Recent Question

Data Encryption Standard 1. Two parties, Party A and Party B, regularly exchange messages using public key cryptography. One party, Party A, believes that its private encryption key has been compromised. What action should Party B take? a. Request a new public key from Party A. b. Request a new private key from Party A. c. Send a new public key to Party A. d. Send a new private key to Party A. 2. The Advanced Encryption Sta ...

Other / Other 21 Mar 2016

electronic codebook (ECB) cipher 1. In modulo arithmetic, when A – B < 0, then: a. 26 is subtracted from the result b. 100 is added to the result c. 26 is added to the result d. 32 is added to the result 2. A computer user is listening to an audio broadcast on the Internet through an SSL VPN. The type of encryption cipher used in this case is: a. Block cipher b. Stream cipher c. Running key cipher d. Vernam cipher ...

Other / Other 21 Mar 2016

the ciphertext converted back into plaintext 1. Two parties, Party A and Party B, regularly exchange messages using public key cryptography. One party, Party A, believes that its private encryption key has been compromised. What action should Party B take? a. Request a new public key from Party A. b. Request a new private key from Party A. c. Send a new public key to Party A. d. Send a new private key to Party A. 2. The Adva ...

Other / Other 21 Mar 2016

the best defense against social engineering 1. Buffer overflow, SQL injection, and stack smashing are examples of: a. Vulnerabilities b. Exploits c. Input attacks d. Injection attacks 2. An organization is surplussing its old desktop computers. Being concerned with data remanence, what measures should the organization take first? a. Erase the hard drives b. Format the hard drives c. Activate its TEMPEST shielding d. Cle ...

Other / Other 21 Mar 2016

most effective countermeasures against input attacks 1. A system administrator needs to harden a server. The most effective approach is: a. Install security patches and install a firewall b. Remove unneeded services, remove unneeded accounts, and configure a firewall c. Remove unneeded services, disable unused ports, and remove unneeded accounts d. Install security patches and remove unneeded services 2. The most effectiv ...

Other / Other 21 Mar 2016

disadvantage of the use of digital certificates 1. One disadvantage of the use of digital certificates as a means for twofactor authentication is NOT: a. Digital certificates may not be portable across different types of machines b. The password used to unlock the certificate may be weak and easily guessed c. It may be possible to steal the certificate and use it on another computer d. A digital certificate can theoretically be co ...

Other / Other 21 Mar 2016

most effective countermeasure against script injection attacks 1. A user, Bill, has posted a link on a web site that causes unsuspecting users to transfer money to Bill if they click the link. The link will only work for users who happen to be authenticated to the bank that is the target of the link. This is known as: a. Cross site request forgery b. Cross-site scripting c. Broken authentication d. Replay attack 2. What is ...

Other / Other 21 Mar 2016

Authentication, encryption, and ACLs 1. Which of the following is NOT an authentication protocol: a. Lightweight Directory Authentication Protocol b. Diameter c. RADIUS d. Lightweight Directory Access Protocol 2. An intruder wishes to break in to an application in order to steal information stored there. Because the application utilizes strong authentication, what is the most likely approach the intruder will take? a. Dictionar ...

Other / Other 21 Mar 2016

use of retina scanning as a biometric authentication method 1. The use of retina scanning as a biometric authentication method has not gained favor because: a. It is inconvenient to use retina scanning in a darkened room b. Many users cannot hold their eye open long enough for a scan to complete c. Users are uncomfortable holding their eye very near the biometric scanning device d. The human retina changes significantly over ...

Other / Other 21 Mar 2016

the primary reason for storing a hash of the password 1. An information system that processes sensitive information is configured to require a valid userid and strong password from any user. This process of accepting and validating this information is known as: a. Authentication b. Strong authentication c. Two-factor authentication d. Single sign-on 2. The reason that two-factor authentication is preferable over ordinary a ...

Other / Other 21 Mar 2016