Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security
Uploaded by aosteven

Exam 1 Sample

advertisement 
The exam is open notes, open book, and open Internet. You have only one attempt of
90 minutes to complete the exam once you begin. The Exam will save and submit
automatically when time expires.
•
•
•
•
Questions 1-15 - True/False Questions - 22.5% (each question is 1.5 point)
Questions 16-30 - Multiple Choice Questions - 22.5% (each question is 1.5 point)
Questions 31-42 - Short Answer/Fill in Blank Questions - 30% (each question is 2.5 point)
Questions 43 (10 point) & 45 (15 point) - Essay Questions - 25% Sample Questions
True/False
With the introduction of the computer the need for automated tools for protecting files and other information
stored on the computer became evident.
There are clear boundaries between network security and internet security.
The CIA triad embodies the fundamental security objectives for both data and for information and computing
services.
In developing a particular security mechanism or algorithm one must always consider potential attacks on
those security features.
A loss of confidentiality is the unauthorized modification or destruction of information.
Patient allergy information is an example of an asset with a moderate requirement for integrity.
AES uses a Feistel structure.
The Feistel structure is a particular example of the more general structure used by all symmetric block
ciphers.
The essence of a symmetric block cipher is that a single round offers inadequate security but that multiple
rounds offer increasing security.
In the ECB mode of encryption if an attacker reorders the blocks of ciphertext then each block will still
decrypt successfully, however, the reordering may alter the meaning of the overall data sequence.
…….......
Multiple Choice
__________ is a procedure that allows communicating parties to verify that received messages are authentic.
Message authentication
ECB
Passive attack
Encryption
Public key cryptography is __________ .
asymmetric
symmetric
bit patterned
one key
The most important hash function is ________ .
SHA
MAC
OWH
ECB
A symmetric encryption scheme has _________ ingredients
five
three
six
four
A symmetric block cipher processes _________ of data at a time.
one block
two blocks
four blocks
three blocks
The _________ key size is used with the Data Encryption Standard algorithm.
56 bit
128 bit
168 bit
32 bit
..................
Fill in the Blanks
__________ prevents either sender or receiver from denying a transmitted message; when a message is sent the
receiver can prove that the alleged sender in fact sent the message and when a message is received the sender
can prove that the alleged receiver in fact received the message.
A __________ attack attempts to learn or make use of information from the system but does not affect system
resources.
In the context of network security, _________ is the ability to limit and control the access to host systems and
applications via communications links.
__________ prevents either sender or receiver from denying a transmitted message; when a message is sent the
receiver can prove that the alleged sender in fact sent the message and when a message is received the sender
can prove that the alleged receiver in fact received the message.
__________ is a stream cipher used in the Secure Sockets Layer/Transport Layer Security standards that have
been defined for communication between Web browsers and servers and is also used in WEP and WPA
protocols.
The _________ algorithm takes the ciphertext and the same secret key and produces the original plaintext.
A _________ cipher processes the plaintext input in fixed sized blocks and produces a block of ciphertext of
equal size for each plaintext block.
The three most important symmetric block ciphers are: triple DES (3DES), the Advanced Encryption
Standard (AES), and the ___________ .
The _________ was developed by NIST and published as a federal information processing standard in 1993.
A _________ is when two sides cooperate to exchange a session key.
Like the MAC, a __________ accepts a variable size message M as input and produces a fixed size message
digest H(M) as output. Unlike the MAC, it does not take a secret key as input.
The __________ algorithm accepts the ciphertext and the matching key and produces the original plaintext
Essay:
Sensor X periodically sends a 32-octet measurement to a receiver Y (1 octet = 8 bits). One day the administrator
decides that X should protect the measurement data by adding a MAC obtained using DES in CBC mode (in the
standard way). How many octets does X now send for each measurement? Explain your answer.
Answer: Omitted.
Consider Alice sending Bob a cipher message C1 with plaintext M1. Message is encrypted using AES in
Counter mode (CRT Mode), i.e.,
Kj = E(K, Tj)
Cj = Mj ⊕ Kj
where 'K' is the encryption key, 'Tj' is a counter (nonce) corresponding to block j, 'Mj' is the plaintext
block j, and 'Cj' is the ciphertext corresponding to 'Mj'.
a. An adversary Charlie can intercept and change messages. Assume Charlie somehow knows
plaintext M1 for a particular ciphered message m = C1. Explain how he can modify the message as
M1’ to fool Bob (Bob receives C1’ as the ciphertext of M1’).
Answer: C1 ⊕ M1 ⊕ M1’ = M1 ⊕ K1 ⊕ M1 ⊕ M1’ = K1 ⊕ M1’. (Need to explain to earn credits)
b. Are there any way to prevent Charlie from doing this?
Answer: Omitted. Think by yourself.
Related documents
Hwk #11
Hwk #11
midterm questions
midterm questions
CIS 3362 Homework #1 Chapter 2: Monoalphabetic Ciphers Due: Tuesday, 9/5/06
CIS 3362 Homework #1 Chapter 2: Monoalphabetic Ciphers Due: Tuesday, 9/5/06
Download
advertisement