Test 1 Flashcards
System integrity means the system
performs in an unimpaired manner
Integrity of data means the data
is not modified
Which of the following terms indicates that information is to be read only by those people for whom it is intended?
confidentiality.
integrity.
availability.
accounting.
confidentiality
What do you call the scope that hacker can use to break into a system?
Defense in depth
Attack surface
Principle of least privilege
Risk mitigation
Attack surface
Which concept determines what resources users can access after they log on?
Authentication
Auditing
Access Control
Defense in depth
Access Control
What type of electronic document contains a public key?
Biometrics
Digital certificate
Kerberos
PIN
Digital certificate
What is the process of giving individual access to a system or resource?
Authentication
Authorization
Accounting
Auditing
Authorization
What type of attack tries to guess passwords by trying common words?
Dictionary attack.
Brute-force attack.
Man-in-the-middle attack.
Smurf attack.
Dictionary attack
The application layer security includes the following security mechanisms except:
PGP.
S/MIME.
Ping.
DNS security.
Ping
Which of the following are considered an e-mail communication scenario. (MTOA)
One-to-One E-mail. Distribution List-to-One E-mail. One-to-Multiple Recipients E-mail. Multiple-to-One E-mail. One-to-Distribution List E-mail.
One to One Email
One to Multiple Recipients
One to Distribution List email
…….. is the de-facto standard e-mail encryption scheme.
Kerberos.
Ultra gridsec.
PGP.
S/MIME.
PGP
S/MIME relies on……….. for public key distribution and uses ……………. for message encryption as private key algorithms.
Kerberos, (RC2 and DES). X.509 certificate, (RC2 and TDES). Ultra Gridsec, (RC2 and AES). PGP, (RC4 and DES). DSA, (RSA and Al Gamal).
X.509 certificate, (RC2 and TDES)
S/MIME relies on……….. for message hashing.
RSA or Elliptic Curve algorithms.
SHA-1 or MD5
RSA and MD5
SHA-2 or RC2
SHA-1 or MD5
……….. is an internet standard that can foil DNS Cash Poisoning attacks.
DNSFOIL.
DNSSEC.
DNSDETECT.
CASHSEC.
DNSSEC
HTTPS provides secure web browsing through ……….. between the client web browser and the website server.
encrypted and authenticated connection.
authenticated connection.
hashed and authenticated connection.
encrypted connection.
encrypted and authentication connection
TLS is designed to operate over ……….. because it handles…….……….
TCP, (the ‘timing out’ and ‘reformatting lost data’).
UDP, (the ‘timing out’ and ‘reformatting lost data’).
TCP, (the ‘timing out’ and ‘retransmitting lost data’).
FTP, (the ‘timing out’ and ‘reformatting lost data’).
TCP, (the ‘timing out’ and ‘retransmitting lost data’).
……….. are designed to interwork between application and transport layer: (MTOA)
TSL.
TLS.
SSL.
Telnet.
TLS
SSL
Which of the following components are related to the SSL protocols: (MTOA)
Record protocol.
Handshake protocol.
Information Specifications protocol.
Alert Protocol.
Record protocol
Handshake protocol
Alert Protocol
cipher_suite is a list of cryptographic algorithms supported by …………
the server machine
the server web browser
the client application
the client web browser
the client web browser
Client will send to server a list of what they support, server decides what to use based on what the client has
………is designed to replace the TELNET and rlogin remote facility.
PUTTY
SSL
SSH
FTPS
SSH
………is a combination of encryption and decryption methods. As an example for it the ……………
Cryptography, Ultra Gridsec
Digital Enveloping, Ultra Gridsec
Cryptosystem, PGP
Cryptography, Kerberos
Cryptosystem, PGP
Cryptosystem is encryption and decryption
……… is the combination of public key and private key encryption algorithms.
Digital Enveloping
Cryptosystem
Cryptography
Cryptanalysis
Digital Enveloping
Among the common types of the digital certificate are ………………… (MTOA)
1) data certificate.
2) developer certificate.
3) personal certificate.
4) Professional certificate.
Developer certificate
Personal certificate
Using a digital signature during an online transaction is a form of:
One way encryption.
Availability.
Confidentiality.
Non-repudiation.
Non-repudiation
Assuring that digital was signed and can’t deny transaction
Failed sessions allow MITM attacks on access credentials. This type of attacks are done in which layer of the OSI model?
A) Physical layer
B) Data-link Layer
C) Transport layer
D) Presentation layer
Transport Layer
Which of the following is not a vulnerability of the application layer?
A) Application design bugs may bypass security controls.
B) Inadequate security controls force “all-or-nothing” approach.
C) Logical bugs in programs may be by chance or on purpose be used for crashing programs.
D) Overloading of handshaking mechanism.
Overloading of handshaking mechanism
Which of the following is an example of application layer vulnerability?
A) Cryptographic flaws lead to the privacy issue
B) Very complex application security controls
C) MAC Address Spoofing
D) Weak or non-existent authentication
Very complex application security controls
When integrity is lacking in a security system, _________ occurs.
a) Database hacking
b) Data overloading
c) Data tampering
d) Data leakage
Data tampering
In the Handshaking method, the field Cipher contains fields like ………..
A) The Cipher Algorithm, the transport protocol, and Private-key algorithm.
B) The cipher algorithm, the MAC algorithm , and Public-key algorithm.
C) The MAC Address , the Cipher algorithm, the transport protocol.
D) The nonce, cnonce, and the cipher algorithm.
The cipher algorithm, the MAC algorithm , and Public-key algorithm.
Digital certificate is an electronic documents which plays an important part in………
a) the public key infrastructure (PKI).
b) the digital enveloping mechanism.
c) MAC Spoofing.
d) data leakage.
PKI
The SSL Alert Protocol is used for ………..
Notify the sender that size of transmitted data is large.
Report errors such as unexpected message or bad record MAC
Notify the initiation of a new TCP connection.
None of the above.
Report errors such as unexpected message or bad record MAC
Certificate Signing Request or CSR is encoded information that is used by ………… to issue ……….. to the applicant.
a) Certifying authority (CA), an SSL certificate.
b) Certifying authority (CA), a TLS certificate.
c) an authority, a SSH certificate.
d) an authority, a CSR certificate.
Certifying authority (CA), an SSL certificate.
The SSH Provides various services such as ……... a) The private key exchange. b) The cryptosystem mechanism. c) SFTP and Port Forwarding (Tunneling). d) FTP and UDP data transmission.
SFTP and Port Forwarding (Tunneling).
SSL used ……….to encrypt data between browser and web server. In contrast, ……… is used to exchange generated encryption keys, which validates the client and server’s identity.
a) symmetric encryption , asymmetric encryption.
b) Certifying authority (CA), asymmetric encryption.
c) asymmetric encryption , symmetric encryption.
d) SSH, symmetric encryption.
symmetric encryption , asymmetric encryption.
SSL/TLS layer provides ………. while data is transmitting from source to destination.
………
a) key exchange and data integrity.
b) confidentiality and integrity.
c) Port Forwarding and confidentiality.
d) UDP data transmission and confidentiality.
confidentiality and integrity
