IS5403 Week 3 All Quizezz

Simulation Lab 1 Answers :

1) Encryption

2) Cipher

3) Either of  these

4) All of these

Simulation Lab 2 Answers :

1) 5 and 3

2) 3

3) D

4) A

5) D and N

Simulation Lab 3 Answer : 

1)  All of these

2) Online Certificate Status Protocol (OCSP)

3) Secure Shell (SSH)

4) Key escrow

5)  2048-bit RSA

3

Question

Which of the following statements are true for application whitelisting and blacklisting? [Choose all that apply]

Application blacklisting and whitelisting is always applied at the domain level

Software Restriction Policy for restricting applications applies only to an individual user and not to a group of users

If an application or a specific path that contains the executables is blacklisted, then all executables within the defined path are blacklisted

An administrator can blacklist or whitelist applications that the users can run using Software Restriction Policies

Correct

 

3 of 8

4

Question

Which mobile device management method allows the employee to purchase a mobile device, but the organization has complete control over the device?

Corporate-Owned, Business Only (COBO)

Bring Your Own Device (BYOD)

Choose Your Own Device (CYOD)

Corporate-Owned, Personally Enabled (COPE)

Correct

 

4 of 8

5

Question

To prevent the spread of an attack, which of the following methods of isolation can be used? [Choose all that apply]

Isolate the users

Isolate the attacker

Isolate the network

Isolate the affected systems

Correct

 

5 of 8

6

Question

When implementing segmentation as a proactive measure, which of the following types of segments exist on a network? [Choose all that apply]

Datacenter

Guests

Demilitarized Zone (DMZ)

Users

Correct

 

6 of 8

7

Question

If two segments need to talk to each other in a segmented network, which of the following is required?

WAF

Firewall

IDS

Router

Correct

3

Question

How many keys are required in asymmetric encryption?

3

1

2

Depends on the algorithm

Correct

 

3 of 8

4

Question

What is the key length of the Data Encryption Standard (DES) algorithm?

56-bit

128-bit

168-bit

256-bit

Correct

 

4 of 8

5

Question

In asymmetric key encryption, what is the next step when a client initiates a session with a web server that is configured with a certificate?

The client takes the public key from the certificate

The web server decrypts the asymmetric key

The client shares the encrypted key

The web server sends a certificate to the web browser

Correct

 

5 of 8

6

Question

What is the minimum key size in Elliptical Curve Cryptography (ECC)?

256-bits

160-bits

384-bits

521-bits

224-bits

Correct

 

6 of 8

7

Question

Which of the following algorithms are examples of lightweight cryptography? [Choose all that apply]

TWINE

OTR

RSA

ECC

Correct

3

Question

Which of the following method of threat hunting includes disrupt, deny, destroy, and degrade actions?

Maneuvering

Threat Feeds

Intelligence Fusion

Security Advisory

Correct

 

3 of 8

4

Question

Which of the following is a condition that is shown as a result when it does not exist?

Negative Negative

True Positive

False Positive

False Negative

Correct

 

4 of 8

5

Question

Which of the following is used for continuous monitoring of logs?

Security information and event management (SIEM)

Firewall

User Behavior Analysis (UBA)

Intrusion Detection Systems (IDS)

Correct

 

5 of 8

6

Question

Which of the following is achieved by Security Orchestration, Automation, Response (SOAR)?

Confidentiality

Integrity

Availability

Automation

Correct

 

6 of 8

7

Question

Which of the following type of vulnerability scan can also attempt to exploit the vulnerabilities?

Non-intrusive

Intrusive

Credentialed

Non-credentialed

Correct

7

Question

Which of the following entity in the certificate authority (CA) hierarchy validates the certificate request from a client?

Root CA

Registration Authority (RA)

Intermediate CA

Leaf CA

Correct

 

7 of 12

8

Question

Before a user requests a certificate from a CA, which of the following tasks must be completed?

Sign the Certificate Signing Request (CSR) with a public key

Embed the public key into the certificate

Complete the information for CSR

Generate private and public keys

Correct

 

8 of 12

9

Question

Which of the following certificates should you use with a Web server for testing purposes?

Code Signing

Self-Signed

Wildcard

Subject Alternative Name (SAN)

Correct

 

9 of 12

10

Question

Which type of certificate file format contains private and public keys and is protected by a password?

Personal information exchange (PFX)

Privacy enhanced mail (PEM)

P12

.cer

Correct

 

10 of 12

11

Question

A root CA should always be kept online. [TRUE/FALSE]

TRUE

FALSE

Correct

Plaintext is the message or data in its natural format and in readable form.

Hardware-based encryption uses a device with a processor designed specifically to authenticate users and encrypt data.

Algorithms are mathematical functions that are used in the encryption and encryption processes. They can be quite simple or extremely complex

Ciphertext is the altered form of a plaintext message so as to abe unreadble for anyone except the intended recipients.

HTTPS is a protocol that secures communication and data transfer between a user's web browser and a website.

Asymmetric cryptography is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use

SSL is a standard security technology for establishing an encrypted link between a server and a client-typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook). It is also known as TLS , which is the successor technology of SSL.

Encryption is the process and act of converting the message from its plaintext to ciphertext.

Software-based encryption refers to programs that use a computer's processing power to encrypt data.

Public key infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates.

Decryption is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and key (cryptovariable) that was used to do the original encryption

Symmetric encryption is a type of encryption where only one key (a secret key) is used to both encrypt and decrypt electronic data. The entities communicating via symmetric encryption must exchange the key so that it can be used in the decryption process.

Which of the following hides the existence of information?

a. Encryption

b. Decryption

c. Ciphering

d. Steganography

Hide Feedback

Correct

Cryptography can prevent an individual from fraudulently reneging on an action. What is this known as?

a. Obfuscation

b. Integrity

c. Nonrepudiation

d. Repudiation

Hide Feedback

Correct

Brielle is researching substitution ciphers. She came across a cipher in which the entire alphabet was rotated 13 steps. What type of cipher is this?

a. XOR

b. XAND13

c. Alphabetic

d. ROT13

Hide Feedback

Correct

Which of the following is FALSE about "security through obscurity"?

a. It attempts to hide the existence from outsiders.

b. Proprietary cryptographic algorithms are an example.

c. It is essentially impossible.

d. It can only provide limited security.

Hide Feedback

Correct

What is low latency?

a. The time between when a byte is input into a cryptographic cipher and when the output is obtained.

b. The requirements for an IoT device that is using a specific network.

c. A low-power source requirement of a sensor.

d. The delay between when a substitution cipher decrypts the first block and when it finishes with the last block.

Hide Feedback

Correct

What are public key systems that generate different random public keys for each session?

a. perfect forward secrecy

b. Elliptic Curve Diffie-Hellman (ECDH)

c. Public Key Exchange (PKE)

d. Diffie-Hellman (DH)

Hide Feedback

Correct

What is data called that is to be encrypted by inputting it into a cryptographic algorithm?

a. Plaintext

b. Ciphertext

c. Byte-text

d. Cleartext

Hide Feedback

Correct

Which of these is NOT a basic security protection for information that cryptography can provide?

a. Risk

b. Integrity

c. Confidentiality

d. Authenticity

Hide Feedback

Correct

Cicero is researching hash algorithms. Which algorithm would produce the longest and most secure digest?

a. MD5

b. SHA6-6

c. SHA3-512

d. SHA-256

Hide Feedback

Correct

Which of the following is NOT a symmetric cryptographic algorithm?

a. SHA

b. 3DES

c. DES

d. Blowfish

Hide Feedback

Correct

Which of the following is not to be decrypted but is only used for comparison purposes?

a. Key

b. Algorithm

c. Digest

d. Stream

Hide Feedback

Correct

• Check My Work

Which of these is NOT a characteristic of a secure hash algorithm?

a. A message cannot be produced from a predefined hash.

b. Collisions should occur no more than 15 percent of the time.

c. The hash should always be the same fixed size.

d. The results of a hash function should not be reversed.

Hide Feedback

Correct

Deo has been asked to explain RSA to his colleague. After his explanation, Deo is asked what, if any, weaknesses RSA has. How would Deo respond?

a. RSA has no known weaknesses.

b. The digest produced by the RSA algorithm is too short to be secure.

c. RSA weaknesses are based on ECC.

d. As computers become more powerful, the ability to compute factoring has increased.

Hide Feedback

Correct

Which of these is the strongest symmetric cryptographic algorithm?

a. Triple Data Encryption Standard

b. Data Encryption Standard

c. Advanced Encryption Standard

d. RC1

Hide Feedback

Correct

If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message?

a. Bob's private key

b. Alice's private key

c. Alice's public key

d. Bob's public key

Hide Feedback

Correct

Egor wanted to use a digital signature. Which of the following benefits will the digital signature NOT provide?

a. Verify the receiver

b. Verify the sender

c. Prove the integrity of the message

d. Enforce nonrepudiation

Hide Feedback

Correct

Basil was reading about a new attack that forces the system to abandon a higher cryptographic security mode of operation and instead fall back to an older and less secure mode. What type of attack is this?

a. Deprecation attack

b. Downgrade attack

c. Pullback attack

d. Obfuscation attack

Hide Feedback

Correct

What is a collision?

a. Two algorithms have the same key.

b. Two files produce the same digest.

c. Two ciphertexts have the same length.

d. Two keys are the same length.

Hide Feedback

Correct

Which of the following is NOT a characteristic of the Trusted Platform Module (TPM)?

a. It includes a pseudorandom number generator (PRNG).

b. It can easily be transported to another computer.

c. It provides cryptographic services in hardware instead of software.

d. It can generate asymmetric cryptographic public and private keys.

Hide Feedback

Correct

Which of these provides cryptographic services and is external to the device?

a. Hardware Security Module (HSM)

b. encrypted hardware-based USB devices

c. self-encrypting hard disk drives (SED)

d. Trusted Platform Module (TPM)

Hide Feedback

Correct

Which is an IPsec protocol that authenticates that packets received were sent from the source?

a. DER

b. PXP

c. CER

d. AH

Hide Feedback

Correct

What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection?

a. CTR

b. Certificate attributes

c. PFX

d. Electronic Code Book (ECB) repositories

Hide Feedback

Correct

What entity calls in crypto modules to perform cryptographic tasks?

a. Intermediate CA

b. Certificate Authority (CA)

c. OCSP

d. Crypto service provider

Hide Feedback

Correct

_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.

a. Digital certificates

b. Digital digests

c. Encrypted signatures

d. Session keys

Hide Feedback

Correct

What is the name of the device protected by a digital certificate?

a. TLXS

b. CN

c. V2X2

d. RCR

Hide Feedback

Correct

What is the strongest technology that would assure Alice that Bob is the sender of a message?

a. Digest

b. Digital signature

c. Digital certificate

d. Encrypted signature

Hide Feedback

Correct

Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say?

a. A private key with a digital signature

b. The user's symmetric key with the public key

c. The user's identity with their public key

d. The user's public key with their private key

Hide Feedback

Correct

Which of the following can a digital certificate NOT be used for?

a. To encrypt channels to provide secure communication between clients and servers

b. To verify the authenticity of the CA

c. To encrypt messages for secure email communications

d. To verify the identity of clients and servers on the Web

Hide Feedback

Correct

Who verifies the authenticity of a CSR?

a. Certificate authority

b. Certificate signatory

c. Signature authority

d. Registration authority

Hide Feedback

Correct

A centralized directory of digital certificates is called a(n) _____.

a. Authorized digital signature (ADS)

b. Digital signature approval List (DSAP)

c. Certificate repository (CR)

d. Digital signature permitted authorization (DSPA)

Hide Feedback

Correct

Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use?

a. Real-Time CA Verification (RTCAV)

b. Certificate Revocation List (CRL)

c. Online Certificate Status Protocol (OCSP)

d. Staple

Hide Feedback

Correct

What is the purpose of certificate chaining?

a. To lookup the name of intermediate RA

b. To group and verify digital certificates

c. To hash the private key

d. To ensure that a web browser has the latest root certificate updates

Hide Feedback

Correct

Which of the following is NOT a means by which a newly approved root digital certificate is distributed?

a. Pinning

b. OS updates

c. Web browser updates

d. Application updates

Hide Feedback

Correct

Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged?

a. CD

b. CN

c. CTR

d. CXL

Hide Feedback

Correct

Which is the first step in a key exchange?

a. The web browser sends a message ("ClientHello") to the server.

b. The web server sends a message ("ServerHello") to the client.

c. The web browser verifies the server certificate.

d. The browser generates a random value ("pre-master secret").

Hide Feedback

Correct

• Check My Work

What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption?

a. .P7B

b. .cer

c. .P12

d. .xdr

Hide Feedback

Correct

Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need?

a. Extended validation

b. Website validation

c. Root

d. Domain validation

Hide Feedback

Correct

How is confidentiality achieved through IPsec?

a. ISAKMP

b. ESP

c. AuthX

d. AHA

Hide Feedback

Correct

Which refers to a situation in which keys are managed by a third party, such as a trusted CA?

a. Key escrow

b. Remote key administration

c. Trusted key authority

d. Key authorization

Hide Feedback

Correct

Which is a protocol for securely accessing a remote computer in order to issue a command?

a. Secure Hypertext Transport Protocol (SHTTP)

b. Transport Layer Security (TLS)

c. Secure Sockets Layer (SSL)

d. Secure Shell (SSH)

Hide Feedback

Correct