Apple’s Face ID is an example of ? A) Something you know B) Something you have C) Something you are D) B+C.
The right or a permission is granted to a system entity to access a system or data ? A) Authentication B) Authorization C) Non-repudiation D) Logging.
A gap or weakness in an organization’s protection of its valuable assets, including information ? A) Asset B) Vulnerability C) Risk D) Threat.
Something in need of protection ? A) Asset B) Vulnerability C) Risk D) Threat.
Which of the following is an example of a physical layer in Defense in Depth ? a) Firewalls b) Intrusion Detection Systems (IDS) c) Biometric access controls d) Antivirus software.
What is the purpose of requiring a mix of uppercase and lowercase letters in passwords? a) Aesthetics b) Improved readability c) Increased complexity d) Faster typing speed.
What is an example of a "something you have" factor in MFA? a) PIN b) Fingerprint c) Password d) Security token.
What is the primary goal of risk mitigation in cybersecurity? a) To eliminate all risks b) To transfer all risks to third parties c) To reduce the impact and likelihood of risks d) To ignore potential risks.
Which of the following is a common carrier for steganographic messages? a) Plain text b) Images, audio, and video files c) Encrypted emails d) QR codes.
Hashing assures integrity, example of Hash types ? a) M5D b) SHA-1 c) MCHA d) CHMA.
Cryptography is the art of ……… secret codes. ? a) division b) breaking c) making d) shattering.
Crypto-system is used to ………. the Plain text ? a) decrypt b) decipher c) decode d) encrypt.
Symmetric key crypto-system uses the …….. key to Encrypt as to Decrypt ? a) same b) different c) diverse d) varied.
In Asymmetric key encryption, which is used to encrypt the plain text ? a) private key b) public key c) cipher key d) one-time key.
Caesar cipher uses shifting letters by …… amount ? a) random b) fixed c) continued d) unpredictable.
The following encryption ways: ONE TIME PAD, CAESAR CIPHER, DOUBLE Transposition. ARE ? a) asymmetric key b) quantum encryption c) hash function d) symmetric key.
What is the XOR of the cipher-text 001 with key 101 ? a) 010 b) 100 c) 111 d) 001.
one-time pad key is ……… the plain text ? a) different with b) as long as c) longer than d) shorter than.
Which of the following encryption technique can’t use the key twice ? a) Caesar cipher b) double transposition c) onetime pad d) asymmetric encryption.
Which method Caesar cipher uses to encrypt ? a) XOR b) shift by N c) Permute rows d) columns.
one of the stream cipher characteristics is ? a) Key is relatively long b) Key is stretched into a long keystream c) Keystream is then used like a two-time pad d) None of the above.
what does a block cipher key determine? a) The length of the plaintext block b) The number of rounds in the encryption process c) A codebook d) The size of the key space.
which statement regarding shift register-based cryptography is true? a) It is more efficient in software than in hardware. b) It is less popular today compared to the past. c) It is predominantly used in modern cryptographic systems. d) It is easier to implement in software than in hardware.
what led to the development of aes as a replacement for des? a) The need for a faster encryption algorithm. b) The discovery of theoretical attacks against des. c) The popularity of multiple encryptions with des. d) The exhaustion of available des keys.
what was the alternative to des before the development of aes? a) Multiple hashing with des implementations. b) Triple-des. c) The use of faster encryption algorithms. d) Exhaustive search attacks on des keys.
rc4 and a5/1 are examples of a) Stream ciphers. b) Block ciphers. c) Asymmetric ciphers. d) None of the above.
what is the reason for the increased usage of shift register-based cryptography in software today? a) Shift register crypto is more efficient in software. b) Hardware implementations are harder to develop. c) Today, more is done in software due to faster processors. d) Shift register crypto is no longer used today.
which of the following statements are true about electronic codebook (ecb) mode? a) The message is broken into independent blocks and each block is encrypted separately. b) Each block is treated as a separate value and is substituted, like a codebook. c) Each block is encoded independently of the other blocks. d) All the above.
electronic codebook book (ecb) uses a) Secure transmission of single values. b) None secure transmission of single values. c) Secure transmission of multiple values. d) None secure transmission of multiple values.
what is the primary factor that contributes to the security of des? a) The security of des depends a lot on s-boxes. b) The presence of "back doors" in the design. c) The extensive analysis conducted over thirty years. d) The effectiveness of exhaustive key search attacks.
idea ? a) Uses only one mode arithmetic b) Uses dual mode arithmetic c) Uses mixed mode arithmetic d) None of them .
which of them are examples of block ciphers? a) Idea b) Blowfish c) Shift row d) a&b.
in aes each round uses 4 functions in 3 layers.
These layers are listed except: a) Nonlinear layer b) Linear mixing layer c) Key addition layer d) Data link layer .
the key length of blowfish is ? a) Fixed length. b) Variable up to 448 bits . c) More than 1000 d) Variable less than 600.
an aes finalist uses data independent rotations: a) True b) False .
to decrypt using aes process must be: a) Multiple b) Reliable c) Invertible d) All of them .
round key (subkey) of aes determined by: a) Key schedule algorithm b) Genetic algorithm c) Depth first algorithm d) Best first algorithm .
tiny encryption algorithm ? a) Uses strong round function so small number rounds required b) Uses week round function so large number rounds required c) Dose not use any round function d) Uses strong and week round functions so large number rounds required .
rc6 variables are ? a) Block size b) Key size c) Number of rounds d) All of them .
aes mix column is nonlinear invertible operation applied to each column " a) True b) false .
what is the key length used in data encryption standard (des)? a) 256-bit b) 56-bit c) 128-bit d) 64-bit.
what type of encryption uses a single key for both encryption and decryption? a) Public-key (asymmetric) encryption b) Secure hash functions c) Digital signatures d) Symmetric encryption.
what type of attack tries all possible keys on some ciphertext until it gets an intelligible translation into plaintext? a) Cryptanalysis b) Brute force attack c) Public-key attack d) Key management attack.
which cryptographic algorithm is an example of encrypting stored data? a) public-key (asymmetric) encryption b) digital signatures c) Symmetric encryption d) determines.
what role does knowledge of plaintext characteristics play in cryptanalysis? a) It helps in determining the encryption key b) It is not relevant to cryptanalysis c) It helps to exploit characteristics of the algorithm d) It aids in deducing specific plaintext or key.
which cryptographic algorithm have fixed length output? a) Public-key (asymmetric) encryption b) Digital signatures c) Symmetric encryption d) Secure hash functions.
most widely used hash algorithm? a) Ecc b) Rsa c) Sha d) Dss.
which of the following is not a purpose of message authentication? a) Protects against active attacks b) Verifies the received message is authentic c) Ensure the message is encrypted d) Ensures the message is timely and in the correct sequence.
which of the following is not a requirement for a public key system? a) Computationally easy to create key pairs b) Computationally easy for sender knowing public key to encrypt messages c) Computationally easy for receiver knowing private key to decrypt ciphertext d) Computationally feasible for opponent to determine private key from public key.
what is the main concern regarding the data encryption standard (des)? Vulnerability to brute-force attacks Use of a 56-bit key 'Triple-des' repetition Incompatibility with modern hardware.
dac in access control mean a) digital access control b) discretionary access control c) data access control d) design access control .
mac in access control mean a) managing access control b) modify access control c) mandatory access control d) manipulation access control .
rbac in access control mean a) role-based access control b) rebuild based access control c) role-back access control d) reconnect based access control .
abac in access control mean a) attribute-based access control b) attribute-basic access control c) attribute-backup access control d) attribute-business access control.
one from this answers is not belonged to access control requirements a) reliable input b) fine and coarse specifications c) least privilege d) api.
protection domains more useful because a) set of objects together with access rights to those objects b) more flexibility when associating capabilities with protection domains c) in terms of the access matrix, a row defines a protection domain o represent the protection state, we extend the control matrix to include the following: processes: access rights include the ability to delete a process, stop (block), and wake up a process. D) all .
devices access rights include the ability to …………………. The device, to control its operation (e.g., a disk seek), and to block/unblock the device for use ? A) read/write b) read/remove c) remove/write d) empty .
memory locations or regions: access rights include the ability to ………………. Certain regions of memory that are protected such that the default is to disallow access.? A) read/write b) read/remove c) remove/write c) empty.
subjects access rights with respect to a subject have to do with the ability to …………………. Access rights of that subject to other objects, as explained subsequently.? A) grant or delete b) grant or revoke c) grant or modify b) grant or add .
which of the following is / are the types of firewall? A) packet filtering firewall B) dual homed gateway firewall C) screen host firewall D) all of the mentioned.
there are .......... types of firewall? A) 5 b) 4 c) 3 d) 2.
what are some advantages associated with host-based firewalls? A) they only protect against normal traffic. B) they offer a generic set of filter rules for all hosts. C) tailored filter rules for specific host needs, protection from both internal and external attacks, and no added security when used with a standalone firewall. D) host-based firewalls are exclusively used on laptops.
what is the weakness of packet filtering firewalls among the following options? A) ability to prevent attacks on application bugs. B) comprehensive logging functionality. C) support for advanced user authentication. D) vulnerability to attacks exploiting tcp/ip protocol bugs, like ip address spoofing. .
access control is related to A) System Security b) SQL Databases Security b) Web Site Security c) All True.
what is the primary purpose of a firewall in network security? A) speed up internet connection B) block all incoming and outgoing traffic C) monitor user activity D) control and filter network traffic .
what is the difference between a hardware firewall and a software firewall ? A) hardware firewalls protect against software vulnerabilities while software firewalls protect against hardware failures B ) hardware firewalls are physical devices while software firewalls are installed on computers or servers . C ) hardware firewalls are more effective against viruses while software firewalls are better at blocking hackers . D ) hardware firewalls provide encryption while software firewalls provide better performance .
what is one advantage of setting up a dmz with two firewalls? A ) you can control where traffic goes in three networks B ) you can do stateful packet filtering C ) you can do load balancing D ) improved network performance.
packet filtering firewalls are deployed on A) routers b) switches c) hubs d) repeaters .
what is the purpose of an intrusion detection system (ids) alongside a firewall? A) to block all network traffic B) to provide antivirus protection C) to detect and respond to potential security breaches D) to speed up data transfer .
which firewall rule denies all network traffic unless it's explicitly allowed? A) allow-all rule B) default-deny rule C) permissive rule D) inbound rule.
what of the following is considered a hardware threat:
Or- what of the following can be untrusted: A- ip vendor B- system integrator C- manufacturer D- all the above.
what of the following is considered a hardware threat? A) physical attacks B) trojan horses C) ip piracy D) all the above.
how is adversaries? A- individual B- group C- governments D- all the above.
how in can attack any system? a) System integrators b) Fabrication facilities c) Counterfeiting parties D) all the above.
what is a most attack today? a) Unauthorized production of wafers. b) Software attack c) Revers engineer d) Data attack .
can we create security mechanisms light enough to be suitable for the rfids? a) Yes we can b) No, it will be so difficult c) No but we need more technology d) Maybe we can .
what is energy theft? a) Tampering with “smart “meters b) Turning it out c) High prices d) Turn off on the world .
vulnerabilities and threats is? a) Hardware only b) Software only c) Applications only d) All of them .
……….is one of hardware vulnerabilities: A- over production. B- off specs parts C- defective parts D- backdoors.
rfid contains an an antenna for …………….. And …………….. The signal. A) receiving , reverse engineering . B) transmitting , cloned C) receiving , transmitting d) defensing , transmitting .
|
