Computer Security Principles And Practice 3rd Edition by Stalling Test Bank

<< Community As Partner Theory And Practice in Nursing 6th edition by Anderson Test Bank Concepts In Biology 14th Edition By Enger Test Bank >>
Product Code: 222
Availability: In Stock
Price: $24.99
Qty:     - OR -   Add to Wish List
Add to Compare

Computer Security Principles And Practice 3rd Edition by Stalling Test Bank

Description

WITH ANSWERS
Computer Security Principles And Practice 3rd Edition by Stalling Test Bank

Chapter 2 Cryptographic Tools

 

TRUE/FALSE QUESTIONS:

 

T          F          1.  Symmetric encryption is used primarily to provide confidentiality.

T          F          2.  Two of the most important applications of public-key encryption are

digital signatures and key management.

 

T          F          3.  Cryptanalytic attacks try every possible key on a piece of ciphertext

until an intelligible translation into plaintext is obtained.

 

T          F          4.  The secret key is input to the encryption algorithm.

 

T          F          5.  Triple DES takes a plaintext block of 64 bits and a key of 56 bits to

produce a ciphertext block of 64 bits.

 

T          F        6.   Modes of operation are the alternative techniques that have been

developed to increase the security of symmetric block encryption for     large sequences of data.

 

T          F          7.   The advantage of a stream cipher is that you can reuse keys.

 

T          F          8.   A message authentication code is a small block of data generated by a

secret key and appended to a message.

 

T          F          9.  Like the MAC, a hash function also takes a secret key as input.

 

T          F          10.  The strength of a hash function against brute-force attacks depends

solely on the length of the hash code produced by the algorithm.

 

T          F          11.  Public-key cryptography is asymmetric.

 

T          F          12.  Public-key algorithms are based on simple operations on bit patterns.

 

T          F          13.  The purpose of the DSS algorithm is to enable two users to securely

reach agreement about a shared secret that can be used as a secret key

for subsequent symmetric encryption of messages.

 

T          F          14. An important element in many computer security services and

applications is the use of cryptographic algorithms.

 

T          F          15.  Some form of protocol is needed for public-key distribution.

 

MULTIPLE CHOICE QUESTIONS:

 

  1. The original message or data that is fed into the algorithm is __________.
  2. encryption algorithm             B.  secret key
  3. decryption algorithm             D.  plaintext

 

  1. The __________ is the encryption algorithm run in reverse.
  2. decryption algorithm         B.  plaintext
  3. ciphertext                          D.  encryption algorithm

 

  1. __________ is the scrambled message produced as output.
  2. Plaintext                            B.  Ciphertext
  3. Secret key                          D.  Cryptanalysis

 

  1. On average, __________ of all possible keys must be tried in order to achieve success with a brute-force attack.
  2. one-fourth                         B.  half
  3. two-thirds                          D.  three-fourths

 

  1. The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the __________.
  2. SHA                                  B.  RSA
  3. AES                                   D.  DSS

 

  1. If the only form of attack that could be made on an encryption algorithm is brute-force, then the way to counter such attacks would be to __________ .
  2. use longer keys                  B.  use shorter keys
  3. use more keys                    D.  use less keys

 

  1. __________ is a procedure that allows communicating parties to verify that received or stored messages are authentic.
  2. Cryptanalysis                                B.  Decryption
  3. Message authentication                 D.  Collision resistance

 

  1. The purpose of a __________ is to produce a fingerprint of a file, message, or other block of data.
  2. secret key                          B.  digital signature
  3. keystream                          D.  hash function

 

  1. __________ is a block cipher in which the plaintext and ciphertext are integers between 0 and n-1 for some n.
  2. DSS                                   B.  RSA
  3. SHA                                  D.  AES

 

  1. A __________ is created by using a secure hash function to generate a hash value for a message and then encrypting the hash code with a private key.
  2. digital signature                            B.  keystream
  3. one way hash function                  D.  secret key

 

  1. Transmitted data stored locally are referred to as __________ .
  2. ciphertext                          B.  DES
  3. data at rest                         D.  ECC

 

  1. Digital signatures and key management are the two most important applications of __________ encryption.
  2. private-key                                    B.  public-key
  3. preimage resistant                          D.  advanced
  4. A __________ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained.
  5. mode of operation                         B.  hash function
  6. cryptanalysis                                  D.  brute-force attack

 

  1. Combined one byte at a time with the plaintext stream using the XOR operation, a __________ is the output of the pseudorandom bit generator.
  2. keystream                                      B.  digital signature
  3. secure hash                                    D.  message authentication code

 

  1. A _________ protects against an attack in which one party generates a message for another party to sign.
  2. data authenticator                         B.  strong hash function
  3. weak hash function                       D.  digital signature

 

SHORT ANSWER QUESTIONS:

  1. Also referred to as single-key encryption, the universal technique for providing confidentiality for transmitted or stored data is __________ .

 

  1. There are two general approaches to attacking a symmetric encryption scheme:

cryptanalytic attacks and __________ attacks.

 

  1. The __________ algorithm takes the ciphertext and the secret key and produces

the original plaintext.

 

  1. A __________ attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.

 

  1. A __________ processes the plaintext input in fixed-size blocks and produces a block of ciphertext of equal size for each plaintext block.

 

  1. A __________ processes the input elements continuously, producing output one element at a time.

 

  1. Public-key encryption was first publicly proposed by __________ in 1976.

 

  1. The two criteria used to validate that a sequence of numbers is random are independence and _________ .

 

  1. A _________ is a hardware device that sits between servers and storage systems and encrypts all data going from the server to the storage system and decrypts data going in the opposite direction.

 

  1. In July 1998 the __________ announced that it had broken a DES encryption using a special purpose DES cracker machine.

 

  1. The simplest approach to multiple block encryption is known as __________ mode, in which plaintext is handled b bits at a time and each block of plaintext is encrypted using the same key.

 

  1. A __________ stream is one that is unpredictable without knowledge of the input key and which has an apparently random character.

 

  1. The __________ is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption.

 

  1. __________ is provided by means of a co-processor board embedded in the tape drive and tape library hardware.

 

  1. The purpose of the __________ algorithm is to enable two users to securely reach agreement about a shared secret that can be used as a secret key for subsequent symmetric encryption of messages.

Chapter 12 Operating System Security

 

TRUE/FALSE QUESTIONS:

T          F          1.  Most large software systems do not have security weaknesses.

T          F          2.  Each layer of code needs appropriate hardening measures in place to

provide appropriate security services.

 

T          F          3.  Lower layer security does not impact upper layers.

T          F          4.  It is possible for a system to be compromised during the installation

process.

 

T          F          5.  A plan needs to identify appropriate personnel to install and manage

the system, noting any training needed.

 

T          F          6.  The purpose of the system does not need to be taken into consideration

during the system security planning process.

 

T          F          7.  The default configuration for many operating systems usually

maximizes security.

 

T          F          8.  Ideally new systems should be constructed on an unprotected network

in order to prevent installation restrictions.

 

T          F          9.  A malicious driver can potentially bypass many security controls to

install malware.

 

T          F          10.  You should run automatic updates on change-controlled systems.

 

T          F          11.  Passwords installed by default are secure and do not need to be

changed.

 

T          F          12.  A very common configuration fault seen with Web and file transfer

servers is for all the files supplied by the service to be owned by the

same user account that the server executes as.

 

T          F          13.  Manual analysis of logs is a reliable means of detecting adverse

events.

 

T          F          14.  Performing regular backups of data on a system is a critical control

that assists with maintaining the integrity of the system and user data.

 

T          F          15.   Backup and archive processes are often linked and managed together.

 

MULTIPLE CHOICE QUESTIONS:

  1. The first step in deploying new systems is _________.
  2. security testing B.  installing patches
  3. planning D.  secure critical content
  4. Which of the following need to be taken into consideration during the system

security planning process?

 

  1. how users are authenticated
  2. the categories of users of the system
  3. what access the system has to information stored on other hosts
  4. all of the above
  5. The first critical step in securing a system is to secure the __________.

 

  1. base operating system

 

  1. system administrator
  2. malware protection mechanisms
  3. remote access privileges
  4. The following steps should be used to secure an operating system:

 

  1. test the security of the basic operating system
  2. remove unnecessary services
  3. install and patch the operating system
  4. all of the above
  5. __________ applications is a control that limits the programs that can execute on the system to just those in an explicit list.
  6. Virtualizing B.  White listing
  7. Logging D.  Patching
  8. Cryptographic file systems are another use of _______.
  9. encryption B.  testing
  10. virtualizing D.  acceleration
  11. Once the system is appropriately built, secured, and deployed, the process of maintaining security is ________.
  12. complete                            B.  no longer a concern
  13. continuous                         D.  sporadic
  14. The range of logging data acquired should be determined _______.
  15. during security testing
  16. as a final step
  17. after monitoring average data flow volume
  18. during the system planning stage
  19. The ______ process makes copies of data at regular intervals for recovery of lost or corrupted data over short time periods.
  20. logging B.  backup
  21. hardening D.  archive
  22. The ______ process retains copies of data over extended periods of time in order to meet legal and operational requirements.
  23. archive B.  virtualization
  24. patching D.  backup
  25. The needs and policy relating to backup and archive should be determined ______.
  26. as a final step
  27. during the system planning stage
  28. during security testing
  29. after recording average data flow volume
  30. ______ are resources that should be used as part of the system security planning process.
  31. Texts
  32. Online resources
  33. Specific system hardening guides
  34. All of the above

 

  1. ______ systems should not run automatic updates because they may possibly introduce instability.
  2. Configuration controlled              B.  Policy controlled
  3. Change controlled                         D.  Process controlled
  4. The most important changes needed to improve system security are to ______.
  5. disable remotely accessible services that are not required
  6. ensure that applications and services that are needed are appropriately configured
  7. disable services and applications that are not required
  8. all of the above
  9. Security concerns that result from the use of virtualized systems include ______.
  10.   guest OS isolation
  11. guest OS monitoring by the hypervisor
  12.   virtualized environment security
  13. all of the above

 

SHORT ANSWER QUESTIONS:

  1. The three operating system security layers are: physical hardware, operating system kernel, and _________.

 

  1. The aim of the specific system installation planning process is to maximize _______ while minimizing costs.

 

  1. System security begins with the installation of the ________.

 

  1. The final step in the process of initially securing the base operating system is ________.

 

  1. ______ is a reactive control that can only inform you about bad things that have already happened.

 

  1. _______ is the process of making copies of data at regular intervals allowing the recovery of lost or corrupted data over relatively short time periods of a few hours to some weeks.

 

  1. ______ is the process of retaining copies of data over extended periods of time, being months or years, in order to meet legal and operational requirements to access past data.

 

  1. _______ systems should validate all patches on test systems before deploying them to production systems.

 

  1. Unix and Linux systems grant access permissions for each resource using the ______ command.

 

  1. Unix and Linux systems use a ________ which restricts the servers view of the file system to just a specified portion.

 

  1. Configuration information in Windows systems is centralized in the _______, which forms a database of keys and values.

 

  1. ________ refers to a technology that provides an abstraction of the computing resources that run in a simulated environment.

 

  1. Guest OSs are managed by a ______, or VMM, that coordinates access between each of the guests and the actual physical hardware resources.

 

  1. ______ virtualization systems are more common in clients, where they run along side other applications on the host OS, and are used to support applications for alternate operating system versions or types.

 

  1. ______ virtualization systems are typically seen in servers, with the goal of improving the execution efficiency of the hardware.

 

Chapter 22 Internet Security Protocols and Standards

 

TRUE/FALSE QUESTIONS:

T          F          1.  MIME is an extension to the old RFC 822 specification of an Internet

mail format.

 

T          F          2.  MIME provides the ability to sign and/or encrypt e-mail messages.

 

T          F          3.  Recipients without S/MIME capability can view the message content,

although they cannot verify the signature.

 

T          F          4.  The recipient of a message can decrypt the signature using DSS and the

senders public DSS key.

 

T          F          5.  As an alternative the RSA public-key encryption algorithm can be used

with either the SHA-1 or the MD5 message digest algorithm for forming signatures.

 

T          F          6.  In S/MIME each conventional key is used a total of three times.

 

T          F          7.  DKIM has been widely adopted by a range of e-mail providers and

many Internet service providers.

 

T          F          8.  SMTP is used between the message user agent and the mail submission

agent.

 

T          F          9.  A message store cannot be located on the same machine as the MUA.

 

T          F          10.  An ADMD is an Internet e-mail provider.

 

T          F          11.  DKIM is designed to provide an e-mail authentication technique that

is transparent to the end user.

 

T          F          12.  Most browsers come equipped with SSL and most Web servers have

implemented the protocol.

 

T          F          13.  Search engines support HTTPS.

 

T          F          14.  The IAB included authentication and encryption as necessary security

features in IPv6.

 

T          F          15.  Transport mode provides protection primarily for lower-layer

protocols.

 

 

 

 

MULTIPLE CHOICE QUESTIONS:

  1. _____ defines a number of content formats, which standardize representations for the support of multimedia e-mail.
  2. MEM B.  MIME
  3. MSC D.  DKIM
  4. The ________ function consists of encrypted content of any type and encrypted-content encryption keys for one or more recipients.
  5. clear-signed data               B.  signed data
  6. enveloped data                  D.  signed and enveloped data
  7. In the case of ________ only the digital signature is encoded using base64.
  8. enveloped data                  B.  signed and enveloped data
  9. signed data                                    D.  clear-signed data
  10. The result of S/MIME encrypting the digest using DSS and the senders private DSS key is the ________.
  11. digital signature                B.  envelope
  12. digest code                                    D.  mail extension
  13. To protect the data, either the signature alone or the signature plus the message are mapped into printable ASCII characters using a scheme known as ________ or base64mapping.
  14. radix-64                             B.  ASCII-64
  15. ESP-64                              D.  safe mapping
  16. The basic tool that permits widespread use of S/MIME is ________.
  17. the domain key                             B.  the public-key certificate
  18. the MIME security payload          D.  radix-64
  19. At its most fundamental level the Internet mail architecture consists of a user world in the form of _________.
  20. MHS                     B.  MSA
  21. MUA                     D.  MDA

 

  1. The ______ is responsible for transferring the message from the MHS to the MS.
  2. MDA                     B.  MS
  3. MUA                     D.  MSA
  4. The ________ accepts the message submitted by a message user agent and enforces the policies of the hosting domain and the requirements of Internet standards.
  5. mail submission agent       B.  message user agent
  6. mail delivery agent            D.  message transfer agent
  7. The most complex part of TLS is the __________.
  8. signature                B.  message header
  9. payload                  D.  handshake protocol
  10. _______ is a list that contains the combinations of cryptographic algorithms supported by the client.
  11. Compression method                    B.  Session ID
  12. CipherSuite                                   D.  All of the above
  13. ESP supports two modes of use: transport and _________.
  14. padding                 B.  tunnel
  15. payload                  D.  sequence
  16. IPsec can assure that _________.
  17. a router advertisement comes from an authorized router
  18. a routing update is not forged
  19. a redirect message comes from the router to which the initial packet was sent
  20. all of the above

 

 

 

  1. A benefit of IPsec is __________.
  2. that it is below the transport layer and transparent to applications
  3. there is no need to revoke keying material when users leave the organization
  4. it can provide security for individual users if needed
  5. all of the above
  6. The _______ field in the outer IP header indicates whether the association is an AH or ESP security association.
  7. protocol identifier             B.  security parameter index
  8. IP destination address       D.  sequence path counter

 

SHORT ANSWER QUESTIONS:

  1. ________ is a security enhancement to the MIME Internet e-mail format standard, based on technology from RSA Data Security.

 

  1. S/MIME content-types support four new functions: enveloped data, __________, clear-signed data, and signed and enveloped data.

 

  1. A _________ is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer.

 

  1. A signed data message can only be viewed by a recipient with __________ capability.

 

  1. The default algorithms used for signing S/MIME messages are SHA-1 and the _________.

 

  1. The default algorithms used for encrypting S/MIME messages are the triple DES and a public-key scheme known as _______.

 

  1. If encryption is used alone, _______ is used to convert the ciphertext to ASCII format.

 

  1. _________ is a specification for cryptographically signing e-mail messages, permitting a signing domain to claim responsibility for a message in the mail stream.

 

  1. The ________ is housed in the users computer and is referred to as a client e-mail program or a local network e-mail server.

 

  1. The _______ is a directory lookup service that provides a mapping between the name of a host on the Internet and its numerical address.

 

  1. The SSL record protocol provides two services for SSL connection:  message integrity and _________.

 

  1. The _________ is used to convey SSL-related alerts to the peer entity.

 

  1. A security association is uniquely identified by three parameters:  security parameter index, protocol identifier, and ________________.

 

  1. IP-level security encompasses three functional areas:  authentication, confidentiality, and _________.

 

  1. IPsec provides two main functions:  a combined authentication/encryption function called ___________ and a key exchange func

Write a review

Your Name:


Your Review: Note: HTML is not translated!

Rating: Bad           Good

Enter the code in the box below:



 

Once the order is placed, the order will be delivered to your email less than 24 hours, mostly within 4 hours. 

If you have questions, you can contact us here