Sec +

Question 1

A digital signature provides ______, ________, and _________ in electronic mail.

Answer 1

integrity, authentication, and non-repudiation

Question 2

Non-repudiation

Answer 2

ensures that the sender cannot deny the previous actions or message.

Question 3

What ensures that the sender cannot deny the previous actions or message.

Answer 3

Non-repudiation

Question 4

Integrity

Answer 4

Providing assurance that a message was not modified during transmission.

Question 5

Authentication

Answer 5

The process of verifying that the sender is who he says he is.

Question 6

Providing assurance that a message was not modified during transmission.

Answer 6

Integrity

Question 7

The process of verifying that the sender is who he says he is.

Answer 7

Authentication

Question 8

Digital signatures do not provide encryption and cannot ensure _____________.

Answer 8

availability

Question 9

A digital signature is a hash value that is encrypted with the sender’s private key. For example, a file on Windows 98 that has been digitally signed indicates that the file has passed quality testing by Microsoft. The message is digitally signed. Therefore, it provides authentication, non-repudiation, and __________.

Answer 9

integrity

Question 10

If a recipient wants to verify a digital signature, the ______ ______ of the signer must be used in conjunction with the ______ _______.

Answer 10

public key

hash value

Question 11

Digital Signature Standard (DSS) defines digital signatures. It provides integrity and authentication. It is not a _________ ______ ____________.

Answer 11

symmetric key algorithm.

Question 12

A digital signature cannot be spoofed. Therefore, attacks, such as man-in-the-middle attacks, cannot harm the integrity of the ___________.

Answer 12

message.

Question 13

Microsoft uses _______ ________ to ensure the integrity of driver files.

Answer 13

digital signing

Question 14

A digital signature cannot be ____________. Therefore, attacks, such as man-in-the-middle attacks, cannot harm the integrity of the ___________.

Answer 14

spoofed

message

Question 15

Microsoft uses digital signing to ensure the integrity of _______ __________.

Answer 15

driver files

Question 16

Advanced Encryption Standard

Answer 16

AES

Question 17

AES= A_______ E_______ S_______

Answer 17

Advanced Encryption Standard

Question 18

Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Blowfish are examples of symmetrical algorithms and pseudo-random number generation (PRNG). Symmetric algorithms are sometimes called b_____ c______.

Answer 18

block ciphers

Question 19

Random number generation and pseudo-random number generation are types of algorithms used to generate c____________ keys.

Answer 19

cryptographic keys

Question 20

PRNG uses a symmetric algorithm to generate a number that is “random enough” for cryptographic purposes. PRNG is used in A_S, D_S, and B______.

Answer 20

AES, DES, and Blowfish

Question 21

Random number generation is used in asymmetric ciphers, such as R_A, D_____-H____, and E_____ C_____ C________ (E_C).

Answer 21

RSA, Diffie-Hellman, and Elliptic Curve Cryptosystem (ECC).

Question 22

_________ is the cryptographic technique whereby a change of a single input bit results in a change of multiple output bits.

Answer 22

Diffusion

Question 23

A collision is the result of a hashing algorithm producing the same ________ from two different inputs.

Answer 23

output

Question 24

Obfuscation is the basic foundation of both ______ and _________. The term means to hide something so that it is not easily readable.

Answer 24

encryption and steganography

Question 25

Key strength should reflect the sensitivity of the data it protects. Generally, as the need to secure the data increases, so should the strength of the ___. Longer keys require more processing power (and time) to ______.

Answer 25

key

break

Question 26

DLP

Answer 26

Data Loss Prevention

Question 27

Memory leaks-

Answer 27

Memory leaks can be caused by a programmer failing to free up memory once the process using that memory has been completed. C and C++ are particularly prone to memory leaks.

Question 28

Integer overflows

Answer 28

happen when a number too large to fit into the data type “integer” is not rejected and is allowed to corrupt the program.

Question 29

Pointer de-references

Answer 29

occur when a pointer (which points to the proper memory location) has the reference changed. This results in the pointer pointing to an inaccurate value

Question 30

__ ________ ________ is an example of improper input handling being allowed by the application code, and the impact can include crashing the application. Other examples of improper input handling include failure to validate the type of data in an input field, the length of the data, proper date ranges.

Answer 30

A buffer overflow

Question 31

_______ _______ can be caused by a programmer failing to free up memory once the process using that memory has been completed. C and C++ are particularly prone to memory leaks.

Answer 31

Memory leaks

Question 32

_______ _________ happen when a number too large to fit into the data type “integer” is not rejected and is allowed to corrupt the program.

Answer 32

Integer overflows

Question 33

____ __________ occur when a pointer (which points to the proper memory location) has the reference changed. This results in the pointer pointing to an inaccurate value

Answer 33

Pointer de-references

Question 34

A buffer overflow

Answer 34

an example of improper input handling being allowed by the application code, and the impact can include crashing the application. Other examples of improper input handling include failure to validate the type of data in an input field, the length of the data, proper date ranges.

Question 35

Stateless firewalls

Answer 35

make decisions based on the data that comes in and not on any complex rules.

Question 36

Stateful firewalls

Answer 36

maintain a state table that tracks every communication packet.

Question 37

These firewalls make decisions based on the data that comes in and not on any complex rules.

Answer 37

Stateless firewalls

Question 38

These firewalls maintain a state table that tracks every communication packet.

Answer 38

Stateful firewalls

Question 39

LDAP

Answer 39

389

Question 40

389

Answer 40

LDAP