CS419 Exam 1

Spring 2024

Paul Krzyzanowski

February 19, 2024

100 Points - 25 Questions - 4 Points each

For each statement, select the most appropriate answer.

  1. A program with a large attack surface will:
    (a) Contain a large number of vulnerabilities.
    (b) Provide the adversary with many different ways to try to attack the system..
    (c) Be less likely to be impacted by a denial of service (DoS) attack.
    (d) Be at risk of attacks by malicious insiders.
  2. A specific problem with attacks by malicious insiders is:
    (a) Some of the company's security policies don't guard against them.
    (b) They are more skilled than outsiders.
    (c) They can use deception.
    (d) They can use techniques of usurpation.
  3. What best describes the role of the Trusted Computing Base (TCB) in a secure computing environment?
    (a) To ensure that a system's security policies operate correctly.
    (b) To provide a backup solution for data in case of a cybersecurity breach.
    (c) To manage user identities and access permissions within an organization.
    (d) To encrypt data transmissions over unsecured networks.
  4. What does Schneier's Law state about the design of cryptographic systems?
    (a) The strength of a cryptographic system lies in the complexity of its algorithm.
    (b) Encryption keys should be large and random.
    (c) Any person can invent an encryption algorithm that they themselves cannot break.
    (d) All ciphers eventually get cracked, which is why it's important to update systems to use the latest algorithms.
  5. Which of these is not a desirable property of a good cryptographic algorithm?
    (a) The algorithm should be a well-protected secret.
    (b) There should be no way to extract the plaintext from the ciphertext except through an exhaustive search.
    (c) The ciphertext should have high entropy.
    (d) The size of the resulting ciphertext should be approximately the same as the plaintext.
  6. If it takes a year to test all keys but you found a relationship between the ciphertext and two bits of the key, approximately how long will it take you to test all keys?
    (a) 1 month.
    (b) 3 months.
    (c) 4 months.
    (d) 6 months.
  7. Why does it make more sense to compress a file before encrypting it instead of after encrypting it?
    (a) It prevents an attacker from uncompressing the contents.
    (b) Encryption hides the fact that the file is compressed.
    (c) Compression is mostly ineffective on encrypted files.
    (d) Most compression algorithms are optimized for encrypted data, resulting in higher compression ratios.
  8. A frequency analysis reveals that the ciphertext contains the same distribution of byte values as the plaintext. The cipher used was most likely:
    (a) A monoalphabetic substitution cipher.
    (b) A polyalphabetic substitution cipher.
    (c) A columnar transposition cipher.
    (d) A rotor machine.
  9. The one-time pad is rarely used because:
    (a) Managing and distributing keys is difficult.
    (b) Encryption was relatively slow and faster ciphers have been developed.
    (c) Modern ciphers are at least as, if not more, secure.
    (d) It does not provide diffusion.
  10. What is the primary weakness of the Electronic Codebook (ECB) mode of operation in block ciphers?
    (a) It requires an initialization vector (IV) for every encryption operation, complicating the encryption process.
    (b) It encrypts identical plaintext blocks into identical ciphertext blocks, making it vulnerable to pattern analysis.
    (c) It is significantly slower than other modes of operation due to the extra encryption required for each block.
    (d) It cannot support the concurrent encryption of multiple blocks of data.
  11. What is the purpose of performing multiple rounds in an SP network within block ciphers?
    (a) To create symmetry and ensure that the encryption process can be easily reversed during decryption.
    (b) To enable a smaller key size by reusing the same key in different forms across multiple rounds.
    (c) To maximize efficiency by minimizing the computation in each round.
    (d) To spread the influence of each plaintext bit over the entirety of the ciphertext block.
  12. An advantage of Elliptic Curve Cryptography (ECC) over RSA is:
    (a) ECC is suitable for both encryption and digital signatures.
    (b) ECC is resistant to quantum computing attacks.
    (c) ECC does not rely on trapdoor functions.
    (d) ECC is faster and uses shorter keys for a comparable level of security.
  13. For Alice to create a message that only Bob can read, she would encrypt it with:
    (a) Alice's private key.
    (b) Alice's public key.
    (c) Bob's private key.
    (d) Bob's public key.
  14. What fundamental problem does the Diffie-Hellman algorithm solve in cryptography?
    (a) It provides a method for digital signature verification.
    (b) It encrypts messages with a symmetric key algorithm.
    (c) It creates a public and private key pair for use in asymmetric encryption.
    (d) It offers a secure way to create a shared key over an insecure channel without prior secret sharing.
  15. Forward secrecy is a property that:
    (a) Makes it impossible to recover plaintext without knowledge of the key.
    (b) Protects past communications even if an attacker compromises the users' long-term keys.
    (c) XORs each message with the ciphertext of the previous message before encrypting it.
    (d) Requires a key to be at least as long as the message that is being encrypted.
  16. A hybrid cryptosystem:
    (a) Uses a public-key cryptosystem to send a symmetric key.
    (b) Employs multiple rounds of encryption for stronger security.
    (c) Uses two or more layers of encryption algorithms on a message to guard against one of them getting attacked.
    (d) Combines ciphertext with a message authentication code (MAC).
  17. How does CBC-MAC ensure message integrity?
    (a) By encrypting the message in CBC mode and outputting only the final block as the MAC.
    (b) By encrypting a hash with the receiver's public key, so only the recipient can authenticate the message.
    (c) Through hashing the message content and encrypting the hash value with a block cipher in CBC mode.
    (d) By applying a hash function to a message encrypted using a symmetric block cipher in CBC mode.
  18. A MAC differs from a digital signature because a MAC:
    (a) Uses public key cryptography.
    (b) Allows you to reconstruct the message.
    (c) Authenticates the creator of the message.
    (d) Can be validated by only a limited group of trusted principals.
  19. If an attacker steals your X.509 digital certificate, they will be able to:
    (a) Encrypt messages that only you can decrypt.
    (b) Decrypt old encrypted messages that you created.
    (c) Sign messages masquerading as you.
    (d) All the above
  20. How does the use of a trusted third party solve the key explosion problem?
    (a) Only the trusted third party needs to store the keys for every group that may need to communicate.
    (b) It uses public key cryptography to send encrypted session keys.
    (c) Aside from using temporary session keys, each user only needs to store their key.
    (d) All communications flow through the trusted third party, which acts as a proxy.
  21. One purpose of adding a nonce to some key exchange protocols is to:
    (a) Identify the sender of the message.
    (b) Be able to check that a set of messages are related.
    (c) Improve security by increasing the amount of ciphertext that's created.
    (d) Guard against man-in-the-middle attacks.
  22. Alice gets a ticket from Kerberos to talk to Bob. She can think of this ticket as:
    (a) A message that contains Bob's secret key and is encrypted for her.
    (b) A digital certificate that contains her ID and her secret key.
    (c) A message that uniquely identifies Bob on the network.
    (d) A session key for communicating with Bob that she cannot decrypt.
  23. What do salted hashes prevent an attacker from doing that she would be able to do with normal hashed passwords?
    (a) Perform a dictionary attack to find a password.
    (b) Do a brute-force attack to find a password.
    (c) See if two or more users share the same password.
    (d) Decrypt the hashed password to reveal a password.
  24. Which of the following is NOT an example of multi-factor authentication?
    (a) A fingerprint and a PIN.
    (b) A password and an answer to a security question.
    (c) An access card and a PIN.
    (d) A fingerprint and a one-time password.
  25. Which authentication technique does not rely on a client sharing a secret?
    (a) Challenge Handshake Authentication Protocol (CHAP).
    (b) Time-based One-Time Passwords (TOTP).
    (c) Kerberos.
    (d) Passkeys.
Last modified February 19, 2025.

© Paul Krzyzanowski. All rights reserved.

For questions or comments about this site, contact Paul Krzyzanowski, gro.kp@ofnibew

recycled pixels

The entire contents of this site are protected by copyright under national and international law. No part of this site may be copied, reproduced, stored in a retrieval system, or transmitted, in any form, or by any means whether electronic, mechanical or otherwise without the prior written consent of the copyright holder. If there is something on this page that you want to use, please let me know. Any opinions expressed on this page do not necessarily reflect the opinions of my employers and may not even reflect my own.

Page design derived from: HTML5 UP.