Full Transcript

Multiple choice questions 1. Which statement(s) is(are) right? Select one or more: A. The main goal of the certificates is to bind the owner with his/her public key. B. The owner by its signature revokes his/her certificate. C. Public key Infrastructure is the set of hard...

Multiple choice questions 1. Which statement(s) is(are) right? Select one or more: A. The main goal of the certificates is to bind the owner with his/her public key. B. The owner by its signature revokes his/her certificate. C. Public key Infrastructure is the set of hardware and software needed to handle\ digits certificate. 2. Which statement(s) is(are) right? Select one or more: A. Risk Analysis details the duties of the system administrator. B. Risk Analysis identifies what to protect whom, defines risks and how you are going to protect the system. C. Security Threat Management contains concrete way of protection actions. 3. Which statement(s) is(are) right? Select one or more: D. During the replay attack the attacker sends the message back to the sender. E. Traffic analysis is an active attack F. Administrative control means the organization's policies, procedure, and guidelines. G. The risk is the size of the attack. 4. Which statement(s) is(are) right? Select one or more: H. Valid message authentication code proves the integrity of the message. I. Valid message authentication code proves non-repudiation of the message. J. Message authentication codes are suitable for providing confidentiality. K. Message authentication codes are suitable for entity authentication. 5. What kind of actions are needed for fire protection? Select one or more: L. Air conditioning designed so as not to spread fire. M. Hand-operated fire extinguishers should be available. N. Common walls have at least one-hour fire protection rating. 6. Which statement(s) is(are) right? Select one or more: O. The textbook RSA decryption algorithm is deterministic. P. The textbook RSA key generation algorithm deterministic. Q. The textbook RSA encryption algorithm is deterministic. 7. Which statement(s) is(are) right? Select one or more: R. Affine cipher is the special case of the transposition ciphers. S. In order to calculate the decryption key of the affine cipher Extended Euclidean Algorithm might be applied. T. Since the encryption and decryption keys are different, the affine cipher is an asymmetric encryption. U. Affine cipher is the special case of the shift ciphers. 8. Which statement(s) is(are) right? Select one or more: V. Ransomware saves the files and returns them then after receiving the ransom. W. Ransomware locks you out of your computer. X. WannaCry is famous for attacking Iran's nuclear program. Y. Chernobyl is virus deletes data. 9. Which statement(s) is(are) right? Select one or more: Z. The size of the key space for transposition ciphers is n!, where n is the length of a block. A. Transposition ciphers' encryption and decryption algorithm use the same permutation bit by bit. B. Transposition ciphers apply permutations taken over the whole alphabet. C. The key generation algorithm of a transposition cipher is to generate all permutations of(1,\...,n) , where n is the length of a block. 10. Which statement(s) is(are) right? Select one or more: D. The Unix password file contains the hash of the password. E. For secure password storage slow hash functions are used. F. Identification can be biometric, token-based and password-based. G. Efficiency of the dictionary attacks is slowed down by applying salts. 11. The input of the asymmetric key generation algorithm is (are): Select one or more: H. secret key I. public key J. security parameter K. Plaintext 12. What is the notion of authentication? L. Data is not altered in an unauthorized manner. M. The system is free from unauthorized manipulation. N. Encompasses identity verification, message origin integrity and message content integrity. O. Secret information is not disclosed to unauthorized entities. 13. What is the Message Authentication Code used for? P. To verify the rightness of the data. Q. To verify the integrity of the data. R. To provide confidentiality of the message. S. To verify the identity of the sender. 14. Which statement(s) is(are) right? Select one or more: T. The threat is an attack that exploits a vulnerability. U. In practice most of the attacks are outside ones. V. An attack can be active or passive based on the way. W. The vulnerability is a weakness of the system that could be exploited to violate the security. 15. What is the CIA triad? X. Confidentiality, Integrity, Authenticity Y. Integrity, Non-repudiation, Availability Z. Integrity, Authenticity, Non-repudiation A. Integrity, Confidentiality, Availability B. Security, Integrity, Accountability 16. Which statement(s) is(are) right? Select one or more: C. Overvoltage can destroy processors and memories. D. Two categories are differentiated for physical security threats: environmental threats and natural disasters. E. The internal temperature of the computer cannot be significantly higher than room temperature. F. In case of physical control physical infrastructure includes personnel as well. 17. Which statement(s) is(are) right? Select one or more: G. If the water sensor detects water automatically cuts of the power. H. Installing water sensors belongs to corrective control. I. Water sensors should be located by 30 cm over the floor. 18. Which statement(s) is(are) right? Select one or more: J. Viruses propagate by infection of existing executables. K. The virus does not need a host program to propagate. L. The virus does not replicate. M. Viruses propagate only by files containing macro codes. 19. Which of the following is a type of program that either pretends to have, or is described as having, a set of useful or desirable features but actually contains damaging code? N. Trojans O. Bots P. Worm Q. Adware R. Viruses 20. What is the software called which when get downloaded on computer scans your hard drive for personal information and your internet browsing habits? S. Antiware T. Keylogger U. Spyware V. Backdoors 21. Which statement(s) is(are) right? Select one or more: W. Social engineering is an attack, when an attacker tricks users to assist to compromise of their own system or personal information. X. In case of malvertising an attacker pays for advertisements containing malware. Y. Clickjacking is an attack, when the attacker forces the user to click on malicious content. 22. Which of the following is the type of software that has self-replicating software that causes damage to files and system? Z. Viruses A. Trojan horses B. Bots C. Backdoors D. Worms 23. Which statement(s) is(are) right? Select one or more: E. There are trojans that gain backdoor access. F. Trojans do not replicate. G. Trojans are absolutely useful programs. H. Payloads for trojans are generating a botnet. 24. Which statement(s) is(are) right? Select one or more: I. Worms spread by use of network connections, shared media and e-mail attachments. J. Worms exploit software vulnerabilities. K. Worms propagate through Zero-day exploits. L. The worm is a virus that propagates without a host program. 25. Which statement(s) is(are) right? Select one or more: M. Whenever we define an encryption scheme it is enough to give the key generation, encryptionand decryption algorithms. N. For all encryption schemes the secret decryption key should be transferred via a key exchange algorithm to the receiver entity. O. In order to make the encryption scheme secure the size of the key space is infinite. P. Sometimes the encryption and decryption keys are the same bit by bit. 26. Which algorithms should be given to define an encryption scheme? Q. key generation algorithm R. algorithm that generates the key space S. algorithm that generates the ciphertext space T. encryption algorithm U. decryption algorithm V. algorithm that generates the plaintext space 27. Which statement(s) is(are) right? Select one or more: W. Calculating the symmetric decryption key out of the encryption one is infeasible. X. The encryption key and the decryption key are always the same in case of symmetric encryption schemes. Y. Symmetric encryption schemes are faster than the asymmetric ones. Z. In case of asymmetric encryptions the key generation algorithm outputs a key pair. 28. Which encryption scheme is suitable for encrypting video files? A. Symmetric B. Asymmetric 29. Which are the asymmetric encryption schemes? C. RSA D. OTP E. AES F. ElGamal G. 3DES 30. For which encryption scheme it is true that the decryption key can be calculated out of the encryption one only in an infeasible way? H. Asymmetric I. Symmetric 31. Which statement(s) is(are) right? Select one or more: J. The secret key is an output of a key generation algorithm. K. One of the input values of a decryption algorithm is a secret key. L. One of the input values of an encryption algorithm is always a secret key. M. The encryption algorithm is usually randomized. 32. Which statement(s) is(are) right? Select one or more: N. The ciphertext space of the general monoalphabetic cipher is the field of the modulo v residue classes. O. The secret key of the general monoalphabetic cipher is a permutation. P. The size of the key space for the general monoalphabetic cipher is n!, where n is the size of the alphabet 33. Which belongs to historical ciphers? Q. transposition R. OTP S. substitution T. DES 34. Which statement(s) is(are) right? Select one or more: U. Transposition ciphers' encryption and decryption algorithms use the same permutation bit by bit. V. Transposition ciphers apply permutations taken over the whole alphabet. W. The key generation algorithm of a transposition cipher is to generate all permutations of (1,\...,n), where n is the length of a block. X. The size of the key space for transposition ciphers is n!, where n is the length of a block. 35. Is it proven that the RSA problem is as hard as prime factorization? Select one or more: Y. Yes Z. No 36. Is it proven that the modular exponentiation, where the modulus is the product of two large primes with equal size is a one way function? A. Yes B. No 37. Is it true that calculating the RSA decryption exponent out of the public key is as hard as factoring the modulus? C. Yes D. No 38. Which is secret in case of the RSA algorithm? E. RSA modulus F. phi(n), where n is a modulus G. decryption exponent that is relatively prime to phi(n), where n is a modulus H. large primes 39. Which statement(s) is(are) right? Select one or more: I. There are several successful attacks against the textbook RSA encryption scheme. J. Today the size of RSA modulus is 4096 bits. K. It is proven that prime factorization is as hard as the RSA problem. L. The textbook RSA encryption algorithm is randomized. 40. What are the duties of the PKI Registration Authority? M. Authenticating users. N. Storing the revocation list. O. Storing certificates. P. Generating key pairs. 41. What are the duties of the PKI Certificate Authority? Q. Revoking certificates. R. Generating key pairs. S. Signing certificates. T. Registering certificate requests. 42. Which statement(s) are right? U. Message authentication codes are suitable for entity authentication V. Valid message authentication code proves non-repudiation of the messages W. Valid message authentication code proves the integrity of the messages X. Message authentication codes are suitable for providing confidentiality 43. Does there exist an injective hash function? Y. Yes Z. No. 44. What kind of hash functions do we use for digital signatures? A. Preimage resistance B. Collision resistance C. Second preimage resistance 45. Which key generation algorithm defines the plaintext space, the ciphertext space and the keyspace? D. Asymmetric E. Symmetric

Use Quizgecko on...
Browser
Browser