COMP 424 Midterm 1

What is NOT a security goal or property?
Confidentiality
Integrity
Accuracy
Accountability
Choose one which is NOT required to make the One-Time Pad unbreakable.
The key is at least as long as the message that must be encrypted
The key is truly random
Each key is used only once
The key is chosen from very long texts such as a book
Choose one that does NOT describe the Stream Ciphers correctly.
Stream cipher is a symmetric key cipher
Each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream
Stream Ciphers has perfect secrecy like One-Time Pad has
In practice, a digit is typically a bit and the combining operations is an exclusive-or (XOR)
What is the weakness of Electronic Code Book (ECB) encryption mode?
When one block changes, all later blocks also need to change
Reveals patterns of data when a data block repeats
Uses an arbitrary number that changes with each block of text encrypted
Because all the blocks are chained, it takes a long time to encrypt
Choose the wrong description about UNIX access control
There should be a one-to-many mapping from principals to users
The execution bit controls traversing a directory
Write + Execution control creates/deletes files in the directory
The final r/w/x bits of a file applies for others (not owner, not group
The Kasisky test for finding key length in Vigenere cipher is based on the observation that two identical segments of plaintext, will be encrypted to the same ciphertext, if they occur in the text at a distance ^ such that ^ is a multiple of m, the key length.
True
False
Diffie Hellman Key exchange protocol is based on Hardness of factoring a large number
True
False
Cross Site Scripting can occur when the web applications take user inputs that contain scripts and use them as part of the webpage
True
False
As a prevention of SQL injection attack, parameterized queries make it possible for the database to recognize the code and distinguish it from input data
True
False
In the access control model in Linux, the subject can be an object
True
False
When the system uses 128 bits of AES key for block cipher, to ensure collision resistance, how long of a hash output do you require to satisfy the Weakest Link Principle?
What access control principle does the following sentences describe? "This principle requires that all accesses to objects be checked to ensure they are allowed. Whenever a subject attempts to read an object, the operating system should interpose the action. First, it determines if the subject can read the object. If so, it provides the resources for the read to occur. If the subject tries to read the object again, the system should again check that the subject can still read the object."
What do the following sentences describe? "Guarded gates from user mode (space, land) into kernel mode (space, land). They change processor state from user mode to kernel mode so that CPU can access protected kernel memory."
0
{"name":"COMP 424 Midterm 1", "url":"https://www.quiz-maker.com/QJ5TSFCLU","txt":"What is NOT a security goal or property?, Choose one which is NOT required to make the One-Time Pad unbreakable., Choose one that does NOT describe the Stream Ciphers correctly.","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}
Powered by
Quiz Maker
Powered by: Quiz Maker