Oib Part3

50 Questions | By Anton.chelapko | Last updated: May 18, 2014 | Total Attempts: 70

Questions

Settings

Questions and Answers

1.

A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data in order to masquerade as one or more of the entities involved in a communication
- A.
  
  Man-in-the-middle attack
- B.
  
  A) Mandatory access control b) Intrusion detection system c) Meet-in-the-middle attack d) None of the statements a) Mandatory access control b) Intrusion detection system c) Meet-in-the-middle attack d) None of the statements Mandatory access control
- C.
  
  Intrusion detection system
- D.
  
  Meet-in-the-middle attack
- E.
  
  None of the statements
2.

To figure out the password by trying possible likely passwords from a list is called
- A.
  
  Password attack
- B.
  
  Brute force attack
- C.
  
  Word list attack
- D.
  
  Dictionary attack
- E.
  
  Keystroke attack
3.

To figure out the password by trying every possible keystroke combination is called
- A.
  
  Password attack
- B.
  
  Word list attack
- C.
  
  Keystroke attack
- D.
  
  Dictionary attack
- E.
  
  Brute force attack
4.

Suppose that your plaintext is 228 bytes long and you are using RC4, how many bytes are needed for padding
- A.
  
  RC4 does not need padding
- B.
  
  Depends on the size of the block
- C.
  
  4
- D.
  
  8
- E.
  
  6
5.

The algorithm developed by Feistel at IBM in the early 1970s and later adopted as a U.S. Federal Information Processing Standard for encrypting unclassified information is known as
- A.
  
  Digital Cipher Standard
- B.
  
  Digital Encryption Standard
- C.
  
  Data Encryption Standard
- D.
  
  Digital Cryptography Standard
- E.
  
  Data Cryptography Standard
6.

Indicate the definition for Revocation
- A.
  
  Providing an entity with the legal right to use or transfer a resource to others
- B.
  
  Concealing the identity of an entity involved in some process
- C.
  
  Acknowledgement that services have been provided
- D.
  
  Retraction of certification or authorisation
- E.
  
  Preventing the denial of previous commitments or actions
7.

Encrypt the message MUSTSE with the key "largest" using the Playfair cipher
8.

In Feistel Cipher an iterated cipher with an internal function called a ___________ functio
- A.
  
  Floor
- B.
  
  Scheme
- C.
  
  Round
- D.
  
  Ceil
- E.
  
  Iteration
9.

Indicate the definition for Witnessing
- A.
  
  Providing an entity with the legal right to use or transfer a resource to others
- B.
  
  Verifying the creation or existence of information by an entity other than the creator
- C.
  
  Acknowledgement that services have been provided
- D.
  
  Acknowledgement that information has been received
- E.
  
  Concealing the identity of an entity involved in some process
10.

The word “asymmetric” in public-key cryptography means
- A.
  
  The key to encrypt is different from the key to decrypt
- B.
  
  The key to encrypt is the same with the key to decrypt
- C.
  
  The algorithm to encrypt is the same with the algorithm to decrypt
- D.
  
  None of the listed answers
- E.
  
  The algorithm to encrypt is different from the algorithm to decrypt
11.

In cryptography, the original message before encryption is called
- A.
  
  Plaintext
- B.
  
  Ciphertext
- C.
  
  Cleartext
- D.
  
  Originaltext
- E.
  
  Messagetext
12.

A general cipher design principle, not a specific cipher used by most block ciphers
- A.
  
  AES
- B.
  
  RC4
- C.
  
  DES
- D.
  
  Feistel Cipher
- E.
  
  A5/1
13.

Indicate the definition for Non-repudiation
- A.
  
  Retraction of certification or authorisation
- B.
  
  Concealing the identity of an entity involved in some process
- C.
  
  Preventing the denial of previous commitments or actions
- D.
  
  Providing an entity with the legal right to use or transfer a resource to others
- E.
  
  Acknowledgement that services have been provided
14.

How many possible keys does the Playfair cipher have? Ignore the fact that some keys might produce identical encryption results
- A.
  
  25
- B.
  
  26
- C.
  
  26!
- D.
  
  625
- E.
  
  25!
15.

Why is it that the one-time pad can only be used once
- A.
  
  All of the statements
- B.
  
  If two messages encrypted with the same “one-time” pad key the probability of leaking the key is high
- C.
  
  If two messages encrypted with the same “one-time” pad key and when two different ciphertexts XORed with each other the key disappears
- D.
  
  If two messages encrypted with the same “one-time” pad key and when two different ciphertexts XORed with each other the plaintext disappears
- E.
  
  Two messages encrypted with the same “one-time” pad key the produced ciphertext always will be the same
16.

Set of tools for generating new viruses automatically is known as a( n ) _____________
- A.
  
  Exploits
- B.
  
  Flooders
- C.
  
  Kit (virus generator)
- D.
  
  Auto-rooter
- E.
  
  Downloaders
17.

Which of the followings are drawbacks of OTP
- A.
  
  OTP is highly secure algorithm
- B.
  
  Pad must be securely transmitted to the recipient before the ciphertext can be decrypted.
- C.
  
  A pad (key) consisting of a randomly selected string of bits that is the same length as the message.
- D.
  
  The pad (key) is the same length as the message
- E.
  
  Or modern high data-rate systems, a one-time pad cipher is totally impractical
18.

Which malicious program Captures keystrokes on a compromised system
- A.
  
  Zombie
- B.
  
  Trojan horse
- C.
  
  Spammer
- D.
  
  Keylogger
- E.
  
  Rootkit
19.

Code specific to a single vulnerability or set of vulnerabilities is known as a( n ) _____________
- A.
  
  Kit (virus generator)
- B.
  
  Exploits
- C.
  
  Downloaders
- D.
  
  Flooders
- E.
  
  Auto-rooter
20.

Which software prevents Trojan horses from entering the system through back door
- A.
  
  Virus
- B.
  
  Trapdoor
- C.
  
  Firewall
- D.
  
  Cache
- E.
  
  Worm
21.

A secret data value, usually a character string, that is used as authentication information
- A.
  
  Plaintext
- B.
  
  Public key
- C.
  
  Password
- D.
  
  Secret key
- E.
  
  Private key
22.

Which of the following statement is NOT TRUE
- A.
  
  Any password the brute force attack tries, the dictionary attack also tries
- B.
  
  The dictionary attack tries fewer passwords than does the brute force attack
- C.
  
  The dictionary attack is faster than the brute force attack
- D.
  
  The brute-force attack tries many additional passwords that the dictionary attack does not
- E.
  
  A hacker probably start with a dictionary attack and if that fails, move on to a modified brute force attack
23.

Which of the following are examples of the host independent malicious programs
- A.
  
  Trap door
- B.
  
  Logic Bombs
- C.
  
  Zombie
- D.
  
  Worm
- E.
  
  Trojan Horses
24.

Which of the following statement is NOT TRUE regarding key recovery via threshold schemes
- A.
  
  If one of the trustees leaves the company, the secret is still safe, and there’s no need to restart the key recovery process from the beginning
- B.
  
  If one trustee leaves the company, his or her share becomes invalid
- C.
  
  No one person can recover keys; it takes a group acting together
- D.
  
  If one of the trustees is unavailable, it’s still possible to perform the operation
- E.
  
  The threshold scheme has many advantages over other key recovery programs
25.

Which of these is NOT a recommended guideline for a good password
- A.
  
  Avoid using personal information
- B.
  
  Avoid using actual words
- C.
  
  Memorise it
- D.
  
  Do not write it down
- E.
  
  Store the password in a safe place