CNT4406 Network Security and Cryptography Midterm/Final, Exams of Cryptography and System Security

CNT4406 Network Security and Cryptography Midterm/Final Exam Study Guide Questions with Solutions 2024.

Typology: Exams

2023/2024

Available from 01/10/2024

ExamPage
ExamPage 🇺🇸

4

(20)

3.9K documents

1 / 11

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CNT4406 Network Security and Cryptography Midterm/Final Exam
CNT4406 Network Security
and Cryptography
Midterm/Final Exam Study
Guide Questions with
Solutions 2024.
In the context of a PKI, a(n) ___________ authority operates under the trusted
collaboration of the certificate authority and can be delegated day-to-day
certification functions, such as verifying information about new registrants,
generating end-user keys, revoking certificates, and validating that users possess a
valid certificate. - Answer: registration
The CA periodically distributes a(n) ___________ to all users that identifies all
revoked certificates. - Answer: CRL
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download CNT4406 Network Security and Cryptography Midterm/Final and more Exams Cryptography and System Security in PDF only on Docsity!

CNT4406 Network Security

and Cryptography

Midterm/Final Exam Study

Guide Questions with

Solutions 2024.

In the context of a PKI, a(n) ___________ authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying information about new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate. - Answer: registration The CA periodically distributes a(n) ___________ to all users that identifies all revoked certificates. - Answer: CRL

A(n) ___________ or cryptosystem is an encryption method or process encompassing the algorithm, key(s) or crypto variable(s), and procedures used to perform encryption and decryption. - Answer: cipher A ______________ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext. - Answer: key _____________ is the process of converting an original message into a form that is unreadable to unauthorized individuals. - Answer: Encryption The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption is called ______________. - Answer: cryptanalysis A method of encryption that requires the same secret key to encipher and decipher the message is known as ___________ encryption. - Answer: symmetric _____________ is the entire range of values that can possibly be used to construct an individual key. - Answer: Keyspace The ________________ cipher simply rearranges the values within a block to create the ciphertext. - Answer: transposition/permutation

Digital ____________________ are encrypted messages that can be mathematically proven to be authentic. - Answer: signatures The successor to 3DES is the ____________________ Encryption Standard. - Answer: Advanced _________________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet. - Answer: IPSec _____________ was developed by Phil Zimmerman and uses the IDEA cipher for message encoding. - Answer: PGP The science of encryption is known as ____________________. - Answer: cryptology The process of hiding messages within the digital encoding of a picture or graphic is called ______________. - Answer: steganography Data encrypted with the server's public key can be decrypted with which key? - Answer: The server's private key _______________ is the process of making and using codes to secure the transmission of information. - Answer: Cryptography

A ______________ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. - Answer: MAC In IPSec _______________ mode, only the IP data is encrypted, not the IP headers. - Answer: transport Originally released as freeware, ____________________ is a hybrid cryptosystem that combines some of the best available cryptographic algorithms as an open- source de facto standard for encryption and authentication of e-mail and file storage. - Answer: PGP/Pretty Good Privacy ________________ are encrypted message components that can be mathematically proven to be authentic. - Answer: Digital signatures How many keys are needed for symmetric key encryption? - Answer: 1 Bit stream methods commonly use algorithm functions like the exclusive OR operation (___________). - Answer: XOR The encapsulating security _______________ protocol provides secrecy for the contents of networks communications as well as system-to-system authentication and data integrity verification. - Answer: payload

The ________________ operation is a function of Boolean algebra in which two bits are compared, and if the two bits are identical, the results are a binary 0. - Answer: XOR/exclusive OR One of the most widely known cryptographic algorithms is the ________________, which was developed by IBM and is based on the company's Lucifer algorithm. - Answer: DES/Data Encryption Standard DES uses a(n) ______________-bit block size. - Answer: 64 To use a(n) ____________ cipher, you substitute one value for another. - Answer: substituition Hashing functions do not require the use of keys, but it is possible to attach a _______________ code to allow only specified recipients to access the message digest. - Answer: message authentication Using a database of precomputed hashes from sequentially calculated passwords called a(n) _______________, an attacker can simply look up a hashed password and read out the text version. - Answer: rainbow table Digital signatures should be created using processes and products that are based on the ______________. - Answer: DSS

More advanced substitution ciphers use two or more alphabets, and are referred to as _______________ substitutions. - Answer: polyalphabetic The ________________ protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication. - Answer: AH __________ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown. - Answer: Work factor In PKI, the CA periodically distributes a(n) _______________ to all users the identifies all revoked certificates. - Answer: CRL A(n) _________________ substitution uses one alphabet. - Answer: monoalphabetic A message ________________ is a fingerprint of the author's message that is compared with the recipient's locally calculated hash of the same message. - Answer: digest In a ______________ attack, the attacker eavesdrops during the victim's session and uses statistical analysis of patterns and inter-keystroke to discern sensitive session information. - Answer: timing

One of the obvious ideas is to store the secret on the hard drive in the computer or on some other permanent storage medium even if the computer is not kept secure. - Answer: False The purpose of having a PKI is to allow Alice and Bob to generate a shared secret key, which they use to create a secure channel, which they in turn use to communicate securely with each other. - Answer: True Whenever you are planning a PKI, you have to think about who is authorized to issue the certificates. - Answer: True One of the easiest problems to solve in a PKI is revocation, and where sometimes a certificate has to be withdrawn. - Answer: False The PKI's main purpose is to tie a credential to the key. - Answer: True If the trusted party says the certificate is valid, Alice knows that the certificate has to be revoked. - Answer: False The PKI ties keys to names, but most systems are not interested in the name of the person. - Answer: True A universal PKI is very tempting because trust is really the area where it succeeds.

  • Answer: False

A much better solution is generally to directly tie the permissions to the key, using the PKI. - Answer: True