ITN 260 MIDTERM EXAM
QUESTIONS AND
ANSWERS GRADED A+
A watering hole attack is directed against which of the following? - Answer- a smaller
group of specific users
Hedda pretends to be the help desk manager and calls Steve to trick him into giving her
his password. What social engineering attack has Hedda performed - Answer-
impersonation
Which areas of a file cannot be used by steganography to hide data? - Answer- in the
directory structure of the file system
Proving that a user sent an email message is known as _____. - Answer- non-
repudiation
Illya was asked to recommend the most secure asymmetric cryptographic algorithm to
his supervisor. Which of the following did he choose - Answer- RSA
What is a characteristic of the Trusted Platform Module (TPM)? - Answer- It provides
cryptographic services in hardware instead of software
Which of the following key exchanges uses the same keys each time? - Answer- Diffie-
Hellman (DH)
Public key systems that generate random public keys that are different for each session
are called _____. - Answer- perfect forward secrecy
If Bob wants to send a secure message to Alice using an asymmetric cryptographic
algorithm, which key does he use to encrypt the message? - Answer- Alice's public key
Abram was asked to explain to one of his coworkers the XOR cipher. He showed his
coworker an example of adding two bits, 1 and 1. What is the result of this sum? -
Answer- 0
, At a staff meeting one of the technicians suggested that the enterprise protect its new
web server by hiding it and not telling anyone where it is located. Iosif raised his hand
and said that security through obscurity was a poor idea. Why did he say that? -
Answer- It would be essentially impossible to keep its location a secret from everyone.
Which of these is NOT a characteristic of a secure hash algorithm - Answer- Collisions
should be rare.
Alyosha was explaining to a friend the importance of protecting a cryptographic key
from cryptoanalysis. He said that the key should not relate in a simple way to the cipher
text. Which protection is Alyosha describing? - Answer- confusion
What is the latest version of the Secure Hash Algorithm? - Answer- SHA-3
Which of these is the strongest symmetric cryptographic algorithm? - Answer-
Advanced Encryption Standard
The Hashed Message Authentication Code (HMAC) _____. - Answer- hashes the key
and the message
Which of these has an onboard key generator and key storage facility, as well as
accelerated symmetric and asymmetric encryption, and can back up sensitive material
in encrypted form? - Answer- Hardware Security Module (HSM)
Which of these is NOT a basic security protection for information that cryptography can
provide? - Answer- risk loss
Egor wanted to use a digital signature. Which of the following benefits will the digital
signature not provide? - Answer- verify the receiver
What is data called that is to be encrypted by inputting it into a cryptographic algorithm?
- Answer- plaintext
A(n) _____ is not decrypted but is only used for comparison purposes. - Answer- digest
Alexei was given a key to a substitution cipher. The key showed that the entire alphabet
was rotated 13 steps. What type of cipher is this? - Answer- ROT13
A digital certificate associates _____ - Answer- the user's identity with his public key
Which statement is NOT true regarding hierarchical trust models? - Answer- It is
designed for use on a large scale.
What is a value that can be used to ensure that hashed plaintext will not consistently
result in the same digest - Answer- salt
QUESTIONS AND
ANSWERS GRADED A+
A watering hole attack is directed against which of the following? - Answer- a smaller
group of specific users
Hedda pretends to be the help desk manager and calls Steve to trick him into giving her
his password. What social engineering attack has Hedda performed - Answer-
impersonation
Which areas of a file cannot be used by steganography to hide data? - Answer- in the
directory structure of the file system
Proving that a user sent an email message is known as _____. - Answer- non-
repudiation
Illya was asked to recommend the most secure asymmetric cryptographic algorithm to
his supervisor. Which of the following did he choose - Answer- RSA
What is a characteristic of the Trusted Platform Module (TPM)? - Answer- It provides
cryptographic services in hardware instead of software
Which of the following key exchanges uses the same keys each time? - Answer- Diffie-
Hellman (DH)
Public key systems that generate random public keys that are different for each session
are called _____. - Answer- perfect forward secrecy
If Bob wants to send a secure message to Alice using an asymmetric cryptographic
algorithm, which key does he use to encrypt the message? - Answer- Alice's public key
Abram was asked to explain to one of his coworkers the XOR cipher. He showed his
coworker an example of adding two bits, 1 and 1. What is the result of this sum? -
Answer- 0
, At a staff meeting one of the technicians suggested that the enterprise protect its new
web server by hiding it and not telling anyone where it is located. Iosif raised his hand
and said that security through obscurity was a poor idea. Why did he say that? -
Answer- It would be essentially impossible to keep its location a secret from everyone.
Which of these is NOT a characteristic of a secure hash algorithm - Answer- Collisions
should be rare.
Alyosha was explaining to a friend the importance of protecting a cryptographic key
from cryptoanalysis. He said that the key should not relate in a simple way to the cipher
text. Which protection is Alyosha describing? - Answer- confusion
What is the latest version of the Secure Hash Algorithm? - Answer- SHA-3
Which of these is the strongest symmetric cryptographic algorithm? - Answer-
Advanced Encryption Standard
The Hashed Message Authentication Code (HMAC) _____. - Answer- hashes the key
and the message
Which of these has an onboard key generator and key storage facility, as well as
accelerated symmetric and asymmetric encryption, and can back up sensitive material
in encrypted form? - Answer- Hardware Security Module (HSM)
Which of these is NOT a basic security protection for information that cryptography can
provide? - Answer- risk loss
Egor wanted to use a digital signature. Which of the following benefits will the digital
signature not provide? - Answer- verify the receiver
What is data called that is to be encrypted by inputting it into a cryptographic algorithm?
- Answer- plaintext
A(n) _____ is not decrypted but is only used for comparison purposes. - Answer- digest
Alexei was given a key to a substitution cipher. The key showed that the entire alphabet
was rotated 13 steps. What type of cipher is this? - Answer- ROT13
A digital certificate associates _____ - Answer- the user's identity with his public key
Which statement is NOT true regarding hierarchical trust models? - Answer- It is
designed for use on a large scale.
What is a value that can be used to ensure that hashed plaintext will not consistently
result in the same digest - Answer- salt
