Cryptography and Network Security:
ST
Principles and Practice – 8th Edition
SOLUTIONS
UV
IA
MANUAL
_A
William Stallings
PP
RO
Comprehensive Solutions Manual for
VE
Instructors and Students
D?
© William Stallings
All rights reserved. Reproduction or distribution without permission is prohibited.
??
©STUDYSTREAM
, Cryptography and Network Security: Principles and Practice, 8 th Edition, by William
Stallings
CHAPTER 1: COMPUTER AND NETWORK SECURITY CONCEPTS
ST
TRUE OR FALSE
T F 1. The OSI security architecture focuses on security attacks,
UV
mechanisms, and services.
T F 2. Security attacks are classified as either passive or aggressive.
T F 3. Cybersecurity strives to ensure the attainment and maintenance of
IA
the security properties of the organization and users’ assets against
relevant security risks in the cyberspace environment.
T F 4. Information security and network security are subsets of
_A
cybersecurity.
T F 5. Data authenticity assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
PP
T F 6. The OSI security architecture focuses on security attacks,
mechanisms, and services.
T F 7. An active attack attempts to alter system resources or affect their
operation.
RO
T F 8. Authentication exchange is the use of a trusted third party to
assure certain properties of a data exchange.
T F 9. A loss of integrity is the unauthorized modification or destruction
of information.
VE
T F 10. The emphasis in dealing with active attacks is on prevention
rather than detection.
T F 11. The connection-oriented integrity service addresses both
D?
message stream modification and denial of service.
T F 12. The denial of service prevents or inhibits the normal use or
management of communication facilities.
??
T F 13. Integrity can apply to a stream of messages, a single message, or
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected
under all copyright laws as they currently exist.
No portion of this material may be reproduced, in any form or by any means, without permission
in writing from the publisher.
, Cryptography and Network Security: Principles and Practice, 8 th Edition, by William
Stallings
selected fields within a message.
ST
T F 14. Passive attacks are very easy to detect because they involve
alteration of the data.
T F 15. Security services implement security policies and are
implemented by security mechanisms.
UV
MULTIPLE CHOICE
IA
1. _____________ is the collection of tools, policies, security concepts, security
safeguards, guidelines, risk management approaches, actions, training, best
practices, assurance, and technologies that can be used to protect the
cyberspace environment and organization and users’ assets.
_A
A) Access control B) Data authenticity
C) Cybersecurity D) Authentication
PP
2. A common technique for masking contents of messages or other information
traffic so that opponents can not extract the information from the message is
__________ .
RO
A) integrity B) encryption
C) analysis D) masquerade
3. __________ involves the passive capture of a data unit and its subsequent
VE
retransmission to produce an unauthorized effect.
A) Disruption B) Replay
C) Service denial D) Masquerade
D?
4. _________ is a branch of mathematics that deals with the transformation of data.
A) Cryptography B) Modularity
??
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected
under all copyright laws as they currently exist.
No portion of this material may be reproduced, in any form or by any means, without permission
in writing from the publisher.
, Cryptography and Network Security: Principles and Practice, 8 th Edition, by William
Stallings
C) Encapsulation D) Encryption
ST
5. A loss of __________ is the unauthorized disclosure of information.
A) authenticity B) confidentiality
C) reliability D) integrity
UV
6. Verifying that users are who they say they are and that each input arriving at
the system came from a trusted source is _________ .
IA
A) authenticity B) credibility
C) accountability D) integrity
_A
7. A _________ is a value computed with a cryptographic algorithm and associated
with a data object in such a way that any recipient of the data can use the
signature to verify the data’s origin and integrity.
PP
A) key exchange B) digital signature
C) message authentication code D) notarization
RO
8. A __________ is any action that compromises the security of information owned
by an organization.
A) security attack B) security service
C) security alert D) security mechanism
VE
9. A __________ takes place when one entity pretends to be a different entity.
A) replay B) masquerade
D?
C) service denial D) passive attack
10. __________ is the protection of transmitted data from passive attacks.
??
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected
under all copyright laws as they currently exist.
No portion of this material may be reproduced, in any form or by any means, without permission
in writing from the publisher.
ST
Principles and Practice – 8th Edition
SOLUTIONS
UV
IA
MANUAL
_A
William Stallings
PP
RO
Comprehensive Solutions Manual for
VE
Instructors and Students
D?
© William Stallings
All rights reserved. Reproduction or distribution without permission is prohibited.
??
©STUDYSTREAM
, Cryptography and Network Security: Principles and Practice, 8 th Edition, by William
Stallings
CHAPTER 1: COMPUTER AND NETWORK SECURITY CONCEPTS
ST
TRUE OR FALSE
T F 1. The OSI security architecture focuses on security attacks,
UV
mechanisms, and services.
T F 2. Security attacks are classified as either passive or aggressive.
T F 3. Cybersecurity strives to ensure the attainment and maintenance of
IA
the security properties of the organization and users’ assets against
relevant security risks in the cyberspace environment.
T F 4. Information security and network security are subsets of
_A
cybersecurity.
T F 5. Data authenticity assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
PP
T F 6. The OSI security architecture focuses on security attacks,
mechanisms, and services.
T F 7. An active attack attempts to alter system resources or affect their
operation.
RO
T F 8. Authentication exchange is the use of a trusted third party to
assure certain properties of a data exchange.
T F 9. A loss of integrity is the unauthorized modification or destruction
of information.
VE
T F 10. The emphasis in dealing with active attacks is on prevention
rather than detection.
T F 11. The connection-oriented integrity service addresses both
D?
message stream modification and denial of service.
T F 12. The denial of service prevents or inhibits the normal use or
management of communication facilities.
??
T F 13. Integrity can apply to a stream of messages, a single message, or
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected
under all copyright laws as they currently exist.
No portion of this material may be reproduced, in any form or by any means, without permission
in writing from the publisher.
, Cryptography and Network Security: Principles and Practice, 8 th Edition, by William
Stallings
selected fields within a message.
ST
T F 14. Passive attacks are very easy to detect because they involve
alteration of the data.
T F 15. Security services implement security policies and are
implemented by security mechanisms.
UV
MULTIPLE CHOICE
IA
1. _____________ is the collection of tools, policies, security concepts, security
safeguards, guidelines, risk management approaches, actions, training, best
practices, assurance, and technologies that can be used to protect the
cyberspace environment and organization and users’ assets.
_A
A) Access control B) Data authenticity
C) Cybersecurity D) Authentication
PP
2. A common technique for masking contents of messages or other information
traffic so that opponents can not extract the information from the message is
__________ .
RO
A) integrity B) encryption
C) analysis D) masquerade
3. __________ involves the passive capture of a data unit and its subsequent
VE
retransmission to produce an unauthorized effect.
A) Disruption B) Replay
C) Service denial D) Masquerade
D?
4. _________ is a branch of mathematics that deals with the transformation of data.
A) Cryptography B) Modularity
??
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected
under all copyright laws as they currently exist.
No portion of this material may be reproduced, in any form or by any means, without permission
in writing from the publisher.
, Cryptography and Network Security: Principles and Practice, 8 th Edition, by William
Stallings
C) Encapsulation D) Encryption
ST
5. A loss of __________ is the unauthorized disclosure of information.
A) authenticity B) confidentiality
C) reliability D) integrity
UV
6. Verifying that users are who they say they are and that each input arriving at
the system came from a trusted source is _________ .
IA
A) authenticity B) credibility
C) accountability D) integrity
_A
7. A _________ is a value computed with a cryptographic algorithm and associated
with a data object in such a way that any recipient of the data can use the
signature to verify the data’s origin and integrity.
PP
A) key exchange B) digital signature
C) message authentication code D) notarization
RO
8. A __________ is any action that compromises the security of information owned
by an organization.
A) security attack B) security service
C) security alert D) security mechanism
VE
9. A __________ takes place when one entity pretends to be a different entity.
A) replay B) masquerade
D?
C) service denial D) passive attack
10. __________ is the protection of transmitted data from passive attacks.
??
© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected
under all copyright laws as they currently exist.
No portion of this material may be reproduced, in any form or by any means, without permission
in writing from the publisher.
