Exam Set B Flashcards

Question

QUESTION NO: 1668 The Number Field Sieve (NFS) is a: A. General purpose factoring algorithm that can be used to factor large numbers B. General purpose algorithm used for brute force attacks on secret key cryptosystems C. General purpose hash algorithm D. General purpose algorithm to calculate discreet logarithms

Answer 1

Answer: A Explanation: The NFS has been successful in efficiently factoring numbers larger than 115 digits and a version of NFS has successfully factored a 155-digit number. Clearly, factoring is an attack that can be used against the RSA cryptosystem in which the public and private keys are calculated based on the product of two large prime numbers. The other answers are distracters.

Answer 2

Answer: A Explanation: The compilation is from a study by h. Becker and f. Piper that was originally published in Cipher Systems: The Protection of Communication. The listing shows the relative frequency in percent of the appearance of the letters of the English alphabet in large numbers of passages taken from newspapers and novels. Thus, in a substitution cipher, an analysis of the frequency of appearance of certain letters may give clues to the actual letter before transformation. Note that the letters E, A, and T have relatively high percentages of appearance in English text. \*Answer "Period analysis" refers to a cryptanalysis that is looking for sequences that repeat themselves and for the spacing between repetitions. This approach is used to break the VigenËre cipher. \* Answer "Cilly analysis" is a reference to a cilly, which was a three-character message key used in the German Enigma machine. \* In answer "Cartouche analysis", a cartouche is a set of hieroglyphs surrounded by a loop. A cartouche referring to King Ptolemy was found on the Rosetta Stone.

Answer 3

Answer: D Explanation: The correct answer is "Evaluation Assurance Levels (EALs)". The other answers are distracters.

Answer 4

Answer: B Explanation: These items are privacy principles. Notice refers to the collection, use, and disclosure of personally identifiable information (PII). Choice is the choice to opt out or opt in regarding the disclosure of PII to third parties; Access is access by consumers to their PII to permit review and correction of information. Security is the obligation to protect PII from unauthorized disclosure. Enforcement is the enforcement of applicable privacy policies and obligations. The other answers are distracters.

Answer 5

Answer: D Explanation: A virtual local area network (VLAN) allows ports on the same or different switches to be grouped so that traffic is confined to members of that group only, and restricts broadcast, unicast, and multicast traffic. Answer "A VLAN is a network segmented physically, not logically" is incorrect, because a VLAN is segmented logically, rather than physically. Answer "A VLAN is less secure when implemented in conjunction with private port switching" is incorrect. When a VLAN is implemented with private port, or single-user, switching, it provides fairly stringent security because broadcast vulnerabilities are minimized. Answer "A closed VLAN configuration is the least secure VLAN configuration" is incorrect, as a closed VLAN authenticates a user to an access control list on a central authentication server, where they are assigned authorization parameters to determine their level of network access. Sources: Catalyst 5000 Series Installation Guide (Cisco Systems) and Virtual LANs by Mariana Smith (McGraw-Hill, 1998).

Answer 6

Answer: A Explanation: The correct answer is "Wireless Transport Layer Security Protocol (WTLS)". SSL performs security functions in TCP/IP. The other answers refer to protocols in the WAP protocol stack also, but their primary functions are not security.

Answer 7

Answer: A Explanation: The correct answer is "Strong \* (star) Property". \* Answer "the Discretionary Security Property" specifies discretionary access control in the Bell- LaPadula model by the use of an access matrix. \* Answer "Simple \* (star) Property" is distracter. \* Answer "\* (star) Security Property", in the Bell-LaPadula model, states, The writing of information by a subject at a higher level of sensitivity to an object at a lower level of sensitively is not permitted (no write down).

Answer 8

Answer: A Explanation: Answer "Objects never change their security level in a way that would violate the system security policy" is known as the weak tranquility property. The two other answers are distracters.

Answer 9

Answer: C Explanation: Answer trusted distribution ensures that valid and secure versions of software have been received correctly. Trusted facility management, answer "Trusted facility management", is concerned with the proper operation of trusted facilities as well as system administration and configuration. Answer "The security perimeter", the security perimeter, is the boundary that separates the TCB from the remainder of the system. Recall that the TCB is the totality of protection mechanisms within a computer system that are trusted to enforce a security policy.

Answer 10

Answer: C Explanation: 1000BaseCX refers to 1000Mbps baseband copper cable, using two pairs of 150 ohm balanced cable for CSMA/CD LANs. \* 100BaseFX, specifies a 100 Mbps baseband fiber optic CSMA/CD LAN. Answer c, 1000BaseLX, specifies a 1000Mbps CSMA/CD LAN over long wavelength fiber optics. \* 1000BaseSX, specifies a 1000Mbps CSMA/CD LAN over short wavelength fiber optics.

Answer 11

Answer: A Explanation: The VigenËre cipher is a polyalphabetic substitution cipher. The key word bow indicates which alphabets to use. The letter b indicates the alphabet of row 1, the letter o indicates the alphabet of row 14, and the letter w indicates the alphabet of row 22. To encrypt, arrange the key word, repetitively over the plaintext as shown in Table. Exhibit: Thus, the letter a of the plaintext is transformed into b of alphabet in row 1, the letter d is transformed into r of row 14, the letter v is transformed into r of row 22 and so on.

Answer 12

Answer: C Explanation: The correct answer is Trap door. Answer view refers to a mechanism in a database system that restricts access to certain information within the database. The view implements the principle of least privilege. Answer Open door is a distracter, and answer Data diode refers to a mechanism usually in multilevel security systems that limits the flow of classified information to one direction.

Answer 13

Answer: C Explanation: The Clark-Wilson Model is a model focused on the needs of the commercial world and is based on the theory that integrity is more important than confidentiality for commercial organizations. Further, the model incorporates the commercial concepts of separation of duty and wellformed transactions. The well-formed transaction of the model is implemented by the transformation procedure (TP.)ATP is defined in the model as the mechanism for transforming the set of constrained data items (CDIs) from one valid state of integrity to another valid state of integrity. The Clark-Wilson Model defines rules for separation of duty that denote the relations between a user, TPs, and the CDIs that can be operated upon by those TPs. The model talks about the access triple that is the user, the program that is permitted to operate on the data, and the data. The other answers are distracters.

Answer 14

Answer: A Explanation: Answer a refers to an addressing mode used in computers where the address location that is specified in the program instruction contains the address of the final desired location. \* Answer "Searches for values in memory exceeding a specified value" is a distracter and answer "Returns values stored in a memory address location specified in the CPU address register" is the description of the direct or absolute addressing mode.

Answer 15

Answer: D Explanation: A policy is a general statement of management's intent, and therefore, a policy would not specify the encryption scheme to be used. The other answers are appropriate for a cryptographic policy. The general standards document is BSI ISO/IEC 17799:2000,BS 7799- I: 2000, Information technology-Code of practice for information security management, British Standards Institution, London , UK . The standard is intended to provide a comprehensive set of controls comprising best practices in information security. ISO refers to the International Organization for Standardization and IEC is the International Electrotechnical Commission. These two entities form the system for worldwide standardization. The main chapter headings of the standard are: Security Policy Organizational Security Asset Classification and Control Personnel Security Physical and Environmental Security Communications and Operations Management Access Control Systems Development and Maintenance Business Continuity Management Compliance

Answer 16

Answer: C Explanation: The Evaluation Assurance Levels range from EA1 (functional testing) to EA7 (detailed testing and formal design verification). The Target of Evaluation (TOE), answer a, refers to the product to be tested. Answer b, Protection Profile (PP), is an implementationindependent Answer: C Explanation: The Evaluation Assurance Levels range from EA1 (functional testing) to EA7 (detailed testing and formal design verification). The Target of Evaluation (TOE), answer a, refers to the product to be tested. Answer b, Protection Profile (PP), is an implementationindependent

Answer 17

Answer: D Explanation: A blind signature algorithm for the message M uses a blinding factor, f; a modulus m; the private key, s, of the signer and the public key, q, of the signer. The sender, who generates f and knows q, presents the message to the signer in the form: Mf q (mod m) Thus, the message is not in a form readable by the signer since the signer does not know f. The signer signs Mf q (mod m) with his/her private key, returning (Mf q)s (mod m) This factor can be reduced to fMs (mod m) since s and q are inverses of each other. The sender then divides fMs (mod m) by the blinding factor, f, to obtain Ms (mod m) Ms (mod m) is, therefore, the message, M, signed with the private key, s, of the signer. Answer Zero knowledge proof refers to a zero knowledge proof. In general, a zero knowledge proof involves a person, A, trying to prove that he/she knows something, S, to another person, B, without revealing S or anything about S. Answers Masked signature and Encrypted signature are distracters.

Answer 18

Answer: D Explanation: As of this writing, the latest W3C working draft of P3P is P3P 1.0, 28 January, 2002 (www.w3.org/TR). An excerpt of the W3C P3P Specification states P3P enables Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. With P3, an organization can post its privacy policy in machinereadable form (XML) on its Web site. This policy statement includes: Who has access to collected information The type of information collected How the information is used The legal entity making the privacy statement P3P also supports user agents that allow a user to configure a P3P-enabled Web browser with the user's privacy preferences. Then, when the user attempts to access a Web site, the user agent compares the user's stated preferences with the privacy policy in machine-readable form at the Web site. Access will be granted if the preferences match the policy. Otherwise, either access to the Web site will be blocked or a pop-up window will appear notifying the user that he/she must change their privacy preferences. Usually, this means that the user has to lower his/her privacy threshold. The other answers are distracters.

Answer 19

Answer: D Explanation: The correct answer is "Ensuring that changes to the system do not unintentionally diminish security". Configuration Management Control (and Change Control) are processes to ensure that any changes to the system are managed properly and do not inordinately affect either the availability or security of the system.

Answer 20

Answer: A Explanation: The correct answer is PKI, which describes the integration of digital certificates, digital signatures, and other services necessary to support e-commerce. The other answers are distracters.

Answer 21

Answer: D Explanation: In digital computers, a bit is in either a one or zero state. In a quantum computer, through linear superposition, a quantum bit can be in both states, essentially simultaneously. Thus, computations consisting of trail evaluations of binary patterns can take place simultaneously in exponential time. The probability of obtaining a correct result is increased through a phenomenon called constructive interference of light while the probability of obtaining an incorrect result is decreased through destructive interference. Answer a describes optical computing that is effective in applying Fourier and other transformations to data to perform high-speed computations. Light representing large volumes of data passing through properly shaped physical objects can be subjected to mathematical transformations and recombined to provide the appropriate results. However, this mode of computation is not defined as quantum computing. Answers c and d are diversionary answers that do not describe quantum computing.

Answer 22

Answer: A Explanation: The correct answer is a. An XOR operation results in a 0 if the two input bits are identical and a 1 if one of the bits is a 1 and the other is a 0.

Answer 23

Answer: C Explanation: The correct answer is Bell-LaPadula. The Bell-LaPadula model addresses the confidentiality of classified material. Answers . Clark-Wilson and Biba are integrity models, and answer Stark-Wils is a distracter.

Answer 24

Answer: B Explanation: The elliptic curve is defined over a finite field comprised of real, complex or rational numbers. The points on an elliptic curve form a Group under addition. Multiplication (or multiple additions) in an elliptic curve system is equivalent to modular exponentiation; thus, defining a discreet logarithm problem.

Answer 25

Answer: A Explanation: Employers are not specifically covered under HIPAa. HIPAA applies to health care providers that transmit health care information in electronic form, health care clearinghouses, and health plans. However, some employers may be covered under the Gramm-Leach-Bliley Act. The Gramm-Leach-Bliley (GLB) Act was enacted on November 12, 1999, to remove Depression era restrictions on banks that limited certain business activities, mergers, and affiliations. It repeals the restrictions on banks affiliating with securities firms contained in sections 20 and 32 of the Glass-Steagall Act. GLB became effective on November 13, 2001. GLB also requires health plans and insurers to protect member and subscriber data in electronic and other formats. These health plans and insurers will fall under new state laws and regulations that are being passed to implement GLB, since GLB explicitly assigns enforcement of the health plan and insurer regulations to state insurance authorities (15 USc. ß6805). Some of the privacy and security requirements of Gramm-Leach-Bliley are similar to those of HIPAA. Most states required that health plans and insurers comply with the GLB requirements by July 1, 2001, and financial institutions were required to be in full compliance with Gramm-Leach-Bliley by this date. The other answers are incorrect since they are covered by the HIPAAregulations.

Answer 26

Answer: D Explanation: The correct answer by definition of the star property.

Answer 27

Answer: A Explanation: The correct answer is "CPU, cache, primary memory, secondary memory". In this architecture, the CPU sees the high-speed cache, which holds the instructions and data from primary memory that have a high probability of being executed by the program. In order of speed of access, the order in the correct answer goes from the fastest to the slowest access time.

Answer 28

Answer: B Explanation: The correct answer is "The system preserves a secure state during and after a system crash". Based on the Common Criteria, a system can be evaluated as fail secure if it preserves a secure state during and after identified failures occur.

Answer 29

Answer: C Explanation: Acipher is a cryptographic transformation that operates on characters or bits. In different words, a cipher is defined as a cryptographic algorithm or mathematical function that operates on characters or bits and implements encryption or decryption. In contrast, a code operates with words, phrases and sentences. In a code, a word may be the encipherment of a sentence or phrase. For example, the word SCARF may be the code for the term BEWARE OF DUTCH TRAITOR IN YOUR MIDST. \* a cryptosystem is a set of transformations from a message space to a ciphertext space. This system includes all cryptovariables (keys), plaintexts and ciphertexts associated with the transformation algorithm. The difference between answers a and c is that answer c, the correct answer, refers to the algorithm alone and answer a refers to the algorithm and all plaintexts, ciphertexts and cryptovariables associated with this algorithm. \* cryptanalysis, refers to being able to break the cipher so that the encrypted message can be read. Cryptanalysis may be accomplished by exploiting weaknesses in the cipher or, in some fashion, determining the key. This act of obtaining the plaintext or key from the ciphertext can be used to recover sensitive or classified information and, perhaps, to pass on altered or fake messages in order to deceive the original intended recipient. \* the key or cryptovariable, is used with a particular algorithm to encipher or decipher the plaintext message. By using the key, the algorithm can be publicly known and evaluated for its strength against attack. The key associated with a particular transformation or algorithm can take on many values and the range of all of these possible values is called the keyspace. Ideally, an enciphered plaintext message using a specific algorithm will produce a unique ciphertext message for each different key that is used with that algorithm. The situation in which a plaintext message generates identical ciphertext messages using the same transformation algorithm, but with different cryptovariables, is called key clustering. Obviously, this is not a desirable situation, since it effectively reduces the number of keys that have to be tried by an attacker in order to recover the plaintext.

Answer 30

Answer: C Explanation: This version of triple DES performs an encryption (E) of plaintext message M with key k1, a decryption (D) with key k2 (essentially, another encryption), and a third encryption with key k3. Another implementation of DES EDE is accomplished with keys k1 and k2 being independent, but with keys k1 and k3 being identical. This implementation of triple DES is written as: C = Ek1 [Dk2 [Ek1 [M]]] Answer a is incorrect since, in DESX, input plaintext is bitwise XORed with 64 bits of additional key material before encryption with DES, and the output of DES is also bitwise XORed with another 64 bits of key material. Answer b, DES in the EEE, mode is written as: C = Ek3 [Ek2 [Ek1 [M]]] where three consecutive encryptions are performed on plaintext message, M, with three independent keys, k1, k2, k3. Answer c is incorrect since the question contains three encryptions. Implementing two DES encryptions does not provide the additional security anticipated over a single DES encryption because of the meet-in-the-middle attack. Consider a DES cipher with a key size of p. A double encryption will result in an effective key size of 2p and yield the final result R. Thus, one would anticipate that one would have to search a key space of 22p in an exhaustive search of the keys. However, it can be shown that a search of the key space on the order of 2p is all that is necessary. This search is the same size as required for a single DES encryption. This situation is illustrated as follows: The sequences shown illustrate the first DES encryption of a plaintext message M with all keys k1 through k2p yielding the intermediate encrypted results C1 through C2p. Ek1 [M] C1 Ek2 [M] C2 Ek2p [M] C2p If we have available ciphertext R where R = Ek2 [Ek1 [M]] for a pair of secret keys k1 and k2, for each key m there is only one key k such that Dm[R] = Ek[M] where D is the decipherment of R back from the second DES encipherment. In other words, there are 2p possible keys that will result in the pair [M,R] and, thus, can be found in a search of order 2p.

Answer 31

Answer: B Explanation: \* Answer "Memory, such as magnetic disks, that provide non-volatile storage" refers to secondary storage. \* Answer "Memory used in conjunction with real memory to present a CPU with a larger, apparent address space" refers to virtual memory, and answer "Memory where information must be obtained by sequentially searching from the beginning of the memory space" refers to sequential memory.

Answer 32

Answer: B Explanation: To again quote the FedCIRC charter, FedCIRC provides assistance and guidance in incident response and provides a centralized approach to incident handling across agency boundaries. Specifically, the mission of FedCIRC is to: Provide civil agencies with technical information, tools, methods, assistance, and guidance Be proactive and provide liaison activities and analytical support Encourage the development of quality products and services through collaborative relationships with Federal civil agencies, the Department of Defense, academia, and private industry Promote the highest security profile for government information technology (IT) resources Promote incident response and handling procedural awareness with the federal government \* Answer CERT Coordination Center (CERT/CC), is a unit of the Carnegie Mellon University Software Engineering Institute (SEI). SEI is a Federally funded R&D Center . CERT's mission is to alert the Internet community to vulnerabilities and attacks and to conduct research and training in the areas of computer security, including incident response. \* Answer "Center for Infrastructure Protection" is a distracter and answer "Federal CIO Council", the Federal Chief Information Officers' Council, is the sponsor of FedCIRC.

Answer 33

Answer: D Explanation: Like a dual-homed host, a screened-host firewall uses two network cards to connect to the trusted and untrusted networks, but adds a screening router between the host and the untrusted network. \* dual-homed host has two NICs but not necessarily a screening router. \* screened-subnet firewall uses two NICs also, but has two screening routers with the host Exhibit: acting as a proxy server on its own network segment. One screening router controls traffic local to the network while the second monitors and controls incoming and outgoing Internet traffic, \* application-level proxy, is unrelated to this question. Source: Hacker Proof by Lars Klander (Jamsa Press, 1997).

Answer 34

Answer: D Explanation: The NCSC promotes information systems security awareness and technology transfer through many channels, including the annual National Information Systems Security Conference. It was founded in 1981 as the Department of Defense Computer Security Center , and its name was change in 1985 to NCSc. It developed the Trusted Computer Evaluation Program Rainbow series for evaluating commercial products against information system security criteria. All the other answers are, therefore incorrect since they refer to NIST, which is under the US Department of Commerce.

Answer 35

Answer: C Explanation: The correct answer is "Initial Program Load". The IPL is a task performed by the operator to boot up the system. The other terms do not exist.

Answer 36

Answer: D Explanation: The correct answer is Integrity. The Clark-Wilson model is an integrity model.

Answer 37

Answer: A Explanation: The correct answer is "Preventative control". Pre-numbered forms are an example of preventative controls. They can also be considered a transaction control and input control.

Answer 38

Answer: C Explanation: The transactions addressed by HIPAA are: Health claims or similar encounter information Health care payment and remittance advice Coordination of Benefits Health claim status Enrollment and disenrollment in a health plan Eligibility for a health plan Health plan premium payments Referral certification and authorization The HIPAA EDI transaction standards to address these HIPAA transactions include the following: Health care claims or coordination of benefits Retail drug NCPCP (National Council for Prescription Drug Programs) v. 32 Dental claim ASC X12N 837: dental Professional claim ASC X12N 837: professional Institutional claim ASC X12N 837: institutional Payment and remittance advice ASC X12N 835 Health claim status ASC X12N 276/277 Plan enrollment ASC X12 834 Plan eligibility ASC X12 270/271 Plan premium payments ASC X12 820 Referral certification ASC X12 N 278 The American National Standards Institute was founded in 1917 and is the only source of American Standards. The ANSI Accredited Standards Committee X12 was chartered in 1979 and is responsible for cross-industry standards for electronic documents. The HIPAAprivacy standards, answer a, were finalized in April, 2001, and implementation must be accomplished by April 14, 2003. The privacy rule covers individually identifiable health care information transmitted, stored in electronic or paper form, or communicated orally. Protected health information (PHI) may not be disclosed unless disclosure is approved by the individual, permitted by the legislation, required for treatment, part of health care operations, required by law, or necessary for payment. PHI is defined as individually identifiable health information that is transmitted by electronic media, maintained in any medium described in the definition of electronic media under HIPAA, or is transmitted or maintained in any other form or medium. Answer b, code sets, refers to the codes that are used to fill in the data elements of the HIPAAtransaction standards. Examples of these codes are: ICD-9-CM (vols. 1 and 2) International Classification of Diseases, 9th Ed., Clinical Modification Diseases, injuries, impairments, other health related problems, their manifestations, and causes of injury, disease, impairment, or other health-related problems CPT (Current Procedural Terminology, 4th Ed. [CPT-4]), CDT (Code on Dental Procedures and Nomenclature, 2nd Ed. [CDT-2]) or ICD-9-CM (vol. 3) Procedures or other actions taken to prevent, diagnose, treat, or manage diseases, injuries, and impairments NDC (National Drug Codes) drugs HCPCS (Health Care Financing Administration Common Procedure Coding System) Other health-related services, other substances, equipment, supplies, or other items used in health care services The proposed HIPAA Security Rule, answer d, mandates the protection of the confidentiality, integrity, and availability of protected health information (PHI) through: Administrative procedures Physical safeguards Technical services and mechanisms The rule also addresses electronic signatures, but the final rule will depend on industry progress on reaching a standard. In addition, the proposed security rule requires the appointment of a security officer.

Answer 39

Answer: D Explanation: The correct answer is "Difficulty in finding the prime factors of very large numbers". Answer "Difficulty in finding the prime factors of very large numbers" applies to public key algorithms such as Diffie-Hellman and Elliptic Curve. Answer "Difficulty of multiplying two large prime numbers" is incorrect because it is easy to multiply two large prime numbers. Answer "Fact that only one key is used" refers to symmetric key encryption.

Answer 40

Answer: D Explanation: A dual-homed host uses two NICs to attach to two separate networks, commonly a trusted network and an untrusted network. It's important that the internal routing function of the host be disabled to create an application-layer chokepoint and filter packets. Many systems come with routing enabled by default, such as IP forwarding, which makes the firewall useless. The other answers are distracters. Source: Hacker Proof by Lars Klander (Jamsa Press, 1997).

Answer 41

Answer: F Explanation: The solution is as follows: OVERLORD becomes 14 21 4 17 11 14 17 3 BEGINS becomes 1 4 6 8 13 18 The key NEW becomes 13 4 22 Adding the key repetitively to OVERLORD BEGINS modulo 26 yields 1 5 0 4 15 10 4 7 23 17 10 4 0 22, which translates to BZAEPKEH XRKEAW

Answer 42

Answer: A Explanation: TLS is discussed in the answer to question 5. WTLS has to incorporate functionality that is provided for in TLS by TCP in the TCP/IP Protocol suite in that WTLS can operate over UDP. WTLS supports data privacy, authentication and integrity. Because WTLS has to incorporate a large number of handshakes when security is implemented, significant delays may occur. During a WTLS handshake session, WTLS can set up the following security classes: Class 1. No certificates Class 2. The client does not have a certificate; the server has a certificate Class 3. The client and server have certificates

Answer 43

Answer: C Explanation: TCSEC addresses confidentiality only and bundles functionality and assurance. Thus, the other answers are incorrect. By separating functionality and assurance as in ITSEC, one could specify fewer security functions that have a high level of assurance. This separation carried over into the Common Criteria.

Answer 44

Answer: A Explanation: The answer refers to the initial computation wherein the private and public keys are computed. The computation in this direction is relatively straightforward. Answers "Q[P(M)] = M" and "P[Q(M)] = M" state the true property of public key cryptography which is that a plaintext message encrypted with the private key can be decrypted by the public key and vice versa. Answer "It is computationally infeasible to derive P from Q" states that it is computationally infeasible to derive the private key from the public key. Obviously, this is a critical property of public key cryptography.

Answer 45

Answer: D Explanation: \* Answer "Evaluates a major application or general support system" is the NIACAP system accreditation. \* Answer "Verifies the evolving or modified system's compliance with the information agreed on in the System Security Authorization Agreement (SSAA)" is the Phase 2 or Verification phase of the Defense Information Technology Security Certification and Accreditation Process (DITSCAP). The objective is to use the SSAA to establish an evolving yet binding agreement on the level of security required before the system development begins or changes to a system are made. After accreditation, the SSAA becomes the baseline security configuration document. \* Answer "Evaluates the applications and systems at a specific, self-contained location" is the NIACAP site accreditation.

Answer 46

Answer: A Explanation: The correct answer is Volatile. RAM is volatile. The other answers are incorrect because RAM is volatile, randomly accessible, and not programmed by fusible links.

Answer 47

Answer: B Explanation: In the non-interference model, security policy assertions are defined in the abstract. The process of moving from the abstract to developing conditions that can be applied to the transition functions that operate on the objects is called unwinding. \* Answer "Information flow model" refers to the information flow model in which information is categorized into classes, and rules define how information can flow between the classes. The model can be defined as [O, P, S, T] where O is the set of objects, P is the flow policy, S represents the valid states, and T represents the state transitions. The flow policy is usually implemented as a lattice structure. \* The composition model, answer Composition model, investigates the resultant security properties when subsystems are combined.

Answer 48

Answer: B Explanation: The correct answer is Variable Block Feedback. There is no such encipherment mode.

Answer 49

Answer: A Explanation: The correct answer is Trusted system, by definition of a trusted system. Answers Closed system and Open system refer to open, standard information on a product as opposed to a closed or proprietary product. Answer Safe system is a distracter.

Answer 50

Answer: A Explanation: The correct answer is "Public key cryptography is used to create digital signatures.". Answer "Private key cryptography is used to create digital signatures" is incorrect because private key cryptography does not create digital signatures. Answer "DES is used to create digital signatures" is incorrect because DES is a private key system and, therefore, follows the same logic as in "Private key cryptography is used to create digital signatures"; and answer "Digital signatures are not implemented" is incorrect because digital signatures are implemented to obtain authentication and integrity.

Answer 51

Answer: D Explanation: The question stem describes one round of a Feistel cipher. This algorithm was developed by an IBM team led by Horst Feistel. (h. Feistel, Cryptography and Computer Privacy, Scientific American, v.228, n.5, May 1973) The algorithm was called Lucifer and was the basis for the Data Encryption Standard (DES). In answer a, RC4 is a variable keysize stream cipher developed by Ronald Rivest. In this type of cipher, a sequence of bits that are the key is bit-wise XORed with the plaintext. \* Diffie-Hellman describes the first public key algorithm and is based on the difficulty of calculating discrete logarithms in a finite field. (W. Diffie and M.e. Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, v. IT-22, n. 6, Nov 1976). It is used for exchanging keys. RC6, in answer c, is a fast block cipher designed by Rivest, Sidney and Yin. In RC6, the block size, the key size and the number of rounds are variable. The key size can be no larger than 2040 bits. RC6 was one of the five finalists in the Advanced Encryption Standard (AES) competition.

Answer 52

Answer: C Explanation: The correct answer describes the proper sequence of operating on the message and has the correct value of 160 bits for the SHAmessage digest. At the receiving end, the message is fed into the SHA, and the result is compared to the received message digest to verify the signature. \*Answer "A message of

Answer 53

Answer: D Explanation: Transport Layer Security (TLS) provides for security between the content server on the Internet and the WAP gateway. (Answer "Between the WAP gateway and the content server" is, thus, incorrect.) Similarly, WTLS provides security between the WAP mobile device (client software) and the WAP gateway. Since WAP cannot interface directly with the Internet, all WAP information has to be converted to HTTP in the WAP gateway to enable it to exchange information with the Internet content servers. The simple block diagram illustrates these concepts. A vulnerability occurs since data encrypted with wireless protocols has to be decrypted in the WAP gateway and then re-encrypted with the Internet protocols. This process is reversed when data flows from the Internet content servers to the WAP client. Thus, the information is vulnerable while it is in the decrypted state on the WAP gateway. This condition is known as the WAP Gap. In order to address this issue, the WAP Forum has put forth specifications that will reduce this vulnerability and, thus, support e-commerce applications. These specifications are defined in WAP 1.2 as WMLScript Crypto Library and the WAP Identity Module (WIM). The WMLScript Crypto Library supports end-to-end security by providing for cryptographic functions to be initiated on the WAP client from the Internet content server. These functions include digital signatures originating with the WAP client and encryption and decryption of data. The WIM is a tamper-resistant device, such as a smart card, that cooperates with WTLS and provides cryptographic operations during the handshake phase. The WAP Forum is also considering another alternative to providing the end-to-end encryption for WAP. This alternative, described in WAP specification 1.3, is the use of a client proxy server that communicates authentication and authorization information to the wireless network server. \*Answer "Between the Internet and the content server" is incorrect since the content server is on the Internet side of the communication and answer "Between the WAP content server and the WAP client" assumes a direct interface between the content server and the client without going through the necessary Internet and wireless protocols.

Answer 54

Answer: C Explanation: The correct answer is Rijndael algorithm. By definition, the others are incorrect.

Answer 55

Answer: B Explanation: DESX was developed by Ron Rivest to increase the resistance of DES to brute force key search attacks; however, the resistance of DESX to differential and linear attacks is equivalent to that of DES with independent subkeys.

Answer 56

Answer: C Explanation: The model permits a trusted subject to violate the \*-property but to comply with the intent of the \*-property. Thus, a person who is a trusted subject could move unclassified data from a classified document to an unclassified document without violating the intent of the \*-property. Another example would be for a trusted subject to downgrade the classification of material when it has been determined that the downgrade would not harm national or organizational security and would not violate the intent of the \*-property. The simple security property (ss-property), answer "Simple security property", states that a subject cleared for one classification cannot read data from a higher classification. This property is also known as the no read up property. Answers Secure exchange and Data flow are distracters.

Answer 57

Answer: C Explanation: The correct answer is "A baseline of user errors above which violations will be recorded". This description of a clipping level is the best. \* It is not "A listing of every error made by users to initiate violation processing", because the reason for creating a clipping level is to prevent auditors from having to examine every error. \* The answer "Variance detection of too many people with unrestricted access" is a common use for clipping levels but is not a definition. \* Answer "Changes a system's stored data characteristics" is a distracter.

Answer 58

Answer: A Explanation: A BNC refers to a Bayonet Neil Concelman RG58 connector for 10Base2. Fiber optic cable has three basic physical elements, the core, the cladding, and the jacket. The core is the innermost transmission medium, which can be glass or plastic. The next outer layer, the cladding is also made of glass or plastic, but has different properties, and helps to reflect the light back into the core. The outermost layer, the jacket, provides protection from heat, moisture, and other environmental elements. Source: Gigabit Ethernet by Jayant Kadambi, Ian Crayford, and Mohan Kalkunte (Prentice Hall PTR, 1998). Figure shows a cross-section of a fiber optic cable.

Answer 59

Answer: C Explanation: Diffusion is aimed at obscuring redundancy in the plaintext by spreading the effect of the transformation over the ciphertext. Permutation is also known as transposition and operates by rearranging the letters of the plaintext. \*Answer substitution is used to implement confusion in a block cipher. Confusion tries to hide the relationship between the plaintext and the ciphertext. The Caesar cipher is an example of a substitution cipher. \* XORing is incorrect since XORing, for example, as used in a stream cipher, implements confusion and not diffusion. Similarly, nonlinear S-boxes implement substitution. In DES, for example, there are eight different S-boxes that each has an input of 6 bits and an output of 4 bits. Thus, nonlinear substitution is effected.

Answer 60

Answer: C Explanation: The correct answer is "Hashing algorithms". Answers "Symmetric encryption algorithms" and "Asymmetric encryption algorithms" are incorrect because they are general types of encryption systems, and answer "Digital certificates" is incorrect because hashing algorithms are not digital certificates.

Answer 61

Answer: D Explanation: The class A address range is 1.0.0.0 to 126.255.255.255. The class B address range is 128.0.0.0 to 191.255.255.255. The class C address range is from 192.0.0.0 to 223.255.255.255. The class D address range is 244.0.0.0 to 239.255.255.255, and is used for multicast packets. Sources: Designing Network Security by Merike Kaeo (Cisco Press, 1999) and CCNA Study Guide by Todd Lammle, Donald Porter, and James Chellis (Sybex, 1999).

Answer 62

Answer: D Explanation: CAPI is designed for software developers to call functions from the library and, thus, make it easier to implement security services. An example of a CAPI is the Generic Security Service API (GSSAPI.) The GSS-API provides data confidentiality, authentication, and data integrity services and supports the use of both public and secret key mechanisms. The GSS-API is described in the Internet Proposed Standard RFC 2078. The other answers are made-up distracters.

Answer 63

Answer: C Explanation: Information flow from high to low is addressed by the \* -property of the BellÖLaPadula model, which states that a subject cannot write data from a higher level of classification to a lower level of classification. This property is also known as the confinement property or the no write down property. \* In answer "Covert channels", covert channels are not addressed by the model. The Bell- LaPadula model deals with information flow through normal channels and does not address the covert passing of information through unintended paths. The creation and destruction of subjects and objects, answer "The creation and destruction of subjects and objects", is not addressed by the model. \* Answer "Definition of a secure state transition" refers to the fact that the model discusses a secure transition from one secure state to another, but it never provides a definition of a secure transition.

Answer 64

Answer: D Explanation: As subjects in the world of confidentiality are assigned clearances related to their trustworthiness, subjects in the Biba model are assigned to integrity classes that are indicative of their trustworthiness. Also, in the context of confidentiality, objects are assigned classifications related to the amount of harm that would be caused by unauthorized disclosure of the object. Similarly, in the integrity model, objects are assigned to classes related to the amount of harm that would be caused by the improper modification of the object. Answer a is incorrect since integrity properties and confidentiality properties are opposites. For example, in the Bell- LaPadula model, there is no prohibition against a subject at one classification reading information from a lower level of confidentiality. However, when maintenance of the integrity of data is the objective, reading of information from a lower level of integrity by a subject at a higher level of integrity risks contaminating data at the higher level of integrity. Thus, the simple and \* -properties in the Biba model are complements of the corresponding properties in the Bell-LaPadula model. Recall that the Simple Integrity Property states that a subject at one level of integrity is not permitted to observe (read) an object of a lower integrity (no read down). Also, the \*- Integrity Property states that an object at one level of integrity is not permitted to modify (write to) an object of a higher level of integrity (no write up). \* Answer "Objects are assigned integrity labels according to their trustworthiness; subjects are assigned classes according to the harm that would be done if the data were modified improperly" is incorrect since the words object and subject are interchanged. \* In answer "Integrity labels are assigned according to the harm that would occur from unauthorized disclosure of the information", unauthorized disclosure refers to confidentiality and not to integrity.

Answer 65

Answer: A Explanation: The differences between TLS and SSL are not great, but there is enough of a difference such that TLS 1.0 and SSL 3.0 are not operationally compatible. If interoperability is desired, there is a capability in TLS that allows it to function as SSL. Question 5 provides additional discussion of the TLS protocol.

Answer 66

Answer: D Explanation: The correct answer is MD5. MD5 is a message digest algorithm.

Answer 67

Answer: B Explanation: The other options are not prohibited by the model.

Answer 68

Answer: A Explanation: This problem is analogous to asking the question How many people must be in a room for the probability of two people having the same birthday to be equal to 50%? The answer is 23. Thus, trying 2m/2 possible trial inputs to a hash function gives a 50% chance of finding two inputs that have the same hash value. Answer a, describes an attack in which the attacker can choose the plaintext to be encrypted and can modify his/her choice based on the results of a previous encryption. \* Answer the chosen-cipher text attack is where the attacker can select different ciphertexts to be decrypted and has the decrypted plaintext available. This attack is used to determine the key or keys being used. Answer d is an attack against double encryption. This approach shows that for a key length of k bits, a chosen-plaintext attack could find the key after 2k+1 trials instead of 22k attempts. In this attack on double encryption, one encrypts from one end, decrypts from the other and compares the results in-the-middle.

Answer 69

Answer: B Explanation: Encrypting parts of the session key with the private keys of the trustee agents provides no security for the message since the message can be decrypted by recovering the key components of the session key using the public keys of the respective agents. These public keys are available to anyone. The other answers are valid means of recovering keys, since key recovery refers to permitting access to encrypted messages under predefined circumstances. Two of these answers are also called key encapsulation since the session key is encapsulated in the public keys of the trustee agents and, therefore, can be decrypted only by these trustee agents with their private keys.

Answer 70

Answer: A Explanation: \* Answer "A message sent around a Token Ring network" is a token. \* Answer Secondary stora refers to disk storage. \* Answer "A message in object-oriented programming" is a distracter.

Answer 71

Answer: D Explanation: The correct answer is "Protection Profile (PP)". Answer a, ST, is a statement of security claims for a particular IT product or system. \* A Package is defined in the CC as an intermediate combination of security requirement components. \* ATOE is an IT product or system to be evaluated.

Answer 72

Answer: D Explanation: The correct answer is "The object's data". Answer "The object's environment" is contextdependent control. Answers The object's owner and The object's view are distracters.

Answer 73

Answer: A Explanation: This answer is a distracter and does not exist.

Answer 74

Answer: D Explanation: The correct answer is "The \* (star) Integrity Axiom". Answers a and d are distracters. Answer the Simple Integrity Axiom states, Asubject at one level of integrity is not permitted to observe (read) an object of lower integrity (no read down).

Answer 75

Answer: B Explanation: Switched Multimegabit Data Service (SMDS) is a high-speed, connectionless, packet-switching public network service that extends LAN-like performance to a metropolitan area network (MAN) or a wide area network (WAN). It's generally delivered over a SONET ring with a maximum effective service radius of around 30 miles. \* X.25, defines an interface to the first commercially successful connection-oriented packet-switching network, in which the packets travel over virtual circuits. \* Frame Relay, was a successor to X.25, and offers a connection-oriented packet-switching network. \* Asynchronous Transfer Mode (ATM), was developed from an outgrowth of ISDN standards, and is fast-packet, connection-oriented, cell-switching technology. Source: Communications Systems and Networks by Ray Horak (M&T Books, 2000).

Answer 76

Answer: B Explanation: The correct answer is "To protect the output's confidentiality". In addition to being used as a transaction control verification mechanism, output controls are used to ensure that output, such as printed reports, is distributed securely. \* Answer "To preserve the integrity of the data in the system while changes are being made to the configuration" is an example of Configuration or Change control. \* "To detect irregularities in the software's operation" is an example of Application controls, and d is an example of Recovery controls.

Answer 77

Answer: A Explanation: The Pump (M.h. Kang, I.S. Moskowitz, APump for Rapid, Reliable, Secure Communications, The 1st ACM Conference on Computer and Communications Security, Fairfax, VA, 1993) was developed at the US Naval Research Laboratory (NRL). It permits information flow in one direction only, from a lower level of security classification or sensitivity to a higher level. It is a convenient approach to multilevel security in that it can be used to put together systems with different security levels. \* Answer "A two-way information flow device" is a distracter. \* Answer "Compartmented Mode Workstation (CMW)", the CMW, refers to windows-based workstations that require users to work with information at different classification levels. Thus, users may work with multiple windows with different classification levels on their workstations. When data is attempted to be moved from one window to another, mandatory access control policies are enforced. This prevents information of a higher classification from being deposited to a location of lower classification. \* Answer "A device that implements role-based access control", role-based access control, is an access control mechanism and is now being considered for mandatory access control based on users' roles in their organizations.

Answer 78

Answer: A Explanation: The correct answer is Capability lists. \* Answer "Access Control Lists (ACLs)" is incorrect because the access control list is not a row in the access control matrix. \* Answer Tuples is incorrect because a tuple is a row in the table of a relational database. \* Answer Domains is incorrect because a domain is the set of allowable values a column or attribute can take in a relational database.

Answer 79

Answer: B Explanation: The correct answer is the WAP Gap. The other answers are distracters.

Answer 80

Answer: A Explanation: The MIME protocol specifies a structure for the body of an email message. MIME supports a number of formats in the email body, including graphic, enhanced text and audio, but does not provide security services for these messages. S/MIME defines such services for MIME as digital signatures and encryption based on a standard syntax. \*Answer IPSEC is incorrect since IPSEC is not an email protocol but is a standard that provides encryption, access control, nonrepudiation, and authentication of messages over IP. It is designed to be functionally compatible with IPv6. Answer b is incorrect because PGP, Pretty Good Privacy, brings security to email through the use of a symmetric cipher, such as IDEA, to encipher the message. RSA is used for symmetric key exchange and for digital signatures. PGP is not an augmentation of MIMe. RFC 2440 permits other algorithms to be used in PGP. In order of preference, they are ElGamal and RSAfor key distribution; triple DES, IDEAand CAST5 for encryption of messages; DSA and RSA for digital signatures and SHA-1 or MD5 for generating hashes of the messages. Answer d is incorrect because there is no such protocol. There is a protocol called SET for Secure Electronic Transaction. It was developed by Visa and MasterCard to secure electronic bankcard transactions. SET requests authorization for payment and requires certificates binding a person's public key to their identity.

Answer 81

Answer: A Explanation: The correct answer is "Name, public key, digital signature of the certifier", where the name of the individual is certified and bound to his/her public key. This certification is validated by the digital signature of the certifying agent. In answer a, the public key is not present to be bound to the person's name. \* In answer "Name, public key, digital signature of the certifier" the public key and name are present, but there is no digital signature verifying that the public key belongs to the name. \* Answer "Name, serial number, private key" is incorrect on a number of counts. First, the private key is never disclosed to the public and secondly, there is no digital signature.

Answer 82

Answer: A Explanation: Most backup methods use the Archive file attribute to determine whether the file should be backed up or not. The backup software determines which files need to be backed up by checking to see if the Archive file attribute has been set, and then resets the Archive bit value to null after the backup procedure. The Incremental Backup Method backs up only files that have been created or modified since the last backup was made, because the Archive file attribute is reset. This can result in the backup operator needing several tapes to do a complete restoration, as every tape with changed files as well as the last full backup tape will need to be restored. \* a Full or Complete backup backs up all files in all directories stored on the server regardless of when the last backup was made and whether the files have already been backed up. The Archive file attribute is changed to mark that the files have been backed up, and the tapes or tapes will have all data and applications on it. It's an incorrect answer for this question, however, as it's assumed answers Differential Backup Method and Incremental Backup Method will additionally require differential or incremental tapes. \* the Differential Backup Method, backs up only files that have been created or modified since the last backup was made, like an incremental backup. However, the difference between an incremental backup and a differential backup is that the Archive file attribute is not reset after the differential backup is completed, therefore the changed file is backed up every time the differential backup is run. The backup set grows in size until the next full backup as these files continue to be backed up during each subsequent differential backup, until the next complete backup occurs. The advantage of this backup method is that the backup operator should only need the full backup and the one differential backup to restore the system. Table shows these three backup methods. Answer "Ad Hoc Backup Method" is a distracter.

Answer 83

Answer: D Explanation: The correct answer is "Security Evaluation Requirements", a distracter. \* Answer "Introduction and General Model" is Part 1 of the Cc. It defines general concepts and principles of information security and defines the contents of the Protection Profile (PP), Security Target (ST), and the Package. \* The Security Functional Requirements are Part 2 of the CC, which contains a catalog of welldefined standard means of expressing security requirements of IT products and systems. \* Answer "Security Assurance Requirements" is Part 3 of the CC and comprises a catalog of a set of standard assurance components.

Answer 84

Answer: B Explanation: The correct answer is IPSec. The SPI, AH and/or ESP and the destination IP address are components of an IPSec Security Association (SA.) The other answers describe protocols other than IPSec.

Answer 85

Answer: B Explanation: Dual control requires that two or more subjects act together simultaneously to authorize an operation. A common example is the requirement that two individuals turn their keys simultaneously in two physically separated areas to arm a weapon. Functional separation implies a sequential approval process such as requiring the approval of a manager to send a check generated by a subordinate. \* Answer "Span of control and functional separation" is incorrect. Span of control refers to the number of subordinates that can be optimally managed by a superior. \* Answer "Inference control and functional separation" is incorrect. Inference control is implementing protections that prevent the inference of information not authorized to a user from information that is authorized to be accessed by a user. \* Answer "Dual control and aggregation control" is incorrect, but aggregation refers to the acquisition of large numbers of data items to obtain information that would not be available by analyzing a small number of the data items.

Answer 86

Answer: C Explanation: The correct answer is Orange Book. \* Answer the Red Book is the Trusted Network Interpretation (TNI) summary of network requirements (described in the Telecommunications and Network Security domain). \* The Green Book, is the Department of Defense (DoD) Password Management Guide-line; \* The Dark Green Book, is The Guide to Understanding Data Rema-nence in Automated Information Systems.

Answer 87

Answer: C Explanation: The correct answer is ELLIPTIC CURVE. All the other answers refer to symmetric key algorithms.

Answer 88

Answer: A Explanation: The auditing component of the IT system should be independent and distinct from the information system security architecture for a system. \* In answer "Information and resources to ensure the appropriate level of risk management", the resources to support intelligent risk management decisions include technical expertise, applicable evaluation processes, refinement of business objectives, and delivery plans. \* Answer "Consideration of all the items that comprise information security, including distributed systems, software, hardware, communications systems, and networks" promotes an enterprisewide view of information system security issues. \* For answer "A systematic and unified approach for evaluating the organization's information systems security infrastructure and defining approaches to implementation and deployment of information security controls", the intent is to show that a comprehensive security architecture model includes all phases involved in information system security including planning, design, integrating, testing, and production.

Answer 89

Answer: C Explanation: The correct answer is "Secure distribution of the secret key". Answer "It is slower than asymmetric key encryption" is incorrect because the opposite is true; answer "Most algorithms are kept proprietary" is incorrect because most symmetric key algorithms are published; and answer "Work factor is not a function of the key size" is incorrect because work factor is a function of key size. The larger the key is, the larger the work factor.

Answer 90

Answer: A Explanation: Answer "Specifies the mandatory protection in the product to be evaluated" is a distracter. \* Answer "Is also known as the Target of Evaluation (TOE)" is the product to be evaluated. \* Answer "Is also known as the Orange Book" refers to TCSEC.

Answer 91

Answer: D Explanation: The last two octets of this class B address, 252.0, gives us binary: 11111100.00000000. The six subnet bits give us 62 (26 -2) subnets, each with 1022 (210 -2) hosts, which allows us to have the maximum number of subnets with almost double the required host addresses. \*, 224.0, is 11100000.00000000 binary, which gives us six (23 - 2) subnets with 8190 (213 -2) hosts each. \* 240.0, is 11110000.00000000 binary, and gives us 14 (24 -2) subnets each with 4094 (212 -2) hosts. \* 248.0, is 11111000.00000000 binary, which creates 30 (25 -2) subnets with 2046 (211 -2) hosts. Many books give detailed descriptions of IP subnetting.

Answer 92

Answer: C Explanation: The correct answer is a by definition. Answer "Implements confidentiality, authentication, and integrity below the Transport Layer" is incorrect because SSL/TLS operates above the Transport Layer. Answer "Implements only confidentiality above the Transport Layer" is incorrect because authentication and integrity are provided also. Answer "Implements only confidentiality below the Transport Layer" is incorrect because it cites only confidentiality and SSL/TLS operates above the Transport Layer.

Answer 93

Answer: C Explanation: The CAis used in public key cryptography, not secret key cryptography. A CA will certify that a public key actually belongs to a specific individual and that the information associated with the individual's key is valid and correct. The CA accomplishes this certification by digitally signing the individual's public key and associated information. The certification professes to another person who wants to send a message to this individual using public key encryption that the public key actually belongs to the intended individual. The Consultation Committee, International Telephone and Telegraph, International Telecommunications Union (CCITT-ITU)/ International Organization for Standardization (ISO) X.509 Authentication framework defines a format for public key certificates. This structure is outlined in Figure. Answer "A networked group of m users with separate keys for each pair of users will require m (m-1)/2 keys" is an important issue in secret key cryptography; therefore it is not the correct answer. If, among a network of m users, each user wants to have secure communications with every other user on the network, then there must be a secret key for each pair of potential users. This concept can be illustrated with five users as shown in Figure. Thus, with five users, the number of independent keys is equal to (5 x 4)/2 or 10 as depicted by the ten connecting lines in Figure A.6. \*answer "Secure distribution of the keys" is incorrect since securely distributing the keys to all users is, obviously, a very important requirement. Answer d is incorrect since a compromise of the keys can, indeed, enable the attacker to impersonate the key owners and, therefore, read and send false messages.

Answer 94

Answer: B Explanation: The correct answer is SKIPJACK. The other options are other symmetric key algorithms.

Answer 95

Answer: D Explanation: Nodes on an IEEE 802.11b wireless LANs can communicate in one of two modes: ad hoc or infrastructure. In ad hoc mode, the wireless nodes communicate directly with each other, without establishing a connection to an access point on a wired LAN. In infrastructure mode, the wireless nodes communicate to an access point, which operates similarly to a bridge or router and manages traffic between the wireless network and the wired network. Source: Wireless Security Essentials by Russell Dean Vines (Wiley, 2002). Figure A.3 shows access points attached to a wired LAN to create an Infrastructure Mode 802.11b WLAN.

Answer 96

Answer: D Explanation: The correct answer is "The media that is reused in a sensitive environment does not need sanitization". Sanitization is the process of removing information from used data media to prevent data remanence. Different media require different types of sanitation. All the others are examples of proper media controls.

Answer 97

Answer: C Explanation: The correct answer is Security perimeter. Answers Star property and Simple security property deal with security models and answer Discretionary control boundary is a distracter.

Answer 98

Answer: D Explanation: It is 64-bits, but 8 bits are used for parity, so it is 56 bits in effective for the key length. Might be good to note the clarification (page 703 of CISSP book from Shon Harris – revision 5)

Answer 99

Answer: D Explanation: The logic was that since it took a long time to fetch an instruction from memory relative to the time required to execute that instruction in the CPU, then the number of instructions required to implement a program should be reduced. This reasoning naturally resulted in densely coded instructions with more decode and execution cycles in the processor. This situation was ameliorated by pipelining the instructions wherein the decode and execution cycles of one instruction would be overlapped in time with the fetch cycle of the next instruction. \* Answer "Reduced Instruction Set Computer (RISC)", RISC, evolved when packaging and memory technology advanced to the point where there was not much difference in memory access times and processor execution times. Thus, the objective of the RISC architecture was to reduce the number of cycles required to execute an instruction. Accordingly, this increased the number of instructions in the average program by approximately 30%, but it reduced the number of cycles per instruction on the average by a factor of four. Essentially, the RISC architecture uses simpler instructions but makes use of other features such as optimizing compilers to reduce the number of instructions required and large numbers of general purpose registers in the processor and data caches. \* The superscalar processor, answer "Superscalar processor", allows concurrent execution of instructions in the same pipelined stage. A scalar processor is defined as a processor that executes one instruction at a time. The term superscalar denotes multiple, concurrent operations performed on scalar values as opposed to vectors or arrays that are used as objects of computation in array processors. \* For answer "Very-Long-Instruction-Word (VLIW) processor" multiple, concurrent operations are performed in a single instruction. Because multiple operations are performed in one instruction rather than using multiple instructions, the number of instructions is reduced relative to those in a scalar processor. However, for this approach to be feasible, the operations in each VLIW instruction must be independent of each other.

Answer 100

Answer: A Explanation: The subkeys are typically used in iterated block ciphers. In this type of cipher, the plaintext is broken into fixed-length blocks and enciphered in rounds. In a round, the same transformation is applied using one of the subkeys of the key schedule.

Answer 101

Answer: C Explanation: Multi-mode fiber has a shorter allowable maximum transmission distance than single-mode fiber (2km vs. 10km). Multi-mode transmits the light through several different paths in the cable, whereas single-mode uses one light path, making single mode perform better. However, multi-mode is less expensive to install and is used more often in short-to-medium haul networks. Category 5 unshielded twisted pair (UTP) has a maximum transmission distance of 100 meters. Sources: Catalyst 5000 Series Installation Guide (Cisco Systems, 1996) and Gigabit Ethernet by Jayant Kadambi, Ian Crayford, and Mohan Kalkunte (Prentice Hall PTR, 1998).

Answer 102

Answer: A Explanation: WEP is designed to prevent the violation of the confidentiality of data transmitted over the wireless LAN. Another feature of WEP is to prevent unauthorized access to the network. The other answers are protocols in the Wireless Application Protocol, the security.

Answer 103

Answer: A Explanation: Answer "An English project created to break German ciphers" describes the Ultra Project based in Bletchley Park , England. Answer "The Japanese rotor machine used in WWII" describes the Japanese Purple Machine. Answer "Probably the first programmable digital computer" refers to Collossus.

Answer 104

Answer: B Explanation: The correct answer is Confidentiality items. The other answers are parts of the Clark- Wilson model.

Answer 105

Answer: C Explanation: The Meet-in-the-Middle attack has been successfully applied to double DES, and the work factor is equivalent to that of single DES. Thus, answer "No successful attacks have been reported against double DES" is incorrect. Answer "The work factor of triple DES is the same as for double DES" is false because the work factor of triple DES is greater than that for double DES. In triple DES, three levels of encryption and/or decryption are applied to the message. The work factor of double DES is equivalent to the work factor of single DES. Answer "The work factor of single DES is the same as for triple DES" is false because the work factor of single DES is less than for triple DES. In triple DES, three levels of encryption and/or decryption are applied to the message in triple DES.

Answer 106

Answer: D Explanation: The other answers are incorrect because neither algorithm is used.

Answer 107

Answer: A Explanation: With DMA, a DMAcontroller essentially takes control of the memory busses and manages the data transfer directly. Answer interrupt processing involves an external signal interrupting the normal CPU program flow. This interrupt causes the CPU to halt processing and jump to another program that services the interrupt. When the interrupt has been serviced, the CPU returns to continue executing the original program. Program control transfer, answer c, is accomplished by the processor executing input/output (I/O) instructions. Answer Direct access control is a distracter.

Answer 108

Answer: B Explanation: Category 5 Unshielded Twisted Pair (UTP) is rated for very high data throughput (100 Mbps) at short distances (up to 100 meters), and is the standard cable type for Ethernet installations. \* ThickNet, also known as 10Base5, uses traditional thick coaxial (coax) cable at data rates of up to 10 Mbps. \* ThinNet, uses a thinner gauge coax, and is known as 10Base2. It has a shorter maximum segment distance than ThickNet, but is less expensive to install (also known as CheaperNet). \* Twinax, is like ThinNet, but has two conductors, and was used in IBM Systems 36 and earlier AS/400 installations. Source: Communications Systems and Networks by Ray Horak (M&T Books, 2000).

Answer 109

Answer: B Explanation: The correct answer is H(M1) H(M2). If H(M1) = H(M2) then the message digests of both M1 and M2 would be equal, and one would not know that one message was substituted for the other. The other answers are distracters.

Answer 110

Answer: B Explanation: The explanation is based on the LEAF as shown in the Figure. The message is encrypted with the symmetric session key, Ks. In order to decrypt the message, then, Ks must be recovered. The LEAF contains the session key, but the LEAF is encrypted with the family key, Kf , that is common to all Clipper Chips. The authorized agency has access to Kf and decrypts the LEAf. However, the session key is still encrypted by the 80-bit unit key, Ku, that is unique to each Clipper Chip and is identified by the unique identifier, U. Ku is divided into two halves, and each half is deposited with an escrow agency. The law enforcement agency obtains the two halves of Ku by presenting the escrow agencies with a court order for the key identified by U. The two halves of the key obtained by the court order are XORed together to obtain Ku. Then, Ku is used to recover the session key, Ks, and Ks is used to decrypt the message. The decryption sequence to obtain Ks can be summarized as: This is the sequence described in answer "Decrypt the LEAF with the family key, Kf; recover U; obtain a court order to obtain the two halves of Ku; recover Ku; and then recover Ks, the session key. Use the session key to decrypt the message". The sequences described in the other answers are incorrect.

Answer 111

Answer: B Explanation: The correct answer is Key exchange. The other answers are key management issues, but key exchange is a function of the encryption system.

Answer 112

Answer: C Explanation: Additional concerns associated with distributed systems include: A desktop PC or workstation can provide an avenue of access into critical information systems of an organization. Downloading data from the Internet increases the risk of infecting corporate systems with a malicious code or an unintentional modification of the databases. A desktop system and its associated disks may not be protected from physical intrusion or theft. \* For answer centralized system all the characteristics cited do not apply to a central host with no PCs or workstations with large amounts of memory attached. Also, the vulnerability presented by a modem attached to a PC or workstation would not exist. \* An open system or architecture is comprised of vendorindependent subsystems that have published specifications and interfaces in order to permit operations with the products of other suppliers. One advantage of an open system is that it is subject to review and evaluation by independent parties. \* Answer Symmetric is a distracter.

Answer 113

Answer: D Explanation: The correct answer is "It is unbreakable". If the one-time-pad is used only once and its corresponding key is truly random and does not have repeating characters, it is unbreakable. Answer "It can be used more than once" is incorrect because if used properly, the one-time-pad should be used only once. Answer "The key does not have to be random" is incorrect because the key should be random. Answer "The key has to be of greater length than the message to be encrypted" is incorrect because the key has to be of the same length as the message.

Answer 114

Answer: A Explanation: The correct answer is "Collects information such as passwords or infrastructure configurations". Auditing should not be used to collect user's passwords. It is used for the other three examples, however.

Answer 115

Answer: A Explanation: The correct answer is "The operating system is started without the security front-end loaded". When the operator boots the system in single-user mode, the user front-end security controls are not loaded. This mode should be used for recovery and maintenance procedures only, and all operations should be logged and audited.

Answer 116

Answer: C Explanation: The correct answer is Indirect addressing. \* Answer indexed addressing determines the desired memory address by adding the contents of the address defined in the program's instruction to that of an index register. \* Implied addressing refers to registers usually contained inside the CPU. \* Answer absolute addressing addresses the entire primary memory space.

Answer 117

Answer: D Explanation: The correct answer is "Switching to a duplicate, hot backup component". Failover means switching to a hot backup system that maintains duplicate states with the primary system. Answer "Terminating processing in a controlled fashion" refers to fail safe, and answers Resiliency and A fail-soft system refer to fail soft.

Answer 118

Answer: B Explanation: Anonymous implementations of digital cash do not identify the cash holder and use blind signature schemes; identified implementations use conventional digital signatures to identify the cash holder. In looking at these two approaches, anonymous schemes are analogous to cash since cash does not allow tracing of the person who made the cash payment while identified approaches are the analog of credit or debit card transactions.

Answer 119

Answer: B Explanation: When a user accesses a Web page through a browser, class files for an applet are downloaded automatically, even from untrusted sources. To counter this possible threat, Java provides a customizable sandbox to which the applets' execution is confined. This sandbox provides such protections as preventing reading and writing to a local disk, prohibiting the creation of a new process, prevention of making a network connection to a new host and preventing the loading of a new dynamic library and directly calling a native method. The sandbox security features are designed into the Java Virtual Machine (JVM). These features are implemented through array bounds checking, structured memory access, type-safe reference cast checking to ensure that casting to an object of a different type is valid, and checking for null references and automatic garbage collection. These checks are designed to limit memory accesses to safe, structured operations. The other answers are distracters.

Answer 120

Answer: B Explanation: The correct answer is Detective control. An audit trail is a record of events to piece together what has happened and allow enforcement of individual accountability by creating a reconstruction of events. They can be used to assist in the proper implementation of the other controls, however.

Answer 121

Answer: B Explanation: The hash function generates a message digest. The message digest is encrypted with the private key of the sender. Thus, if the message can be opened with the sender's public key that is known to all, the message must have come from the sender. The message is not encrypted with the public key because the message is usually longer than the message digest and would take more computing resources to encrypt and decrypt. Because the message digest uniquely characterizes the message, it can be used to verify the identity of the sender. Answers "The message digest is encrypted in the public key of the sender" and "The message is encrypted in the public key of the sender" will not work because a message encrypted in the public key of the sender can only be read by using the private key of the sender. Because the sender is the only one who knows this key, no one else can read the message. Answer "The message is encrypted in the private key of the sender" is incorrect because the message is not encrypted, but the message digest is encrypted.

Answer 122

Answer: A Explanation: The correct answer is "Ring protection system". Multics is based on the ring protection architecture.

Answer 123

Answer: D Explanation: The transmitter and receiver must be synchronized since they must use the same keystream bits for the same bits of the text that are to be enciphered and deciphered. Usually, synchronizing frames must be sent to effect the synchronization and, thus, additional overhead is required for the transmissions. \* Answer "The same equipment can be used for encryption and decryption" describes an advantage since stream ciphers commonly use Linear Feedback Shift Registers (LFSRs) to generate the keystream and use XORs to operate on the plaintext input stream. Because of the characteristics of the XOR, the same XOR gates and LFSRs can also decrypt the message. Since LFSRs and XORs are used in a stream cipher to encrypt and decrypt, these components are amenable to hardware implementation, which means higher speeds of operation. Thus, answer "It is amenable to hardware implementations that result in higher speeds" describes an advantage. For answer "Since encryption takes place bit by bit, there is no error propagation", stream ciphers encrypt individual bits with no feedback of the generated ciphertext bits and, therefore, errors do not propagate.

Answer 124

Answer: A Explanation: The correct answer is "Product-specific security requirements". Product-specific security requirements for the product or system are contained in the Security Target (ST). Additional items in the PP are: TOE security environment description Assumptions about the security aspects of the product's expected use Organizational security policies or rules Application notes Rationale

Answer 125

Answer: B Explanation: \* Answer A volatile device is incorrect because a PLD is non-volatile. \* Answer "Random Access Memory (RAM) that contains the software to perform specific tasks" is incorrect because random access memory is volatile memory that is not a nonvolatile logic device. \* Answer "A program resident on disk memory that executes a specific function" is a distracter.

Answer 126

Answer: D Explanation: The Secure Socket Layer (SSL) sits between higher-level application functions and the TCP/IP stack and provides security to applications. It includes a variety of encryption algorithms to secure transmitted data, but the functionality must be integrated into the application. Answer "It's a widely used standard of securing e-mail at the Application level." refers to the Secure/Multipurpose Internet Mail Extension (S/MIME). Most major e-mail clients support S/MIME today. Answer "It gives a user remote access to a command prompt across a secure, encrypted session." describes Secure Shell (SSH). Answer "It uses two protocols, the Authentication Header and the Encapsulating Security Payload." refers to IPSec. IPSec enables security to be built directly into the TCP/IP stack, without requiring application modification. Source: Counter Hack by Ed Skoudis (Prentice Hall PTR, 2002).

Answer 127

Answer: A Explanation: The correct answer is Least privilege. A process is placed in the ring that gives it the minimum privileges necessary to perform its functions.

Answer 128

Answer: A Explanation: The correct answer is Contained, a distracter. \* In the system high mode the information system operates at the highest level of information classification. In this mode, all users must have security clearances for the highest level of classified information. \* Answer the dedicated mode requires that all users must have a clearance or an authorization and a need-to-know for all information that is produced by the information system. \* The multi-level mode of operation, answer c, supports users with different clearances and data at multiple classification levels.

Answer 129

Answer: A Explanation: The correct answer is "An operator does not know more about the system than the minimum required to do the job". Need-to-know means the operators are working in an environment that limits their knowledge of the system, applications, or data to the minimum elements that they require to perform their job. \* Answer "Two operators are required to work together to perform a task" is dual-control \* "The operators' duties are frequently rotated" is job rotation \* answer "An operator cannot generate and verify transactions alone" is separation of duties.

Answer 130

Answer: D Explanation: Static Random Access Memory (SRAM) is volatile and, therefore, loses its data if power is removed from the system. Conversely, a ROM is nonvolatile in that it does not lose its content when power is removed. \* Flash memories are a type of electrically programmable ROM. \* Answer FPGA is a type of Programmable Logic Device (PLD) that is programmed by blowing fuse connections on the chip or using an antifuse that makes a connection when a high voltage is applied to the junction. \* For answer firmware is a program that is stored on ROMs.

Answer 131

Answer: D Explanation: The correct answer is Secondary, a distracter.

Answer 132

Answer: C Explanation: Distance vector routing uses the routing information protocol (RIP) to maintain a dynamic table of routing information that is updated regularly. It is the oldest and most common type of dynamic routing. \* static routing, defines a specific route in a configuration file on the router and does not require the routers to exchange route information dynamically. \* link state routers, functions like distance vector routers, but only use firsthand information when building routing tables by maintaining a copy of every other router's Link State Protocol (LSP) frame. This helps to eliminate routing errors and considerably lessens convergence time. \*Answer Dynamic Control Protocol Routing is a distracter. Source: Mastering Network Security by Chris Brenton (Sybex, 1999).

Answer 133

Answer: D Explanation: The NIACAP provides a standard set of activities, general tasks, and a management structure to certify and accredit systems that will maintain the information assurance and security posture of a system or site. The NIACAP is designed to certify that the information system meets documented accreditation requirements and will continue to maintain the accredited security posture throughout the system life cycle. \* Answer CIAP is being developed for the evaluation of critical commercial systems and uses the NIACAP methodology. \* DITSCAP establishes for the defense entities a standard process, set of activities, general task descriptions, and a management structure to certify and accredit IT systems that will maintain the required security posture. The process is designed to certify that the IT system meets the accreditation requirements and that the system will maintain the accredited security posture throughout the system life cycle. The four phases to the DITSCAP are Definition, Verification, Validation, and Post Accreditation. \* Answer "Defense audit" is a distracter. \* Answer DIACAP is a distracter.

Answer 134

Answer: D Explanation: Ethernet bus topology was the first commercially viable network topology, and consists of all workstations connected to a single coaxial cable. Since the cable must be properly terminated on both ends, a break in the cable stops all communications on the bus. \* the physical star topology acts like a logical bus, but provides better fault tolerance, as a cable break only disconnects the workstation or hub directly affected. \* logical ring topology, is used by Token Ring and FDDI and is highly resilient. Token Ring employs a beacon frame, which, in case of a cable break, initiates auto reconfiguration and attempts to reroute the network around the failed mode. Also, the Token Ring active monitor station performs ring maintenance functions, like removing continuously circulating frames from the ring. FDDI employs a second ring to provide redundancy. Sources: Virtual LANs by Mariana Smith (McGraw-Hill, 1998) and Internetworking Technologies Handbook, Second Edition (Cisco Press, 1998).

Answer 135

Answer: A Explanation: The correct answer is "Chosen ciphertext. In answer Known plaintext, the attacker has a copy of the plaintext corresponding to the ciphertext. Answer Chosen plaintext describes the situation where selected plaintext is encrypted and the output ciphertext is obtained. The adaptive chosen plaintext attack, answer "Adaptive chosen plaintext, is a form of chosen plaintext attack where the selection of the plaintext is altered according to previous results.

Answer 136

Answer: B Explanation: A MAC is used to authenticate files between users. If the sender and receiver both have the secret key, they are the only ones that can verify the hash function. If a symmetric key algorithm is used to encrypt the one-way hash function, then the one-way hash function becomes a keyed MAC. Answer "Generating a digital signature" is incorrect because a digital signature between two parties uses an asymmetric key algorithm. If a message is encrypted with the sender's private key, then only the sender's public key can decrypt the message. This proves that the message was sent by the sender since only the sender knows the private key. In practice, asymmetric key encryption is very slow, especially for long messages. Therefore, a one-way hash of the message is encrypted with the sender's private key instead of encrypting the complete message. Then, the message and the encrypted hash are sent to a second party. The receiver takes the encrypted hash and decrypts it with the sender's public key. Then, the receiver takes the hash of the message, using the same one-way hash algorithm as the sender. The hash generated by the receiver is compared with the decrypted hash sent with the message. If the two hashes are identical, the digital signature is validated. Note that his method also will reveal if the message was changed en route, since the hash calculated by the receiver will, then, be different from the encrypted hash sent along with the message. Answer "Providing for secrecy of the message" is incorrect since encrypting the hash of the message and sending the message in the clear does nothing to protect the confidentiality of the message. Since the hash function is a one-way function, the message cannot be recovered from its hash. Answer "Generating a one-way function" is incorrect since encrypting a hash of a message is not a one-way function. If it were, it would be of no use since no one would be able to reverse the process and decrypt it.

Answer 137

Answer: C Explanation: This model, (D.c. Brewer and M.j. Nash, Chinese Wall Model, Proceedings of the 1989 IEEE Computer Society Symposium on Security and Privacy, 1989), defines rules that prevent conflicts of interest in organizations that may have access to information from companies that are competitors of each other. Essentially, the model states that a user working on one account cannot work on a competitor's account for a designated period of time. Answer the Biba model is an integrity model that is an analog of the Bell-LaPadula confidentiality model of answer Bell-LaPadula. Answer the lattice refers to the general information flow model where security levels are represented by a lattice structure. The model defines a transitive ordering relation, , on security classes. Thus, for security classes X, Y, and Z, the ordering relation X Y Z describes the situation where Z is the highest security class and X is the lowest security class, and there is an ordering among the three classes.

Answer 138

Answer: C Explanation: The correct answer is "The operators have different duties to prevent one person from compromising the system". Separation of duties means that the operators are prevented from generating and verifying transactions alone, for example. A task might be divided into different smaller tasks to accomplish this, or in the case of an operator with multiple duties, the operator makes a logical, functional job change when performing such conflicting duties. Answer "An operator does not know more about the system than the minimum required to do the job" is need-to-know, answer "Two operators are required to work in tandem to perform a task" is dual-control, and c is job rotation.

Answer 139

Answer: B Explanation: A stateful-inspection firewall intercepts incoming packets at the Network level, then uses an Inspection Engine to extract state-related information from upper layers. It maintains the information in a dynamic state table and evaluates subsequent connection attempts. \* packet-filtering firewall is the simplest type of firewall commonly implemented on routers. It operates at the Network layer and offers good performance but is the least secure. \* application-level firewall or application-layer gateway, is more secure because it examines the packet at the application layer, but at the expense of performance. \* circuit-level firewall, is similar to the application-level firewall in that it functions as a proxy server, but differs in that special proxy application software is not needed. Sources: Hacker Proof by Lars Klander (Jamsa Press, 1997) and Checkpoint Firewall-1 Stateful Inspection Technology (www.checkpoint.com).

Answer 140

Answer: B Explanation: The correct answer is "By modifying the timing of a system resource in some measurable way". A covert timing channel alters the timing of parts of the system to enable it to be used to communicate information covertly (outside the normal security function). \* Answer "By changing a system's stored data characteristics" is the description of the use of a covert storage channel. \* "By generating noise and traffic with the data" is a technique to combat the use of covert channels. \* Answer "By performing a covert channel analysis" is the Orange Book requirement for B3, B2, and A1 evaluated systems.

Answer 141

Answer: B Explanation: The correct answer is Very Long Instruction Word processor. \* A pipelined processor overlaps the steps of different instructions. \* Answer a superscalar processor performs a concurrent execution of multiple instructions in the same pipeline stage. \* A scalar processor executes one instruction at a time.

Answer 142

Answer: D Explanation: Cache logic attempts to predict which instructions and data in main (primary) memory will be used by a currently executing program. It then moves these items to the higher speed cache in anticipation of the CPU requiring these programs and data. Properly designed caches can significantly reduce the apparent main memory access time and thus increase the speed of program execution. \* Answer secondary memory is a slower memory (such as a magnetic disk) that provides non-volatile storage. \* Real or primary memory is directly addressable by the CPU and is used for the storage of instructions and data associated with the program that is being executed. This memory is usually high-speed, Random Access Memory (RAM). \* Answer virtual memory uses secondary memory in conjunction with primary memory to present the CPU with a larger, apparent address space of the real memory locations.

Answer 143

Answer: A Explanation: \* Answer "The boundary separating the trusted mechanisms from the remainder of the system" is the security perimeter. \* Answer "A trusted path that permits a user to access resources" is the definition of a trusted path. \* Answer "A system that employs the necessary hardware and software assurance measures to enable processing multiple levels of classified or sensitive information to occur" is the definition of a trusted computer system.

Answer 144

Answer: C Explanation: The transmitted packets are encrypted with a secret key and an Integrity Check (IC) field comprised of a CRC-32 check sum that is attached to the message. WEP uses the RC4 variable key-size stream cipher encryption algorithm. RC4 was developed in 1987 by Ron Rivest and operates in output feedback mode. Researchers at the University of California at Berkely (wep@isaac.cs.berkeley.edu) have found that the security of the WEP algorithm can be compromised, particularly with the following attacks: Passive attacks to decrypt traffic based on statistical analysis Active attack to inject new traffic from unauthorized mobile stations, based on known plaintext Active attacks to decrypt traffic, based on tricking the access point Dictionary-building attack that, after analysis of about a day's worth of traffic, allows real-time automated decryption of all traffic The Berkeley researchers have found that these attacks are effective against both the 40-bit and the so-called 128-bit versions of WEP using inexpensive off-the-shelf equipment. These attacks can also be used against networks that use the 802.11b Standard, which is the extension to 802.11 to support higher data rates, but does not change the WEP algorithm. The weaknesses in WEP and 802.11 are being addressed by the IEEE 802.11i Working Group. WEP will be upgraded to WEP2 with the following proposed changes: Modifying the method of creating the initialization vector (IV) Modifying the method of creating the encryption key Protection against replays Protection against IV collision attacks Protection against forged packets In the longer term, it is expected that the Advanced Encryption Standard (AES) will replace the RC4 encryption algorithm currently used in WEP.

Answer 145

Answer: D Explanation: ESP does have a source authentication and integrity capability through the use of a hash algorithm and a secret key. It provides confidentiality by means of secret key cryptography. DES and triple DES secret key block ciphers are supported by IPSEC and other algorithms will also be supported in the future. AH uses a hash algorithm in the packet header to authenticate the sender and validate the integrity of the transmitted data.

Answer 146

Answer: C Explanation: The correct answer is "Digital Signature Standard". \*Answer "Data Encryption Standard" refers to DES, a symmetric encryption algorithm. \* answer "Digital Encryption Standa" is a distracter there is no such term; \* answer "Advanced Encryption Standard" is the Advanced Encryption Standard, which has replaced DES and is now the Rijndael algorithm.

Answer 147

Answer: B Explanation: Least Privilege embodies the concept that users or operators should be granted the lowest level of system access or system rights that allows them to perform their job. \* Answer "An operator does not know more about the system than the minimum required to do the job" is need-to-know \* "The operators' duties are frequently rotated" is job rotation \* "An operator cannot generate and verify transactions alone" is separation of duties.

Answer 148

Answer: C Explanation: Capstone is a Very Large Scale Integration (VLSI) chip that employs the Escrowed Encryption Standard and incorporates the Skipjack algorithm, similar to the Clipper Chip. As such, it has a LEAf. Capstone also supports public key exchange and digital signatures. At this time, Capstone products have their LEAF function suppressed and a Certifying Authority provides for key recovery. \*Answer "A device for intercepting electromagnetic emissions" is then, obviously, incorrect. For information purposes, though, the US Government program to study and control the interception of electromagnetic emissions that may compromise classified information is called TEMPEST. \* Answer "The PC Card implementation of the Clipper Chip system" is also, obviously, incorrect. However, Capstone was first implemented on a PC card called Fortezza. \* Answer "A one-way function for implementation of public key encryption" is incorrect since Capstone is not a mathematical function, but it incorporates mathematical functions for key exchange, authentication and encryption.

Answer 149

Answer: A Explanation: 802.3 uses a Length field which indicates the number of data bytes that are in the data field. Ethernet II uses a Type field in the same 2 bytes to identify the message protocol type. Both frame formats use a 8-byte Preamble field at the start of the packet, and a 4- byte Frame Check Sequence (FCS) field at the end of the packet, so those choices would be incorrect as to a difference in the frame formats. Sources: Gigabit Ethernet by Jayant Kadambi, Ian Crayford, and Mohan Kalkunte (Prentice Hall PTR, 1998) and CCNA Study Guide by Todd Lammle, Donald Porter, and James Chellis (Sybex, 1999).

Answer 150

Answer: D Explanation: AES is comprised of the three key sizes, 128, 192, and 256 bits with a fixed block size of 128 bits. The Advanced Encryption Standard (AES) was announced on November 26, 2001 , as Federal Information Processing Standard Publication (FIPS PUB 197). FIPS PUB 197 states that This standard may be used by Federal departments and agencies when an agency determines that sensitive (unclassified) information (as defined in P.L. 100-235) requires cryptographic protection. Other FIPS-approved cryptographic algorithms may be used in addition to, or in lieu of, this standard. Depending upon which of the three keys is used, the standard may be referred to as AES-128, AES-192 or AES-256. The number of rounds used in the Rijndael cipher is a function of the key size as follows: 256-bit key 14 rounds 192-bit key 12 rounds 128-bit key 10 rounds Rijndael has a symmetric and parallel structure that provides for flexibility of implementation and resistance to cryptanalytic attacks. Attacks on Rijndael would involve the use of differential and linear cryptanalysis.

Answer 151

Answer: B Explanation: For a cryptographic hash function, H (m) is relatively easy to compute for a given m. \* Answer "H (m) is collision free" is a characteristic of a good cryptographic hash function, in that collision free means that for a given message, M, that produces H (M) = Z, it is computationally infeasible to find another message, M1, such that H (M1) = Z. \* Answer "The output is of fixed length" is part of the definition of a hash function since it generates a fixed-length result that is independent of the length of the input message. This characteristic is useful for generating digital signatures since the signature can be applied to the fixed-length hash that is uniquely characteristic of the message instead of to the entire message, which is usually much longer than the hash. \* Answer "H (m) is a one-way function" relates to answer "H (m) is difficult to compute for any given m" in that a one-way function is difficult or impossible to invert. This means that for a hash function H (M) = Z, it is computationally infeasible to reverse the process and find M given the hash Z and the function H.

Answer 152

Answer: B Explanation: The correct answer is "Have a higher strength per bit than an RSA". It is more difficult to compute Elliptic Curve discreet logarithms than conventional discreet logarithms or factoring. Smaller key sizes in the elliptic curve implementation can yield higher levels of security. Therefore, answer "Have a lower strength per bit than an RSA" is incorrect. Answers "Cannot be used to implement digital signatures" and "Cannot be used to implement encryption" are incorrect because elliptic curve cryptosystems can be used for digital signatures and encryption.

Answer 153

Answer: D Explanation: The time required to switch transmission directions in a half-duplex line is called the turnaround time. \* Answer simplex refers to communication that takes place in one direction only. \* Answer Synchronized is a distracter. \* Full-duplex can transmit and receive information in both directions simultaneously. The transmissions can be asynchronous or synchronous. In asynchronous transmission, a start bit is used to indicate the beginning of transmission. The start bit is followed by data bits and, then, by one or two stop bits to indicate the end of the transmission. Since start and stop bits are sent with every unit of data, the actual data transmission rate is lower since these overhead bits are used for synchronization and do not carry information. In this mode, data is sent only when it is available and the data is not transmitted continuously. In synchronous transmission, the transmitter and receiver have synchronized clocks and the data is sent in a continuous stream. The clocks are synchronized by using transitions in the data and, therefore, start and stop bits are not required for each unit of data sent.

Answer 154

Answer: B Explanation: C2MYAZZ is a utility that enables server spoofing to implement a session highjacking or man-in-the-middle exploit. It intercepts a client LANMAN authentication logon and obtains the session's logon credentials and password combination, transparently to the user. \* DNS poisoning is also known as cache poisoning. It is the process of distributing incorrect IP address information for a specific host with the intent to divert traffic from its true destination. \* Snort, is a utility used for network sniffing. Network sniffing is the process of gathering traffic from a network by capturing the data as it passes and storing it to analyze later. \* Back Orifice 2000 (BO2K), is an application-level Trojan Horse used to give an attacker backdoor network access. Source: Security Complete, edited by Mark Lierley (Sybex, 2001).

Answer 155

Answer: B Explanation: The correct answer is "An iterated block cipher". Answers A recursive, sequential cipher, A Feistel network, and As treaming block cipher are distracters; however, answer A Feistel network characterizes the Data Encryption Standard (DES) cipher.

Answer 156

Answer: C Explanation: The correct answer is 512 bits. If a block length is fewer than 512 bits, padding bits are added to make the block length equal to 512 bits. The other answers are distracters.

Answer 157

Answer: D Explanation: The correct answer is Variable. The other answers with fixed numbers are incorrect.

Answer 158

Answer: C Explanation: PKCS supports algorithm-independent and algorithm-specific implementations as well as digital signatures and certificates. It was developed by a consortium including RSA Laboratories, Apple, DEC, Lotus, Sun, Microsoft and MIT. At this writing, there are 15 PKCS standards. Examples of these standards are: PKCS #1. Defines mechanisms for encrypting and signing data using the RSA public-key system PKCS #3. Defines the Diffie-Hellman key agreement protocol PKCS #10. Describes a syntax for certification requests PKCS #15. Defines a standard format for cryptographic credentials stored on cryptographic tokens