Guide to Network Defense and Countermeasures 3rd Edition by Randy Weaver – Test Bank

$20.00

Pay And Download

 

Complete Test Bank With Answers

 

 

 

Sample Questions Posted Below

 

 

 

 

 

Chapter 5 – Cryptography

 

TRUE/FALSE

 

  1. Encrypted files can be transmitted in both electronic form and as written messages.

 

ANS:  T                    PTS:   1                    REF:   158

 

  1. A hash value is a variable-length string of symbols and numbers representing the original input’s contents.

 

ANS:  F                    PTS:   1                    REF:   162

 

  1. The standardization of cryptographic protocols discourages attackers from trying to break them.

 

ANS:  F                    PTS:   1                    REF:   173

 

  1. Because IPsec Security Associations are bidirectional, only one need be established between two parties.

 

ANS:  F                    PTS:   1                    REF:   176

 

  1. In a passive attack, cryptanalysts eavesdrop on transmissions but don’t interact with parties exchanging information.

 

ANS:  T                    PTS:   1                    REF:   180

 

MULTIPLE CHOICE

 

  1. Which of the following is NOT a critical goal of information security?
a. confidentiality c. authentication
b. scalability d. nonrepudiation

 

 

ANS:  B                    PTS:   1                    REF:   158

 

  1. Which of the following is true about cryptographic primitives?
a. each performs several tasks c. primitives are usually not the source of security failures
b. a single primitive makes up an entire cryptographic protocol d. a primitive that provides confidentiality usually also provides authentication

 

 

ANS:  C                    PTS:   1                    REF:   159

 

  1. Which type of function is used in cryptography?
a. Not AND c. NOR
b. permutation d. X-box

 

 

ANS:  B                    PTS:   1                    REF:   160

 

  1. Which of the following best describes a one-way function?
a. a bit string that prevents generation of the same ciphertext c. generates secret keys from a secret value
b. random bits used as input for key derivation functions d. easy to compute but difficult and time consuming to reverse

 

 

ANS:  D                    PTS:   1                    REF:   160-161

 

  1. Which of the following is true about PRNGs?
a. they are not completely random c. the shorter the state, the longer the period
b. their state is measured in bytes d. they can never produce the same value

 

 

ANS:  A                    PTS:   1                    REF:   162

 

  1. Which of the following is commonly used for verifying message integrity?
a. registration authority c. pseudorandom number generator
b. CRL d. hashing function

 

 

ANS:  D                    PTS:   1                    REF:   162

 

  1. Which of the following is true about encryption algorithms?
a. their strength is tied to their key length c. block ciphers encrypt one bit at a time
b. not vulnerable to brute force attacks d. asymmetric algorithms use a single key

 

 

ANS:  A                    PTS:   1                    REF:   163

 

  1. Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions?
a. Twofish c. Blowfish
b. RC4 d. Rijndael

 

 

ANS:  C                    PTS:   1                    REF:   164

 

  1. Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs?
a. RSA c. RC4
b. Message Digest 5 d. Twofish

 

 

ANS:  B                    PTS:   1                    REF:   166

 

  1. Which of the following is true about Message Authentication Code.
a. it uses asymmetric encryption c. is uses PKI and certificates
b. the key is sent to the receiver securely d. it uses a private and public key

 

 

ANS:  B                    PTS:   1                    REF:   167

 

  1. Which of the following is the first step in the digital signature process where Mike sends a message to Sophie?
a. a message digest of Mike’s message is calculated using a hashing algorithm c. Sophie encrypts Mike’s message with Mike’s public key
b. Sophie compares the message digest she calculated to Mikes’s message d. the message digest is encrypted by Mike’s private key

 

 

ANS:  A                    PTS:   1                    REF:   168-169

 

  1. What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation?
a. the use of the sender’s private key c. the source of the public keys
b. the hashing algorithm used to generate a message digest d. the integrity of the private keys

 

 

ANS:  C                    PTS:   1                    REF:   169

 

  1. Which of the following is true about asymmetric cryptography?
a. the private key can be used to encrypt and decrypt a message c. a single key is used and is transferred using a key management system
b. a shared key is used to encrypt all messages and the private key decrypts them d. the public key is used to encrypt a message sent to the private key owner

 

 

ANS:  D                    PTS:   1                    REF:   170

 

  1. Which of the following best describes a CRL?
a. a published listing of invalid certificates c. a file that contains information about the user and public key
b. serve as a front end to users for revoking certificates d. keeps track of issued credentials and manages revocation of certificates

 

 

ANS:  A                    PTS:   1                    REF:   171

 

  1. Which of the following is a current standard for PKI that specifies a strict hierarchical system for CAs issuing certificates?
a. PKCS #2 c. DES
b. X.509 d. SHA-1

 

 

ANS:  B                    PTS:   1                    REF:   173-174

 

  1. What is a downside to using Triple DES?
a. uses only a 56-bit key c. using three keys decreases security
b. goes through three rounds of encryption d. requires more processing time

 

 

ANS:  D                    PTS:   1                    REF:   174

 

  1. Which of the following was developed as a way of enabling Web servers and browsers to exchange encrypted information and uses a hashed message authentication code to increase security?
a. SSH c. TLS
b. SSL d. IPsec

 

 

ANS:  C                    PTS:   1                    REF:   175

 

  1. At which layer of the OSI model does IPsec work?
a. Two c. Four
b. Three d. Six

 

 

ANS:  B                    PTS:   1                    REF:   175

 

  1. Which component of IPsec enables computers to exchange keys to make an SA?
a. IKE c. Oakley
b. ISAKMP d. IPsec driver

 

 

ANS:  A                    PTS:   1                    REF:   176

 

  1. Which of the following is a type of cryptanalysis that applies primarily to block ciphers but can also be used against stream ciphers and hashing functions and works by examining how differences in input affect the output?
a. integral c. related key
b. differential d. XSL

 

 

ANS:  B                    PTS:   1                    REF:   182

 

COMPLETION

 

  1. ______________________ is achieved when neither party can plausibly deny its participation in message exchanges.

 

ANS:  Nonrepudiation

 

PTS:   1                    REF:   158

 

  1. A ______________ value is a fixed-size string representing the original input’s contents.

 

ANS:  hash

 

PTS:   1                    REF:   162

 

  1. A ________________ occurs when computing the MD5 algorithm with two different initialization vectors produces the same hash value.

 

ANS:  collision

 

PTS:   1                    REF:   165

 

  1. Digital ____________________ security vulnerabilities are mostly associated with the IT infrastructure required to support interoperability.

 

ANS:  signature

 

PTS:   1                    REF:   169

 

  1. ______________ cryptanalysis is applicable to block ciphers that use a substitution-permutation network including Rijndael, Twofish, and IDEA.

 

ANS:  Integral

 

PTS:   1                    REF:   182

 

MATCHING

 

 

a. AES f. XOR function
b. block cipher g. IPsec
c. ciphertext h. key management
d. cryptanalysis i. plaintext
e. DES j. stream cipher

 

 

  1. the study of breaking encryption methods

 

  1. unreadable text, programs that do not execute, and graphics you cannot view

 

  1. A set of standard procedures that the Internet Engineering Task Force (IETF) developed for enabling secure communication on the Internet

 

  1. a type of encryption algorithm that encrypts one bit at a time

 

  1. the current U.S. government standard for cryptographic protocols

 

  1. readable text, programs that execute, and graphics you can view

 

  1. an older protocol composed of a 16-round Feistel network with XOR functions, permutation functions, 64 S-box functions, and fixed key schedules

 

  1. a way to prevent keys from being discovered and used to decipher encrypted messages

 

  1. a cryptographic primitive based on binary bit logic and used as a linear mixing function, combining values for use in further computations

 

  1. a type of encryption algorithm that encrypts groups of cleartext characters

 

  1. ANS:  D                    PTS:   1                    REF:   184,179

 

  1. ANS:  C                    PTS:   1                    REF:   184,158

 

  1. ANS:  G                    PTS:   1                    REF:   184,175

 

  1. ANS:  J                     PTS:   1                    REF:   185,163

 

  1. ANS:  A                    PTS:   1                    REF:   184,174

 

  1. ANS:  I                     PTS:   1                    REF:   185,158

 

  1. ANS:  E                    PTS:   1                    REF:   184,173

 

  1. ANS:  H                    PTS:   1                    REF:   185,169

 

  1. ANS:  F                    PTS:   1                    REF:   184,159

 

  1. ANS:  B                    PTS:   1                    REF:   184,163

 

SHORT ANSWER

 

  1. Describe the exclusive OR function.

 

ANS:

The exclusive OR (XOR) function is used in cryptography as a linear mixing function to combine values. For example, the output of other primitive ciphers can be combined with an XOR function to produce a pseudorandom value on which another cipher performs additional operations. An XOR function is based on binary bit logic and results in a logical value of true if only one of the operands has a value of true. So, for example, if x and y are the same (both true or both false), the XOR output is 0 (false). If x and y are different, the XOR output is 1 (true).

 

PTS:   1                    REF:   159

 

  1. What is a Feistel network and what is its purpose?

 

ANS:

A Feistel network is a symmetric block cipher that is the basis of several symmetric encryption algorithms. A Feistel network’s purpose is to obscure the relationship between ciphertext and keys (a shortcoming of symmetric algorithms).

 

PTS:   1                    REF:   160

 

  1. What does a key derivation do?

 

ANS:

A key derivation function generates secret keys from a secret value (usually a randomly generated value) and another piece of information such as a password.

 

PTS:   1                    REF:   161

 

  1. What is a hash value and how does it verify message integrity?

 

ANS:

A hash value is a fixed-size string representing the original input’s contents. If the input changes in any way, even by adding a period at the end of a sentence, the resulting output

has a different hash value.

 

PTS:   1                    REF:   162

 

  1. How does the key size affect the strength of an encryption algorithm?

 

ANS:

An encryption algorithm’s strength is often tied to its key length. The longer the key, the harder it is to break the encryption. Longer keys offer more protection against brute-force attacks, in which every possible key is tried to decrypt a message.

 

PTS:   1                    REF:   163

 

  1. Compare and contrast block cipher with stream cipher.

 

ANS:

The two major types of encryption algorithms are block ciphers and stream ciphers. A block cipher encrypts groups of text at a time. For example, a block cipher encrypts the whole word cat instead of encrypting each letter.  A stream cipher encrypts cleartext one bit at a time to produce a stream of encrypted ciphertext, so the letters c, a, and t in cat are encrypted separately.

 

PTS:   1                    REF:   163

 

  1. How does an asymmetric algorithm differ from a symmetric algorithm?

 

ANS:

Symmetric algorithms use the same key to encrypt and decrypt a message.  Asymmetric algorithms use a specially generated key pair. One key encrypts cleartext into ciphertext, and the other key decrypts ciphertext into cleartext. Either of the generated pair can be used to encrypt, but the other key must be used to decrypt. Asymmetric encryption and decryption are about 10,000 times slower than symmetric encryption.

 

PTS:   1                    REF:   163

 

  1. What three conditions must be true to make a hashing algorithm secure?

 

ANS:

  1. No hash should be usable to determine the original input. 2. No hashing algorithm should

be run on the same input and produce different hashes.  3. A hashing algorithm should not be

run on two different inputs and produce the same hash (collision).

 

PTS:   1                    REF:   165

 

  1. What is a MAC tag and how does it work?

 

ANS:

Message Authentication Code (MAC), also known as Message Integrity Check (MIC), uses a shared secret key that is agreed on by the sender and receiver in the verification process to

generate a MAC tag for a message. A MAC tag is like an enhanced message digest. The shared secret key adds a measure of security to the hashing algorithm.  The message and MAC tag are sent to the receiver. The key is also sent to the receiver securely; this key is usually sent separately from the message. The receiver goes through the same process of using the transmitted message and key to generate a MAC tag, and compares this tag with the one received in the message to confirm the message’s integrity and authenticity. The verification process is protected by secure communication of the key, which ensures that the sender and receiver generate the same MAC tag from the message.

 

PTS:   1                    REF:   167

 

  1. What is a digital signature and for what purpose is one used?

 

ANS:

A digital signature is a method of verifying nonrepudiation and integrity in messages.  Digital signatures use hashing algorithms with asymmetric encryption.

 

PTS:   1                    REF:   168

There are no reviews yet.

Add a review

Be the first to review “Guide to Network Defense and Countermeasures 3rd Edition by Randy Weaver – Test Bank”

Your email address will not be published. Required fields are marked *

Category:
Updating…
  • No products in the cart.