Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

ITN 262 FINAL EXAM WITH WELL SET UP QUESTIONS AND WELL ANALYSED ANSWERS GRADED A+.

Rating
-
Sold
-
Pages
34
Grade
A+
Uploaded on
30-01-2025
Written in
2024/2025

True or False? The Key Distribution Center (KDC) greatly simplifies key management. Each host must establish multiple "KDC keys" that it shares with the KDC. - False Why do protocols like IKE and SSL exchange nonces as part of their key creation/exchange protocol? Select all that apply. - c) New nonce values should make it impossible for an attacker to replay a previous set of messages and force the connection to reuse a previous key. b) If the nonces are always different, then the protocol yields a different result each time it takes place. A protocol that establishes security associations (SAs) between a pair of hosts is: - Internet Key Exchange (IKE). True or False? You can wrap a secret key with RSA. - True Bob and Alice want to construct a shared secret key using Diffie-Hellman. Which components will Bob use to construct the shared secret? - Alice's public key and Bob's private key

Show more Read less
Institution
ITN 262
Course
ITN 262

Content preview

ITN 262 FINAL EXAM WITH WELL SET UP QUESTIONS
AND WELL ANALYSED ANSWERS GRADED A+.
True or False? Crypto techniques originally focused on confidentiality. - True

Which of the following security protections is used to prevent passive attacks? -
Confidentiality

We use cryptography to apply all of the following protections to network traffic,
except: - reliability

True or False? Eavesdropping without interfering with communications would be
considered a passive attack. - True

True or False? A network attack in which someone forges network traffic would be
considered an active attack. - True

When we place crypto in different protocol layers, we often balance two important
properties: - application transparency and network transparency.

Wireless Protected Access, version 2 (WPA2.) falls under: - 802.11.

We are trying to protect our traffic as much as possible from sniffing. To minimize the
risk, should we encrypt as much of our packets as possible, including headers? -
Yes, because plaintext headers open our network messages to traffic analysis.

In typical applications, does SSL provide application transparency? - No, because
the SSL software is traditionally integrated into the application software package and
is not supported unless the application specifically provides it.

Virtual private networking is used primarily for encrypting: - a connection between
two sites across the internet.

Secure Sockets Layer (SSL) has been replaced by: - Transport Layer Security
(TLS).

The principal application of IPsec is: - virtual private networking.

Which of the following network protocols typically provide application transparency?
Select all that apply. - a) Wi-Fi Protected Access
b) IPsec

True or False? Encryption works against traffic filtering, because the filtering process
can't detect malicious content in encrypted packets. - True

True or False? We clearly need to use encryption if we wish to protect against
sniffing. - True

__________ rely on traffic analysis when the defenders use encryption that is too
difficult to attack. - Attackers

Producing one encryption key for each cryptonet or communicating pair and
distributing that key to the appropriate endpoints is called: - manual keying.

,ITN 262 FINAL EXAM WITH WELL SET UP QUESTIONS
AND WELL ANALYSED ANSWERS GRADED A+.

True or False? When replacing crypto keys, they must be all replaced 1 month at a
time. - False

True or False? In manual keying, two encryption keys are produced for each
cryptonet or communicating pair and those keys are distributed to the appropriate
endpoints. - False

True or False? Self-rekeying transforms an existing encryption key into a new one
using a pseudorandom number generator. - True

The process of transforming an existing key into a new one is called: - self-rekeying.

Associate the following concepts with the appropriate secret-key building blocks. -
Key wrapping

Build a unique TEK from nonces and a secret - Shared secret hashing

Shares a separate KEK with each registered user - Key distribution center

True or False? The Key Distribution Center (KDC) greatly simplifies key
management. Each host must establish multiple "KDC keys" that it shares with the
KDC. - False

Why do protocols like IKE and SSL exchange nonces as part of their key
creation/exchange protocol? Select all that apply. - c) New nonce values should
make it impossible for an attacker to replay a previous set of messages and force the
connection to reuse a previous key.
b) If the nonces are always different, then the protocol yields a different result each
time it takes place.

A protocol that establishes security associations (SAs) between a pair of hosts is: -
Internet Key Exchange (IKE).

True or False? You can wrap a secret key with RSA. - True

Bob and Alice want to construct a shared secret key using Diffie-Hellman. Which
components will Bob use to construct the shared secret? - Alice's public key and
Bob's private key

Bob and Alice want to construct a shared secret key using RSA. Which of the
following components must Bob use to share the secret with Alice? - Alice's public
key alone

Which of the following are requirements of secret-key cryptography? Select all that
apply. - c) Reliable key revocation
a) Lower computing resources required than public-key algorithms
d) Trustworthy central servers

,ITN 262 FINAL EXAM WITH WELL SET UP QUESTIONS
AND WELL ANALYSED ANSWERS GRADED A+.
We are trying to decide between a public-key and a secret-key cryptographic
solution. Which of the following criteria would encourage us to choose the public-key
solution? Select all that apply best to public-key cryptography. - a) The system can
apply a lot of computational power to cryptographic operations.
e) Attackers should not be able to penetrate the whole system simply by attacking a
critical crypto server.
c) The process of adding new users must be easy to delegate.

We are trying to decide between a public-key and a secret-key cryptographic
solution. Which of the following criteria would encourage us to choose the secret-key
solution? Select all that apply best to secret-key cryptography. - d) The system will
always be limited to a small user community.
f) When someone loses the privilege to access the system, we must be able to
revoke their access rights immediately.
b) We are providing the service to an established user community whose members
are already identified.

Encrypting "above the stack": - c) means applying cryptography at the top of the
application layer or above the network protocol stack and provides network
transparency.

In an SSL data packet, the field that indicates whether the packet carries data, an
alert message, or is negotiating the encryption key is: - d) content type.

Secure Sockets Layer (SSL): - b) may display a padlock on a Web page to indicate
SSL protection.

Handshake protocol - Establishes the shared secret and the keys to be used to
protect SSL traffic

Record protocol - Transfers information using a symmetric cipher and integrity check

Alert protocol - Indicates errors and the end of a secure session

Of the following, select the two primary components of IPsec. - c) Internet Key
Exchange (IKE)
d) Encapsulating Security Payload (ESP)

Payload data - The headers and data being encrypted

Next header - The numeric code for the protocol appearing in the first header in the
encrypted payload

Sequence number - A numerical value that's used to detect duplicate packets

TFC padding - Random data intended to defeat traffic analysis

True or False? Private addressing occurs when an ISP is assigned an IP address. -
False

, ITN 262 FINAL EXAM WITH WELL SET UP QUESTIONS
AND WELL ANALYSED ANSWERS GRADED A+.
Amalgamated is implementing a private corporate network using a private IP
address space. The network will connect separate sites using a VPN. Which of the
following statements are true about this arrangement? Select all that apply. - b)
Gateways will use IPsec tunnel mode between VPN sites.
c) If Amalgamated buys another company, the new company's internal network must
be assigned a compatible set of private IP addresses if it is to interact with other
corporate VPN sites.
d) VPN traffic will be restricted to Amalgamated's sites because the appropriate
crypto credentials will only be shared among authorized VPN gateways.

True or False? Two users can construct a shared secret by sharing Diffie-Hellman
private keys. - False

The general objective of wireless defense was to implement a virtual boundary that
includes __________ computers and excludes other _________. - a) authorized
client; clients

Which wireless security protocol is recommended for use today? - d) WPA2 with
AES

How does WPA2 use cryptography to ensure the integrity of packet data? - d) It uses
CBC to calculate the packet's MIC.

How does WPA2 encrypt a stream of data? - b) It uses AES with a Counter mode.

To provide both encryption and integrity protection, WPA2 uses AES encryption with:
- a) CCM mode.

True or False? WPA2 uses public key encryption with the "counter and CBC MAC"
(CCM) mode. - False

True or False? The IP header and all remaining packet contents are never
encrypted. - False

True or False? SSL works on top of IPsec and applies security to an orderly stream
of bytes moving between a client and server. - False

Which two of the following answers indicate the Internet crypto services providing
end users with the easiest key management? - a) SSL/TLS
b) IPsec gateways

Which of the following statements related to the end-to-end concept of network
design are true? Select all that apply. - b) Dumb networks require smart endpoints.
c) Internet technology is based on interconnecting a lot of dumb networks.

True or False? The concept that embodies dumb networking by placing most
network protocols in the connection's endpoint hosts is the domain name principle. -
False

True or False? IP provides global addressing for internet hosts. - True

Written for

Institution
ITN 262
Course
ITN 262

Document information

Uploaded on
January 30, 2025
Number of pages
34
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers
$23.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller
Seller avatar
DOCRISHNA

Get to know the seller

Seller avatar
DOCRISHNA NURSING
View profile
Follow You need to be logged in order to follow users or courses
Sold
4
Member since
2 year
Number of followers
0
Documents
289
Last sold
1 year ago
All-in-one Exam Paper Zone for Students.

PROVIDING THE LATEST APPEALING EXAM UPDATES, NURSING ASSINGMENTS, EXAMS AND TESTBANKS . AVAILABLE AND TRUSTED CONTENT OF THE HIGHEST QUALITY. A GUARANTEED PASS IN YOUR EXAMS WHEN YOU PURCHASE MY DOCUMENTS .Please Always leave a review after purchasing any document so as to make sure our customers are 100% satisfied .

0.0

0 reviews

5
0
4
0
3
0
2
0
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions