identifying the means necessary to protect the intellectual property
C)Identifying the weaknesses surrounding the creation of the intellectual property
D)Identifying what controls should be placed around the intellectual property
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
9
After the information that needs to be protected has been identified,what step should be completed next?

A)The information needs to be placed in a secure,central area.
B)The information needs to be encrypted.
C)The information needs to be classified in terms of its value to the organization.
D)The information needs to be depreciated.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following is not one of the basic actions that an organization must take to preserve the confidentiality of sensitive information?

A)identification of information to be protected
B)backing up the information
C)controlling access to the information
D)training
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
11
A client approached Paxton Uffe and said,"Paxton,I need for my customers to make payments online using credit cards,but I want to make sure that the credit card data isn't intercepted.What do you suggest?" Paxton responded,"The most effective solution is to implement

A)a data masking program."
B)a virtual private network."
C)a private cloud environment."
D)an encryption system with digital signatures."
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
12
What confidentiality and security risk does using VoIP present to organizations?

A)Internet e-mail communications can be intercepted.
B)Internet photographs can be intercepted.
C)Internet video can be intercepted.
D)Internet voice conversations can be intercepted.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following is not one of the 10 internationally recognized best practices for protecting the privacy of customers' personal information?

A)Provide free credit report monitoring for customers.
B)Inform customers of the option to opt-out of data collection and use of their personal information.
C)Allow customers' browsers to decline to accept cookies.
D)Utilize controls to prevent unauthorized access to,and disclosure of,customers' information.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
14
The first steps in protecting the privacy of personal information is to identify

A)what sensitive information is possessed by the organization.
B)where sensitive information is stored.
C)who has access to sensitive information.
D)All of the above are first steps in protecting privacy.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
15
Information rights management software can do all of the following except

A)limiting access to specific files.
B)limit action privileges to a specific time period.
C)authenticate individuals accessing information.
D)specify the actions individuals granted access to information can perform.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
16
In developing policies related to personal information about customers,Folding Squid Technologies adhered to the Trust Services framework.The standard applicable to these policies is

A)security.
B)confidentiality.
C)privacy.
D)availability.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
17
Classification of confidential information is the responsibility of whom,according to COBIT5?

A)external auditor
B)information owner
C)IT security professionals
D)management
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
18
Cindy Vindoolo logged on to her e-mail account to find that she had received 50 e-mails from a company called LifeCo that promised her extreme weight loss if she bought their diet pills.Cindy angrily deleted all 50 e-mails,realizing she was a victim of

A)telemarketing.
B)spam.
C)direct mail.
D)MLM.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
19
Which type of software blocks outgoing messages containing key words or phrases associated with an organization's sensitive data?

A)anti-virus software
B)data loss prevention software
C)a digital watermark
D)information rights software
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
20
It is impossible to encrypt information

A)transmitted over the Internet.
B)stored on a hard drive.
C)printed on a report.
D)None of the above
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
21
Using a combination of symmetric and asymmetric key encryption,Sofia Chiamaka sent a report to her home office in Bangalore,India.She received an e-mail acknowledgement that her report had been received,but a few minutes later she received a second e-mail that contained a different hash total than the one associated with her report.This most likely explanation for this result is that

A)the public key had been compromised.
B)the private key had been compromised.
C)the symmetric encryption key had been compromised.
D)the asymmetric encryption key had been compromised.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
22
Which systems use the same key to encrypt communications and to decrypt communications?

A)asymmetric encryption
B)symmetric encryption
C)hashing encryption
D)public key encryption
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
23
Identify the item below that is not a step you could take to prevent yourself from becoming a victim of identity theft.

A)Shred all documents that contain your personal information.
B)Only print your initial and last name on your personal checks.
C)Do not place checks in your outgoing mail.
D)Refuse to disclose your social security number to anyone or any organization.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
24
If an organization asks you to disclose your social security number,yet fails to properly dispose of your private information once it has fulfilled its purpose,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
25
Under CAN-SPAM legislation,an organization that receives an opt-out request from an individual has ________ days to implement steps to ensure they do not send out any additional unsolicited e-mail to the individual again.

A)2
B)5
C)7
D)10
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
26
An electronic document that certifies the identity of the owner of a particular public key.

A)asymmetric encryption
B)digital certificate
C)digital signature
D)public key
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
27
Identify one weakness of encryption below.

A)Encrypted packets cannot be examined by a firewall.
B)Encryption provides for both authentication and non-repudiation.
C)Encryption protects the privacy of information during transmission.
D)Encryption protects the confidentiality of information while in storage.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
28
Which of the following is not true regarding virtual private networks (VPN)?

A)VPNs provide the functionality of a privately owned network using the Internet.
B)Using VPN software to encrypt information while it is in transit over the Internet in effect creates private communication channels,often referred to as tunnels,which are accessible only to those parties possessing the appropriate encryption and decryption keys.
C)It is more expensive to reconfigure VPNs to include new sites than it is to add or remove the corresponding physical connections in a privately owned network.
D)The cost of the VPN software is much less than the cost of leasing or buying the infrastructure (telephone lines,satellite links,communications equipment,etc.)needed to create a privately owned secure communications network.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
29
These are used to create digital signatures.

A)asymmetric encryption and hashing
B)hashing and packet filtering
C)packet filtering and encryption
D)symmetric encryption and hashing
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
30
The system and processes used to issue and manage asymmetric keys and digital certificates are known as

A)asymmetric encryption.
B)certificate authority.
C)digital signature.
D)public key infrastructure.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
31
Encryption has a remarkably long and varied history.The invention of writing was apparently soon followed by a desire to conceal messages.One of the earliest methods,attributed to an ancient Roman emperor,was the simple substitution of numbers for letters,for example A = 1, B = 2,etc.This is an example of

A)a hashing algorithm.
B)symmetric key encryption.
C)asymmetric key encryption.
D)a public key.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
32
If an organization asks you to disclose your date of birth and your address,but refuses to let you review or correct the information you provided,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Choice and consent
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
33
All of the following are associated with asymmetric encryption except

A)speed.
B)private keys.
C)public keys.
D)no need for key exchange.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
34
If an organization asks you to disclose your social security number,but decides to use it for a different purpose than the one stated in the organization's privacy policies,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Quality
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
35
If an organization asks you to disclose your social security number,yet fails to permit you to opt-out before you provide the information,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
36
If an organization asks you to disclose your social security number,but fails to establish a set of procedures and policies for protecting your privacy,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
37
If an organization asks you to disclose your social security number,but fails to tell you about its privacy policies and practices,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Management
B)Notice
C)Choice and consent
D)Use and retention
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
38
Identify the item below which is not a piece of legislation passed to protect individuals against identity theft or to secure individuals' privacy.

A)the Health Insurance Portability and Accountability Act
B)the Health Information Technology for Economic and Clinical Heath Act
C)the Financial Services Modernization Act
D)the Affordable Care Act
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
39
If an organization asks you to disclose your date of birth and your address,but fails to establish any procedures for responding to customer complaints,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Monitoring and enforcement
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
40
If an organization asks you to disclose your date of birth and your address,but fails to take any steps to protect your private information,the organization has likely violated which of the Generally Accepted Privacy Principles?

A)Collection
B)Access
C)Security
D)Quality
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
41
A process that takes plaintext of any length and transforms it into a short code.

A)asymmetric encryption
B)encryption
C)hashing
D)symmetric encryption
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
42
Which of the following is not one of the three important factors determining the strength of any encryption system?

A)key length
B)key management policies
C)encryption algorithm
D)privacy
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
43
Hjordis Marika took a call from a client."Hjordis,I need to interact online in real time with our affiliate in India,and I want to make sure that our communications aren't intercepted.What do you suggest?" Hjordis responded,"The best solution is to implement

A)a virtual private network."
B)multifactor authentication."
C)a private cloud environment."
D)an asymmetric encryption system with digital signatures."
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
44
Describe symmetric encryption and identify three limitations.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
45
In a private key system the sender and the receiver have ________,and in the public key system they have ________.

A)different keys; the same key
B)a decrypting algorithm; an encrypting algorithm
C)the same key; two separate keys
D)an encrypting algorithm; a decrypting algorithm
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
46
Encryption has a remarkably long and varied history.Spies have been using it to convey secret messages ever since there were secret messages to convey.One powerful method of encryption uses random digits.Two documents are prepared with the same random sequence of numbers.The spy is sent out with one and the spy master retains the other.The digits are used as follows.Suppose that the word to be encrypted is SPY and the random digits are 352.Then S becomes V (three letters after S),P becomes U (five letters after P),and Y becomes A (two letters after Y,restarting at A after Z).The spy would encrypt a message and then destroy the document used to encrypt it.This is an early example of

A)a hashing algorithm.
B)asymmetric key encryption.
C)symmetric key encryption.
D)public key encryption.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
47
On June 17,2013,a laptop computer belonging to Thea Technologies was stolen from the trunk of Jamie Marcia's car while she was attending a conference.After reporting the theft,Jamie considered the implications for the company's network security and concluded there was little to worry about because

A)the computer was insured against theft.
B)the computer was protected by a password.
C)the data stored on the computer was encrypted.
D)it was unlikely that the thief would know how to access the company data stored on the computer.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
48
One way to circumvent the counterfeiting of public keys is by using

A)a digital certificate.
B)digital authority.
C)encryption.
D)cryptography.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
49
Asymmetric key encryption combined with the information provided by a certificate authority allows unique identification of

A)the user of encrypted data.
B)the provider of encrypted data.
C)both the user and the provider of encrypted data.
D)either the user or the provider of encrypted data.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
50
Which of the following descriptions is not associated with symmetric encryption?

A)a shared secret key
B)faster encryption
C)lack of authentication
D)separate keys for each communication party
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
51
Information encrypted with the creator's private key that is used to authenticate the sender is

A)asymmetric encryption.
B)digital certificate.
C)digital signature.
D)public key.
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 51 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree