Network Security Essentials Applications and Standards 4e ALL Tests Solutions

Exam
Name___________________________________
TRUE/FALSE. Write 'T' if the statement is true and 'F' if the statement is false.
1) With the introduction of the computer the need for automated tools for protecting files and other
1)
information stored on the computer became evident.
2) There is a natural tendency on the part of users and system managers to perceive little benefit from
2)
security investment until a security failure occurs.
3) There are clear boundaries between network security and internet security.
3)
4) The CIA triad embodies the fundamental security objectives for both data and for information and
4)
computing services.
5) In developing a particular security mechanism or algorithm one must always consider potential
5)
attacks on those security features.
6) A loss of confidentiality is the unauthorized modification or destruction of information.
6)
7) Patient allergy information is an example of an asset with a moderate requirement for integrity.
7)
8) The more critical a component or service, the higher the level of availability required.
8)
9) Data origin authentication provides protection against the duplication or modification of data
9)
units.
10) The emphasis in dealing with passive attacks is on prevention rather than detection.
10)
11) Data integrity is the protection of data from unauthorized disclosure.
11)
12) Information access threats exploit service flaws in computers to inhibit use by legitimate users.
12)
13) Viruses and worms are two examples of software attacks.
13)
14) A connection-oriented integrity service deals with individual messages without regard to any
14)
larger context and generally provides protection against message modification only.
15) Pervasive security mechanisms are not specific to any particular OSI security service or protocol
15)
layer.
MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.
16) _________ security consists of measures to deter, prevent, detect, and correct security violations
16)
that involve the transmission of information.
A) Internet
B) Computer
C) Network
D) Intranet
1

---

17) Verifying that users are who they say they are and that each input arriving at the system came from
17)
a trusted source is _________ .
A) accountability
B) authenticity
C) integrity
D) confidentiality
18) __________ assures that systems work promptly and service is not denied to authorized users.
18)
A) Availability
B) Integrity
C) System integrity
D) Data confidentiality
19) __________ assures that a system performs its intended function in an unimpaired manner, free
19)
from deliberate or inadvertent unauthorized manipulation of the system.
A) System integrity
B) Availability
C) Data confidentiality
D) Privacy
20) The security goal that generates the requirement for actions of an entity to be traced uniquely to that
20)
entity is _________ .
A) authenticity
B) privacy
C) accountability
D) integrity
21) __________ attacks attempt to alter system resources or affect their operation.
21)
A) Active
B) Release of message content
C) Traffic analysis
D) Passive
22) A __________ takes place when one entity pretends to be a different entity.
22)
A) masquerade
B) passive attack
C) replay
D) modification of message
23) X.800 defines _________ as a service that is provided by a protocol layer of communicating open
23)
systems and that ensures adequate security of the systems or of data transfers.
A) integrity
B) security service
C) replay
D) authenticity
24) _________ is a professional membership society with worldwide organizational and individual
24)
membership that provides leadership in addressing issues that confront the future of the Internet
and is the organization home for the groups responsible for Internet infrastructure standards,
including the IETF and the IAB.
A) ITU-T
B) ISOC
C) ISO
D) FIPS
25) The protection of data from unauthorized disclosure is _________ .
25)
A) nonrepudiation
B) data confidentiality
C) access control
D) authentication
26) __________ is a U.S. federal agency that deals with measurement science, standards, and
26)
technology related to U.S. government use and to the promotion of U.S. private sector innovation.
A) NIST
B) ISO
C) ITU-T
D) ISOC
27) The prevention of unauthorized use of a resource is __________ .
27)
A) data confidentiality
B) authentication
C) access control
D) nonrepudiation
28) The __________ service addresses the security concerns raised by denial-of-service attacks.
28)
A) routing control
B) availability
C) event detection
D) integrity
2

---

29) _________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
29)
A) Routing control
B) Traffic padding
C) Authentication exchange
D) Notarization
30) _________ is a variety of mechanisms used to assure the integrity of a data unit or stream of data
30)
units.
A) Data integrity
B) Authentication exchange
C) Event detection
D) Trusted functionality
SHORT ANSWER. Write the word or phrase that best completes each statement or answers the question.
31) _________ is defined as "the protection afforded to an automated information system in
31)
order to attain
the applicable objectives of preserving the integrity, availability, and confidentiality of
information system resources".
32) Three key objectives that are at the heart of computer security are: confidentiality,
32)
availability, and _________ .
33) An intelligent act that is a deliberate attempt to evade security services and violate the
33)
security policy of a system is an __________ .
34) A loss of _________ is the disruption of access to or use of information or an information
34)
system.
35) __________ is the use of mathematical algorithms to transform data into a form that is not
35)
readily intelligible, in which the transformation and subsequent recovery of the data
depend on an algorithm and zero or more encryption keys.
36) Student grade information is an asset whose confidentiality is considered to be highly
36)
important by students and, in the United States, the release of such information is
regulated by the __________.
37) A possible danger that might exploit a vulnerability, a _________ is a potential for
37)
violation of security which exists when there is a circumstance, capability, action, or event
that could breach security and cause harm.
38) A __________ attack attempts to learn or make use of information from the system but does
38)
not affect system resources.
39) The common technique for masking contents of messages or other information traffic so
39)
that opponents, even if they captured the message, could not extract the information from
the message is _________ .
40) Active attacks can be subdivided into four categories: replay, modification of messages,
40)
denial of service, and __________ .
41) X.800 divides security services into five categories: authentication, access control,
41)
nonrepudiation, data integrity and __________ .
3

---

42) In the context of network security, _________ is the ability to limit and control the access to
42)
host systems and applications via communications links.
43) The __________ is a worldwide federation of national standards bodies that promote the
43)
development of standardization and related activities with a view to facilitating the
international exchange of goods and services and to developing cooperation in the spheres
of intellectual, scientific, technological, and economic activity.
44) __________ prevents either sender or receiver from denying a transmitted message; when a
44)
message is sent the receiver can prove that the alleged sender in fact sent the message and
when a message is received the sender can prove that the alleged receiver in fact received
the message.
45) A __________ is data appended to, or a cryptographic transformation of, a data unit that
45)
allows a recipient of the data unit to prove the source and integrity of the data unit and
protect against forgery.
TRUE/FALSE. Write 'T' if the statement is true and 'F' if the statement is false.
46) Public-key encryption is also referred to as conventional encryption, secret-key, or single-key
46)
encryption.
47) The advantage of a block cipher is that you can reuse keys.
47)
48) Ciphertext is the scrambled message produced as output.
48)
49) The security of symmetric encryption depends on the secrecy of the algorithm, not the secrecy of
49)
the key.
50) The ciphertext-only attack is the easiest to defend against because the opponent has the least
50)
amount of information to work with.
51) The Feistel structure is a particular example of the more general structure used by all symmetric
51)
block ciphers.
52) Smaller block sizes mean greater security but reduced encryption/decryption speed.
52)
53) The essence of a symmetric block cipher is that a single round offers inadequate security but that
53)
multiple rounds offer increasing security.
54) Triple DES was first standardized for use in financial applications in ANSI standard X9.17 in 1985.
54)
55) The most commonly used symmetric encryption algorithms are stream ciphers.
55)
56) The principal drawback of 3DES is that the algorithm is relatively sluggish in software.
56)
57) AES uses a Feistel structure.
57)
4

---

58) Random numbers play an important role in the use of encryption for various network security
58)
applications.
59) The primary advantage of a stream cipher is that stream ciphers are almost always faster and use
59)
far less code than do block ciphers.
60) One desirable property of a stream cipher is that the ciphertext be longer in length than the
60)
plaintext.
MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.
61) A symmetric encryption scheme has _________ ingredients.
61)
A) four
B) five
C) three
D) six
62) _________ is the original message or data that is fed into the algorithm as input.
62)
A) DES
B) Ciphertext
C) Encryption key
D) Plaintext
63) _________ mode requires only the implementation of the encryption algorithm and not the
63)
decryption algorithm.
A) CTR
B) CBC
C) DKS
D) ECB
64) A __________ processes the input elements continuously, producing output one element at a time,
64)
as it goes along.
A) keystream
B) stream cipher
C) cryptanalysis
D) block cipher
65) If both sender and receiver use the same key the system is referred to as _________ encryption.
65)
A) symmetric
B) public-key
C) asymmetric
D) two-key
66) If the sender and receiver each use a different key the system is referred to as __________
66)
encryption.
A) secret-key
B) asymmetric
C) conventional
D) single-key
67) A _________ approach involves trying every possible key until an intelligible translation of the
67)
ciphertext into plaintext is obtained.
A) brute-force
B) triple DES
C) block cipher
D) computational
68) With the ________ mode if there is an error in a block of the transmitted ciphertext only the
68)
corresponding plaintext block is affected.
A) ECB
B) CTS
C) CBC
D) TSR
69) The most common key length in modern algorithms is ________ .
69)
A) 128 bits
B) 32 bits
C) 256 bits
D) 64 bits
70) A ________ takes as input a source that is effectively random and is often referred to as an entropy
70)
source.
A) PSRN
B) PRNG
C) TRNG
D) PRF
71) A symmetric block cipher processes _________ of data at a time.
71)
A) four blocks
B) one block
C) two blocks
D) three blocks
5

---

72) In _________ mode a counter equal to the plaintext block size is used.
72)
A) CBC
B) ECB
C) CFB
D) CTR
73) The _________ algorithm performs various substitutions and transformations on the plaintext.
73)
A) codebook
B) cipher
C) keystream
D) encryption
74) If the analyst is able to get the source system to insert into the system a message chosen by the
74)
analyst, a _________ attack is possible.
A) known plaintext
B) ciphertext only
C) chosen ciphertext
D) chosen plaintext
75) The _________ key size is used with the Data Encryption Standard algorithm.
75)
A) 128 bit
B) 56 bit
C) 32 bit
D) 168 bit
SHORT ANSWER. Write the word or phrase that best completes each statement or answers the question.
76) The _________ algorithm takes the ciphertext and the same secret key and produces the
76)
original plaintext.
77) A _________ cipher processes the plaintext input in fixed sized blocks and produces a
77)
block of ciphertext of equal size for each plaintext block.
78) With the use of symmetric encryption, the principal security problem is maintaining the
78)
secrecy of the _________ .
79) Three broad categories of cryptographic algorithms are commonly used to create PRNGs:
79)
Asymmetric ciphers, Hash functions and message authentication codes, and ___________ .
80) The process of attempting to discover the plaintext or key is known as _________ .
80)
81) An encryption scheme is __________ if the cost of breaking the cipher exceeds the value of
81)
the encrypted information and/or the time required to break the cipher exceeds the useful
lifetime of the information.
82) The three most important symmetric block ciphers are: triple DES (3DES), the Advanced
82)
Encryption Standard (AES), and the ___________ .
83) The ________ source is drawn from the physical environment of the computer and could
83)
include things such as keystroke timing patterns, disk electrical activity, mouse
movements, and instantaneous values of the system clock.
84) A PRNG takes as input a fixed value called the ________ and produces a sequence of
84)
output bits using a deterministic algorithm.
85) __________ is a stream cipher used in the Secure Sockets Layer/Transport Layer Security
85)
standards that have been defined for communication between Web browsers and servers
and is also used in WEP and WPA protocols.
6

---

86) In the _________ mode the input to the encryption algorithm is the XOR of the current
86)
plaintext block and the preceeding ciphertext block; the same key is used for each block.
87) Also referred to as conventional encryption, secret-key, or single-key encryption,
87)
_________ encryption was the only type of encryption in use prior to the development of
public-key encryption in the late 1970's.
88) Two requirements for secure use of symmetric encryption are: sender and receiver must
88)
have obtained copies of the secret key in a secure fashion and a strong __________ is
needed.
89) All encryption algorithms are based on two general principles: _________, in which each
89)
element in the plaintext is mapped into another element, and transposition, in which
elements in the plaintext are rearranged.
90) Many symmetric block encryption algorithms including DES have a structure first
90)
described by _________ of IBM in 1973.
TRUE/FALSE. Write 'T' if the statement is true and 'F' if the statement is false.
91) Public key algorithms are useful in the exchange of conventional encryption keys.
91)
92) Private key encryption is used to produce digital signatures which provide an enhanced form of
92)
message authentication.
93) The strength of a hash function against brute-force attacks depends solely on the length of the hash
93)
code produced by the algorithm.
94) The two important aspects of encryption are to verify that the contents of the message have not
94)
been altered and that the source is authentic.
95) In the ECB mode of encryption if an attacker reorders the blocks of ciphertext then each block will
95)
still decrypt successfully, however, the reordering may alter the meaning of the overall data
sequence.
96) Message encryption alone provides a secure form of authentication.
96)
97) Because of the mathematical properties of the message authentication code function it is less
97)
vulnerable to being broken than encryption.
98) In addition to providing authentication, a message digest also provides data integrity and performs
98)
the same function as a frame check sequence.
99) Cryptographic hash functions generally execute slower in software than conventional encryption
99)
algorithms such as DES.
100) The main advantage of HMAC over other proposed hash based schemes is that HMAC can be
100)
proven secure, provided that the embedded hash function has some reasonable cryptographic
strengths.
7

---

101) Public key algorithms are based on mathematical functions rather than on simple operations on bit
101)
patterns.
102) The private key is known only to its owner.
102)
103) The security of the Diffie-Hellman key exchange lies in the fact that, while it is relatively easy to
103)
calculate exponentials modulo a prime, it is very easy to calculate discrete logarithms.
104) The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not
104)
authenticate the participants.
105) Even in the case of complete encryption there is no protection of confidentiality because any
105)
observer can decrypt the message by using the sender's public key.
MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.
106) ________ protects against passive attack (eavesdropping).
106)
A) SCR
B) Message authentication
C) Encryption
D) Obfuscation
107) The most important hash function is ________ .
107)
A) MAC
B) ECB
C) SHA
D) OWH
108) __________ is a procedure that allows communicating parties to verify that received messages are
108)
authentic.
A) Encryption
B) Message authentication
C) Passive attack
D) ECB
109) If the message includes a _________ the receiver is assured that the message has not been delayed
109)
beyond that normally expected for network transit.
A) shared key
B) timestamp
C) error detection code
D) sequence number
110) The purpose of a ___________ is to produce a "fingerprint" of a file, message, or other block of data.
110)
A) public key
B) message authentication
C) cipher encryption
D) hash function
111) It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). A hash function with
111)
this property is referred to as __________ .
A) collision resistant
B) preimage resistant
C) one-way
D) weak collision resistant
112) "It is easy to generate a code given a message, but virtually impossible to generate a message given
112)
a code" describes the __________ hash function property.
A) collision resistant
B) strong collision resistant
C) preimage resistant
D) second preimage resistant
8

---

113) The __________ property protects against a sophisticated class of attack known as the birthday
113)
attack.
A) collision resistant
B) one-way
C) preimage resistant
D) second preimage resistant
114) Secure Hash Algorithms with hash value lengths of 256, 384, and 512 bits are collectively known as
114)
_________ .
A) SHA-3
B) SHA-1
C) SHA-0
D) SHA-2
115) Public key cryptography is __________ .
115)
A) asymmetric
B) one key
C) symmetric
D) bit patterned
116) The readable message or data that is fed into the algorithm as input is the __________ .
116)
A) encryption algorithm
B) plaintext
C) private key
D) ciphertext
117) The key used in conventional encryption is typically referred to as a _________ key.
117)
A) cipher
B) secret
C) primary
D) secondary
118) The most widely accepted and implemented approach to public-key encryption, _________ is a
118)
block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n.
A) SHA
B) CTR
C) RSA
D) MD5
119) The purpose of the _________ algorithm is to enable two users to exchange a secret key securely
119)
that then can be used for subsequent encryption of messages and depends on the difficulty of
computing discrete logarithms for its effectiveness.
A) DSS
B) Diffie-Hellman
C) Rivest-Adleman
D) RSA
120) Based on the use of a mathematical construct known as the elliptic curve and offering equal
120)
security for a far smaller bit size, __________ has begun to challenge RSA.
A) RIPE-160
B) DSS
C) ECC
D) TCB
SHORT ANSWER. Write the word or phrase that best completes each statement or answers the question.
121) Protection against active attack (falsification of data and transactions) is known as
121)
___________ .
122) The __________ property is the "one-way" property and is important if the authentication
122)
technique involves the use of a secret value.
123) The __________ approach has two advantages: it provides a digital signature as well as
123)
message authentication and it does not require the distribution of keys to communicating
parties.
124) Like the MAC, a __________ accepts a variable size message M as input and produces a
124)
fixed size message digest H(M) as output. Unlike the MAC, it does not take a secret key as
input.
9

---

125) The __________ property guarantees that it is impossible to find an alternative message
125)
with the same hash value as a given message thus preventing forgery when an encrypted
hash code is used.
126) As with symmetric encryption there are two approaches to attacking a secure hash
126)
function: brute-force attack and ___________ .
127) The two most widely used public key algorithms are RSA and _________ .
127)
128) The _________ was developed by NIST and published as a federal information processing
128)
standard in 1993.
129) __________ is a term used to describe encryption systems that simultaneously protect
129)
confidentiality and authenticity (integrity) of communications.
130) The key algorithmic ingredients of __________ are the AES encryption algorithm, the CTR
130)
mode of operation, and the CMAC authentication algorithm.
131) The __________ algorithm accepts the ciphertext and the matching key and produces the
131)
original plaintext.
132) A __________ is when the sender "signs" a message with its private key, which is achieved
132)
by a cryptographic algorithm applied to the message or to a small block of data that is a
function of the message.
133) A _________ is when two sides cooperate to exchange a session key.
133)
134) Using an algorithm that is designed to provide only the digital signature function, the
134)
_________ makes use of the SHA-1 and cannot be used for encryption or key exchange.
135) Bob uses his own private key to encrypt the message. When Alice receives the ciphertext
135)
she finds that she can decrypt it with Bob's public key, thus proving that the message must
have been encrypted by Bob. No one else has Bob's private key and therefore no one else
could have created a ciphertext that could be decrypted with Bob's public key. Therefore
the entire encrypted message serves as a _________ .
TRUE/FALSE. Write 'T' if the statement is true and 'F' if the statement is false.
136) For symmetric encryption to work the two parties to an exchange must share the same key, and
136)
that key must be protected from access by others.
137) It is not necessary for a certification authority to maintain a list of certificates issued by that CA that
137)
were not expired but were revoked.
138) A session key is destroyed at the end of a session.
138)
139) Kerberos relies exclusively on asymmetric encryption and makes use of public key encryption.
139)
10

---