Internet Security Protocols, Wireless and Mobile Security (ch23, 22, 24) Flashcards

Question 1

Q

In IPSec, packets can be protected using ESP or AH but not both at the same time.

Question 2

Q

In IPSec, if A uses DES for traffic from A to B, then B must also use DES for traffic from B to A.

Question 3

Q

In IPSec, the sequence number is used for preventing replay attacks.

Question 4

Q

Most browsers come equipped with SSL and most Web servers have implemented the protocol.

Question 5

Q

Even web searches have (often) been in HTTPS.

Question 6

Q

In a wireless network, traffic is broadcasted into the air, and so it is much easier to sniff wireless traffic compared with wired traffic.

Question 7

Q

Compared with WEP, WPA2 has more flexible authentication and stronger encryption schemes.

Question 8

Q

iOS has no vulnerability.

Question 9

Q

In iOS, each file is encrypted using a unique, per-file key.

Question 10

Q

In iOS, an app can run its own dynamic, run-time generated code.

Question 11

Q

The App Store review process can guarantee that no malicious iOS app is allowed into the store for download.

Question 12

Q

In iOS, each app runs in its own sandbox.

Question 13

Q

In Android, all apps have to be reviewed and signed by Google.

Question 14

Q

In Android, an app will never be able to get more permission than what the user has approved.

Question 15

Q

Since Android is open-source, each handset vendor can customize it, and this is good for security (hint: consider security updates).

Question 16

Q

The most complex and important part of TLS is the ________.

A. signature

B. message header

C. payload

D. handshake protocol

Question 17

Q

_______ is a list that contains the combinations of cryptographic algorithms supported by the client.

A. Compression method

B. Session ID

C. CipherSuite

D. All of the above

Question 18

Q

ESP supports two modes of use: transport and ________.

A. padding

B. tunnel

C. payload

D. sequence

Question 19

Q

A benefit of IPsec is ________.

A. that it is below the transport layer and transparent to applications

B. there is no need to revoke keying material when users leave the organization

C. it can provide security for individual users if needed

D. all of the above

Question 20

Q

The ______ field in the outer IP header indicates whether the association is an AH or ESP security association.

A. protocol identifier

B. security parameter index

C. IP destination address

D. sequence path counter

Question 21

Q

IPsec can assure that:

A. a router advertisement comes from an authorized router.

B. A routing update is not forged.

C. A redirect message comes from the router to which the initial packet was sent.

D. All of the above

Question 22

Q

ESP can provide both confidentiality and integrity protection.

Question 23

Q

If the authentication option of ESP is chosen, message integrity code is computed before encryption.

Question 24

Q

To protect the confidentiality and integrity of the whole original IP packet, we can use ESP with authentication option in tunnel mode.

Question 25

Q

In AH, the integrity hash covers the IP header.

Question 26

Q

The security association, SA, specifies a two-way security arrangement between the sender and receiver.

Question 27

Q

SPI is used to help receiver identify the SA to un-process the IPSec packet.

Question 28

Q

If the sequence number in the IPSec header is greater than the largest number of the current anti-replay window the packet is rejected.

Question 29

Q

If the sequence number in the IPSec header is smaller than the smallest number of the current anti-replay window the packet is rejected.

Question 30

Q

Since TLS is for the Transport Layer, it relies on IPSec, which is for the IP Layer.

Question 31

Q

In most applications of TLS or SSL, public keys are used for authentication and key exchange.

Brainscape's Knowledge GenomeTM

Internet Security Protocols, Wireless and Mobile Security (ch23, 22, 24) Flashcards

Brainscape's Knowledge Genome^TM