It security part 2

Question 1

What is the purpose of the cryptographic hash function?
A hash function is a function that records arbitrary long messages to long outputs (n bits)
It stores the data in a hash table
Accelerates password identification
Slows down password identification

Answer 1

A hash function is a function that records arbitrary long messages to long outputs (n bits)

Question 2

CAs are typically organized in a hierarchy, where the key of a subordinate CA is
attested by another CA at a higher level
True
False

Answer 2

True

Question 3

Clocks must be synchronized for nonces (unpredictable real numbers)
True
False

Answer 3

False

Question 4

What is the difference between risk minimisation and risk optimisation?
Risk should be optimized by spending as little as possible on it, i.e. the value of the
minimisation is reduced
They mean the same thing
Minimizing should be supported by all possible resources
Optimisation should be supported by all possible resources

Answer 4

Risk should be optimized by spending as little as possible on it, i.e. the value of the
minimisation is reduced

Question 5

What does the open design principle say?
Safety through obscurity
Outsiders can have a say in the design, they can make the changes themselves
Software security should not depend on the secrecy of the design
Not only to be used by a closed community

Answer 5

Software security should not depend on the secrecy of the design

Question 6

How are you protected for long-term storage on iOS?
Keys used for encryption are only saved in iCloud for backup restoration
Data is cryptographically bound to the device
Data is immediately deleted if decryption fails
Data is only accessible after successful fingerprint authentication

Answer 6

Data is cryptographically bound to the device

Question 7

What type of attack is possible if the key space is small?
brute force
Trojan
malware
any

Answer 7

brute force

Question 8

Nonces (unpredictable real numbers) do not require an extra message to be sent
True
False

Answer 8

False

Question 9

What is a certificate chain?
issued certificates are stored in a certificate chain
revoked certificates are stored in a certificate chain
each end-user certificate can be verified by verifying a certificate chain (root to user)

Answer 9

each end-user certificate can be verified by verifying a certificate chain (root to user)

Question 10

What is a stack frame?
A pair of memory addresses representing the top and bottom of a stack
The programming framework of the stack
When a function is called, the area on the stack that the function handles
The memory area pointed to by the stack pointer

Answer 10

When a function is called, the area on the stack that the function handles

Question 11

What factors determine the IT security risk? (Multiple answers are fine)
repair
threats
countermeasures
vulnerabilities

Answer 11

threats
countermeasures
vulnerabilities

Question 12

What is NOT a definition or characteristic of stack overflow?
A special form of buffer overflow
Occurs when a procedure copies user-controlled data into the local buffer stack without
checking the size
User-controlled data overwrites other values in the stack, including the potential return value
The stack indexing is incorrect, resulting in an overflow

Answer 12

The stack indexing is incorrect, resulting in an overflow

Question 12

Which is NOT one of the hacker groups?
Script Kiddie
Disgruntled employee
Hacktivist group
Terrorist organization
Computer crime organization
State sponsored attacker
Computer scientists

Answer 12

Computer scientists

Question 12

What do we mean by key space in encryption?
On the backing store, the place where the key can be safely stored
The area indicated by the key pointer
There is no location for the key
The key space of the algorithm is the set of all possible permutations of the key

Answer 12

The key space of the algorithm is the set of all possible permutations of the key

Question 12

What is stretching?
hash depends not only on the password but also on a random value
hash computation time is accelerated by optimisation
To artificially increase the hash counting time
the password hash can be randomly long

Answer 12

To artificially increase the hash counting time

Question 13

What is a MAC?
the name of certain apple products
unique identifier
the hash function is located at the address pointed to by the MAC
can be seen as a hash function with an additional input (the key)

Answer 13

can be seen as a hash function with an additional input (the key)

Question 14

Clocks need to be synchronized for timestamps
True
False

Answer 14

True

Question 14

Which characteristic does NOT describe the White/Grey box?
Static analysis
Dynamic analysis with specific inputs
Aims to maximize code coverage
Verification where we have only minimal prior knowledge of the system -> only inputs and
outputs are examined, we do not know the inner workings
Generates inputs that trigger new code paths
Much more efficient, but high cost of entry

Answer 14

Verification where we have only minimal prior knowledge of the system -> only inputs and
outputs are examined, we do not know the inner workings

Question 15

With homomorphic encryption, the cloud service provider can perform certain
operations on the encrypted data and obtain the encrypted result without ever having
access to the data
True
False

Answer 15

True

Question 15

How does public key binding to an authorized user work?
The public key is assigned to the user by specifying the private key
The user ID and the public key are automatically generated together
The user can choose the public key that suits him
The name and the public key are linked to the digital signature of an authenticated
authenticator

Answer 15

The name and the public key are linked to the digital signature of an authenticated
authenticator

Question 15

How can we ensure key freshness?
with timestamps, time windows
a nice refreshing cocktail
calendar synchronisation
timers

Answer 15

with timestamps, time windows

Question 15

The Oracle attack allows an attacker to efficiently decrypt any encrypted CBC
ciphertext message with (adaptively) formatted ciphertexts to the server and observe
its response
True
False

Answer 15

False

Question 15

What is Stretching?
multiple iterations to slow the exhaustion attack
a random number generated by the system to make the pre-compute attack impractical.
Adds a long random string to the password before…

Answer 15

multiple iterations to slow the exhaustion attack

Question 16

What is the birthday paradox and how does it relate to the hash function?
choose an arbitrary date as birthday and extend it with a hash function
if you randomly draw elements from a set of N elements, a repeating element has a high
probability of being encountered after sqrt(N) choices
chooses an arbitrary date as a birthday, nothing to do with the hash function
randomly drawing elements from a set of N elements, it can be stated with 100% probability
that it will not meet sqrt(N)

Answer 16

if you randomly draw elements from a set of N elements, a repeating element has a high
probability of being encountered after sqrt(N) choices

Question 17

Global types of fingerprint patterns: swirl, loop, arc
True
False

Answer 17

True

Question 17

Proof of cancellation
In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the
user wants to see the results in an orderly way)
When the computation is outsourced, the user can be sure that the service provider has
actually performed the requested task.
Allows keyword searches on encrypted data. The provider cannot learn which words have
been searched or what the statistical properties of the encrypted data are.
When a data is stored in the cloud, the user can be sure that the data still exists
When data is removed from the cloud the user can be sure that all copies of it have been
deleted.

Answer 17

When data is removed from the cloud the user can be sure that all copies of it have been
deleted.

Question 18

What is the average complexity of an exhaustive key search attack on a k-bit key?
(k-1)
2^(k-1) * 10^10
(k-1)^2
2^(k-1)

Answer 18

2^(k-1)

Question 19

A countermeasure against side-channel attacks, e.g. to break the link between the
leaked information and the confidential data
True
False

Answer 19

True

Question 19

What is the hash-and-sign paradigm?
reduces efficiency if you sign the message hash instead of the message
increases efficiency by signing the hash of the message instead of the message
increases efficiency if it duplicates the message hash
reduces efficiency if it duplicates the message hash

Answer 19

increases efficiency by signing the hash of the message instead of the message

Question 20

What type of information is useful to collect before the attack (there can be several
good answers)
System architecture
Security mechanism used
Access rights
Geological location

Answer 20

System architecture
Security mechanism used
Access rights

Question 21

The Caesar cipher is easy to crack because a fixed number is the size of the key
space. What is this number?
22
64
67
25

Answer 21

25

Question 22

The Caesar cipher is easy to crack because a fixed number is the size of the key
space. What is this number?
128
64
256
192

Answer 22

128 256 192

Question 23

What are the characteristics of a monoalphabetic substitution cipher? (Multiple
answers are allowed)
disadvantage: the frequency of letters depends on the language, not on the content of the
text e.g. in Hungarian the most common letter is “e”
generalization of Caesar cipher
advantage: takes up little storage space
letter substitution is determined by permutation
disadvantage: very easy to crack with the right technical tools
the key is the permutation, which has an area of 26!

Answer 23

disadvantage: the frequency of letters depends on the language, not on the content of the
text e.g. in Hungarian the most common letter is “e”

generalization of Caesar cipher

the key is the permutation, which has an area of 26!

letter substitution is determined by permutation

Question 24

How many steps does it take to crack a complete system?
Attacks consist of 5 steps
Preparation, execution, cryptographic verification, debugging
Always one big bug causes the compromise of the whole system
Usually a combination of several attacks building on each other and several different
vulnerabilities

Answer 24

Usually a combination of several attacks building on each other and several different
vulnerabilities

Question 25

What programming error can lead to SQL injection
The system is not connected to the network, so cannot be checked by the application
Data from the client side is processed by the application without verification, malicious code
can be executed on the system
No direct access to the application and the database created from known malware
Non-programming error leads to SQL injection

Answer 25

Data from the client side is processed by the application without verification, malicious code
can be executed on the system

Question 26

Which risk is not relevant for IT security?
Unauthorised access
Loss of confidentiality or availability of information
attacks against services provided by different systems
technical or hardware damage to the machine during a storm

Answer 26

technical or hardware damage to the machine during a storm
What

Question 27

What are the steps for fingerprint matching (multiple answers are fine)
matching the two fingerprints according to the most similar minutia pairs
search for parallel similarity between minutiae
Calculating a global similarity score and making a decision
create a minutia correspondence

Answer 27

matching the two fingerprints according to the most similar minutia pairs
search for parallel similarity between minutiae
Calculating a global similarity score and making a decision
create a minutia correspondence

Question 28

Which of the following is NOT an advantage of cloud computing?
Increases system reliability and user-friendliness
Flexible provision of resources
Increases risk in terms of security, privacy and confidentiality
Reduced price for the user
Efficient for service providers
IT systems easy to deploy, operate and maintain

Answer 28

Increases risk in terms of security, privacy and confidentiality

Question 29

Which can be an effective defense against ROP?
NX bit
DEP
ASLR random addresses -> cannot predict gadaget addresses
Harvard arch

Answer 29

ASLR random addresses -> cannot predict gadaget addresses

Question 29

How can we ensure that the established key remains secret?
By encrypting
With RSA
Key exchange protocols
Cannot be kept secret

Answer 29

Key exchange protocols

Question 29

What are the types of side-channel information?
Timing
network
power consumption
human

Answer 29

power consumption
Timing

Question 30

Which protocol is used to securely access web pages?
HTTPS
HTTP
GOOGLE CHROME
MOZILLA FIREFOX

Answer 30

HTTPS

Question 30

In the access protection model, what is a reference monitor?
The entity that enforces the access protection policy
The dashboard interface to monitor the operation of the access control policy
The entity that keeps track of existing references to objects for the garbage collector
The entity that defines the access control rules

Answer 30

The entity that enforces the access protection policy

Question 31

In an XSS attack, an attacker successfully executes JavaScript code in the context of
another origin
True
False

Answer 31

True

Question 31

What is the difference between MAC and DAC?
For Mac, the reference monitor must check all access, for DAC this is set by the user
For MAC, untrusted users can grant access rights, for DAC not possible
With DAC, untrusted users can grant access rights, not possible with MAC
Access protection is discrete for DAC, continuous for MAC

Answer 31

With DAC, untrusted users can grant access rights, not possible with MAC

Question 32

What are the functions of the certification authority? (multiple answers are fine)
publish valid certificates and certificate revocation lists
organizes certificates
issues certificates to users or other CAs

Answer 32

publish valid certificates and certificate revocation lists

issues certificates to users or other CAs

Question 33

What does the term MAC function mean?
Medium Access Control protocol
Mandatory Access Control based access protocol
Message Authentication Code calculation
Key generation on Apple MacBook computers

Answer 33

Message Authentication Code calculation

Question 34

Which is NOT true for Android?
Least code running with root privileges
At startup, each component assumes that the underlying components are sufficiently secure
Application signatures allow developers to be verified
Ability to exploit security capabilities of some processors despite processor independence

Answer 34

Application signatures allow developers to be verified

Question 35

What is a certificate revocation list (CLR)?
A sequence of steps to follow when revoking a certificate
List of certificates revoked after expiration
List of certificates revoked before expiration
List of certificates about to expire

Answer 35

3

Question 35

What can be overwritten other than the return address during a stack overflow attack?
controllable data
non-controllable data
return address only
the contents of the entire stack

Answer 35

non-controllable data

Question 35

Linux implements a non-discretionary access control (DAC) system
True
False

Answer 35

2

Question 36

What is the use of storing the hash of the password in the control table instead of the
password?
It is not useful to store a hash instead of a password
Because of the hash, it takes 1000 years to crack the password
The hash cannot be used to decrypt the password, but it can be used to compare whether
the password is correct
Instead of a hash, a fraction of the password is stored

Answer 36

3

Question 37

Verifiable calculation
In some applications it may be useful if the provider can sort the encrypted data (e.g.: the
user wants to see the results in an orderly way)
When the computation is outsourced, the user can be sure that the provider has actually
performed the requested task.
Allows keyword searches on encrypted data. The provider cannot learn which words have
been searched or what the statistical properties of the encrypted data are.
When a data is stored in the cloud, the user can be sure that the data still exists
When data is removed from the cloud the user can be sure that all copies of it have been
deleted.

Answer 37

2

Question 37

What is a zero-day vulnerability?
vulnerabilities that are known only to potential attackers
online mail vulnerabilities
vulnerability of the computer’s own back-up storage
vulnerabilities that are accidental, not known to anyone

Answer 37

1

Question 37

What are the disadvantages of cloud computing?
Increases the risk from security, privacy and confidentiality perspectives
Increases system reliability and user friendliness
Flexible provision of resources
Reduced price for the user
Efficient for service providers
Easy deployment, operation and maintenance of IT systems

Answer 37

1

Question 37

What is the AES block size?
32 bits
64 bit
256 bit
128 bit

Answer 37

4

Question 38

Which does NOT increase security risks?
Threats
Vulnerabilities
Countermeasures
Short password

Answer 38

4

Question 38

Signature errors occur when a variable with a signature is interpreted as a signature
or when a signed variable is signed.
True
False

Answer 38

2

Question 39

Sequence preserving encryption…
In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the
user wants to see the results in order)
When the computation is outsourced, the user can be sure that the provider has actually
performed the requested task.
Allows keyword searches on encrypted data. The provider cannot learn which words have
been searched or what the statistical properties of the encrypted data are.
When a data is stored in the cloud, the user can be sure that the data still exists
When data is removed from the cloud the user can be sure that all copies of it have been
deleted.

Answer 39

1

Question 39

There is no need to revoke a certificate if there is a change in the personal data in the
certificate
True
False

Answer 39

2

Question 39

How does Caesar encryption work?
substitutes plaintext letters from a set of real numbers
replaces the letters in plain text with letters of the alphabet at a specified distance from it
complements the letters in plain text with the letters in the real number set
complements the letters in plain text by one letter of the alphabet spaced at a given distance
from it

Answer 39

2

Question 39

Side-channel attacks are based on information caused by the actual execution of the
cryptographic algorithm (leaked by the algorithm)
True
False

Answer 39

1

Question 40

How can we measure the strength of a randomly chosen password?
H = L * logN 2
H = L * log2 L * N
H = L * log2 N
H = L * logL N

Answer 40

3

Question 40

What can financial resources be converted into? (there may be several good answers)
increase information gathering skills
deepen technical expertise
renting space with appropriate temperature
access to advanced attack tools and methods

Answer 40

1 2 4

Question 41

Return-to-LibC attack?
Specifies a LibC in-memory function as return address parameterized by malicious code
On boot, the machine will no longer load the op. system because the op. system will be
infected with LibC
No such attack, Return-toLibC is a valid assembler instruction
Overwrite the LibC library with a long NOP sled which is terminated with a RET statement

Answer 41

1

Question 41

What hard math problem does the RSA system pose?
key pair generation algorithm
Discrete logarithm
Taylor polynomial
Differential calculus

Answer 41

1

Question 41

Why do these vulnerabilities occur in practice?
due to shitty BME
connecting to external peripherals
IT systems are increasingly complex, making it difficult to fully cover all possible problems
operating system upgrade

Answer 41

3

Question 41

What is Salting?
multiple iterations to slow the exhaustion attack
a random number generated by the system to make the pre-compute attack impractical.
Adds a long random string to the password before stacking

Answer 41

2

Question 41

What should not be logged?
Allow resource access
Unsuccessful system call
Location information (geolocation)
Password

Answer 41

4

Question 42

What does the open design principle say?
The software can be freely developed by anyone later
Design should be open to the community
The number of shared mechanisms should be minimised
The default value should be chosen so that the system remains secure in case of failure

Answer 42

2

Question 43

What is security?
antivirus protection for your computer
protects against accidental hardware failures
focuses on the risks from deliberate attacks by intelligent attackers (malware)

Answer 43

3

Question 44

Which approach is least effective against XSS?
Blacklist
HTTP- only cookie
CSP
Whitelist

Answer 44

1

Question 44

What is not in a DMZ layout?
Direct connectivity between the internal network and the DMZ
Application proxy
Packet filter
Server

Answer 44

1

Question 44

What questions should be answered in the risk optimization process (multiple
answers are fine)?
What are the potential threats?
What are the known vulnerabilities/vulnerabilities?
How likely are these vulnerabilities to be exploited by potential threats?
What is the expected loss?
What countermeasures will reduce the risk in a cost-effective way?

Answer 44

all

Question 45

The sequence of NOP instructions that slides the CPU instruction execution stream to
its final, desired location
True
False

Answer 45

1

Question 46

Which of the following is performed as the first step when booting iOS?
kernel is initialized
low level bootloader
iBoot code verification
apple root certificate is loaded

Answer 46

4

Question 47

What is usually the first step in a web server attack?
lock out the user
maximize the attack surface
redirect important data

Answer 47

2

Question 48

Developing secure software is difficult. Which reason is NOT supported?
Security testing is difficult
Developers face time, functionality and resource constraints
Attackers have a much easier time than developers
Security is difficult to measure

Answer 48

3

Question 48

Software detects corrupted input data, what should it do?
The software must still perform the programmed calculations
The input data must be rejected and the event logged
The software should attempt to recover the corrupted data
The software shall log the corrupted data

Answer 48

2

Question 48

The debugging system is a database of errors, which includes information about
privacy
True
False

Answer 48

2

Question 49

What is a CVE (Common Vulnerabilities and Exposures)?
An online platform for critical vulnerability testing
A parameter in the operating system to check the virtualized environment currently in use
A technique to exploit vulnerabilities in electric cars
A database containing all known vulnerabilities, i.e. a publicly available database containing
all vulnerabilities

Answer 49

4

Question 49

What is the best performance for fingerprint matching?
High FA and low FR rate
High FA and FR rate
Low FA and FR rate
Low FA and high FR rate

Answer 49

3

Question 49

Why use automated vulnerability checking software?
They find all bugs, even the unknown ones
No need to spend any time on manual testing during penetration testing
IDS systems are also detected
They can look through a lot of bugs quickly, a great help for manual testing

Answer 49

4

Question 50

What are the criteria for threat classification? (There may be several good answers)
Motivation
information gathering capabilities
level of technical expertise
level of (resources)

Answer 50

all

Question 50

What is nonces?
single use keys
set of single-use viruses
Co-domain of single-use keys
Unpredictable real numbers

Answer 50

4

Question 50

user authentication = process of verifying the identity of the requested user
True
False

Answer 50

1

Question 51

What is the Kerckhoffs principle?
assume that the encryption algorithm is known to the attacker
assume that the encryption algorithm is not known to the attacker
assume that the encryption algorithm is known to the user
assume that the encryption algorithm is not known to the user

Answer 51

1

Question 51

What is NOT the purpose of the OWASP project?
To distribute the best security software on the market
To raise funds for security awareness training
To gather the best experts to develop OWASP materials
To serve as a checklist for developers with the TOP 10 list

Answer 51

1

Question 51

IT security does not deal with …?
Random hardware failures
Unauthorized modification of data
Unavailability of services provided by the IT system
Unauthorized access to data

Answer 51

1

Question 52

What are the two main types of modern corrections?
Flooding/Flow
Overloading
Blocking
Network monitoring

Answer 52

1 2

Question 53

Data ownership verification
In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the
user wants to see the results in an orderly way)
When the computation is outsourced, the user can be sure that the service provider has
actually performed the requested task.
Allows keyword searches on encrypted data. The provider cannot learn which words have
been searched or what the statistical properties of the encrypted data are.
When a data is stored in the cloud, the user can be sure that the data still exists
When data is removed from the cloud the user can be sure that all copies of it have been
deleted.

Answer 53

4

Question 53

What is one of the key differences between Linux and Windows in terms of access
control?
The Linux security system allows a wider range of policies to be written
The Windows security system allows you to describe a wider range of policies

Answer 53

2

Question 54

For nonces (unpredictable real numbers), it is enough to measure time locally
True
False

Answer 54

t

Question 54

How is the cyber underground organized (who are the players)?
information traders
resource traders
service providers
R&D people, tool makers
criminals, fraudsters and attackers
cashier

Answer 54

all

Question 54

What is Stuxnet?
An improved version of the Trojan
New virus scanner
The most threatening Malware in history
A database of viruses

Answer 54

3

Question 54

What types of vulnerabilities exist in IT systems? (More than one answer is fine)
technical
physical
personal
operational

Answer 54

all

Question 54

In hacking, shellcode is a small piece of code used to exploit a vulnerability in
software.
True
False

Answer 54

T

Question 55

For time stamps, replay can only work within a small time window
True
False

Answer 55

T

Question 55

Searchable encryption…
In some applications, it may be useful if the provider can sort the encrypted data (e.g.: the
user wants to see the results in an orderly way)
When the calculation is outsourced, the user can be sure that the provider has actually
performed the requested task.
Allows keyword searches on encrypted data. The provider cannot learn which words have
been searched or what the statistical properties of the encrypted data are.
When a data is stored in the cloud, the user can be sure that the data still exists
When data is removed from the cloud the user can be sure that all copies of it have been
deleted.

Answer 55

3

Question 56

What is the function of the Secure Enclave coprocessor?
Application signature verification
Touch ID sensor management
Secure system loading
Secure capture and storage of movement-related data

Answer 56

3

Question 56

What is safety?
focuses on risks from accidental failures, accidents and natural disasters
helps to protect against viruses received by correspondents
protects against malware in case of unsafe downloads from various torrent sites
protects against operating system failures

Answer 56

1

Question 56

What types of countermeasures exist to reduce the risk? (There may be several good
answers)
physical
network
none
technical

Answer 56

1 4

Question 56

What is fingerprint minutia?
Global fingerprint pattern (swirl, loop, …)
Graph of line endings and branchings
Specific area on the fingerprint, such as core and delta
Triple combination of type (line end or branch), position, direction

Answer 56

4

Question 56

What is black-box testing?
A check where even the source code is known to the ethical checker
Testing only input and output, fuzzing
The check uses programs unknown to the developer
Verification where only the minimum prior knowledge of the system is known -> only inputs
and outputs are examined, the inner workings are not known

Answer 56

4

Question 56

What does buffer overflow exploit?
The program has a memory leak, it does not release all the buffers it has reserved
The program refers to an already freed buffer area
The program does not check how much data is written to a given buffer size
The program increments the buffer index until it turns negative and thus flushes out the
buffer

Answer 56

3

Question 56

What is the key to Caesar encryption?
an arbitrary number generated when the key is generated
an arbitrary letter from abc
the offset value
a pointer pointing to the encrypted message

Answer 56

3