Multiple choice questions.docx

Transcript

Multiple choice questions

1. Which statement(s) is(are) right? Select one or more:

A. The main goal of the certificates is to bind the owner with
his/her public key.

B. The owner by its signature revokes his/her certificate.

C. Public key Infrastructure is the set of hardware and software
needed to handle\
digits certificate.

2. Which statement(s) is(are) right? Select one or more:

A. Risk Analysis details the duties of the system administrator.

B. Risk Analysis identifies what to protect whom, defines risks and how
you are going to protect the system.

C. Security Threat Management contains concrete way of protection
actions.

3. Which statement(s) is(are) right? Select one or more:

D. During the replay attack the attacker sends the message back to
the sender.

E. Traffic analysis is an active attack

F. Administrative control means the organization's policies,
procedure, and guidelines.

G. The risk is the size of the attack.

4. Which statement(s) is(are) right? Select one or more:

H. Valid message authentication code proves the integrity of the
message.

I. Valid message authentication code proves non-repudiation of the
message.

J. Message authentication codes are suitable for providing
confidentiality.

K. Message authentication codes are suitable for entity
authentication.

5. What kind of actions are needed for fire protection? Select one or
more:

L. Air conditioning designed so as not to spread fire.

M. Hand-operated fire extinguishers should be available.

N. Common walls have at least one-hour fire protection rating.

6. Which statement(s) is(are) right? Select one or more:

O. The textbook RSA decryption algorithm is deterministic.

P. The textbook RSA key generation algorithm deterministic.

Q. The textbook RSA encryption algorithm is deterministic.

7. Which statement(s) is(are) right? Select one or more:

R. Affine cipher is the special case of the transposition ciphers.

S. In order to calculate the decryption key of the affine cipher
Extended Euclidean Algorithm might be applied.

T. Since the encryption and decryption keys are different, the
affine cipher is an asymmetric encryption.

U. Affine cipher is the special case of the shift ciphers.

8. Which statement(s) is(are) right? Select one or more:

V. Ransomware saves the files and returns them then after receiving
the ransom.

W. Ransomware locks you out of your computer.

X. WannaCry is famous for attacking Iran's nuclear program.

Y. Chernobyl is virus deletes data.

9. Which statement(s) is(are) right? Select one or more:

Z. The size of the key space for transposition ciphers is n!, where
n is the length of a block.

A. Transposition ciphers' encryption and decryption algorithm use
the same permutation bit by bit.

B. Transposition ciphers apply permutations taken over the whole
alphabet.

C. The key generation algorithm of a transposition cipher is to
generate all permutations of(1,\...,n) , where n is the length
of a block.

10. Which statement(s) is(are) right? Select one or more:

D. The Unix password file contains the hash of the password.

E. For secure password storage slow hash functions are used.

F. Identification can be biometric, token-based and password-based.

G. Efficiency of the dictionary attacks is slowed down by applying
salts.

11. The input of the asymmetric key generation algorithm is (are):
Select one or more:

H. secret key

I. public key

J. security parameter

K. Plaintext

12. What is the notion of authentication?

L. Data is not altered in an unauthorized manner.

M. The system is free from unauthorized manipulation.

N. Encompasses identity verification, message origin integrity and
message content integrity.

O. Secret information is not disclosed to unauthorized entities.

13. What is the Message Authentication Code used for?

P. To verify the rightness of the data.

Q. To verify the integrity of the data.

R. To provide confidentiality of the message.

S. To verify the identity of the sender.

14. Which statement(s) is(are) right? Select one or more:

T. The threat is an attack that exploits a vulnerability.

U. In practice most of the attacks are outside ones.

V. An attack can be active or passive based on the way.

W. The vulnerability is a weakness of the system that could be
exploited to violate the security.

15. What is the CIA triad?

X. Confidentiality, Integrity, Authenticity

Y. Integrity, Non-repudiation, Availability

Z. Integrity, Authenticity, Non-repudiation

A. Integrity, Confidentiality, Availability

B. Security, Integrity, Accountability

16. Which statement(s) is(are) right? Select one or more:

C. Overvoltage can destroy processors and memories.

D. Two categories are differentiated for physical security threats:
environmental threats and natural disasters.

E. The internal temperature of the computer cannot be significantly
higher than room temperature.

F. In case of physical control physical infrastructure includes
personnel as well.

17. Which statement(s) is(are) right? Select one or more:

G. If the water sensor detects water automatically cuts of the
power.

H. Installing water sensors belongs to corrective control.

I. Water sensors should be located by 30 cm over the floor.

18. Which statement(s) is(are) right? Select one or more:

J. Viruses propagate by infection of existing executables.

K. The virus does not need a host program to propagate.

L. The virus does not replicate.

M. Viruses propagate only by files containing macro codes.

19. Which of the following is a type of program that either pretends to
have, or is described as

having, a set of useful or desirable features but actually contains
damaging code?

N. Trojans

O. Bots

P. Worm

Q. Adware

R. Viruses

20. What is the software called which when get downloaded on computer
scans your hard drive for personal information and your internet
browsing habits?

S. Antiware

T. Keylogger

U. Spyware

V. Backdoors

21. Which statement(s) is(are) right? Select one or more:

W. Social engineering is an attack, when an attacker tricks users
to assist to compromise of their own system or personal
information.

X. In case of malvertising an attacker pays for advertisements
containing malware.

Y. Clickjacking is an attack, when the attacker forces the user to
click on malicious content.

22. Which of the following is the type of software that has
self-replicating software that causes damage to files and system?

Z. Viruses

A. Trojan horses

B. Bots

C. Backdoors

D. Worms

23. Which statement(s) is(are) right? Select one or more:

E. There are trojans that gain backdoor access.

F. Trojans do not replicate.

G. Trojans are absolutely useful programs.

H. Payloads for trojans are generating a botnet.

24. Which statement(s) is(are) right? Select one or more:

I. Worms spread by use of network connections, shared media and
e-mail attachments.

J. Worms exploit software vulnerabilities.

K. Worms propagate through Zero-day exploits.

L. The worm is a virus that propagates without a host program.

25. Which statement(s) is(are) right? Select one or more:

M. Whenever we define an encryption scheme it is enough to give the
key generation, encryptionand decryption algorithms.

N. For all encryption schemes the secret decryption key should be
transferred via a key exchange algorithm to the receiver entity.

O. In order to make the encryption scheme secure the size of the
key space is infinite.

P. Sometimes the encryption and decryption keys are the same bit by
bit.

26. Which algorithms should be given to define an encryption scheme?

Q. key generation algorithm

R. algorithm that generates the key space

S. algorithm that generates the ciphertext space

T. encryption algorithm

U. decryption algorithm

V. algorithm that generates the plaintext space

27. Which statement(s) is(are) right? Select one or more:

W. Calculating the symmetric decryption key out of the encryption
one is infeasible.

X. The encryption key and the decryption key are always the same in
case of symmetric encryption schemes.

Y. Symmetric encryption schemes are faster than the asymmetric
ones.

Z. In case of asymmetric encryptions the key generation algorithm
outputs a key pair.

28. Which encryption scheme is suitable for encrypting video files?

A. Symmetric

B. Asymmetric

29. Which are the asymmetric encryption schemes?

C. RSA

D. OTP

E. AES

F. ElGamal

G. 3DES

30. For which encryption scheme it is true that the decryption key can
be calculated out of the encryption one only in an infeasible way?

H. Asymmetric

I. Symmetric

31. Which statement(s) is(are) right? Select one or more:

J. The secret key is an output of a key generation algorithm.

K. One of the input values of a decryption algorithm is a secret
key.

L. One of the input values of an encryption algorithm is always a
secret key.

M. The encryption algorithm is usually randomized.

32. Which statement(s) is(are) right? Select one or more:

N. The ciphertext space of the general monoalphabetic cipher is the
field of the modulo v residue classes.

O. The secret key of the general monoalphabetic cipher is a
permutation.

P. The size of the key space for the general monoalphabetic cipher
is n!, where n is the size of the alphabet

33. Which belongs to historical ciphers?

Q. transposition

R. OTP

S. substitution

T. DES

34. Which statement(s) is(are) right? Select one or more:

U. Transposition ciphers' encryption and decryption algorithms use
the same permutation bit by bit.

V. Transposition ciphers apply permutations taken over the whole
alphabet.

W. The key generation algorithm of a transposition cipher is to
generate all permutations of (1,\...,n), where n is the length
of a block.

X. The size of the key space for transposition ciphers is n!, where
n is the length of a block.

35. Is it proven that the RSA problem is as hard as prime factorization?
Select one or more:

Y. Yes

Z. No

36. Is it proven that the modular exponentiation, where the modulus is
the product of two large primes with equal size is a one way
function?

A. Yes

B. No

37. Is it true that calculating the RSA decryption exponent out of the
public key is as hard as factoring the modulus?

C. Yes

D. No

38. Which is secret in case of the RSA algorithm?

E. RSA modulus

F. phi(n), where n is a modulus

G. decryption exponent that is relatively prime to phi(n), where n
is a modulus

H. large primes

39. Which statement(s) is(are) right? Select one or more:

I. There are several successful attacks against the textbook RSA
encryption scheme.

J. Today the size of RSA modulus is 4096 bits.

K. It is proven that prime factorization is as hard as the RSA
problem.

L. The textbook RSA encryption algorithm is randomized.

40. What are the duties of the PKI Registration Authority?

M. Authenticating users.

N. Storing the revocation list.

O. Storing certificates.

P. Generating key pairs.

41. What are the duties of the PKI Certificate Authority?

Q. Revoking certificates.

R. Generating key pairs.

S. Signing certificates.

T. Registering certificate requests.

42. Which statement(s) are right?

U. Message authentication codes are suitable for entity
authentication

V. Valid message authentication code proves non-repudiation of the
messages

W. Valid message authentication code proves the integrity of the
messages

X. Message authentication codes are suitable for providing
confidentiality

43. Does there exist an injective hash function?

Y. Yes

Z. No.

44. What kind of hash functions do we use for digital signatures?

A. Preimage resistance

B. Collision resistance

C. Second preimage resistance

45. Which key generation algorithm defines the plaintext space, the
ciphertext space and the keyspace?

D. Asymmetric

E. Symmetric