Question 1

Public key cryptography is __________ .

bit patterned
one key
symmetric
asymmetric
Question 2
Message encryption alone provides a secure form of authentication.
 True
 False

Question 3
Secure Hash Algorithms with hash value lengths of 256, 384, and 512 bits are collectively
known as _________ .
SHA-
0
SHA-
3
SHA-
2
SHA-
1
Question 4
Because of the mathematical properties of the message authentication code function it is less
vulnerable to being broken than encryption.
 True
 False

Question 5
Private key encryption is used to produce digital signatures which provide an enhanced form
of message authentication.
 True
 False

Question 6
The purpose of the _________ algorithm is to enable two users to exchange a secret key
securely that then can be used for subsequent encryption of messages and depends on the
difficulty of computing discrete logarithms for its effectiveness.
Diffie-Hellman
RSA
DSS
Rivest-Adleman
Question 7
Public key algorithms are useful in the exchange of conventional encryption keys.
 True
 False

Question 8
Based on the use of a mathematical construct known as the elliptic curve and offering equal
security for a far smaller bit size, __________ has begun to challenge RSA.
DSS
TCB
RIPE-160
ECC
Question 9
In the ECB mode of encryption if an attacker reorders the blocks of ciphertext then each
block will still decrypt successfully, however, the reordering may alter the meaning of the
overall data sequence.
 True
 False

Question 10
The private key is known only to its owner.
 True
 False

Question 11
The readable message or data that is fed into the algorithm as input is the __________ .

ciphertext

plaintext

encryption algorithm

private key

Question 12
Cryptographic hash functions generally execute slower in software than conventional
encryption algorithms such as DES.
 True
 False

Question 13
The two important aspects of encryption are to verify that the contents of the message have
not been altered and that the source is authentic.
 True
 False

Question 14
The most important hash function is ________ .
MA
C
SHA
OW
H
ECB
Question 15
If the message includes a _________ the receiver is assured that the message has not been
delayed beyond that normally expected for network transit.
sequence number
shared key
error detection code
timestamp
Question 16
"It is easy to generate a code given a message, but virtually impossible to generate a message
given a code" describes the __________ hash function property.
second preimage resistant
preimage resistant
strong collision resistant
collision resistant
Question 17
The security of the Diffie-Hellman key exchange lies in the fact that, while it is relatively
easy to calculate exponentials modulo a prime, it is very easy to calculate discrete logarithms.
 True
 False

Question 18
Even in the case of complete encryption there is no protection of confidentiality because any
observer can decrypt the message by using the sender's public key.
 True
 False

Question 19
The __________ property protects against a sophisticated class of attack known as the
birthday attack.
preimage resistant
one-way
collision resistant
second preimage resistant
Question 20
The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not
authenticate the participants.
 True
 False

Question 21
The strength of a hash function against brute-force attacks depends solely on the length of the
hash code produced by the algorithm.
 True
 False

Question 22
The main advantage of HMAC over other proposed hash based schemes is that HMAC can
be proven secure, provided that the embedded hash function has some reasonable
cryptographic strengths.
 True
 False
Question 23
It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). A hash function
with this property is referred to as __________ .
collision resistant
preimage resistant
one-way
weak collision resistant
Question 24
__________ is a procedure that allows communicating parties to verify that received
messages are authentic.
ECB
Message authentication
Passive attack
Encryption
Question 25
The key used in conventional encryption is typically referred to as a _________ key.
secondary
primary
cipher
secret
Question 26
The purpose of a ___________ is to produce a "fingerprint" of a file, message, or other block of data.

hash function

public key

message authentication

cipher encryption

Question 27
________ protects against passive attacks (eavesdropping).
Obfuscation
Encryption
SCR
Message authenticatio
Question 28
In addition to providing authentication, a message digest also provides data integrity and
performs the same function as a frame check sequence.
 True
 False

Question 29
Public key algorithms are based on mathematical functions rather than on simple operations
on bit patterns.
 True
 False
Question 30
The most widely accepted and implemented approach to public-key encryption, _________ is
a block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some
n.
MD
5
RSA
SHA
CTR
Question 1
The __________ is an Internet protocol that enables dynamic allocation of IP addresses to
hosts.
VLAN
IEEE
802.1X
EAPS
DHCP
Question 2
___________ is an umbrella term for managing access to a network.
NA
S
AR
C
NA
C
RA
S
Question 3
The __________ determines what access should be granted.
authentication server
policy server
supplicant
access requestor
Question 4
_________ is a client computer that is attempting to access a network.
EAP peer
PSK
NAC
RAS
Question 5
A ________ is a party that can conduct independent assessment of cloud service, information
sytem operations, performance, and security of the cloud implementation.
cloud auditor
cloud carrier
cloud broker
 all of the above
Question 6
Data must be secured while at rest, in transit, and in use, and access to the data must be
controlled.
 True
 False

Question 7
There is a decreasing trend in organizations to move information technology operations to a
cloud computing infrastructure.
 True
 False

Question 8
Cloud computing gives you the ability to expand and reduce resources according to your
specific service requirement.
 True
 False

Question 9
VLANs are common NAC enforcement methods.
 True
 False

Question 10
The _________ is the node that is attempting to access the network and may be any device
that is managed by the network access control system.
AR
RA
S
IP
PS
Question 11
_________ enables customers to combine basic computing services, such as number
crunching and data storage, to build highly adaptable computer systems.
IaaS
EAP peer
CP
SaaS
Question 12
For many clients, the most devastating impact from a security breach is the loss or leakage of
data.
 True
 False

Question 13
A ________ is a person, organization, or entity responsible for making a service available to
interested parties.
cloud broker
cloud auditor
cloud provider
 cloud carrier
Question 14
In using cloud infrastructures, the client necessarily cedes control to the CP on a number of
issues that may affect security.
 True
 False

Question 15
_________ saves the complexity of software installation, maintenance, upgrades, and
patches.
IaaS
SaaS
EAP
DHC
P
Question 16
With a _________ infrastructure, the cloud infrastructure is made available to the general
public or a large industry group and is owned by an organization selling cloud services.
hybrid cloud
private cloud
public cloud
community cloud
Question 17
The NIST cloud computing reference architecture focuses on the requirements of what cloud
services provide, not a how to design solution and implementation.
 True
 False

Question 18
With a _________ infrastructure, the cloud infrastructure is shared by several organizations
and supports a specific community that has shared concerns.
community cloud
public cloud
private cloud
hybrid cloud

Question 19
The cloud provider in a private cloud infrastructure is responsible for both the infrastructure
and the control.
 True
 False

Question 20
In effect, ________ is an operating system in the cloud.
IEEE
802.1X
PaaS
IaaS
DHCP
Question 21
Broad network access, measured service, resource pooling, and rapid elasticity are essential
characteristics of ___________.
PaaS
network access control
cloud computing
EAP-TLS
Question 22
A cloud broker is useful when cloud services are too complex for a cloud consumer to easily
manage.
 True
 False

Question 23
A _________ is a person or organization that maintains a business relationship with, and uses
service from, cloud providers.
cloud auditor
cloud broker
cloud carrier
cloud consumer
Question 24
EAPOL operates at the network layers and makes use of an IEEE 802 LAN, such as Ethernet
or Wi-Fi, at the link level.
 True
 False

Question 25
The Extensible Authentication Protocol supports multiple authentication methods.
 True
 False

Question 26
A network access server does not include its own authentication services.
 True
 False

Question 27
The threat of data compromise decreases in the cloud.
 True
 False

Question 28
Network access control authenticates users logging into the network and determines what
data they can access and actions they can perform.
 True
 False

Question 29
_________ is the provision of security applications and services via the cloud either to cloud-
based infrastructure and software or from the cloud to the customers on-premise systems.
IaaS
 PaaS
SaaS
SecaaS
Question 30
Access requestors are also referred to as clients.
 True
 False