Security-Final Sheet

In brute-force attack, the attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. TRUE. FALSE.

cipher encrypts diagrams (pairs of letters) of plaintext together as single …units and translates these units into ciphertext diagrams. Vernam. Playfair. Hill. Vigenère.

Homophones provide multiple substitutes for a single letter to strength the … cipher. polyalphabetic. monoalphabetic. book. template.

Hill cipher must use a square 5x5 matrix of key letters for its operation. TRUE. FALSE.

There are …. types of cryptanalytic attacks. two. three. four. five.

Transposition based ciphers are more complex than substitution based ciphers. TRUE. FALSE.

cipher shuffles (jumbles) the letters, of a certain alphabet, arbitrarily such that each plaintext letter maps to a different random ciphertext letter, hence the key is 26 letters long, giving now a total of 26! keys. Caesar. Polyalphabetic. XOR. Monoalphabetic.

is the state of information being hidden from unauthorized individuals or systems. Authenticity. Integrity. Confidentiality. Accuracy.

In public-key cipher, both sender and receiver use the same key. TRUE. FALSE.

Implementing the top-down approach for information security lacks participants’ supports. TRUE. FALSE.

Vigenère cipher uses 26 Caesar ciphers with shifts of 0 through 25 for its operation. TRUE. FALSE.

model of information security is defined by the Committee on National Security Systems. Triad. Quad. Hexa. Octa.

Route cipher is asymmetric transposition cipher. TRUE. FALSE.

SecSDLC is an abbreviation of the term “Security Systems Development ”Life Cycle. TRUE. FALSE.

There is no encryption algorithm is unconditionally secure, but is computationally secure. TRUE. FALSE.

layers of security should exist in any successful organization ..…. Three. Five. Six. Seven.

Attack is classified along …. dimensions into two classes in each dimension. two. three. four. five.

cipher use the tabula recta (square) to cipher the plaintext by finding the column based on the plaintext and finding the row based on the keyword, and if the keyword needs to be extended, it don’t repeat the keyword. Vigenère. Running Key. Columnar. Myszkowski.

cipher operation uses a matrix whose number of columns is determined by the key, which has to be a word whose its identical letters should have the same numbers assigned. Myszkowski. Hill. Playfair. Columnar.

Cryptogram is the unintelligible encoded message resulting from an enciphering. TRUE. FALSE.

Information security includes the broad areas of computer security, data security, and network security. TRUE. FALSE.

Availability of information means that it must be free from mistake or error and having the value that the end-user expects. TRUE. FALSE.

Accuracy of information means that it must be having value for some purpose or end. TRUE. FALSE.

Exploit is the state of being exposed when a vulnerability is known to an attacker. TRUE. FALSE.

Any event that has the potential to adversely affect operations and assets is named threat. TRUE. FALSE.

It is impossible to obtain perfect information security because it is a process not a goal. TRUE. FALSE.

Security should allow reasonable access and yet protect against threats. TRUE. FALSE.

Implementing the bottom-up approach for information security lacks participants’ supports. TRUE. FALSE.

SecSDLC is an abbreviation of the term “Secondary Symmetric Decryption of Linear Cipher”. TRUE. FALSE.

Cryptography is the science of encryption and decryption. TRUE. FALSE.

Cryptogram is the unintelligible encoded message resulting from an enciphering. TRUE. FALSE.

Cryptovariable is the entire range of values that can be used to construct an individual key. TRUE. FALSE.

In transposition-based cipher, each element in the plaintext (bit, letter, group of bits or letters) is mapped into another element. TRUE. FALSE.

In public-key cipher, both sender and receiver use the same key. TRUE. FALSE.

There is no encryption algorithm is unconditionally secure, but is computationally secure. TRUE. FALSE.

In cryptanalytic attack, the attacker tries every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. TRUE. FALSE.

The two basic building blocks of all symmetric ciphers are substitution and transposition. TRUE. FALSE.

Vernam cipher is symmetric monoalphabetic substitution cipher. TRUE. FALSE.

Route cipher is asymmetric transposition cipher. TRUE. FALSE.

Myszkowski cipher writes down plaintext as a sequence of diagonals (in a zigzag pattern). TRUE. FALSE.

A successful organization should have ………. layers of security in place. 4. 5. 6. 7.

The state of information being original rather than a reproduction or fabrication defines the …….. characteristic of it. confidentiality. integrity. accuracy. authenticity.

The C.I.A. triad has expanded into a list of ……… critical characteristics of information. 4. 5. 6. 7.

……… is the organizational resource that is being protected. Control. Risk. Asset. Subject.

There are ………. approaches for information security implementation. two. three. four. five.

………. is the amount of effort required to perform cryptanalysis on an encoded message. Decipher algorithm. Link encryption. Work factor. Cipher method.

………. is the process of hiding messages within the digital encoding of a picture or a graphic. Cryptography. Cryptanalysis. Cryptology. Steganography.

Cryptographic systems are characterized along ………. independent dimensions. two. three. four. five.

There are ……… types of encryption operations. two. three. four. five.

Based on the number of used keys, the ciphering methods are categorized into ……….. classes. two. three. four. five.

The general types of cryptography attacks are ………. two. three. four. five.

In this course, you have learned ………. main symmetric substitution ciphers. six. seven. nine. twelve.

The book-based ciphers are ………. two. three. four. five.

.......... cipher exchanges a letter in the alphabet with the letter at the n-shift order value to the right for all plaintext letter. Caesar. Monoalphabetic. Polyalphabetic. XOR.

……… cipher uses of a larger matrix that hides more frequency information of plaintext. Playfair. Vigenère. Vernam. Hill.

Integrity can be lost from a stream of messages, a single message, or selected fields within a message. TRUE. FALSE.

All integrity attacks are passive attacks. TRUE. FALSE.

Fabrication attack occurs when the attacker impersonates somebody else. TRUE. FALSE.

Data integrity service is designed to protect data from modification and replaying by an adversary. TRUE. FALSE.

Connection integrity means the integrity of a data block or selected field(s) of it that is sent between two users. TRUE. FALSE.

Data-origin authentication service does not provide protection against modification or replay attacks. TRUE. FALSE.

Enciphering mechanism hides data to provide the confidentiality security service using only cryptography. TRUE. FALSE.

One-way property of hash function means that at least no two data objects map to the same hash result. TRUE. FALSE.

MAC is a small fixed-sized block that is generated by an algorithm, depending on both message and some key, and appended to message as a signature. TRUE. FALSE.

Fesitel’s cipher is a stream cipher. TRUE. FALSE.

Confusion can be achieved by repeatedly performing some permutation on the data followed by applying a function to that permutation. TRUE. FALSE.

The two fundamental operations of cryptography are substitution and transposition. TRUE. FALSE.

Before each round in DES, the input plaintext is splitted into two 28-bit in length halves: the left half (LH) and right half (RH). TRUE. FALSE.

DES function applies a generated 48-bit round key only to the rightmost 32-bit to produce a 32-bit output. TRUE. FALSE.

Each round of DES is a Feistel cipher. TRUE. FALSE.

The number of integrity attacks are …... three. four. five. six.

The number of modification attacks are …... three. four. five. six.

…….. attack performed by one of the two parties in the communication. Modification. Spoofing. Fabrication. Repudiation.

Data integrity service is provided in one of ……… modes. three. four. five. six.

Access control service defines ……… main rules to protect against unauthorized access to data. three. four. five. six.

ITU-T (X.800) recommends ……… mechanisms to provide the integrity related security services. three. four. five. six.

In …….. mechanism, two entities exchange some messages to prove their identity to each other. digital signature. access control. data integrity. authentication exchange.

……… alternative functions are used to provide authentication. three. four. five. six.

MAC usage need to satisfy ………. main requirements. three. four. five. six.

The approaches of authenticated encryption are ………. three. four. five. six.

Each round in DES uses different ……..-bit key. 48. 56. 64. 128.

The second step in the DES algorithm is selecting an input 56-bit subkey from the 64-bit full key using the ………. initial permutation (IP). permutation choice-1 (PC-1). final permutation (FP). permutation choice-2 (PC-2).

In each round, the DES function compresses the combined 48-bit into 32-bit using the predefined …….. substitution S-boxes that have different structures. two. four. eight. sixteen.

For each S-box, the 48-bit input block is divided into ……. sub-blocks, and each such sub-block is given to an S-box. 4. 6. 8. 12.