Question #1 (1 point)
Character frequency analysis is an example of a ciphertext-only attack.
	True
	False

Question #2 (1 point)
Which item is the responsibility of key management?
	Access control, user authentication and authorization
	Key generation and destruction
	Access controls and encryption
	Key length and algorithm propriety

Question #3 (3 points)
Which of the following are primarily used to protect against replay attacks?
	Encryption
	Tokens
	Time Stamps
	Passwords
	Nonces

Question #4 (1 point)
What type of cryptanalytic attack where an adversary has the least amount of information to work with?
	Chosen-ciphertext
	Known-plaintext
	Plaintext-only
	Ciphertext-only

Question #5 (1 point)
A type cryptographic attack where it is based on the probability of two different messages using the same hash function to produce the same message digest is?
	Differential cryptanalysis attack
	Statistical Analysis attack
	Known ciphertext attack
	Birthday attack

Question #6 (1 point)
Certificate Authorities perform the following action:
	Provide protection against malicious code
	Ensuring that certificates are revoked when necessary by publishing certificate revocation lists
	Enforce strong password protection
	Provide authentication services and filters results returned to the user

Question #7 (1 point)
Encryption can help protect the integrity of data.
	True
	False

Question #8 (1 point)
Which of the following feature does a digital signature provide?
	It provides a framework for law and procedures.
	It ensures an individuals privacy.
	It provides the ability to encrypt an individuals confidential data.
	It identifies the source and verifies the integrity of data.

Question #9 (1 point)
What encryption operation is used when AES uses S-boxes during the process of encryption?
	Key generation
	Key exchange
	Substitution
	Chaining

Question #10 (3 points)
Which of the following uses "substitution" techniques?
	3DES
	Caesar cipher
	Poly-Alphabatic
	Data Encryption Standard (DES)
	Rivest, Shamir, Adleman (RSA)

Question #11 (1 point)
A cryptanalysts goal is to
	All of the Answers
	Break the encryption algorithm
	Break the message
	Recover the key

Question #12 (1 point)
The three security objectives are
	Confidentiality, integrity, and availability
	Confidentiality, privacy, and availability
	Integrity, tamperproof, and non-repudiation
	Availability, authentication, and confidentiality
	All

Question #13 (1 point)
Which answer is not true for Diffie-Hellman algorithm?
	It is used for distribution of a shared key, not for message encryption and decryption.
	It is vulnerable to man-in-the-middle attacks.
	Security stems from the difficulty of calculating the product of two large prime numbers.

Question #14 (1 point)
How many bits make up the effective Data Encryption Standard (DES) key?
	56
	32
	64
	16

Question #15 (1 point)
The key distribution problem in secret key encryption is the need to
	Provide distributed control
	Develop available technology to distribute the keys
	Provide authentication method for each user
	Generate a key-pair for each user

Question #16 (1 point)
How may digits (approximately) is a 256 bit string.
	50
	75
	100
	125

Question #17 (1 point)
The concept of least privilege?
	guarantees that only security personnel can view and change audit logs.
	helps security personnel catch repetitive mistakes.
	assures that employees take mandatory vacations.
	assures that individuals only have the permissions and rights necessary for them to do their job.

Question #18 (1 point)
Which statement best describes the advantages of public key encryption?
	Knowledge of ones public key does not yield knowledge of their private key
	None of the Above
	Keys are exchanged publicly without an eavesdropper being able to decrypt messages
	Encryption performance is faster than secret-key encryption

Question #19 (1 point)
Digital signatures provide following Security feature: Secrecy
	True
	False

Question #20 (1 point)
Alice and Bob both have Public-Private key pairs. Which key is used by Alice to sign her messages to Bob?
	Alice's Private Key
	Alice's Public Key
	Bobs Private Key
	Bob's Public Key

Question #21 (1 point)
Integrity ...
	Protects against the disclosure of information to unauthorized users.
	Assures that a person or system is who or what they claim to be
	Protects against a person denying later that a communication or transaction took place
	Protects against unauthorized changes in data whether intentional or accidental.

Question #22 (1 point)
The MD5 algorithms perform what function?
	Key distribution
	Encryption
	Hashing
	Digital signature

Question #23 (1 point)
Non repudiation is
	Assures that a person or system is who or what they claim to be
	Protects against the disclosure of information to unauthorized users.
	Protects against unauthorized changes in data whether intentional or accidental.
	Protects against a person denying later that a communication or transaction took place

Question #24 (1 point)
What is the trusted registry that guarantees the authenticity of client and server public keys?
	Key distribution center.
	Certification authority.
	Key revocation certificate.
	Public key notary.

Question #25 (1 point)
Which statement best captures the advantage of secret key encryption?
	It allows for faster encryption speeds than public key encryption
	It only requires one key to be distributed for encryption and decryption
	The keys are stronger than public keys and are more difficult to break
	All of the Above

Question #26 (1 point)
What is the key size of AES
	128
	192
	256
	64

Question #27 (1 point)
Symmetric encryption is used for authentication mostly, while asymmetric is used mostly for confidentiality.
	True
	False

Question #28 (1 point)
Alice and Bob both have Public-Private key pairs. Which key is used to verify digitally signed message sent by Alice to Bob?
	Bob's Public Key
	Alice's Private Key
	Bobs Private Key
	Alice's Public Key

Question #29 (1 point)
Security can be no stronger than its
	Weakest link
	Cryptographic support
	Policy specification
	Documented level
	Overlapping controls

Question #30 (1 point)
Symmetric ciphers are typically less computationally expensive than public-key cryptographic schemes.
	True
	False

Question #31 (1 point)
Digital signatures require the property of nonrepudiation, which says that a principal should not be able to spoof another principals signature.
	True
	False

Question #32 (1 point)
Cryptography does not concern itself with:
	Integrity
	Confidentiality
	Availability
	Authenticity

Question #33 (1 point)
A way of verifying a messages integrity after transport across a network is through the use of:
	An encryption key
	Steganography
	A Cipher
	A Message Authentication Code

Question #34 (1 point)
The DES cryptosystem has been shown to be uncrackable except by brute force attacks.
	True
	False

Question #35 (1 point)
Alice and Bob both have Public-Private key pairs. Which key is used by Bob to encrypt his messages to Alice for secrecy?
	Bob's Public Key
	Alice's Private Key
	Bobs Private Key
	Alice's Public Key

Question #36 (1 point)
In computer security, .. means that the information in a computer system only be accessible for reading by authorized parities.
	Confidentiality
	Authenticity
	Integrity
	Availability

Question #37 (1 point)
A good password for human authentication should contain atleast 64 bits of random information, as provided by a typical mixed-case, alphanumeric, 8-character ASCII string
	True
	False

Question #38 (1 point)
Authentication ...
	Protects against unauthorized changes in data whether intentional or accidental.
	Assures that a person or system is who or what they claim to be
	Protects against a person denying later that a communication or transaction took place
	Protects against the disclosure of information to unauthorized users.

Question #39 (1 point)
The method of providing capability to detect any change to a file is called
	Non-repudiation
	Integrity
	Key distribution
	Digital signature

Question #40 (1 point)
For cryptosytems, it is acceptable if some keys are more secure than others.
	True
	False

Question #41 (1 point)
A cipher that scrambles letters into different positions is referred to as what?
	Substitution
	Transposition
	Stream
	Confusion

Question #42 (1 point)
Confidentiality is
	Assures that a person or system is who or what they claim to be
	Protects against the disclosure of information to unauthorized users.
	Protects against a person denying later that a communication or transaction took place
	Protects against unauthorized changes in data whether intentional or accidental.

Question #43 (1 point)
Leaving unused services enabled is fine from a security perspective as they are not used
	True
	False

Question #44 (1 point)
Which of the following mechanism is used to achieve non-repudiation of a message delivery?
	Sender sends the message to a TTP who signs it together with a time stamp and sends it on to the recipient.
	Sender gets a digitally signed acknowledgment from the recipient containing a copy or digest of the message.
	Sender computes a digest of the message and sends it to a Trusted Third Party (TTP) who signs it and stores it for later reference.
	Sender encrypts the message with the recipients public key and signs it with their own private key.

Question #45 (1 point)
MD5 is a two way function.
	True
	False

Question #46 (1 point)
Improperly applied cryptography is the #1 source of security violations in the Internet today.
	True
	False

Question #47 (1 point)
Secrecy ...
	Protects against the disclosure of information to unauthorized users.
	Protects against unauthorized changes in data whether intentional or accidental.
	Assures that a person or system is who or what they claim to be
	Protects against a person denying later that a communication or transaction took place

Question #48 (1 point)

What is the block size of DES in bits. (Only enter the number.)

Answer:

Question #49 (1 point)
In computer security, . means that computer system assets can be modified only by authorized parities.
	Confidentiality
	Availability
	Integrity
	Authenticity

Question #50 (1 point)
3DES is designed to be backwards compatible with DES.
	True
	False