Final Exam Review Questions (Ch5,6,7) PDF
Document Details
Uploaded by Deleted User
202501
Tags
Summary
This document contains a final exam review, focusing on questions covering topics in cryptography such as symmetric and asymmetric key encryption, key distribution, and digital signatures. The exam appears to cover modules 5, 6, and 7.
Full Transcript
Final Exam Review Questions Module (5): 1. A brute-force attack on a MAC is easier than a brute-force attack on a hash function. True False 2. Message authentication is a mechanism or service used to verify the integrity of a message. True False 3. Th...
Final Exam Review Questions Module (5): 1. A brute-force attack on a MAC is easier than a brute-force attack on a hash function. True False 2. Message authentication is a mechanism or service used to verify the integrity of a message. True False 3. The MAC does not provide a digital signature because both sender and receiver share the same key. True False 4. If the calculated frame check sequence is equal to the incoming frame check sequence the message is considered authentic. True False 5. Confidentiality can be provided by performing message encryption __________ the MAC algorithm. before before or after after during 6. One means of forming a MAC is to combine a cryptographic hash function in some fashion with a secret key. True False 7. Message authentication may also verify sequencing and timeliness True False 202501 Final Exam Review Questions 8. A __________ is an algorithm that requires the use of a secret key. DAA SHA GCM MAC 9. An important characteristic of the MAC algorithm is that it needs to be reversible. True False 10. The security of any MAC function based on an embedded hash function depends in some way on the cryptographic strength of the underlying hash function. True False 11. Attacks on MACs can be grouped into two categories: brute-force attacks and _______ Cryptanalysis Rainbow table Spoofing None of the above 12. HMAC is mechanism used to ensure both ----- and ------ of a message. Integrity, authenticity Integrity, confidentiality Availability, confidentiality None of the above 13. A hash function guarantees integrity of message. It guarantees that message has not be --- Replaced Over view Changed Violated 202501 Final Exam Review Questions 14. Which figure implements confidentiality, authentication and signature? 15. What makes MAC different from a hash function? Message Secret key Encryption algorithm None of the above 16. What is Hash function? It creates a small flexible block of data It creates a small fixed block of data It creates an encrypted block of data None of the above Module (6): MCQ Questions 1. What does key distribution refer to in cryptography? a) The process of creating cryptographic keys b) The means of delivering a key to parties who wish to exchange data c) The method of encrypting data using keys d) The system of storing cryptographic keys 202501 Final Exam Review Questions 2. In symmetric encryption, why is it desirable to use keys only once? a) To prevent replay attacks b) To simplify key management c) To limit data compromise in case of key discovery d) To speed up the encryption process 3. Which of the following is a method of distributing symmetric keys? a) Ahmad selects a key and emails it to Asmaa b) Ahmad selects a key and physically delivers it to Asmaa c) Ahmad posts the key on a public forum for Asmaa to retrieve d) Ahmad and Asmaa guess a key simultaneously 4. What is a hierarchical key control system used for in cryptography? a) To speed up the key distribution process b) To minimize the effort involved in master key distribution c) To increase the complexity of the encryption process d) To decentralize key management 5. What factor should be considered when determining the lifetime of a session key? a) The length of the key b) The frequency of message exchange c) The balance between security and network capacity d) The type of encryption algorithm used 6. In the context of key controls, what is a key tag used for? a) To identify the type of encryption algorithm b) To encrypt the key during distribution c) To control how automatically distributed keys are used d) To verify the integrity of the key 7. What is a hybrid scheme in cryptography? a) A method combining symmetric and asymmetric encryption b) A technique that uses only symmetric encryption c) A system using multiple symmetric keys for encryption d) An approach that relies solely on public-key cryptography 8. How are public keys typically distributed in cryptography? a) Via private messaging b) Through public announcement c) By embedding them in the encrypted data 202501 Final Exam Review Questions d) Through a centralized key distribution system 9. Why might a certificate be revoked before its expiration? a) The user requests a new certificate b) The CA decides to change its policy c) The user's private key is compromised d) The certificate was issued in error 11. What was the significant contribution of the Diffie-Hellman Key Exchange? a) It was the first public-key algorithm b) It introduced the concept of symmetric encryption c) It was the first algorithm to use digital signatures d) It established the basis for the RSA algorithm 12. What is the primary purpose of the Diffie-Hellman Key Exchange? a) To encrypt messages b) To securely exchange a key for symmetric encryption c) To generate public and private keys d) To authenticate users 14. What is the role of a Certification Authority (CA) in cryptography? a) To encrypt and decrypt messages b) To generate user keys for encryption c) To certify and manage public keys through certificates d) To control the distribution of symmetric keys 15. What is the significance of public-key certificates in cryptography? a) They are used to encrypt messages b) They confirm the authenticity of a public key c) They are necessary for symmetric key encryption d) They are used for user authentication only 16. What does the term 'key hierarchy' in cryptography refer to? a) A method of generating keys b) A structure for organizing and managing keys c) A technique for encrypting keys d) A protocol for key exchange 17. What is a session key in the context of cryptography? a) A key used for a single encryption session b) A master key that generates other keys c) A public key used for encryption d) A private key used for decryption 202501 Final Exam Review Questions 18. What is the primary advantage of using a hybrid cryptographic scheme? a) Increased speed of encryption b) Simplified key distribution c) Enhanced security through multiple algorithms d) Reduced need for key storage 21. What is the primary purpose of certificate revocation? a) To renew old certificates b) To revoke access to a network c) To ensure only valid certificates are used d) To update the encryption algorithm 22. In the context of key distribution, what is a Master Key used for? a) To encrypt user data b) To generate session keys c) To authenticate users d) To decrypt received messages 23. Which of the following is a technique for public key distribution? a) Password-based authentication b) Publicly available directory c) Symmetric key exchange d) Secure socket layer encryption 24. What is the primary purpose of symmetric key encryption? a) Distributing public keys b) Ensuring non-repudiation c) Securing data exchange with a shared secret key d) Generating digital signatures 25. Key distribution refers to: a) Distributing public keys for asymmetric encryption b) The process of delivering a key to parties who wish to exchange data c) The distribution of certificates in a network d) Creating a hierarchy of keys for encryption 26. In symmetric encryption, the two parties must: a) Use different keys for encryption and decryption b) Share the same key, which must be protected from attackers c) Use a public key for encryption and a private key for decryption d) Not use the same key more than once 27. Which method is NOT a way to achieve key distribution in symmetric cipher? a) One party transmitting the new key encrypted with an old key b) Using a public key to encrypt the symmetric key 202501 Final Exam Review Questions c) A third party selecting and physically delivering the key d) Both parties having an encrypted connection to a third party for key delivery 28. Key hierarchy in key distribution is important because it: a) Eliminates the need for encryption b) Allows unlimited lifetime for session keys c) Minimizes the effort in master key distribution d) Makes symmetric encryption obsolete 29. The main advantage of changing session keys frequently is: a) Increased network capacity b) Reduced encryption time c) Enhanced security d) Simplified key management 30. In key controls, a tag associated with each key is used for: a) Indicating the algorithm used b) Showing the key's expiry date c) Specifying the type of session keys based on use d) Displaying the key's owner 31. A hybrid scheme in cryptography often combines: a) Two symmetric key algorithms b) Symmetric and asymmetric key algorithms c) Multiple hashing algorithms d) Different encryption modes 32. Public keys can be distributed through all EXCEPT: a) Public announcement b) Public-key authority c) Private encrypted email d) Public-key certificates 33. X.509 Certificates are used for: a) Encrypting data with symmetric keys b) Authentication services using public-key cryptography c) Distributing symmetric keys in a network d) Generating digital signatures 34. What characteristic of X.509 certificates ensures their authenticity? 202501 Final Exam Review Questions a) They can only be modified by the certification authority b) They expire after a short period c) They use symmetric encryption d) They are distributed through a public announcement 35. Certificate revocation is necessary when: a) The certificate reaches its expiration date b) The user's private key is assumed to be compromised c) The certificate is renewed d) The certificate is publicly available 36. The Diffie-Hellman Key Exchange is used for: a) Encrypting messages b) Generating digital signatures c) Securely exchanging a key d) Distributing public keys 38. A Man-in-the-Middle attack in the context of key exchange involves: a) Intercepting and altering messages without detection b) Decrypting messages using brute force c) Stealing private keys from the server d) Cracking the encryption algorithm 39. ElGamal Cryptography is primarily used for: a) Symmetric key encryption b) Public-key encryption and digital signatures c) Secure file storage d) Network security monitoring Module (7): MCQ Questions 1. What is the primary goal of cryptography? a) To prevent unauthorized actions towards information b) To share confidential information securely c) To ensure data integrity during transmission d) To encrypt data for storage purposes 2. Which type of cryptosystem requires the sharing of a private key between the communicating parties? a) Public key cryptosystem b) Hybrid cryptosystem 202501 Final Exam Review Questions c) Symmetric key cryptosystem d) Asymmetric key cryptosystem 3. What is the purpose of a digital signature? a) To encrypt a message for secure transmission b) To ensure the privacy of a message c) To guarantee the source and integrity of a message d) To authenticate the receiver of a message 4. What is a common hash algorithm used in digital signatures? a) MD5 b) AES c) RSA d) SHA-256 5. What does a digital signature use to verify the authenticity of the message? a) Private key b) Public key c) Symmetric key d) Hash function 6. Which type of attack involves an attacker making the signer sign messages of their choice? a) Chosen-plaintext attack b) Ciphertext-only attack c) Known-plaintext attack d) Chosen-ciphertext attack 7. What property of a digital signature ensures that it can be verified by third parties to resolve disputes? a) Non-repudiation b) Authentication c) Integrity d) Confidentiality 8. What is the purpose of a digital certificate in the context of digital signatures? a) To encrypt the message b) To verify the digital signature c) To store the private key d) To authenticate the sender's identity 9. What is the primary advantage of using a public key cryptosystem for digital signatures? a) Faster computation speed b) Shared private key for encryption c) Enhanced security through key separation d) Simplicity of key management 10. Which cryptographic transformation converts input data into output data using a cryptographic key? a) Hash function b) Encryption 202501 Final Exam Review Questions c) Decryption d) Signature generation 11. What is a digital signature? a) A code attached to a message that guarantees its source and integrity b) A cryptographic key used for encryption and decryption c) A technique for secure data transmission over the internet d) A digital certificate issued by a trusted authority 12. What is the purpose of a hash function in digital signatures? a) To encrypt the message before signing b) To compress the message into a fixed-sized fingerprint c) To generate a random key for encryption d) To verify the authenticity of the sender's public key 13. Which type of attack involves an attacker determining the signer's private key? a) Ciphertext-only attack b) Chosen-plaintext attack c) Known-plaintext attack d) Key-only attack 14. How does a digital signature provide non-repudiation? a) By encrypting the message b) By digitally signing the message c) By verifying the integrity of the message d) By ensuring the confidentiality of the message 15. Which property of a digital signature ensures that the contents of the message can be authenticated at the time of the signature? a) Non-repudiation b) Integrity c) Authentication d) Confidentiality 16. What is the role of the private key in the digital signature process? a) It is used to sign the message b) It is used to verify the signature c) It is exchanged between the sender and receiver d) It is used to encrypt the message 17. What is the purpose of the inverse cryptographic transformation in a cryptosystem? a) To decrypt the message b) To generate the digital signature c) To verify the integrity of the message d) To compress the message 18. Which type of cryptosystem uses the same key for both encryption and decryption? a) Public key cryptosystem b) Hybrid cryptosystem c) Symmetric key cryptosystem d) Asymmetric key cryptosystem 202501 Final Exam Review Questions 19. What is the process of converting plaintext into ciphertext called? a) Encryption b) Decryption c) Hashing d) Key generation 20. Which type of encryption uses a single key for both encryption and decryption? a) Symmetric key encryption b) Asymmetric key encryption c) Hybrid encryption d) Public key encryption 21. What is the primary purpose of a nonce in encryption? a) To generate random keys b) To prevent replay attacks c) To authenticate the sender d) To ensure message integrity 22. Which of the following is a key exchange protocol? a) Diffie-Hellman b) RSA c) AES d) ECC 23. Which cryptographic primitive is used to verify the integrity of data? a) Digital signature b) Hash function c) Key exchange d) Symmetric encryption 24. Which type of attack involves an attacker intercepting and altering the communication between two parties? a) Brute-force attack b) Man-in-the-middle (MITM) attack c) Denial-of-service (DoS) attack d) Replay attack 25. Which type of key is used for encryption in asymmetric key cryptography? a) Public key b) Private key c) Session key d) Master key ___________________*********_________________ 202501