Computer Security Introduction

Questions and Answers

What does computer security refer to?

• Preventing unauthorized access to computers and their data (correct)
• Enhancing the speed of computers
• Developing new computer software
• Protecting computers from viruses only

Why is computer security important?

• To increase vulnerability to viruses
• To slow down technological advancements
• To protect systems from risks like hacking and information theft (correct)
• To enhance cyber attacks

What type of attacks happen when a system is connected to the Internet?

• Biological attacks
• Cyber attacks (correct)
• Physical attacks
• Chemical attacks

Which type of security involves protecting a system's information from theft and piracy?

Information Security (C)

What risk does the text NOT associate with the Internet?

Physical damage to computers (C)

Who are trying to harm computer security for various purposes according to the text?

Invaders, hackers, and thieves (A)

What is the main objective of information security?

Confidentiality (A)

What does application security aim to protect?

Applications and data from hacking (A)

Why is network security important?

To prevent data breaches and cyber attacks (B)

Which security approach aims at creating software without bugs?

Security by Correctness (A)

What is a common method used in network security to protect against malware and cyber attacks?

Distributed Denial of Service (DDoS) (C)

Which aspect of security aims to deter criminal activities by providing a sense of safety?

Physical Security Measures (C)

Why is it challenging to achieve 'Security by Correctness' in software development?

Inability to write bug-free code (A)

Which type of attack involves intercepting and altering data packets traveling over a network?

Man-in-the-Middle Attack (C)

What is the primary purpose of network security?

Protecting sensitive data from cyber attacks (C)

In what way do physical security measures contribute to overall security?

Deterring criminal activities (C)

What is one of the main challenges of implementing Security by Isolation according to the text?

Partitioning the system into meaningful pieces (B)

Which characteristic describes monolithic kernels mentioned in the text?

Prone to allowing bypass of isolation mechanisms due to bugs (A)

What technology is suggested in the text as a potential solution to the challenges of using monolithic kernels?

Micro-kernels (D)

Which approach aims to make system exploitation very hard for attackers rather than removing all bugs?

Security by Obscurity (A)

Why do some industry experts prefer monolithic kernels over micro-kernels according to the text?

Micro-kernels are harder to implement (C)

Which mechanism aims to make exploitation of bugs difficult by randomizing memory addresses?

Address Space Layout Randomization (ASLR) (B)

Why does Security by Obscurity not prevent all types of attacks effectively according to the text?

"Obfuscated" code is still prone to exploitation (B)

"Thin bare-metal hypervisors, like Xen, can act as micro-kernels by ____________.

increasing driver domains (C)

What is the main focus of Security by Isolation according to the text?

Segregating components and preventing their interference (D)

What does confidentiality refer to in the context of information security?

Restricting information to specific individuals or locations (A)

Which term refers to ensuring data remains accurate and consistent throughout its life cycle?

Data integrity (A)

What is the main purpose of authentication in information security?

Verifying a user's identity (D)

In cryptography, what does ciphertext refer to?

Encrypted text derived from plaintext (A)

Why is plaintext protection important in cryptography?

To avoid disclosing sensitive information if stolen or disclosed (C)

What type of attack involves an attacker having both the plaintext and its encrypted form?

Known-plaintext attack (B)

Which action can help avoid revealing plaintext passwords in application configuration files?

Protecting passwords with a secure hash function (D)

What is the main objective of non-repudiation in information security?

Verifying the authenticity of signatures and messages (D)

Why is it important to protect plaintext stored in computer files?

To prevent unauthorized disclosure if stolen or disclosed (A)

What happens during a known-plaintext attack in cryptanalysis?

The attacker knows both the plaintext and its encrypted form (B)

What is the main goal of a passive attack?

To obtain unauthorized access to information (C)

Which ethical issue in the security system deals with the individual's right to access personal information?

Privacy (A)

What is the hierarchy of regulatory bodies that govern the legality of information security?

International, Federal, State, Organization (A)

What does Cryptography mainly focus on?

Developing and analyzing protocols for secure communication (C)

Which type of attack involves changing information by conducting processes on it?

Active Attack (A)

What is the purpose of Cryptography in information security?

To ensure data integrity and authentication (C)

What does the confidentiality principle of security state?

Both the intended sender and receiver should access the message (A)

Which attack can occur if proper authentication mechanisms are absent?

Fabrication attack (B)

What is compromised if a message's content changes during transmission without the knowledge of the sender or receiver?

Integrity (A)

Which principle of security ensures that a sender cannot deny sending a message?

Non-repudiation (C)

What does the access control principle of security focus on?

Specifying who can access what functions (C)

In the context of security principles, what does availability refer to?

Ensuring resources are available to authorized persons at all times (B)

Which security principle establishes proof of identity in electronic messages?

Authentication (D)

If an unauthorized user accesses a confidential message, what security principle fails?

Authentication (C)

What does a substitution cipher do?

Replaces characters with different characters or symbols (B)

What is the main purpose of encryption in data transmission?

To prevent data theft and loss (B)

In a transposition cipher, what happens to the position of characters?

They are shifted in a predictable way (D)

In symmetric key cryptography, what role does the individual key play?

It is used for both encryption and decryption (A)

What is the primary function of decryption?

To convert cipher text to plain text (B)

What is the encryption method in a Rail Fence cipher?

Writing characters on imaginary rails (B)

What differentiates stream ciphers from block ciphers?

Stream ciphers encrypt data in real-time (D)

How does a substitution cipher differ from a transposition cipher?

Character identity remains the same in a substitution cipher (C)

In which type of cipher is the character position changed but the character identity remains the same?

Key-less transposition cipher (D)

Why does encryption not prevent interference in itself?

Because it does not hide the information being transmitted (D)

Which major difference between encryption and decryption is highlighted in the text?

Decryption happens at the sender's end (D)

What is the primary challenge associated with basic substitution ciphers?

Complexity in decrypting using personal computers (B)

'Sensitive data is transmitted in an encrypted form' primarily aims to achieve what goal?

Protect the data during transmission (D)

How do transposition ciphers differ from substitution ciphers in terms of detection?

'Changing character identity' makes substitution ciphers easier to detect (C)

'An authorized recipient can easily decrypt the message with the key provided by the originator' indicates what crucial aspect of decryption?

The need for a secret key or password for decryption (C)

What type of encryption may utilize an extensive text set and clever substitution, as mentioned?

'Current encryption' (C)

What is an example of a simple substitution cipher?

Good Dog -> Pllx Xlp (A)

What characteristic differentiates symmetric key cryptography from other encryption methods?

It uses different keys for encryption and decryption. (D)

What is the primary reason why block ciphers divide data into larger chunks before encryption?

To provide efficient protection during data storage and transmission (B)

What is the main purpose of a Rail Fence cipher?

To shift characters in a predictable way (D)

Flashcards are hidden until you start studying