Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
45 Cards in this Set
- Front
- Back
|
the iso osi refrence model is a theoretics tool for describing connections between systems the most common implementation of a layered architecture for such communication is a suite protocols known by the acronym ___________. |
tcp/ip |
|
|
an opponent obtains a copy of a legitimate message as it is transmitted over a network link and inserts the copy into the system, so that both the orignal and the copy are delivered. this is an example of __________. |
replay attack |
|
|
even if an opponent cannot read the content of messages he may be able to deduce the likley content from observable characteristics. this technique is known as |
Traffic analysis. |
|
|
analysis showed that double DES does not reduce to a single stage so it is much less vulnerable than single DES to brute force attack . however it is vulnerable to a/an |
meet in the middle attack. |
|
|
when two different messages generate the same hash value (or the same Mac value for the same key) the result is called a __________ |
collision |
|
|
according to the definition in class, a threat requires an impending action by a person with hostile intent. true or false? |
false |
|
|
in typical usage the algorithim used to encrypt a message is known only to the encrypter and the decrypter . true or false |
false |
|
|
The Boolean exclusive or (xor) operator returns 1(Which is usually interpreted as tr when both inputs to it are the same true or false ? |
false. |
|
|
The sender of a message creates a message authentication code (MAC) fo rit using m generation function based on AES encryption. To authenticate the message the recipient must use a MAC verification function on AES decryption . |
false |
|
|
A threat that does not involve some non -trivial change to a system is known as a _______ threat. |
passive |
|
|
Selection, design, and implementation of security mechanisms is _______ before an organizationdevelops an information security policy |
pointless |
|
|
For which of the following moduli are the values 2 and 7 congruent? Inother words: |
2=7(mod 5) |
|
|
The modular multiplication property shows that (a - Jb) mod n = e |
[(a mod n) - (b mod n)]mod n nclude_H͟ |
|
|
Each cycle of symmetric decryption uses the inverse operations ofthose used in encryption, in the reverse order, with nb |
the same key as used in encryption mb |
|
|
When using symmetric cryptography, the major challenge for the users isb |
sharing the key b |
|
|
The DES algorithm is an example of a Feistel cipher. Which of the following statements about the Feistel design is true? |
The same algorithm is used for both encryption and decryptionnsb |
|
|
In the simplest mode of operation for symmetric block ciphers theplaintext is encrypted with a key and ciphertext is decrypted with the samekey. This is known 1803b |
as electronic codebook key ab |
|
|
a message authentication code (MAC) sent with a message does not provide the service of non-repudiation because ______ |
they use secret keysmenb |
|
|
Which of the following is the direct outcome of successful use of theprotocol named for Whitfield Diffie and Martin Hellman? ( |
Agreement on a data value,Decryption of a message and Encryption of a message 8C( |
|
|
Which of the following information security services is/areprovided when a recipient successfully verifies a digital signatureaccompanying a received message? >( |
non repudiation ,integrity, orgin, |
|
|
The discrete logarithm problem refers to the impracticality of 7( |
of reversing modular exponentiation for large numbers tabs":( |
|
|
Cipher Block Chaining (CBC) is the mode of operation typically used forgeneral-purpose encryption/decryption. What is the most important distinctionbetween CBC and Electronic Codebook (ECB) mode that makes CBC the appropriatechoice here ? tabs":(FH{"back_s+ |
dont know |
|
|
Cipher Block Chaining (CBC) is the mode of operation typically used forgeneral-purpose encryption/decryption. What is the most important distinctionbetween CBC and Electronic Codebook (ECB) mode that makes CBC the appropriatechoice here ? tabs":(FH{"back_s+ |
dont know |
|
|
SHA-1 (the revised version of the original Secure Hash Algorithm)generates a 160-bit output value from an input bit sequence that is between 0and 2 -1 bits in length. Assuming a uniform distribution of output values theprobability of two different messages coincidentally having the same SHA-1 hashvalue is .chԛ |
dont know |
|
|
RSA encryption may be expressed as C= Me mod n. RSA decryption may beexpressed asmpor( |
M= C^d mod n |
|
|
a particular binary boolean operator return 0 (or FALSE) if its two inputs are the same, and returns I( or true) if they are different. this operator is known as |
Xor |
|
|
in some modes of operation for symetric block ciphers a result from one cycle is used in the following cycle. in the first cycle there is no previous value so a special data value must be shared by the encypter and the decrypter ( in addition to the shared key). this special data value is known as___________________. |
dont know. !! |
|
|
the strength of several asymettric cyrptographic schemes is based on the fact that is easy to calculate expotentials in a modular system, but it is impractical to reverse those calculations for large value. this is known as the __________________________ problem . |
exchange destrict logrithim. |
|
|
traffic (flow) analysis may allow an opponent to violate the confidentiality of an encrypted message even if he opponent is never able to decrypt the cipher text. true or false? |
true |
|
|
by deffinition an asymetric encryption scheme is more then a sysmettric encryption scheme with the same key length and the same amount of computational effort. |
false |
|
|
the sender of a mesasge creates a message authetication code (MAC) for it using a mac generation fuction based on AES encryption. to authenticate the message the recipeint must use a MAC verfication fuction based on AES decryption. |
false |
|
|
A threat that if its eventuated would involve a non-trivial change to an information system is known as a/an _______ threat |
active |
|
|
which of the values shown below is congurent modulo 10 to the value 2? ("modulo 10" means " with respect to the modulus value 10") |
12, 22 |
|
|
the modular property shows that (axb) mod n = |
[ (a mod n) x (b mod n)] mod n |
|
|
A brute force attack is against double DES was considered infeasible, but a ____ attack was considered feasible |
meet-in -the middle |
|
|
a good encryption alagortihim will produce cipher text that is apparentley unrelated to the plaintext to anyone who does not know the key. such ciphertext is commonly described as |
psuedo-random. |
|
|
public key of an enitity is commonly communicated to other entity in a data structure known as |
certificate |
|
|
which of the following is the direct outcome succesfull use of the protocol named for whitefield diffie and martin heelman? |
dont know this one a. agrremtn on a data value b. assurance that a message is correct c. decryption of a message d. deterrence against false claims e. encryption of a mesage. |
|
|
which of the following information security services is/are provided when a recipeint succesfully verfies a digitial signature accompnaying a received message? |
non repudiation , authentication of orgin , authentication of integrity. |
|
|
electronic codebook mode is used to provide the service of confidentiality but only for every short messages with unpredictable content because. |
a perticular plaintext block value always produces the same ciphertect block value. |
|
|
rsa encyption may be expressed as c= m^e mod n. rsa decryption may be expressed as |
m=c^d mod n |
|
|
birefley explain one (1) information security service that is provided by appropriate use of a hash function . be sure to explain why appropriate usage of the hash fuction provides that information security service. |
auhentication of the intergrety of a hash value directly provides authentication at the person message this will insure that the message has not been altered, by comparing H(m1)=H(M2). |
|
|
user a wants to encrypt a message using a symetric encryption algortithim so that user b can decrypt it when received. user A will generate a " session key " for this encryption . briefly explain how user will communicate the seesion key to userB over the Network it is not practical to a deliver the key person -to-person. |
different hellious method can be used user a and b will agree on a psuedacode . random numbers to generate a private key that will be used to calculate a public key. they will share these public keys and get the same k value which b shared as the secret key and caluclate a k value. |
|
|
user a will generate a message and a digital signature for that message and send both to user b. briefley explain which key/s will be used to generate the digital signature. to verify the digital signature , and how each user will obtain the key/s used by that user. |
answer it |
|
|
user a and user b exchange messages over an information system. user c is an attacker. briefley explain what userc must do to succesfully complete a man- in - the - middle attack. against the communication between user A and user B. |
answwer it !! |
