1100 Flashcards by Landon Todd

A symmetric cipher that was designed to replace DES.

Triple Data Encryption Standard (3DES)

How well did you know this?

Not at all

Perfectly

A chip on the motherboard of the computer that provides cryptographic services.

Trusted Platform Module (TPM)

How well did you know this?

Not at all

Perfectly

A later derivation of the Blowfish algorithm that is considered to be strong.

Twofish

How well did you know this?

Not at all

Perfectly

Cryptography that can be applied to entire disks.

Whole Disk Encryption

How well did you know this?

Not at all

Perfectly

What is data called that is to be encrypted by inputting into an encryption algorithm? 
A. Plaintext
B. Cleartext
C. Opentext
D. Ciphertext

A. Plaintext

How well did you know this?

Not at all

Perfectly

Which of the following is not a basic security protection over information that cryptography can provide? 
A. confidentiality
B. Stop loss
C. Integrity
D. Authenticity

B. Stop loss

How well did you know this?

Not at all

Perfectly

The areas of a file in which steganography can hide include all of the following except __________.
A. in data that is used to describe the content or structure of the actual data
B. in the directory structure of the file system
C. in the file header fields that describe the file
D. in areas that contain the content data itself

B. in the directory structure of the file system

How well did you know this?

Not at all

Perfectly

Proving that a user sent an e-mail message is known as ______. A. repudiation B. integrity C. nonrepudiation D. availability

C. nonrepudiation

How well did you know this?

Not at all

Perfectly

Symmetric cryptographic algorithms are also called _________. A. private key cryptographyB. cipherkey cryptographyC. public/private key cryptographyD. public key cryptography

A. private key cryptography

How well did you know this?

Not at all

Perfectly

A(n) __________ is not decrypted - but is only used for comparison purposes. A. stream B. hash C. algorithm D. key

B. hash

How well did you know this?

Not at all

Perfectly

Each of the following is a characteristic of a secure hash algorithm except ____________. A. collisions should be rareB. the results of a hash function should not be reversedC. the hash should always be the same fixed sizeD. a message cannot be produced from a predefined has A. collisions should be rare B. the results of a hash function should not be reversed C. the hash should always be the same fixed size D. a message cannot be produced from a predefined has

A. collisions should be rare

How well did you know this?

Not at all

Perfectly

A(n) __________ is not decrypted - but is only used for comparison purposes. A. stream B. hash C. algorithm D. key

B. encrypting and decrypting e-mail attachments

How well did you know this?

Not at all

Perfectly

___________ encrypts a hash with a shared secret key. A. Key_hashB. WEPC. MDRIPED. Hashed Message Authentication Code (HMAC) A. Key_hash B. WEP C. MDRIPE D. Hashed Message Authentication Code (HMAC)

D. Hashed Message Authentication Code (HMAC)

How well did you know this?

Not at all

Perfectly

Which of the following is a protection provided by hashing? A. AuthenticityB. ConfidentialityC. IntegrityD. Availability A. Authenticity B. Confidentiality C. Integrity D. Availability

C. Integrity

How well did you know this?

Not at all

Perfectly

__________ is a hash that uses two different and independent parallel chains of computation - the results of which are then combined at the end of the process. A. DESB. AESC. RC4D. RIPEMD A. DES B. AES C. RC4 D. RIPEMD

D. RIPEMD

How well did you know this?

Not at all

Perfectly

Which of the following is the strongest symmetric cryptographic algorithm? A. Advanced Encryption StandardB. Data Encryption StandardC. Triple Data Encryption StandardD. Rivest Cipher (RC) 1 A. Advanced Encryption Standard B. Data Encryption Standard C. Triple Data Encryption Standard D. Rivest Cipher (RC) 1

A. Advanced Encryption Standard

How well did you know this?

Not at all

Perfectly

If Bob want to send a secure message to Alice using an asymmetric cryptographic algorithm - the key he uses to encrypt the message is __________. A. Alice’s private keyB. Alice’s public keyC. Bob’s public keyD. Bob’s private key A. Alice’s private key B. Alice’s public key C. Bob’s public key D. Bob’s private key

B. Alice’s public key

How well did you know this?

Not at all

Perfectly

A digital signature can provide each of the following benefits except __________. A. prove the integrity of the messageB. verify the receiverC. verify the senderD. enforce nonrepudiation A. prove the integrity of the message B. verify the receiver C. verify the sender D. enforce nonrepudiation

B. verify the receiver

How well did you know this?

Not at all

Perfectly

Which of the following asymmetric cryptographic algorithms is the most secure? A. MEC-2B. RSAC. MD-17D. SHA-2 A. MEC-2 B. RSA C. MD-17 D. SHA-2

B. RSA

How well did you know this?

Not at all

Perfectly

Which of the following asymmetric encryption algorithms uses prime numbers? A. EFSB. Quantum computingC. ECCD. RSA A. EFS B. Quantum computing C. ECC D. RSA

D. RSA

How well did you know this?

Not at all

Perfectly

__________ uses lattice-based cryptography and may be more resistant to quantum computing attacks. A. NTRUEncryptB. ECCC. RC4D. SHA-512 A. NTRUEncrypt B. ECC C. RC4 D. SHA-512

A. NTRUEncrypt

How well did you know this?

Not at all

Perfectly

The Trusted Platform Module (TPM) __________. A. allows the user to boot a corrupted disk and repair it B. is only available on Windows computers running BitLocker C. includes a pseudorandom number generator (PRNG) D. provides cryptographic services in hardware instead of software

D. provides cryptographic services in hardware instead of software

How well did you know this?

Not at all

Perfectly

Which of the following has an onboard key generator and key storage facility - accelerated symmetric and asymmetric encryption - and can back up sensitive material in encrypted form? A. Trusted Platform Module (TPM) B. Self-encrypting hard disk drives (HDDs) C. Encrypted hardware-based USB devices D. Hardware Security Module (HSM)

D. Hardware Security Module (HSM)

How well did you know this?

Not at all

Perfectly

The Microsoft Windows LAN Manager hash ___________. A. is weaker than NTLMv2 B. is part of BitLocker C. is required to be present when using TPM D. is identical to MD-4

A. is weaker than NTLMv2

How well did you know this?

Not at all

Perfectly

A trust model with one CA that acts as a facilitator to interconnect all other CA's.

Bridge Trust Model

A trusted third-party agency that is responsible for issuing the digital certificates.

Certificate Authority (CA)

A publicly accessible centralized directory that contains digital certificates that can be used to view the status of a digital certificate.

Certificate Repository (CR)

A repository that lists revoked digital certificates.

Certificate Revocation List (CRL)

A technology used to associate a user's identity to a public key - in which the user's public key is "digitally signed" by a trusted third-party.

Digital Certificate

A type of trust model in which a relationship exists between two individuals because one person knows the other person.

Direct Trust

A trust model that has multiple CA's that sign digital certificates.

Distributed Trust Model

A trust model that has a single hierarchy with one master CA.

Hierarchical Trust Model

A secure version of HTTP sent over SSL/TLS.

Hypertext Transport Protocol Over Secure Sockets Layer (HTTPS)

A set of protocols developed to support the secure exchange of packets.

IP Security (IPsec)

A process in which keys are managed by a third party - such as a trusted CA called the root.

Key Escrow

A highly trusted person responsible for recovering lost or damaged digital certificates.

Key Recovery Agent (KRA)

A technique to recover a private key by distributing parts to different individuals.

M-of-N Control

A framework for all of the entities involved in digital certificates for digital certificate management.

Public Key Infrastructure (PKI)

A subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.

Registration Authority (RA)

A UNIX-based command interface and protocol for securely accessing a remote computer.

Secure Shell (SSH)

A protocol developed by Netscape for securely transmitting documents over the Internet that uses a private key to encrypt data.

Secure Sockets Layer (SSL)

A trust model in which two individuals trust each other because each individually trusts a third-party.

Third-Party Trust

A protocol that is an extension of SSL and guarantees privacy and data integrity between applications.

Transport Layer Security (TLS)

The type of trusting relationship that can exists between individuals or entities.

Trust Model

The most widely accepted format for digital certificates as defined by the International Telecommunication Union (ITU).

X.509

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) ___________. A. digital signature B. encrypted signature C. hash D. digital certificate

D. digital certificate

A digital certificate associates __________. A. a private key with a digital signature B. the user's identity with their public key C. a user's private key with the public key D. a user's public key with their private key

B. the user's identity with their public key

Digital certificates can be used for each of the following except __________. A. to verify the authenticity of the Registration Authorizer B. to verify the identity of clients and servers on the Web C. to encrypt messages for secure e-mail communications D. to encrypt channels to provide secure communication between clients and servers

A. to verify the authenticity of the Registration Authorizer

An entity that issues digital certificates is a ______________. A. Certificate Signatory (CS) B. Signature Authority (SA) C. Digital Signer (DS) D. Certificate Authority (CA)

D. Certificate Authority (CA)

A centralized directory of digital certificates is called a(n) __________. A. Digital Signature Approval List (DSAP) B. Digital Signature Permitted Authorization (DSPA) C. Authorized Digital Signature (ADS) D. Certificate Repository (CR)

D. Certificate Repository (CR)

Each of the following is a field of an X.509 certificate except __________. A. validity period B. CA expiration code C. serial number D. Signature

B. CA expiration code

In order to ensure a secure cryptographic connection between a Web browser and a Web server - a(n) _________ would be used. A. e-mail Web certificate B. server digital certificate C. personal digital certificate D. Web digital certificate

B. server digital certificate

A digital certificate that turns the address bar green is a(n) __________. A. X.509 certificate B. Advanced Web Server Certificate (AWSC) C. Extended Validation SSL Certificate D. Personal Web-Client Certificate

C. Extended Validation SSL Certificate

The __________-party trust model supports CA. A. first B. second C. third D. fourth

C. third

Public-key Cryptography Standards (PKCS) __________. A. are used to create public keys only B. define how hashing algorithms are created C. have been replaced by PKI D. are widely accepted in the industry

D. are widely accepted in the industry

Each of the following is true regarding a hierarchical trust model except __________. A. it assigns a signal hierarchy with one master CA B. it is designed for use on a large scale C. the master CA is called the root D. the root signs all digital certificate authorities with a single key

B. it is designed for use on a large scale.

Dual-sided digital certificates __________. A. are used in military and financial settings when it is necessary for the client to authenticate back to the server B. are the same as dual-key digital certificates C. are required under PKCS #1 D. require a special browser

A. are used in military and financial settings when it is necessary for the client to authenticate back to the server

Which of the following is not where keys can be stored? A. in hashes B. on the user's local system C. embedded in digital certificates D. in tokens

A. in hashes

Public Key Infrastructure (PKI) __________. A. creates private key cryptography B. requires the use of an RA instead of a CA C. generates public/private keys automatically D. is the management of digital certificate

D. is the management of digital certificate

A(n) __________ is a published set of rules that govern the operation of a PKI. A. certificate policy (CP) B. certificate practice statement (CPS) C. signature resource guide (SRG) D. enforcement certificate (EF)

A. certificate policy (CP)

Which of the following is not part of the certificate life cycle? A. Authorization B. Creation C. Expiration D. Revocation

A. Authorization

__________ refers to a situation in which keys are managed by a third party - such as a trusted CA. A. Remote key administration B. Trusted key authority C. Key authorization D. Key escrow

D. Key escrow

__________ is a protocol for securely accessing a remote computer. A. Secure Shell (SSH) B. Secure Sockets Layer (SSL) C. Secure Hypertext Transport Protocol (SHTTP) D. Transport Layer Security (TLS)

A. Secure Shell (SSH)

What is the cryptographic transport protocol that is used most often to secure Web transactions? A. SHTTP B. PPPTPoE C. HTTPS D. MD-17

C. HTTPS

Which transport encryption algorithm is integrated as part of IPv6? A. IPsec B. SSH C. SSL/TLS D. RSA

A. IPsec

The ability that provides tracking of events.

Accounting

An item that has value.

Asset

The act of ensuring that an individual or element is genuine.

Authorization

The steps that ensure that the individual is who they claim to be.

Authentication

Security actions that ensure that data is accessible to authorized users.

Availability

The first state law that covers any state agency - person - or company that does business in California.

California's Database Security Breach Notification Act (2003)

Security actions that ensure only authorized parties can view the information.

Confidentiality

Targeted attacks against financial networks - unauthorized access to information - and the theft of personal information.

Cybercrime

A network of attackers - identity thieves - spammers - and financial fraudsters.

Cybercriminals

A premeditated - politically motivated attack against information - computer systems - computer programs - and data that results in violence.

Cyberterrorism

Attackers whose motivation may be defined as ideology - or attaching for the sake of their principles or beliefs.

Cyberterrorists

The act of taking advantage of a vulnerability.

Exploiting

A law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

Gramm-Leach-Bliley Act (GLBA)

A term used to refer to a person who used advanced computer skills to attack computers.

Hacker

A law designed to guard protected health information and implement policies and procedures to safeguard it.

Health Insurance Portability and Accountability Act (HIPAA)

Stealing another person's personal information - such as a Social Security number - and then using the information to impersonate the victim - generally for financial gain.

Identity Theft

The tasks of securing information that is in a digital format.

Information Security

Security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data.

Integrity

The likelihood that a threat agent will exploit the vulnerability.

Risk

A law designed to fight corporate corruption.

Sarbanes-Oxley Act (Sarbox)

Individuals who want to break into computers to create damage - yet lack the knowledge of computers and networks needed to do so.

Script Kiddies

A person who has been hired to break into a computer and steal information.

Spy

A type of action that has the potential to cause harm.

Threat

A person or element that has the power to carry out a threat.

Threat Agent

A flaw or weakness that allows a threat agent to bypass security.

Vulnerability

Each of the following is a reason it is difficult to defend against today's attackers except __________. A. complexity of attack tools B. weak patch distribution C. greater sophistication of attacks D. delays in patching software products

A. complexity of attack tools

In a general sense - "security" is __________. A. protection from only direct actions B. using reverse attack vectors (RAV) for protection C. only available on hardened computers and systems D. the necessary steps to protect a person or property from harm

D. the necessary steps to protect a person or property from harm

__________ ensures that only authorized parties can view the information. A. confidentiality B. availability C. integrity D. authorization

A. confidentiality

Each of the following is a successive layer in which information security is achieved except __________. A. products B. purposes C. procedures D. people

B. purposes

By definition - a(n) __________ is a person or thing that has the power to carry out a threat. A. vulnerability B. exploit C. threat agent D. risk

C. threat agent

__________ ensures that the individual is who they claim to be. A. authentication B. accounting C. access control D. certification

A. authentication

Each of the following is a goal of information security except __________. A foil cyberterrosim B. avoid legal consequences C. decreases user productivity D. prevent data theft

C. decreases user productivity

The __________ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it. A. Hospital Protection and Insurance Association Agreement (HPIAA) B. Sarbanes-Oxley Act (Sarbox) C. Gramm-Leach-Bliley Act (GLBA) D. Health Insurance Portability and Accountability Act (HIPAA)

D. Health Insurance Portability and Accountability Act (HIPAA)

Utility companies - telecommunications - and financial services are considered prime targets of __________ because attackers can significantly disrupt business and personal activities by destroying a few targets. A. white hat hackers B. script kiddies C. computer spies D. cyberterrorists

D. cyberterrorists

After an attacker has probed a network for information - the next step is to __________. A. penetrate any defenses B. paralyze networks and devices C. circulate to other systems D. modify security settings

A. penetrate any defenses

1100 Flashcards

(100 cards)