INFA 620 Midterm Network

Part 1: Multiple Choice Questions.

Note Unless specified otherwise all multiple choice questions have only one correct answer. Each question is worth 4 points.

General questions

1. Which of the following are not directly addressed when implementing network security? (Choose two.)

A) Personal safety B) Freedom of information initiatives C) Evolving business requirements D) Protection of data E) Physical plant security

2. Select from the following the best definition of security risk analysis:

A) Risk analysis looks at the probability that a vulnerability exists in your system. B) Risk analysis looks at the probability that your security measures won't stop a hacker breaking in to your system. C) Risk analysis determines what resources you need to protect and quantifies the costs of not protecting them. D) Risk analysis looks at the probability that a hacker may break in to your system. E) Risk analysis looks at the consequences of being connected to the Internet.

3. Which of the following is considered the first line of defense against human behavior?

A) Policies B) Cryptography C) Physical security D) Business continuity planning

4. Which of the following is considered a flaw, loophole, oversight, or error that makes the organization susceptible to attack or damage?

A) Risk B) Vulnerability C) Exposure D) Threat

Cryptography Fundamentals. Public-Key Cryptography and Message Authentication

5. The two methods of encrypting data are

A) Substitution and transposition B) Block and stream C) Symmetric and asymmetric D) DES and AES

6. The only cipher system said to be unbreakable by brute force is

A) AES B) DES C) One-time pad D) Triple DES

7. When a user needs to provide message integrity, what options may be the best?

A) Send a digital signature of the message to the recipient B) Encrypt the message with a symmetric algorithm and send it C) Create a checksum, append it to the message, encrypt the message, then send it to the recipient D) Encrypt the message with a private key so the recipient can decrypt with the corresponding public key

Key Distribution and User Authentication

8. Consider the following protocol that involves both RSA public-key operations and DES. Suppose that A has an RSA private key prv(A) and an RSA public key pub(A). Suppose that B has an RSA private key prv(B) and an RSA public key pub(B). Assume both A and B knows each other’s public key. A wants to send B some message M. A selects random DES key K and send B the following two messages: -- Epub(B)( K, Sigprv(A)(K)) -- EK(M) "E" means encryption and "Sig" means digital signature. Which of the following statement(s) is true? (Choose two.)

(A) Only B can decipher the contents of the message M. (B) B is certain that the message M is from A. (C) B can prove to a third party that the message M arrived from A. (D) B cannot decipher the contents of the message M. (E) B is not certain that the message M is from A.

 9. Suppose a user is authenticated based on an ID and password that are supplied by the transmitter in plaintext. Does it make any difference if the password and ID are encrypted?

(A) If the system authenticates users based on IDs and passwords that are transmitted in plaintext, the system is very insecure. (B) If the password and ID are encrypted, the system is definitely more secure than in the plaintext case. (C) The intruder can still record the encrypted ID and the corresponding encrypted password. By replaying these, the intruder can gain access to the system. (D) None of the above is correct.

10. You have an issue in your company with users claiming they did not receive e-mail messages, while other users claim they were sent. What PKI component will help you to prove the dates and times of messages sent on the network?

A) Non-Repudiation B) Encryption C) Encapsulation D) Integrity E) Confidentiality

11. A certificate authority provides what benefits to a user?

A) Protection of public keys of all users B) History of symmetric keys C) Proof of nonrepudiation of origin D) Validation that a public key is associated with a particular user

Network Vulnerabilities, Attacks and Countermeasures

12. All of the following are types of cyber attack, except:

A) A nuclear explosion that knocks out all electronic devices. B) Spam. C) Malicious software designed to interrupt services. D) A flood of computers hacked to disrupt other computers.

13. If you notice that the number of existing half-open sessions is beginning to rise, what could this indicate? (Select all that apply)

A) Answers B) Man in the Middle attack C) Serial Scan D) IP Spoofing E) Port Scan F) DoS attack

14. DoS attacks exist for which part of the OSI protocol stack?

A) Application and Presentation B) Session and Transport C) Network and Data Link D) All of the above

15. Consider using DHCP. What are the major security concerns? Indicate the two best answers from the following list.

A) The network is vulnerable to man-in-the-middle attacks. B) Anyone hooking up to the network can automatically receive a network address. C) Clients might be redirected to an incorrect DNS address. D) There are no security concerns with using DHCP

Part 2: Short Answers. Please answer briefly and completely.

1. Consider a public key encryption. Ann wants to send Bill a message. Let Annpriv and Annpub be Ann’s private and public keys respectively. The same for Bill (Billpriv and Billpub).

(a) If Ann sends a message to Bill, what encryption should Ann use so that only Bill can decrypt the message (secrecy)? (4 points)

(b) Can Ann encrypt the message so that anyone who receives the message is assured that the message only came from Ann (authenticity)? (4 points)

(c) Is it possible for Ann to devise a method that will allow for both secrecy and authenticity for her message? Please justify your answer. (4 points)

2. Alan and Bill agree (through a public exchange) on using the Diffie-Hellman algorithm to create a common secret key. They also agree on two public numbers: q (large prime number), a (generator mod q): q = 7, a = 2

Alan generates a random CA =6, use CA to calculate DA and then sends DA to Bill. Alan has also received a value DB from Bill.

Bill generates a random CB =7, use CB to calculate DB and then sends DB to Alan. Bill has also received the value DA sent from Alan as mentioned above.

(a)    What is DA? (i.e. DA =?) (4 points) (b) What is DB? (i.e. DB =?) (4 points) (c) What is the common secret key between Alan and Bill? (4 points) (Note you must show calculation procedures to obtain full points for each question)

(b)    

3. Consider the following hashing algorithm. A binary block of length M is divided into subblocks of length 128 bits, and the last block is padded with zeros to a length of 128. The hash consists of the XOR of the resulting 128-bit vectors. Is this algorithm appropriate for encryption? Explain. (16 points)