Florida Gulf Coast University

GEB 3250

Chapter 28 Quiz

1))In cryptography, the encryption/decrypti on algorithms are___________; the keys are

                     .

1. secret; public
2. public; secret
3. secret; secret
4. none of the above

2. )In                             cryptogra phy, the same key is used by the sender (for encryption) and the receiver (for

decryption).

1. symmetric-key
2. asymmetric-key
3. public-key
4. none of the above

3. )In                            cryptography, the same key is used in both directions.

1. symmetric-key
2. asymmetric-key
3. public-key
4. none of the above

4. )The DES cipher uses the same concept as the                                     cipher, but the encryption/ decryption

algorithm is much more complex.

1. RSA
2. AES
3. Caesar
4. none of the above

5. )                     cryptography is often used for long messages.

1. Symmetric-key
2. Asymmetric-key
3. Public-key
4. none of the above

6. )                           algorithms are more efficient for short messages.

1. Symmetric-key
2. Asymmetric-key
3. Public-key

4. none of the above

7. )                       means that the sender and the receiver expect confidentiality.

1. Non-repudiation
2. Integrity
3. Authentication
4. none of the above

8. )                           means that the data must arrive at the receiver exactly as they were sent.

1. Non-repudiation
2. Message integrity
3. Authentication
4. none of the above

9. )                             means that the receiver needs to be sure of the sender identity and that an imposter has

not sent the message.

1. Non-repudiation
2. Message integrity
3. Message authentication
4. none of the above

10. )                                        can provide authentication, integrity, and nonrepudiation for a message.

1. Encryption/decrypti on
2. Digital signature
3. Compression
4. none of the above

11. )Digital signature does not provide                                  .

1. non-repudiation
2. privacy
3. authentication
4. provides all of the above

12. )In                                , the entity identity is verified once for the entire duration of system access.

1. entity authentication
2. message integrity
3. message authentication
4. none of the above

13. )The symmetric (shared) key in the Diffie-Hellman protocol is                                                   .

1. K = Gxy mod N
2. K = Gx mod N
3. K = Gy mod N
4. none of the above

14. )In                              cryptography, everyone has access to everyone ?s public key.

1. symmetric-key
2. asymmetric-key
3. both a and b
4. none of the above

15. )                             servers are involved in the Kerberos protocol.

1. Two
2. Three
3. Four
4. none of the above

16. )n Kerberos, the                         is the KDC.

1. AS
2. TGS
3. real server
4. none of the above

17. )In Kerberos, the                          issues the ticket for the real server.

1. AS
2. TGS
3. real server
4. none of the above

18. ) In Kerberos, the                                     provides services for the entity.

1. AS
2. TGS
3. real server
4. none of the above

19. ) Kerberos allows the global distribution of ASs and TGSs, with each system called a

1. server
2. realm
3. client
4. none of the above

20. )IP Security (IPSec) is a collection of protocols designed by the IETF (Internet Engineering Task

Force) to provide security for a packet at the                                      level.

1. data link
2. network
3. transport
4. none of the above

21. ) IPSec requires a logical connection between two hosts using a signaling protocol called

.

1. AS
2. SA
3. AS
4. none of the above

22. ) IPSec operates at two different modes:                                   mode and                           mode.

1. transport; network
2. transport; tunnel
3. tunnel; surface
4. none of the above

23. ) In the                            mode, the IPSec header is added between the IP header and the rest of the packet.

1. transport
2. tunnel
3. both a and b
4. none of the above

24. )In the                         mode, the IPSec header is placed in front of the original IP header.

1. transport
2. tunnel
3. both a and b
4. none of the above

25. ) IPSec defines two protocols:                                 and                             .

1. AH: SSP
2. ESP; SSP
3. AH: EH
4. none of the above

26. ) The                         protocol is designed to authenticate the source host and to ensure the integrity of the

payload carried by the IP packet.

1. AH
2. ESP
3. both a and b
4. none of the above

27. ) The                       protocol provides message authentication and integrity, but not privacy.

1. AH
2. ESP
3. both a and b
4. none of the above

28. ) The                       protocol provides message authentication, integrity, and privacy.

1. AH
2. ESP
3. both a and b
4. none of the above

29. ) The                       was designed to provide security at the transport layer.

1. AH
2. ESP
3. TLS
4. none of the above

30. )                     was invented by Phil Zimmermann to provide all four aspects of security in the sending of

email.

1. AH
2. ESP
3. TLS
4. none of the above

31. ) A packet-filter firewall filters at the                                  or                                 layer.

1. network; application
2. transport; application

3. network; transport
4. none of the above

32. ) A proxy firewall filters at the                                      layer.

1. transport
2. network
3. application
4. none of the above

33. ) Before a message is encrypted, it is called                              .

1. plaintext
2. ciphertext
3. cryptotext
4. none of the above

34. )After a message is encrypted, it is called                              .

1. plaintext
2. ciphertext
3. cryptotext
4. none of the above

35. ) If 20 people need to communicate using symmetric-key cryptography,                                     

symmetric keys are needed.

1. 19
2. 20

C) 190

D) 200

36. ) In the asymmetric-key method of cryptography, which key is publicly known?

1. encryption key only
2. decryption key only
3. both
4. none of the above

37. ) In the asymmetric-key method of cryptography, the receiver has possession of the

                   .

1. private key
2. public key
3. both keys
4. none of the above

38. ) The RSA algorithm uses                              cryptography method.

1. an asymmetric-key
2. a private-key
3. a symmetric-key
4. none of the above

39. )If user A wants to send an encrypted message to user B, the plaintext is encrypted with the public

key of        

1. user A
2. user B
3. the network

4. none of the above

40. ) In the digital signature technique when the whole message is signed using an asymmetric key, the

sender of the message uses                        to sign the message.

1. his or her own symmetric key
2. his or her own private key
3. his or her own public key
4. none of the above

41. ) In the digital signature technique when the whole message is signed using an asymmetric key, the

receiver of the message uses                         to verify the signature.

1. her or his own symmetric key
2. her or his own private key
3. the sender ?s public key
4. none of the above

42. ) A                      is a trusted third party that solves the problem of symmetric-key distribution.

1. CA
2. KDC
3. TLS
4. firewall

43. )A                      certifies the binding between a public key and its owner.

1. CA
2. KDC
3. TLS
4. none of the above

44. ) In a                       attack, a message captured by an intruder is illegally sent a second time.

1. return
2. man-in-the-middle
3. replay
4. none of the above

45. ) A                      is a large number used only once that helps distinguish a fresh authentication request

from a repeated one.

1. ticket
2. nonce
3. realm
4. none of the above

46. ) In the                       protocol, the symmetric key is K = Gxy mod N, where G and N are public numbers.

1. Diffie-Hellman
2. Needham-Schroeder
3. Otway-Rees
4. none of the above

47. ) In a                       attack, an intruder comes between two communicating parties, intercepting and