Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CSE543 - IA > Unit 3 4 > Flashcards

Unit 3 4 Flashcards

1
Q

The analysis of cryptography algorithms is called cryptanalysis. What is a goal of cryptanalysis?

To generate random numbers

To calculate the entropy of a message

To recover the plaintext of an encrypted message without having the key

To determine the encoding of a message

A

To recover the plaintext of an encrypted message without having the key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

After applying an encryption algorithm to a message as input, what is the right term to refer to the output?

Cleartext

Ciphertext

Encryption key

Plaintext

A

Ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does cryptanalysis attempt to discover?

1 / 1 point

Encryption key

Entropy

Randomness

Encoding

A

Encryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

One-time pad (OTP) is perfectly secure as long as certain constraints are met. What are these constraints?

1 / 1 point

Keys must not contain English letters. The same key may not be used too many times. Keys must be re-generated periodically.

Keys must be random enough. Keys must be long enough. Keys can only be used once and should never be reused.

Keys must be complicated enough. Keys must be long enough. Keys must be re-generated periodically.

Keys must be random enough. Keys may be reused. Keys must be re-generated periodically.

A

Keys must be random enough. Keys must be long enough. Keys can only be used once and should never be reused.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Question 4

If a cryptographic algorithm is computationally secure, what can we conclude about the algorithm?

1 / 1 point

A computationally secure crypto algorithm cannot be broken with the current computer technology within a reasonable period of time. The expense of breaking it will exceed the value of the information protected by the crypto algorithm.

The time required to brute force a password for a message that is encrypted by this cryptographic algorithm is over 25 years on a powerful server.

This cryptographic algorithm provides authentication. No one will be able to decrypt the ciphertext unless he or she is the legitimate owner of the message and has the key.

The key cannot be brute forced by attackers.

A

A computationally secure crypto algorithm cannot be broken with the current computer technology within a reasonable period of time. The expense of breaking it will exceed the value of the information protected by the crypto algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A one-way hash function takes a variable-length input string and generates an output string. What does this output string look like?

1 / 1 point

A fixed-length string

A random-sized string

A zero-length string

A variable-length string whose length is determined by the nature of the input string

A

A fixed-length string

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Given an encryption algorithm over the integer domain enc(plain, key) = plain - key with key being 20, please encrypt integer 100. What is the encryption result?

1 / 1 point

An integer, 80

An integer, 10020

An integer, 0xe0

A string, “10020”

A

An integer, 80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In the context of secure public-key cryptosystems where a public key and a private key are used for encryption and decryption, which statement about calculating keys is most accurate?

1 / 1 point

Calculating one key from the other key is impossible.

Calculating one key is easy when the other key is known.

Calculating the public key from a private key is easy, but calculating the private key from a public key is difficult.

Calculating the private key from a public key is possible, but calculating the public key from a private key is difficult.

A

Calculating one key from the other key is impossible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In secure asymmetric cryptosystems (or public-key crypto systems) with a private key and a public key, how is the encryption performed?

The encryption is performed using a private key.

The encryption is performed using two public keys but not the private key.

The encryption is performed using two private keys but not the public key.

The encryption is performed using both a private key and a public key.

A

The encryption is performed using a private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which statement regarding the security of specific hashing algorithms is most accurate?

1 / 1 point

MD4 is vulnerable to collision attacks and is no longer secure.

SHA1 is widely used and is still considered secure.

MD5 is widely used and is still considered secure.

SHA256 is vulnerable to collision attacks and is no longer secure.

A

MD4 is vulnerable to collision attacks and is no longer secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The predictability of random number sequences generated by a pseudo random number generator (PRNG) is related to its seed. Which seed is the most secure?

1 / 1 point

The output of another secure random number generator (e.g., byte sequences from /dev/random on Linux, or CryptGenRandom() on Windows)

An integer that is hard-coded in the program (e.g., 0xc0decafe)

The current time converted to an epoch timestamp (also known as Unix time, which is seconds passed since 00:00:00 UTC on Jan. 1st 1970)

A string that is hard-coded in the program (e.g., 0x61616161, converted from string “aaaa”)

A

The output of another secure random number generator (e.g., byte sequences from /dev/random on Linux, or CryptGenRandom() on Windows)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When a secure public-key crypto system is in use, which attack is impossible?

Power side-channel attacks

Brute forcing the private key

Timing side-channel attacks

Deriving the private key from a public key (e.g., factorizing N for RSA and recovering p and q)

A

Brute forcing the private key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which action is GnuPG incapable of doing?

Performing encryption

Signing documents

Sniffing network traffic

Performing decryption

A

Sniffing network traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Address Resolution Protocol (ARP) is a protocol used on Local Area Networks (LAN). What does it do?

ARP maps IP addresses to MAC addresses.

ARP maps domain names to IP addresses.

ARP maps machines to machines.

ARP maps services to ports.

A

ARP maps IP addresses to MAC addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Tcpdump is a tool for capturing traffic. Consider this command line:

tcpdump -i any -w dump.pcap

What do -i and -w mean in this command line?

1 / 1 point

  • i means specifying a network interface; -w means filtering expressions
  • i means specifying an interval of seconds between capturing; -w means filtering expressions
  • i means specifying a network interface; -w means writing captured traffic to a file
  • i means specifying an interval of seconds between capturing; -w means writing captured traffic to a file
A

-i means specifying a network interface; -w means writing captured traffic to a file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Question 15

ARP spoofing attacks may lead to traffic eavesdropping and hijacking on a Local Area Network (LAN). What is a proper defense against ARP spoofing attacks?

Using only switches for relaying traffic inside LAN

Configuring static ARP entries on routers and all hosts

Disabling all TCP traffic

Disabling all UDP traffic

A

Configuring static ARP entries on routers and all hosts

Correct! ARP spoofing attacks are caused by one or more malicious hosts sending incorrect ARP records to other hosts in the same Local Area Network (LAN). These incorrect ARP records will overwrite correct ARP entries on other hosts so that the malicious hosts will be able to redirect traffic to these hosts. Setting static ARP entries will prevent these entries from getting updated by ARP requests, which effectively defends against ARP spoofing attacks.

17
Q

Review Table A. What kind of table is Table A?

0 / 1 point

A gateway table

An ARP table

A routing table

A rainbow table

A

Routing Table

18
Q

Host 192.168.31.11 appears to be up.
Host 192.168.31.19 appears to be up.
Host 192.168.31.22 appears to be up.
Host 192.168.31.43 appears to be up.
Host 192.168.31.181 appears to be up.

Review Codeblock: Output. This is the output after running a command under Linux. What is the user most likely trying to do?

The user is trying to use ping to detect alive hosts.

The user is trying to use traceroute to detect an alive host and the liveness of all other hosts on the path to the target host.

The user is trying to use ls to detect alive hosts.

The user is trying to use nmap to detect alive hosts.

A

The user is trying to use nmap to detect alive hosts.

19
Q

In Smurf attack, an attacker sends a request to IP broadcast addresses and forces other hosts on the same network to send many responses to the victim host, causing denial-of-service on the victim host. Which protocol does the Smurf attack exploit?

1 / 1 point

CDN

DNS

UDP

ICMP

A

ICMP

20
Q

traceroute to www.wsj.com (99.84.230.52), 30 hops max, 60 byte packets
1 23.92.24.2 (23.92.24.2) 0.425 ms 0.702 ms 0.686 ms
2 173.230.159.64 (173.230.159.64) 0.306 ms 0.403 ms 0.390 ms
3 equinix02-sfo5.amazon.com (206.223.116.236) 2.405 ms 0.801 ms 2.351 ms
4 52.93.70.190 (52.93.70.190) 1.045 ms 2.109 ms 2.125 ms
5 52.93.237.11 (52.93.237.11) 8.085 ms 8.025 ms 7.989 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 server-99-84-230-52.sfo5.r.cloudfront.net (99.84.230.52) 0.752 ms 0.803 ms 0.764 ms

Codeblock: Traceroute Output

Review Codeblock: Traceroute Output. In this output, we observe that responses beyond the 5th hop are missing. Which explanation for this observation is definitely incorrect?

Hop 4 is an IPv6-only gateway and drops all IPv4 traffic.

Hop 5 (52.93.237.11) is filtering certain ICMP responses.

Hop 4 (52.93.70.190) is filtering certain ICMP responses.

Hop 4 is down.

A

Hop 4 is an IPv6-only gateway and drops all IPv4 traffic.

Correct! We know for sure that we can reject this explanation because, in the traceroute output, Hop 3 is an IPv4 node, not an IPv6 node. We can determine this because it has an IPv4 address (52.93.70.190).

21
Q

19: 37:31.305674 192.168.1.4.22620 > 192.168.1.3.3305: udp 0 (ttl 46, id 10251)
19: 37:31.305706 192.168.1.4.22620 > 192.168.1.3.3306: udp 0 (ttl 46, id 49903)
19: 37:31.305809 192.168.1.4.22620 > 192.168.1.3.3307: udp 0 (ttl 46, id 41210)
19: 37:31.305815 192.168.1.4.22620 > 192.168.1.3.3308: udp 0 (ttl 46, id 8622)
19: 37:31.305871 192.168.1.3 > 192.168.1.4: icmp: 192.168.1.3 udp port 3305 unreachable
19: 37:31.305875 192.168.1.3 > 192.168.1.4: icmp: 192.168.1.3 udp port 3307 unreachable

Codeblock: Output

Review Codeblock: Output. Which attack is most likely being performed?

ICMP port scanning

TCP port scanning

UDP denial-of-service attack

UDP port scanning

A

UDP port scanning

Correct! The output indicates that the host 192.168.1.100 is sending many UDP packets to another host 192.168.1.10, targeting a number of UDP ports (from port 134 to port 140). Thus, this is a UDP port scanning attack.

22
Q

Compared to IPv4, IPv6 is more secure. Which attack is no longer possible in IPv6?

IP spoofing

ARP spoofing

DNS hijacking

IP scanning

A

ARP spoofing

Correct! In IPv6, ARP is replaced by a new protocol called Neighbor Discovery Protocol (NDP). Therefore, ARP spoofing is no longer possible in IPv6.

23
Q

Which type of cryptographic algorithm is AES?

A public-key crypto system

A symmetric encryption algorithm

A hashing algorithm

An asymmetric encryption algorithm

A

A symmetric encryption algorithm

24
Q

Which action is GnuPG capable of doing?

Performing encryption

Scanning networks

Brute forcing passwords

Sniffing network traffic

A

Performing encryption

25
Q

What does it mean when a crypto algorithm is computationally secure?

Brute forcing the key will not work.

The crypto algorithm cannot be broken with current computer technology within a reasonable period of time.

No one will be able to decrypt an encrypted message unless he or she is the legitimate owner of the message and has the key.

The time required to break the cipher is over 25 years on a workstation.

A

The crypto algorithm cannot be broken with current computer technology within a reasonable period of time.

Correct! Encryption is computationally secure as long as it cannot be broken within a reasonable period of time (for example, if it takes a thousand years to break the encryption, this would be an impractical use of resources). As a result, the cost of breaking the encryption is definitely higher than the value of the encrypted information.

26
Q

Which two things does Address Resolution Protocol (ARP) map together?

ARP maps domain names to IP addresses.

ARP maps machines to machines.

ARP maps IP addresses to link-level addresses (e.g., MAC addresses).

ARP maps routers to hosts.

A

ARP maps IP addresses to link-level addresses (e.g., MAC addresses).

27
Q

There are certain network attacks that are (or were) popular for IPv4 networks, including ARP spoofing, IP scanning, IP spoofing, and Port scanning. Which of these attacks is no longer a threat in IPv6?

Port scanning

IP spoofing

ARP spoofing

IP scanning

A

ARP spoofing

28
Q

Question 9

Which hashing algorithm is still considered secure?

MD4

MD5

SHA1

SHA256

A

SHA256

29
Q

Which cryptographic algorithm is an asymmetric crypto algorithm?

SHA-1

AES

DES

RSA

A

RSA

30
Q

Host cisco-sales.ns.com (192.168.31.11) appears to be up.
Host sales1.ns.com (192.168.31.19) appears to be up.
Host sales4.ns.com (192.168.31.22) appears to be up.
Host sales2.ns.com (192.168.31.43) appears to be up.
Host sales3.ns.com (192.168.31.181) appears to be up.

Review Codeblock: Output. What kind of output is this?

nmap

ping

ls

traceroute

A

nmap

CSE543 - IA (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions