IT 279 CISSP II Unit 5 Assignment (Purdue university)
IT 279 UNIT 5 ASSIGNMENT 2 1. Which characteristic of PGP is different from the use of formal trust certificates? A. The use of Certificate Authority servers. B. The establishment of a web of trust between the users. C. The use of trust domains by the servers and the clients. “Phil Zimmerman’s Pretty Good Privacy (PGP) secure email system appeared on the computer security scene in 1991. It combines the CA hierarchy described earlier in this chapter with the ‘web of trust’ concept- that is, you must become trusted by one or more PGP users to begin using the system” (Chapple, Stewart, & Gibson, 2018, p. 255). 2. Users access your network using smart cards. Recently, hackers have uncovered the encryption key of a smart card using reverse engineering. Which smart card attack was used? A. Fault generation B. Microprobing C. Software attack “A fault attack is an attack on a physical electronic device (e.g., smartcard, HSM, USB token) which consists in stressing the device by an external mean (e.g., voltage, light) in order to generate errors in such a way that these errors leads to a security failure of the system (key recovery, ePurse balance increase, false signature, PIN code recovery…)[ CITATION Oli11 l 1033 ]. 3. Your organization has decided to use one-time pads to ensure that certain confidential data is protected. All of the following statements are true regarding this type of cryptosystem, EXCEPT: A. Each one-time pad can be used only once. B. The pad must be made up of sequential values. C. The pad must be as long as the message. “The one-time pad must be randomly generated. The one-time pad must be physically protected against disclosure. Each one-time pad must be used only once. The key must be at least as long as the message to be encrypted” (Chapple, Stewart, & Gibson, 2018, p. 211). 4. Which of the following types of access control attacks against passwords contain all possible passwords in a hash format? A. Brute force attacks B. Rainbow tables C. Dictionary attacks
Schule, Studium & Fach
- Hochschule
- IT 279
- Kurs
- IT 279
Dokument Information
- Hochgeladen auf
- 16. oktober 2023
- Anzahl der Seiten
- 7
- geschrieben in
- 2023/2024
- Typ
- ANDERE
- Person
- Unbekannt
Themen
-
it 279 cissp ii unit 5 assignment purdue univers
