Cryptography and Network Security: Principles and Practice, 8th edition
by William Stallings
LU
XE
LI
BR
AR
Y
, TABLE OF CONTENT
1. Computer and Network Security Concepts
2. Introduction to Number Theory
3. Classical Encryption Techniques
4. Block Ciphers and the Data Encryption Standard
5. Finite Fields
6. Advanced Encryption Standard
7. Block Cipher Operation
LU
8. Random Bit Generation and Stream Ciphers
9. Public-Key Cryptography and RSA
10. Other Public-Key Cryptosystems
11. Cryptographic Hash Functions
XE
12. Message Authentication Codes
13. Digital Signatures
14. Lightweight Cryptography and Post-Quantum Cryptography
LI
15. Key Management and Distribution
16. User Authentication Protocols
BR
17. Transport-Level Security
18. Wireless Network Security
19. Electronic Mail Security
20. IP Security
AR
21. Network Endpoint Security
22. Cloud Security
23. Internet of Things (IoT) Security
Y
, kjhgfdsa
CHAPTER 1: COMPUTER AND NETWORK SECURITY CONCEPTS
TRUE OR FALSE
T F 1. The OSI security architecture focuses on security attacks,
mechanisms, and services.
LU
T F 2. Security attacks are classified as either passive or aggressive.
T F 3. Cybersecurity strives to ensure the attainment and maintenance of
the security properties of the organization and users’ assets against
relevant security risks in the cyberspace environment.
XE
T F 4. Information security and network security are subsets of
cybersecurity.
T F 5. Data authenticity assures that private or confidential information is
not made available or disclosed to unauthorized individuals.
LI
T F 6. The OSI security architecture focuses on security attacks,
mechanisms, and services.
T F 7. An active attack attempts to alter system resources or affect their
BR
operation.
T F 8. Authentication exchange is the use of a trusted third party to
assure certain properties of a data exchange.
T F 9. A loss of integrity is the unauthorized modification or destruction
AR
of information.
T F 10. The emphasis in dealing with active attacks is on prevention
rather than detection.
T F 11. The connection-oriented integrity service addresses both
Y
message stream modification and denial of service.
T F 12. The denial of service prevents or inhibits the normal use or
management of communication facilities.
T F 13. Integrity can apply to a stream of messages, a single message, or
kjhgfds
, kjhgfdsa
selected fields within a message.
T F 14. Passive attacks are very easy to detect because they involve
alteration of the data.
T F 15. Security services implement security policies and are
implemented by security mechanisms.
LU
MULTIPLE CHOICE
1. is the collection of tools, policies, security concepts, security
safeguards, guidelines, risk management approaches, actions, training, best
practices, assurance, and technologies that can be used to protect the
XE
cyberspace environment and organization and users’ assets.
A) Access control B) Data authenticity
C) Cybersecurity D) Authentication
LI
2. A common technique for masking contents of messages or other information
traffic so that opponents can not extract the information from the message is
BR
.
A) integrity B) encryption
C) analysis D) masquerade
AR
3. involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.
A) Disruption B) Replay
Y
C) Service denial D) Masquerade
4. is a branch of mathematics that deals with the transformation of data.
A) Cryptography B) Modularity
kjhgfds