Quiz 3 Flashcards
3DES is \_\_\_\_\_\_\_\_. strong enough for communication in corporations very slow expensive in terms of processing cost All of the above
All of the above
A DES key is 40 bits long. (True False)
False
An attack where an adversary intercepts an encrypted message and transmits it again later is called a \_\_\_\_\_\_\_\_. replay attack reex attack resend attack reection attack
replay attack
DES uses block encryption.
True False
True
HMACs provide the cryptographic protection of \_\_\_\_\_\_\_\_. message integrity message authentication Both A and B Neither A nor B
Both A and B
Hashing is \_\_\_\_\_\_\_\_. repeatable reversible Both A and B Neither A nor B
repeatable
Julia encrypts a message to David using public key encryption for condentiality. After encrypting the message, can Julia
decrypt it?
(True / False)
False
In public key encryption, “signing” is the act of ________.
adding the password to the challenge message and hashing the two
hashing the plain text message
encrypting the message digest with its own private key
encrypting the message digest with its own public key
encrypting the message digest with its own private key
In public key encryption for authentication, the verifier decrypts the ciphertext with the verifier’s public key.
(True False)
False
If a key is 43 bits long, how much longer will it take to crack it by exhaustive search if it is extended to 50 bits? 14 times as long 7 times as long 256 times as long 128 times as long
128 times as long
The best way to thwart exhaustive searches by cryptanalysts is \_\_\_\_\_\_\_\_. to make the key very long to use codes randomize the key thoroughly All of the above
to make the key very long
Symmetric session key exchange can be done with public key encryption.
(True / False)
True
When two parties communicate with each other using symmetric key encryption, how many keys are used in total to encrypt and decrypt? 8 1 4 2
1
When a hashing algorithm is applied, the hash will ALWAYS have a fixed length (True / False)
True
When Carol sends a message to Bob, Bob will use \_\_\_\_\_\_\_\_ to decrypt the message. Carol's public key Bob's private key Carol's private key the private key
Bob’s private key
What is the hash size of SHA-256? 112 bits 128 bits 160 bits 256 bits
256 bits
Using new and proprietary encryption ciphers is a good idea because cryptanalysts will not know them.
(True / False)
False
To ensure that a digital certicate is valid, the receiver of the certicate must check \_\_\_\_\_\_\_\_. whether the certicate has been revoked the digital signature the valid period All of the above.
All of the above.
The most popular public key cipher is RSA (True / False)
True
\_\_\_\_\_\_\_\_ occurs when companies believe they have good security because they are using proprietary ciphers that hackers do not know. Reasonable protection Security through obscurity Weakest link ignorance
Security through obscurity
\_\_\_\_\_\_\_\_ is the use of mathematical operations to protect messages travelling between parties or stored on a computer. Confidentiality Cryptography Encryption Authentication
Cryptography
Which of the following measures do HMACs use? Public key encryption Symmetric key encryption Hashing All of the above
Hashing
Which of the following is one of the effective key lengths in 3DES? 110 bits 40 bits Both A and B Neither A nor B
Neither A nor B
Programmers frequently create entry points into a program for debugging purposes and/or insertion of new program
codes at a later date. What are these entry points called?
Backdoors
Logic Bombs
Trojan Horses
Worms
Backdoors
Which of the following infects both boot-sectors and le-infectors? Worm Link Virus Macro Multi-partite
Multi-partite
A polymorphic virus uses which of the following? Heuristic engine Search engine Mutation engine Inference engine
Mutation engine
What is the name of the malicious act of a computer program looking normal but containing harmful code? Trapdoor Trojan Horse Worm Logic Bomb
Trojan Horse
.........................................works by creating an artificial TCP segment that has the SYN flag set land DoS TearDrop Smurf Sning
land DoS
TearDrop is a fragmentation attack on the ........................ protocol stack. TCP/IP UDP ICMP TOC/TOU
TCP/IP
Which of the following script is example of SQL injection attack?
var Shipcity; ShipCity = Request.form (“ShipCity”);
var Shipcity; ShipCity = Request.form (“ShipCity”); var SQL = “select * from OrdersTable where ShipCity = ‘” + ShipCity + “’”;
var Shipcity; var SQL = “select * from OrdersTable where ShipCity = ‘” + ShipCity + “’”;
All of options
var Shipcity; ShipCity = Request.form (“ShipCity”); var SQL = “select * from OrdersTable where ShipCity = ‘” + ShipCity + “’”;
Which term best describes the act of actively searching for a computer's ports through the use of specialized software port searching port vulnerabilities sning port scanning
port scanning
What typically happens when a buffer is overflowed?
The memory space that comes after the buffer holds the extra data as well as keeping the data that it contained
before
Whatever is in the memory space that comes after the buer is overwritten
The memory chip in the computer gets too big and explodes
Electrons fall out of the memory chip and start a re
Whatever is in the memory space that comes after the buffer is overwritten
which option is wrong? The smurf attack is a distributed reflective denial-of-service (DRDoS) attack DNS amplification causes flooding. Ping of death attack uses ICMP packet. DNS poisoning is not a DoS attack.
DNS poisoning is not a DoS attack.
which method is not a reconnaissance attack? IP probe Dumpster diving Port scan Buffer overflow
Buffer overflow
In a replay attack, the attacker cannot read the contents of the replayed message.
True
