Network-Security
Question 1 |
The value of 351 mod 5 is ______.
3 | |
5 | |
2 | |
1 |
Question 1 Explanation:
351 mod 5
⇒ 31 = 3 ⇒ 3 mod 5 = 3
32 ⇒ 9 mod 5 = 4
33 ⇒ 27 mod 5 = 2
34 ⇒ 81 mod 5 = 1
35 ⇒ 243 mod 5 = 3
For every four numbers sequence is repeating.
So, (51 % 4) = 3
⇒ 33 = 27
⇒ 27 mod 5 = 2
⇒ 31 = 3 ⇒ 3 mod 5 = 3
32 ⇒ 9 mod 5 = 4
33 ⇒ 27 mod 5 = 2
34 ⇒ 81 mod 5 = 1
35 ⇒ 243 mod 5 = 3
For every four numbers sequence is repeating.
So, (51 % 4) = 3
⇒ 33 = 27
⇒ 27 mod 5 = 2
Question 2 |
In an RSA cryptosystem, the value of the public modulus parameter n is 3007. If it is also known that Φ(n) = 2880, where Φ() denotes Euler's Quotient Function, then the prime factor of n which is greater than 50 is ______.
107 | |
97 | |
45 | |
92 |
Question 2 Explanation:
It can be solved by Hit and trial method in less time.
n = 3007, fi(n) = 2880 → fi(n) = (p – 1) (q – 1),
where p, q are prime factor of n.
The unit place of n is 7, it is a prime number and factor will be
1.7=7
11*17
21*37
31*47
….
31*97 =>3007
n = 3007 => 31*97
Therefore, 31 & 97 are the two prime numbers, which is satisfying the condition and 97 is greater than 50.
So, 97 is the correct answer.
Other methods:
When ϕ(n) is given when n=pq where p and q are prime numbers, then we have
ϕ(n) = (p−1)(q−1) = pq−(p+q)+1
But pq=n,
therefore, ϕ(n) = n−(p+q)+1 and p+q = n+1−ϕ(n).
Now, p and q are the roots of the equation,
x2 − (p+q)x + pq = (x-p)(x-q)
Substituting for p+q and pq in the above equation
x2 - (n+1-ϕ(n))x + n
n = 3007, fi(n) = 2880 → fi(n) = (p – 1) (q – 1),
where p, q are prime factor of n.
The unit place of n is 7, it is a prime number and factor will be
1.7=7
11*17
21*37
31*47
….
31*97 =>3007
n = 3007 => 31*97
Therefore, 31 & 97 are the two prime numbers, which is satisfying the condition and 97 is greater than 50.
So, 97 is the correct answer.
Other methods:
When ϕ(n) is given when n=pq where p and q are prime numbers, then we have
ϕ(n) = (p−1)(q−1) = pq−(p+q)+1
But pq=n,
therefore, ϕ(n) = n−(p+q)+1 and p+q = n+1−ϕ(n).
Now, p and q are the roots of the equation,
x2 − (p+q)x + pq = (x-p)(x-q)
Substituting for p+q and pq in the above equation
x2 - (n+1-ϕ(n))x + n
Question 3 |
Using public key cryptography, X adds a digital signature to message M, encrypts <M, σ>, and sends it to Y, where it is decrypted. Which one of the following sequences of keys is used for the operations?
Encryption: X’s private key followed by Y’s private key; Decryption: X’s public key followed by Y’s public key | |
Encryption: X’s private key followed by Y’s public key; Decryption: X’s public key followed by Y’s private key | |
Encryption: X’s public key followed by Y’s private key; Decryption: Y’s public key followed by X’s private key | |
Encryption: X’s private key followed by Y’s public key; Decryption: Y’s private key followed by X’s public key |
Question 3 Explanation:
Encryption: Source has to encrypt with its private key for forming Digital signature for Authentication. Source has to encrypt the (M, σ) with Y’s public key to send it confidentially.
Decryption: Destination Y has to decrypt first with its private key, then decrypt using source public key.
Question 4 |
A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOT
block entire HTTP traffic during 9:00PM and 5:00AM | |
block all ICMP traffic | |
stop incoming traffic from a specific IP address but allow outgoing traffic to the same IP address | |
block TCP traffic from a specific user on a multi-user system during 9:00PM and 5:00AM |
Question 4 Explanation:
(A) It is possible to block entire HTTP traffic by blocking port no.80.
(B) Possible because it is network layer protocol.
(C) Possible because SP address is present in Network layer.
(D) Not possible, because to block specific user, we need user id which is present in Application layer.
(B) Possible because it is network layer protocol.
(C) Possible because SP address is present in Network layer.
(D) Not possible, because to block specific user, we need user id which is present in Application layer.
Question 5 |
In the RSA public key cryptosystem, the private and public keys are (e, n) and (d, n) respectively, where n = p*q and p and q are large primes. Besides, n is public and p and q are private. Let M be an integer such that 0 < M < n and f(n) = (p- 1)(q-1). Now consider the following equations.
I. M’= Me mod n
M = (M’)d mod n
II. ed ≡ 1 mod n
III. ed ≡ 1 mod f(n)
IV. M’= Me mod f(n)
M = (M’)d mod f(n)
Which of the above equations correctly represent RSA cryptosystem?
I and II | |
I and III | |
II and IV | |
III and IV |
Question 5 Explanation:
To generate the encryption and decryption keys, we can proceed as follows.
1. Generate randomly two “large” primes p and q.
2. Compute n=pq and ∅=(p-1)(q-1).
3. Choose a number e so that
gcd(e,∅)=1
4. Find the multiplicative inverse of e modulo ∅, i.e., find d so that
ed≡1 (mod ∅)
This can be done efficiently using Euclid’s Extended Algorithm.
The encryption public key is KE=(n,e) and the decryption private key is KD=(n,d).
The encryption function is
E(M)=Me mod n
The decryption function is
D(M)=Md mod n
1. Generate randomly two “large” primes p and q.
2. Compute n=pq and ∅=(p-1)(q-1).
3. Choose a number e so that
gcd(e,∅)=1
4. Find the multiplicative inverse of e modulo ∅, i.e., find d so that
ed≡1 (mod ∅)
This can be done efficiently using Euclid’s Extended Algorithm.
The encryption public key is KE=(n,e) and the decryption private key is KD=(n,d).
The encryption function is
E(M)=Me mod n
The decryption function is
D(M)=Md mod n
Question 6 |
The total number of keys required for a set of n individuals to be able to communicate with each other using secret key and public key crypto-systems, respectively are:
n(n-1) and 2n | |
2n and n(n-1)/2 | |
n(n-1)/2 and 2n | |
n(n-1)/2 and n |
Question 6 Explanation:
For private key crypto, a key used for encryption as well as decryption. So, no. of keys required for n individuals is same as no. of communication link between any two individuals which is
nC2 = n(n-1)/2
In case of public key, each sender has its own public key as well as private key. So, no. of keys are 2n.
nC2 = n(n-1)/2
In case of public key, each sender has its own public key as well as private key. So, no. of keys are 2n.
Question 7 |
Consider the following two statements:
(i) A hash function (these are often used for computing digital signatures) is an injective function.
(ii) An encryption technique such as DES performs a permutation on the elements of its input alphabet.
Which one of the following options is valid for the above two statements?
Both are false | |
Statement (i) is true and the other is false | |
Statement (ii) is true and the other is false | |
Both are true |
Question 7 Explanation:
i) Hash function is many to one function. It is not one-one (or) injective.
ii) It uses the P-Box permutation.
Statement-I is false, II is true.
ii) It uses the P-Box permutation.
Statement-I is false, II is true.
Question 8 |
Your are given the following four bytes :
10100011 00110111 11101001 10101011Which of the following are substrings of the base 64 encoding of the above four bytes?
zdp | |
fpq | |
qwA | |
oze |
Question 8 Explanation:
You are given the following four bytes:
10100011 00110111 11101001 10101011
So, in total we have 32 bits. And for base 64 we need 6 digits of binary no. to represent one digit of base 64 no.
So lets padd 4 bits on RHS, so that total digits will become 36 and we can separate then as group of 6 digits each.
Now, the longest substring will be from checking option is 'fpq'.
10100011 00110111 11101001 10101011
So, in total we have 32 bits. And for base 64 we need 6 digits of binary no. to represent one digit of base 64 no.
So lets padd 4 bits on RHS, so that total digits will become 36 and we can separate then as group of 6 digits each.
Now, the longest substring will be from checking option is 'fpq'.
Question 9 |
Which of the following statement(s) is TRUE?
1. A hash function takes a message of arbitrary length and generates a fixed length code.
2. A hash function takes a message of fixed length and generates a code of variable length.
3. A hash function may give the same hash value for distinct messages.
1 only | |
2 and 3 only | |
1 and 3 only | |
2 only |
Question 9 Explanation:
(1) A hash function takes a message of arbitrary length and generates a fixed length code. So this is correct.
(2) Statement-2 is wrong, refer statement-1.
(3) Statement-3 is correct, for example hash function N%10, this will generate same values for 1 as well as 2!
(2) Statement-2 is wrong, refer statement-1.
(3) Statement-3 is correct, for example hash function N%10, this will generate same values for 1 as well as 2!
Question 10 |
A sender is employing public key cryptography to send a secret message to a receiver. Which one of the following statements is TRUE?
Sender encrypts using receiver’s public key | |
Sender encrypts using his own public key | |
Receiver decrypts using sender’s public key | |
Receiver decrypts using his own public key |
Question 10 Explanation:
Sender can encrypts using the receiver public key and receiver decrypts it using his own private key.
Question 11 |
Avalanche effect in cryptography
Is desirable property of the cryptographic algorithm | |
Is undesirable property of the cryptographic algorithm | |
Has no effect on the encryption algorithm | |
None of the above |
Question 11 Explanation:
→ In cryptography, the avalanche effect is the desirable property of cryptographic algorithms, typically block cyphers and cryptographic hash functions, wherein if input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip).
→ In the case of high-quality block cyphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext.
→ In the case of high-quality block cyphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext.
Question 12 |
What is one advantage of setting up a DMZ(Demilitarized Zone) with two firewalls?
You can control where traffic goes in the three networks | |
You can do stateful packet filtering | |
You can do load balancing | |
Improve network performance |
Question 12 Explanation:
→ The most secure approach is to use two firewalls to create a DMZ.
1. The first firewall (also called the "front-end" or "perimeter" firewall) must be configured to allow traffic destined to the DMZ only.
2. The second firewall (also called "back-end" or "internal" firewall) only allows traffic from the DMZ to the internal network.
This setup is considered more secure since two devices would need to be compromised. There is even more protection if the two firewalls are provided by two different vendors because it makes it less likely that both devices suffer from the same security vulnerabilities.
1. The first firewall (also called the "front-end" or "perimeter" firewall) must be configured to allow traffic destined to the DMZ only.
2. The second firewall (also called "back-end" or "internal" firewall) only allows traffic from the DMZ to the internal network.
This setup is considered more secure since two devices would need to be compromised. There is even more protection if the two firewalls are provided by two different vendors because it makes it less likely that both devices suffer from the same security vulnerabilities.
Question 13 |
Which one of the following algorithm is not used in asymmetric key cryptography?
RSA Algorithm | |
Diffie-Hellman Algorithm | |
Electronic Code Book Algorithm | |
None of the above |
Question 13 Explanation:
Question 14 |
SSL is not responsible for
Mutual authentication of client & server | |
Secret communication | |
Data Integrity protection | |
Error detection and correction |
Question 14 Explanation:
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
It is utilized to encrypt Web traffic using Hypertext Transfer Protocol (HTTP) and to authenticate Web servers, and to encrypt communications between Web browsers and Web servers etc.
So, other than error detection and correction, all options are correct.
It is utilized to encrypt Web traffic using Hypertext Transfer Protocol (HTTP) and to authenticate Web servers, and to encrypt communications between Web browsers and Web servers etc.
So, other than error detection and correction, all options are correct.
Question 15 |
The standard for certificates used on internet is
X.25 | |
X.301 | |
X.409 | |
X.509 |
Question 15 Explanation:
In cryptography, X.509 is a standard that defines the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web.
Question 16 |
Hashed message is signed by a sender using
his public key | |
his private key | |
receiver’s public key | |
receiver’s private key |
Question 16 Explanation:
After the generation of hashed message that needs to be transmitted over a network, it is signed or encrypted using the private key of the sender which also generates the digital signatures. The message is transmitted along with the digital signatures which ensures Authentication and Non-repudiation.
Question 17 |
MD5 is a widely used hash function for producing hash value of
64 bits | |
128 bits | |
512 bits | |
1024 bits |
Question 17 Explanation:
→ The Message Digest(MD5) algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities.
→ It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database.
→ It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database.
Question 18 |
Use of IPSEC in tunnel mode results in
IP packet with same header
| |
IP packet with new header
| |
IP packet without header
| |
No changes in IP packet |
Question 18 Explanation:
IPSec can be used to create VPN Tunnels to end-to-end IP Traffic (also called as IPSec Transport mode) or site-to-site IPSec Tunnels (between two VPN Gateways, also known as IPSec Tunnel mode).
IPSec Tunnel mode: In IPSec Tunnel mode, the original IP packet (IP header and the Data payload) is encapsulated within another packet.
In IPSec tunnel mode the original IP Datagram from is encapsulated with an AH (provides no confidentiality by encryption) or ESP (provides encryption) header and an additional IP header. The IP addresses of the newly added outer IP header are that of the VPN Gateways.
The traffic between the two VPN Gateways appears to be from the two gateways (in a new IP datagram), with the original IP datagram is encrypted (in case of ESP) inside IPSec packet.
IPSec Tunnel mode: In IPSec Tunnel mode, the original IP packet (IP header and the Data payload) is encapsulated within another packet.
In IPSec tunnel mode the original IP Datagram from is encapsulated with an AH (provides no confidentiality by encryption) or ESP (provides encryption) header and an additional IP header. The IP addresses of the newly added outer IP header are that of the VPN Gateways.
The traffic between the two VPN Gateways appears to be from the two gateways (in a new IP datagram), with the original IP datagram is encrypted (in case of ESP) inside IPSec packet.
Question 19 |
In a system an RSA algorithm with p=5 and q=11, is implemented for data security. What is the value of the decryption key if the value of the encryption key is 27?
3 | |
7 | |
27 | |
40 |
Question 19 Explanation:
The keys for the RSA algorithm are generated the following way:
1. Choose two distinct prime numbers p and q.
2. Compute n = pq.
3. Compute λ(n) = lcm(λ(p), λ(q)) = lcm(p − 1, q − 1), where λ is Carmichael's totient function. Choose an integer e such that 1 < e < λ(n) and gcd(e, λ(n)) = 1; i.e., e and λ(n) are coprime.
4. Determine d as d ≡ e−1 (mod λ(n)); i.e., d is the modular multiplicative inverse of e modulo λ(n). This means: solve for d the equation d⋅e ≡ 1 (mod λ(n)).
Given two prime numbers are p = 5 and q = 11, encryption key, e = 27
n = p * q = 5 * 11 = 55
λ(n)= (p-1) * (q-1) = 4 * 10 = 40
Let the value of decryption key be ‘d’ such that:
e * d mod λ(n) = 1
27 * d mod 40 = 1
d = 3
1. Choose two distinct prime numbers p and q.
2. Compute n = pq.
3. Compute λ(n) = lcm(λ(p), λ(q)) = lcm(p − 1, q − 1), where λ is Carmichael's totient function. Choose an integer e such that 1 < e < λ(n) and gcd(e, λ(n)) = 1; i.e., e and λ(n) are coprime.
4. Determine d as d ≡ e−1 (mod λ(n)); i.e., d is the modular multiplicative inverse of e modulo λ(n). This means: solve for d the equation d⋅e ≡ 1 (mod λ(n)).
Given two prime numbers are p = 5 and q = 11, encryption key, e = 27
n = p * q = 5 * 11 = 55
λ(n)= (p-1) * (q-1) = 4 * 10 = 40
Let the value of decryption key be ‘d’ such that:
e * d mod λ(n) = 1
27 * d mod 40 = 1
d = 3
Question 20 |
Match the following symmetric block ciphers with corresponding block and key sizes :
List-I List-II (a) DES (i) block size 64 and key size ranges between 32 and 448 (b) IDEA (ii) block size 64 and key size 64 (c) BLOWFISH (iii) block size 128 and key sizes 128, 192, 256 (d) AES (iv) block size 64 and key size 128
(a)-(iv), (b)-(ii), (c)-(i), (d)-(iii)
| |
(a)-(ii), (b)-(iv), (c)-(i), (d)-(iii) | |
(a)-(ii), (b)-(iv), (c)-(iii), (d)-(i) | |
(a)-(iv), (b)-(ii), (c)-(iii), (d)-(i) |
Question 20 Explanation:
→ Data Encryption Standard(DES), which uses symmetric key method for encryption of data. It uses block size 64 and key size 128 for encryption.
→ International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher. It uses block size 64 and key size 128.
→ Blowfish is a symmetric-key block cipher used for a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. It uses block size 64 and key size ranges between 32 and 448.
→ Advanced Encryption Standard(AES), which uses symmetric key method for encryption of data. It uses block size 128 and key sizes 128, 192, 256.
*****It’s worthy to remember below table.
→ International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher. It uses block size 64 and key size 128.
→ Blowfish is a symmetric-key block cipher used for a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. It uses block size 64 and key size ranges between 32 and 448.
→ Advanced Encryption Standard(AES), which uses symmetric key method for encryption of data. It uses block size 128 and key sizes 128, 192, 256.
*****It’s worthy to remember below table.
Question 21 |
Decrypt the message “WTAAD” using the Caesar Cipher with key = 15.
LIPPS
| |
HELLO
| |
OLLEH | |
DAATW |
Question 21 Explanation:
We decrypt one character at a time. Each character is shifted 15 characters up Letter W is decrypted to H shifted 15 characters up. Letter W is decrypted to H. Letter T is decrypted to E. The first A is decrypted to L. The second A is decrypted to L And finally D is The second A is decrypted to L. And, finally, D is decrypted to O. The plain text is HELLO.
Question 22 |
Encrypt the Message “HELLO MY DEARZ” using Transposition Cipher with
HLLEO YM AEDRZ | |
EHOLL ZYM RAED | |
ELHL MDOY AZER | |
ELHL DOMY ZAER |
Question 22 Explanation:
Step-1: According to key we have to divide into number of character blocks.
Here, key size = 4. So, character block size is 4.
Step-2: Remove the spaces in the message and write into sequential order.
Step-3: Get cipher text according to ascending order is ELHL MDOY AZER.
Here, key size = 4. So, character block size is 4.
Step-2: Remove the spaces in the message and write into sequential order.
Step-3: Get cipher text according to ascending order is ELHL MDOY AZER.
Question 23 |
Which of the following statement/s is/are true?
- (i) Firewall can screen traffic going into or out of an organization.
(ii) Virtual private networks cam simulate an old leased network to provide certain desirable properties.
Choose the correct answer from the code given below:
Code:(i) only | |
Neither (i) nor (ii) | |
Both (i) and (ii)
| |
(ii) only |
Question 23 Explanation:
Statement 1 is correct because firewall works on the Application layer, so it can screen the traffic going into and out of the traffic.
Statement 2 is correct. Virtual private networks cam simulate an old leased network to provide certain desirable properties.
Statement 2 is correct. Virtual private networks cam simulate an old leased network to provide certain desirable properties.
Question 24 |
Suppose that everyone in a group of N people wants to communicate secretly with (N-1) other people using symmetric key cryptographic system. The communication between any two persons should not be decodable by the others in the group. The number of keys required in the system as a whole to satisfy the confidentiality requirement is
2N | |
N(N-1) | |
N(N-1)/2
| |
(N-1)2
|
Question 24 Explanation:
→ If one person in a group of N people want to communicate with remaining (N-1) people using symmetric key cryptographic system then he needs (N-1) keys.
→ We have N people in group so number of keys needed are N(N-1).
→ But two people in a group can use same keys then no need to use 2(N-1) keys they can communicate using (N-1) keys.
So, total number of keys needed [N(N-1)]/2.
→ We have N people in group so number of keys needed are N(N-1).
→ But two people in a group can use same keys then no need to use 2(N-1) keys they can communicate using (N-1) keys.
So, total number of keys needed [N(N-1)]/2.
Question 25 |
Which of the following is NOT a symmetric key algorithm?
Ellipse Curve Cryptography
| |
Advanced Encryption standard
| |
Data Encryption Standard
| |
Blowfish |
Question 25 Explanation:
Question 26 |
The traditional cryptographic cipher that records the letters but do not disguise them is:
Substitute cipher | |
One-time pads
| |
Secret key algorithms
| |
Transposition cipher |
Question 26 Explanation:
A transposition cipher reorders the letters but does not disguise them. The key is a word or phrase not containing any repeated letters. Its purpose is to number the columns, column 1 being under the letter closest to the start of the alphabet, and so on.
Also this code can be easily broken.
Also this code can be easily broken.
Question 27 |
An attacker sits between the sender and receiver and captures the information and retransmits to the receiver after some time without altering the information. This attack is called as _____.
Denial of service attack | |
Masquerade attack | |
Simple attack | |
Complex attack |
Question 27 Explanation:
→ An attacker sits between the sender and receiver and captures the information and retransmits to the receiver after some time without altering the information. This attack is called as Denial of service attack(DoS).
→ A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
→ A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
Question 28 |
An attacker sits between customer and Banker, and captures the information from the customer and retransmits to the banker by altering the information. This attack is called as ______.
Masquerade Attack | |
Replay Attack | |
Passive Attack | |
Denial of Service Attack |
Question 28 Explanation:
→ A masquerade takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack. For example,authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges.
→ Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
→ Passive attacks are very difficult to detect, because they do not involve any alteration of the data.Typically,the message traffic is sent and received in an apparently normal fashion,and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern.However,it is feasible to prevent the success of these attacks,usually by means of encryption.Thus,the emphasis in dealing with passive attacks is on prevention rather than detection.
→ The denial of service prevents or inhibits the normal use or management of communications facilities.This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g.,the security audit service).Another form of service denial is the disruption of an entire network,either by disabling the network or by overloading it with messages so as to degrade performance
→ Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
→ Passive attacks are very difficult to detect, because they do not involve any alteration of the data.Typically,the message traffic is sent and received in an apparently normal fashion,and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern.However,it is feasible to prevent the success of these attacks,usually by means of encryption.Thus,the emphasis in dealing with passive attacks is on prevention rather than detection.
→ The denial of service prevents or inhibits the normal use or management of communications facilities.This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g.,the security audit service).Another form of service denial is the disruption of an entire network,either by disabling the network or by overloading it with messages so as to degrade performance
Question 29 |
The term ’hacker’ was originally associated with :
A computer program | |
Virus | |
Computer professionals who solved complex computer problems. | |
All of the above |
Question 29 Explanation:
→ A computer hacker is any skilled computer expert that uses their technical knowledge to overcome a problem. While "hacker" can refer to any skilled computer programmer, the term has become associated in popular culture with a "security hacker", someone who, with their technical knowledge, uses bugs or exploits to break into computer systems.
Question 30 |
The use of a smart card represents a form of :
password encryption | |
user - ID encryption | |
authorization | |
authentication |
Question 30 Explanation:
A smart card, chip card, or integrated circuit card (ICC) is a physical electronic authorization device, used to control access to a resource.
Question 31 |
SET, an open encryption and security specification model that is designed for
protecting credit card transactions on the internet, stands for
Secure Electronic Transaction | |
Secular Enterprise for Transaction | |
Security Electronic Transmission | |
Secured Electronic Termination |
Question 31 Explanation:
Secure Electronic Transaction (SET) is a communications protocol standard for securing credit card transactions over networks, specifically, the Internet.
→ SET was not itself a payment system, but rather a set of security protocols and formats that enabled users to employ the existing credit card payment infrastructure on an open network in a secure fashion.
→ SET was not itself a payment system, but rather a set of security protocols and formats that enabled users to employ the existing credit card payment infrastructure on an open network in a secure fashion.
Question 32 |
Suppose that everyone in a group of N people wants to communicate secretly with (N-1) other people using symmetric key cryptographic system. The communication between any two persons should not be decodable by the others in the group. The number of keys required in the system as a whole to satisfy the confidentiality requirement is
2N | |
N(N-1) | |
N(N-1)/2 | |
(N-1) 2 |
Question 32 Explanation:
→ If one person in a group of N people want to communicate with remaining (N-1) people using symmetric key cryptographic system then he needs (N-1) keys.
→ We have N people in group so number of keys needed are N(N-1)
→ But two people in a group can use same keys then no need to use 2(N-1) keys they can communicate using (N-1) keys.
So total number of keys needed [N(N-1)]/2
→ We have N people in group so number of keys needed are N(N-1)
→ But two people in a group can use same keys then no need to use 2(N-1) keys they can communicate using (N-1) keys.
So total number of keys needed [N(N-1)]/2
Question 33 |
Which of the following substitution technique have the relationship between a character in the plain text and a character in the ciphertext as one-to-many ?
Monoalphabetic | |
Polyalphabetic | |
Transpositional | |
None of the above |
Question 33 Explanation:
Monoalphabetic Substitution: The relationship between a character in the plaintext and a character in the ciphertext is always one-to-one
Polyalphabetic Substitution: This is an improvement over the Caesar cipher. In polyalphabetic substitution, each occurrence of a character may have a different substitute. Here the relationship between a character in the plaintext and a character in the ciphertext is always one-to-many.
Transposition Cipher: The transposition cipher, the characters remain unchanged but their positions are changed to create the ciphertext. A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbols. A transposition cipher reorders symbols.
Polyalphabetic Substitution: This is an improvement over the Caesar cipher. In polyalphabetic substitution, each occurrence of a character may have a different substitute. Here the relationship between a character in the plaintext and a character in the ciphertext is always one-to-many.
Transposition Cipher: The transposition cipher, the characters remain unchanged but their positions are changed to create the ciphertext. A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbols. A transposition cipher reorders symbols.
Question 34 |
Match the following symmetric block ciphers with corresponding block and key sizes :
(a)-(iv), (b)-(ii), (c)-(i), (d)-(iii) | |
(a)-(ii), (b)-(iv), (c)-(i), (d)-(iii) | |
(a)-(ii), (b)-(iv), (c)-(iii), (d)-(i) | |
(a)-(iv), (b)-(ii), (c)-(iii), (d)-(i) |
Question 34 Explanation:
→ Data Encryption Standard(DES), which uses symmetric key method for encryption of data. It uses block size 64 and key size 128 for encryption.
→ International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher. It uses block size 64 and key size 128.
→ Blowfish is a symmetric-key block cipher used for a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. It uses block size 64 and key size ranges between 32 and 448.
→ Advanced Encryption Standard(AES), which uses symmetric key method for encryption of data. It uses block size 128 and key sizes 128, 192, 256
*****It’s worthy to remember below table.
→ International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher. It uses block size 64 and key size 128.
→ Blowfish is a symmetric-key block cipher used for a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. It uses block size 64 and key size ranges between 32 and 448.
→ Advanced Encryption Standard(AES), which uses symmetric key method for encryption of data. It uses block size 128 and key sizes 128, 192, 256
*****It’s worthy to remember below table.
Question 35 |
In Challenge-Response authentication the claimant .
Proves that she knows the secret without revealing it | |
Proves that she doesn’t know the secret | |
Reveals the secret | |
Gives a challenge |
Question 35 Explanation:
→ Challenge-Response authentication is a family of protocols in which one party presents a question ("challenge") and another party must provide a valid answer ("response") to be authenticated.
→ The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password.
→ A more interesting challenge–response technique works as follows. Say, Bob is controlling access to some resource. Alice comes along seeking entry. Bob issues a challenge, perhaps "52w72y". Alice must respond with the one string of characters which "fits" the challenge Bob issued. The "fit" is determined by an algorithm "known" to Bob and Alice. (The correct response might be as simple as "63x83z" (each character of response one more than that of challenge), but in the real world, the "rules" would be much more complex.) Bob issues a different challenge each time, and thus knowing a previous correct response (even if it isn't "hidden" by the means of communication used between Alice and Bob) is of no use.
→ The simplest example of a challenge–response protocol is password authentication, where the challenge is asking for the password and the valid response is the correct password.
→ A more interesting challenge–response technique works as follows. Say, Bob is controlling access to some resource. Alice comes along seeking entry. Bob issues a challenge, perhaps "52w72y". Alice must respond with the one string of characters which "fits" the challenge Bob issued. The "fit" is determined by an algorithm "known" to Bob and Alice. (The correct response might be as simple as "63x83z" (each character of response one more than that of challenge), but in the real world, the "rules" would be much more complex.) Bob issues a different challenge each time, and thus knowing a previous correct response (even if it isn't "hidden" by the means of communication used between Alice and Bob) is of no use.
Question 36 |
Decrypt the message “WTAAD” using the Caesar Cipher with key=15.
LIPPS | |
HELLO | |
OLLEH | |
DAATW |
Question 36 Explanation:
We decrypt one character at a time. Each character is shifted 15 characters up Letter W is decrypted to H shifted 15 characters up. Letter W is decrypted to H. Letter T is decrypted to E.The first A is decrypted to L. The second A is decrypted to L And finally D is The second A is decrypted to L. And, finally, D is decrypted to O.The plain text is HELLO
Question 37 |
Encrypt the Message “HELLO MY DEARZ” using Transposition Cipher with
HLLEO YM AEDRZ | |
EHOLL ZYM RAED | |
ELHL MDOY AZER | |
ELHL DOMY ZAER |
Question 37 Explanation:
Step-1: According to key we have to divide into number of character blocks.
Here, key size=4. So, character block size is 4.
Step-2: Remove the spaces in the message and write into sequential order.
Step-3: Get cipher text according to ascending order is ELHL MDOY AZER.
Here, key size=4. So, character block size is 4.
Step-2: Remove the spaces in the message and write into sequential order.
Step-3: Get cipher text according to ascending order is ELHL MDOY AZER.
Question 38 |
AES is a round cipher based on the Rijndael Algorithm that uses a 128-bit block of data. AES has three different configurations. ______ rounds with a key size of 128 bits, ______ rounds with a key size of 192 bits and ______ rounds with a key size of 256 bits.
5, 7, 15 | |
10, 12, 14 | |
5, 6, 7 | |
20, 12, 14 |
Question 38 Explanation:
→ AES is a round cipher based on the Rijndael Algorithm that uses a 128-bit block of data.
→ The key size used for an AES cipher specifies the number of transformation rounds that convert the input, called the plaintext, into the final output, called the ciphertext.
→ The number of rounds are as follows:
1. 10 rounds with a key size of 128 bits.
2. 12 rounds with a key size of 192 bits.
3. 14 rounds with a key size of 256 bits.
→ The key size used for an AES cipher specifies the number of transformation rounds that convert the input, called the plaintext, into the final output, called the ciphertext.
→ The number of rounds are as follows:
1. 10 rounds with a key size of 128 bits.
2. 12 rounds with a key size of 192 bits.
3. 14 rounds with a key size of 256 bits.
Question 39 |
Data Encryption Techniques are particularly used for ______.
protecting data in Data Communication System. | |
reduce Storage Space Requirement. | |
enhances Data Integrity. | |
decreases Data Integrity. |
Question 39 Explanation:
Data Encryption Techniques are particularly used for protecting data in Data Communication System.
Question 40 |
In ________ substitution, a character in the plaintext is always changed to the same character in the ciphertext, regardless of its position in the text.
polyalphabetic | |
monoalphabetic | |
transpositional | |
multi alphabetic |
Question 40 Explanation:
Monoalphabetic Substitution: The relationship between a character in the plaintext and a character in the ciphertext is always one-to-one
Polyalphabetic Substitution: This is an improvement over the Caesar cipher. In polyalphabetic substitution, each occurrence of a character may have a different substitute. Here the relationship between a character in the plaintext and a character in the ciphertext is always one-to-many.
Transposition Cipher: The transposition cipher, the characters remain unchanged but their positions are changed to create the ciphertext. A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbols. A transposition cipher reorders symbols.
Polyalphabetic Substitution: This is an improvement over the Caesar cipher. In polyalphabetic substitution, each occurrence of a character may have a different substitute. Here the relationship between a character in the plaintext and a character in the ciphertext is always one-to-many.
Transposition Cipher: The transposition cipher, the characters remain unchanged but their positions are changed to create the ciphertext. A transposition cipher does not substitute one symbol for another, instead it changes the location of the symbols. A transposition cipher reorders symbols.
Question 41 |
Using data p=3, q=11, n=pq, d=7 in RSA algorithm find the cipher text of the given plain text SUZANNE
BUTAEEZ | |
SUZANNE | |
XYZABCD | |
ABCDXYZ |
Question 41 Explanation:
n = p*q = 33,
Φ = (p-1)*(q-1) = 20,
d = 7 and e = 3 (solve by e*d = 1 mod 20)
Message M= SUZANNE
Here take A = 1, B = 2, C = 3 ….. Z = 26, A = 27, …...
Cipher text = (Me mod n)
⇒ S = 19, Cipher = 193 mod 33 = 28 = B
⇒ U = 21, Cipher = 213 mod 33 = 21 = U
and so on ..
Φ = (p-1)*(q-1) = 20,
d = 7 and e = 3 (solve by e*d = 1 mod 20)
Message M= SUZANNE
Here take A = 1, B = 2, C = 3 ….. Z = 26, A = 27, …...
Cipher text = (Me mod n)
⇒ S = 19, Cipher = 193 mod 33 = 28 = B
⇒ U = 21, Cipher = 213 mod 33 = 21 = U
and so on ..
Question 42 |
Usually information security in a network is achieved by :
Layering | |
Cryptography | |
Grade of service | |
None of the above |
Question 42 Explanation:
Usually information security in a network is achieved by cryptography because very difficult to decrypt messages.
Question 43 |
After sending a message ,the sender should not be able to, at a later date, deny having sent the message, is referred to as :
Authenticity | |
Non–Repudiability | |
Auditability | |
Repudiability |
Question 43 Explanation:
After sending a message ,the sender should not be able to, at a later date, deny having sent the message, is referred to as Non–Repudiation.
Question 44 |
An example of a public key encryption algorithm is :
Caesar cipher algorithm | |
DES algorithm | |
AES algorithm | |
Knapsack algorithm |
Question 44 Explanation:
→ Private key algorithms are DES,AES,Caesar cipher,etc.., algorithms.
→ Public key algorithms are Knapsack algorithm, RSA, Diffie Hellman,ECC,etc..,
→ Public key algorithms are Knapsack algorithm, RSA, Diffie Hellman,ECC,etc..,
Question 45 |
Encrypt the plain text Message “EXTRANET” using Transposition cipher technique with the following key:
Using ‘Z’ as bogus character.
Using ‘Z’ as bogus character.
TAXERTZENZ | |
EXTRANETZZ | |
EZXZTRZANZET | |
EXTZRANZETZ |
Question 45 Explanation:
Given data,
-- Plain text Message= EXTRANET
-- Bogus character=Z
-- Encrypt plain text message using Transposition cipher=?
-- Plain text Message= EXTRANET
-- Bogus character=Z
-- Encrypt plain text message using Transposition cipher=?
Question 46 |
Consider Euler's Φ function given by
Φ(n)=nπp|n(1-(1/p))
Where p runs over all the primes dividing n. What is the value of Φ(45)?
Φ(n)=nπp|n(1-(1/p))
Where p runs over all the primes dividing n. What is the value of Φ(45)?
3 | |
12 | |
6 | |
24 |
Question 46 Explanation:
Φ(45) → Φ(9*5)
→ Φ(32 * 5)
→ Φ(32) * Φ(5)
→ Φ(32 - 3,(2-1)) * (5-1)
= 24
Remember Formula:
If p is prime then Φ(p) = (p-1)
and if p is not prime and it's in prime power k from then Φ(pk) = pk - p(k-1)
→ Φ(32 * 5)
→ Φ(32) * Φ(5)
→ Φ(32 - 3,(2-1)) * (5-1)
= 24
Remember Formula:
If p is prime then Φ(p) = (p-1)
and if p is not prime and it's in prime power k from then Φ(pk) = pk - p(k-1)
Question 47 |
The RSA encryption algorithm also works in reverse, that is, you can encrypt a message with the private key and decrypt it using the public key. This property is used in
Intrusion detection systems | |
Digital signatures | |
Data Compression | |
Certification |
Question 47 Explanation:
Explanation:In digital signature the message is encrypted using the sender's private key and decrypted by the receiver using the sender's public key.
Question 48 |
Consider the following statements:
S1 : For any integer n>1, aΦ(n) = 1(mod n) for all a ∊ Z*n, where Φ(n) is euler’s phi function.
S2 : If p is prime, then ap = 1(mod p) for all a ∊ Z*p
Which one of the following is are correct:
S1 : For any integer n>1, aΦ(n) = 1(mod n) for all a ∊ Z*n, where Φ(n) is euler’s phi function.
S2 : If p is prime, then ap = 1(mod p) for all a ∊ Z*p
Which one of the following is are correct:
Only S1
| |
Only S2 | |
Both S1 and S2 | |
Neither S1 nor S2 |
Question 48 Explanation:
Euler's theorem (also known as the Fermat–Euler theorem or Euler's totient theorem) states that if ‘n’ and ‘a’ are coprime positive integers, then aΦ(n) = 1(mod n)
So the S1 is true.
According to Fermat's Little Theorem,
Let ‘p’ be a prime and ‘a’ any integer, then ap = a (mod p). So S2 is false.
So the S1 is true.
According to Fermat's Little Theorem,
Let ‘p’ be a prime and ‘a’ any integer, then ap = a (mod p). So S2 is false.
Question 49 |
The ability to inject packets into the internet with false source address is known as :
Man-in-the-Middle attack | |
IP phishing
| |
IP sniffing
| |
IP Spoofing |
Question 49 Explanation:
Man-in-the-Middle Attack: It is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.
IP Spoofing: is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of impersonating another computing system.
IP Spoofing: is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of impersonating another computing system.
Question 50 |
A message "COMPUTERNETWORK" encrypted (ignore quotes) using columnar transposition cipher with a key "LAYER". The encrypted message is :
CTTOEWMROPNRUEK | |
MROUEKCTTPNROEW | |
OEWPNRCTTUEKMRO | |
UEKPNRMROOEWCTT |
Question 50 Explanation:
Question 51 |
Which of the following is not needed by an encryption algorithm used in Cryptography?
KEY | |
Message | |
Ciphertext | |
User details | |
Option-C and Option-D |
Question 51 Explanation:
To Encrypt or decrypt an algorithm it requires Plain Text(or Message) and Key(either public or private).
But it does not require User details.
Not relevant option-"cipher text". Note: According to final answer key, given marks to option-C and Option-D
But it does not require User details.
Not relevant option-"cipher text". Note: According to final answer key, given marks to option-C and Option-D
Question 52 |
Consider the following statements with respect to network security:
(a) Message confidentiality means that the sender and the receiver expect privacy.
(b) Message integrity means that the data must arrive at the receiver exactly as they were sent.
(c) Message authentication means the receiver is ensured that the message is coming from the intended sender.
Which of the statements is (are) correct?
Only (a) and (b) | |
Only (a) and (c) | |
Only (b) and (c) | |
(a), (b) and (c) |
Question 52 Explanation:
TRUE: Message confidentiality means that the sender and the receiver expect privacy.
TRUE: Message integrity means that the data must arrive at the receiver exactly as they were sent.
TRUE: Message authentication means the receiver is ensured that the message is coming from the intended sender.
TRUE: Message integrity means that the data must arrive at the receiver exactly as they were sent.
TRUE: Message authentication means the receiver is ensured that the message is coming from the intended sender.
Question 53 |
The Data Encryption Standard (DES) has a function consists of four steps. Which of the following is correct order of these four steps?
an expansion permutation, S-boxes, an XOR operation, a straight permutation | |
an expansion permutation, an XOR operation, S-boxes, a straight permutation | |
an straight permutation, S-boxes, an XOR operation, an expansion permutation | |
a straight permutation, an XOR operation, S-boxes, an expansion permutation |
Question 53 Explanation:
Question 54 |
Considering the following key using a block of five characters, encryption of the message "NETWORKING" using the Transposition Cipher is:
Plaintext : 5 4 3 2 1
Ciphertext 1 2 3 4 5
GNIKROWTEN | |
OGWNTIEKNR | |
OWTENGNIKR | |
NREKTIWNOG |
Question 54 Explanation:
→A transposition cipher is a method of encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed (the plaintext is reordered).
→According to given question ,
→Plaintext : 5 4 3 2 1
→Ciphertext 1 2 3 4 5
→Given message "NETWO RKING".
→The message is divided into two equal messages of 5 characters length.
→According to cipher text, The reverse of 5 characters of message is OWTEN GNIKR
→According to given question ,
→Plaintext : 5 4 3 2 1
→Ciphertext 1 2 3 4 5
→Given message "NETWO RKING".
→The message is divided into two equal messages of 5 characters length.
→According to cipher text, The reverse of 5 characters of message is OWTEN GNIKR
Question 55 |
Consider an information exchange scenario where Anthony is the sender and Bond is the intended recipient of the data.
Match the following appropriately.
I-C, II-B, III-D, IV-A | |
I-C, II-D, III-A, IV-B | |
I-C, II-D, III-B, IV-A | |
I-A, II-D, III-B, IV-C |
Question 55 Explanation:
Message Authentication: Bond needs to be sure of anthony’s identity and that an imposter has not sent the message.
Message confidentiality: The transmitted message must make sense to only bond and to all others it must be garbage.
Message Integrity: The message must arrive at the bond’s side exactly as it was sent. Message Non Repudiation: Anthony must not be able to deny sending a message that he or she in fact, did send
Options C is correct.
Message confidentiality: The transmitted message must make sense to only bond and to all others it must be garbage.
Message Integrity: The message must arrive at the bond’s side exactly as it was sent. Message Non Repudiation: Anthony must not be able to deny sending a message that he or she in fact, did send
Options C is correct.
Question 56 |
In a columnar transposition cipher, the plain text is “the tomato is a plant in the night shade family”, keyword is “TOMATO”. The ciphertext is
“TINESAX / EOAHTFX / HTLTHEY / MAIIAIX / TAPNGDL / OSTNHMX” | |
“TINESAX / EOAHTFX / MAIIAIX / HTLTHEY / TAPNGDL / OS TN HMX” | |
“TINESAX / EOAHTFX / HTLTHEY / MAIIAIX / OSTNHMX / TAPNGDL” | |
“EOAHTFX / TINESAX / HTLTHEY / MIIAIX / TAPNGDL / OSTNHMX” |
Question 56 Explanation:
We first pick a keyword for our encryption. We write the plaintext out in a grid where the number of columns is the number of letters in the keyword. We then title each column with the respective letter from the keyword. We take the letters in the keyword in alphabetical order, and read down the columns in this order. If a letter is repeated, we do the one that appears first, then the next and so on.
encrypt the message "The tomato is a plant in the nightshade family" using the keyword tomato. We get the grid given below.
We have written the keyword above the grid of the plaintext, and also the numbers telling us which order to read the columns in. Notice that the first "O" is 3 and the second "O" is 4, and the same thing for the two "T"s.
The plaintext is written in a grid beneath the keyword. The numbers represent the alphabetical order of the keyword, and so the order in which the columns will be read.
Starting with the column headed by "A", our ciphertext begins "TINESAX" from this column. We now move to the column headed by "M", and so on through the letters of the keyword in alphabetical order to get the ciphertext "TINESAX / EOAHTFX / HTLTHEY / MAIIAIX / TAPNGDL / OSTNHMX" (where the / tells you where a new column starts). The final ciphertext is thus "TINESAX EOAHTFX HTLTHEY MAIIAIX TAPNGDL OSTNHMX".
encrypt the message "The tomato is a plant in the nightshade family" using the keyword tomato. We get the grid given below.
We have written the keyword above the grid of the plaintext, and also the numbers telling us which order to read the columns in. Notice that the first "O" is 3 and the second "O" is 4, and the same thing for the two "T"s.
The plaintext is written in a grid beneath the keyword. The numbers represent the alphabetical order of the keyword, and so the order in which the columns will be read.
Starting with the column headed by "A", our ciphertext begins "TINESAX" from this column. We now move to the column headed by "M", and so on through the letters of the keyword in alphabetical order to get the ciphertext "TINESAX / EOAHTFX / HTLTHEY / MAIIAIX / TAPNGDL / OSTNHMX" (where the / tells you where a new column starts). The final ciphertext is thus "TINESAX EOAHTFX HTLTHEY MAIIAIX TAPNGDL OSTNHMX".
Question 57 |
Avalanche effect in cryptography refers
Large changes in cipher text when the keyword is changed minimally | |
Large changes in cipher text when the plain text is changed | |
Large impact of keyword change to the length of the cipher text | |
None of the above |
Question 57 Explanation:
Avalanche effect describes a concept in cryptography, where a small change in the input value (keyword) causes a significant change in the output (hash value/ cipher text)
Question 58 |
Which of the following operations are generally used for transforming plain text to cipher text?
substitution | |
transposition | |
substitution and transposition | |
normalization |
Question 59 |
With reference to network security across a packet switching network, which of the following provide the most effective solution?
End-to-end encryption | |
Link encryption | |
Combination of both link and end-to-end encryption | |
Either link encryption or end-to-end encryption but not both |
Question 59 Explanation:
The implementation of encryption in packet-switched networks must ensure that essential addressing information can be accessed by the relevant network devices such as switches, bridges and routers. Encryption is broadly termed link layer encryption or end-to-end encryption depending on whether it is applied and re-applied at each end of each link in a communication path, or whether it is applied over the whole path between end systems.
Question 60 |
Consider the sequence of steps involved in the process of using digital signatures for a message in PGP; which of the following steps is WRONGLY presented?
SHA-1 is used to generate hash code of message | |
The hash code is prepended to the message and sent to the receiver | |
The receiver uses RSA with senders public key to decrypt and recovered code | |
Receiver generates a new hash code for the message and compares with the recovered code and accept the message as authentic, if only, they match |
Question 60 Explanation:
Point 2 is wrongly presented.
Point 2 should be the hash code is first encrypted and then preoended to the message and sent to the receiver.
Question 61 |
Which of the following is a secret – key encryption algorithm?
RSA | |
Diffie-Hellman key exchange | |
Advanced Encryption Standard (AES) | |
Elliptic Curve Cryptography (ECC) |
Question 61 Explanation:
RSA is a public key encryption algorithm.
Diffie-Hellman key exchange algorithm is not at all a encryption algorithm ,instead it is a key exchange algorithm.
AES is a secret key encryption algorithm.
Diffie-Hellman key exchange algorithm is not at all a encryption algorithm ,instead it is a key exchange algorithm.
AES is a secret key encryption algorithm.
Question 62 |
Which of the following is NOT a type of firewall for network security?
Circuit level gateways | |
Application level gateways | |
Packet filters | |
Digital Immune System |
Question 62 Explanation:
A circuit-level gateway is a type of firewall. Circuit-level gateways work at the session layer of the OSI model, or as a "shim-layer" between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate.
Application level gateways is also a type of firewall. Packet filtering is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols and ports.
The Digital Immune system is a comprehensive approach to virus protection, and is not a type of firewall.
Application level gateways is also a type of firewall. Packet filtering is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols and ports.
The Digital Immune system is a comprehensive approach to virus protection, and is not a type of firewall.
Question 63 |
A digital signature is
scanned signature
| |
signature in binary form
| |
encrypting information | |
handwritten signature
|
Question 63 Explanation:
Digital Signature is a process that guarantees that the contents of a message have not been altered in transit. When you, the server, digitally sign a document, you add a one-way hash (encryption) of the message content using your public and private key pair.
Question 64 |
A firewall is
an established network performance reference point
| |
software or hardware used to isolate a private network from a public network
| |
a virus that infects macros | |
a predefined encryption key used to encrypt and decrypt data transmissions |
Question 64 Explanation:
A firewall is a software used to isolate a private network from a public network.
Question 65 |
The private key in public key encryption is used for
encryption | |
hashing
| |
decryption | |
decryption and hashing
|
Question 65 Explanation:
The private key in public key encryption is used for hashing.
Question 66 |
Public key encryption makes use of
one key | |
two keys | |
hash function
| |
All the given options |
Question 66 Explanation:
Public key encryption makes use of two keys, public key and private key.
Question 67 |
In RSA
1. P and Q are chosen as very large prime number
2. Compute n = p*q and Φ(n) = (n-1)*(q-1)
Letter e encryption key chosen. How is this encryption key selected?
e is chosen as a relative prime to q
| |
e is chosen as a relative prime to p | |
e is chosen as a relative prime to Φ(n)
| |
e is chosen as a relative prime to n
|
Question 67 Explanation:
e or encryption key is chosen which is relatively prime to Φ(n), to satisfy the equation
e*d = 1 mod Φ(n), where e is encryption key and d is decryption key.
e*d = 1 mod Φ(n), where e is encryption key and d is decryption key.
Question 68 |
Consider the following statement.
I. Packet filter firewall analyzes network traffic at transport layer.
II. Circuit level firewall operate transport and session layer of OSI model.
From the above statement which statement/s is/are TRUE?
Only I | |
Only II | |
None | |
I and II
|
Question 68 Explanation:
The first firewalls were packet-filtering firewalls that work at the Network layer of the OSI networking model. They examine the packet headers that contain IP addresses and packet options and block or allow traffic through the firewall based on that information.
A circuit-level gateway is a type of firewall. Circuit-level gateways work at the session layer of the OSI model, or as a "shim-layer" between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate.
A circuit-level gateway is a type of firewall. Circuit-level gateways work at the session layer of the OSI model, or as a "shim-layer" between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate.
Question 69 |
___ is not a public key cryptosystem
EI Gemal
| |
Rabin | |
AES | |
RSA
|
Question 69 Explanation:
In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985.
Like all asymmetric cryptosystems, the Rabin system uses a key pair: a public key for encryption and a private key for decryption. The public key is published for anyone to use, while the private key remains known only to the recipient of the message.
AES is a symmetric key cryptosystem or private key encryption.
RSA is one of the first public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and distinct from the decryption key which is kept secret.
Like all asymmetric cryptosystems, the Rabin system uses a key pair: a public key for encryption and a private key for decryption. The public key is published for anyone to use, while the private key remains known only to the recipient of the message.
AES is a symmetric key cryptosystem or private key encryption.
RSA is one of the first public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and distinct from the decryption key which is kept secret.
Question 70 |
Digital certificates are described using ____ format.
X.509
| |
X.510 | |
X.508 | |
X.409 |
Question 70 Explanation:
In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the ownership of a public key. The most common format for public key certificates is defined by X.509.
Question 71 |
In RSA algorithm if p=7, q=11 and e=13 then what will be the value of d?
23 | |
40 | |
37 | |
13 |
Question 71 Explanation:
We know that in RSA algorithm,
e * d ≡ 1 mod φ(n)
Lets first find φ(n),
φ(n) = (p-1)(q-1)
= (7-1)(11-1)
= 60
Now,
e * d ≡ 1 mod φ(n)
13 * d ≡ 1 mod 60
For d = 37 the above equation satisfies.
e * d ≡ 1 mod φ(n)
Lets first find φ(n),
φ(n) = (p-1)(q-1)
= (7-1)(11-1)
= 60
Now,
e * d ≡ 1 mod φ(n)
13 * d ≡ 1 mod 60
For d = 37 the above equation satisfies.
Question 72 |
In____authentication, the claimant proves that she knows the secret without sending it to the verifier.
Asymmetric | |
Zero knowledge
| |
Symmetric | |
Challenge response
|
Question 72 Explanation:
In password authentication ,the claimant proves her identity by demonstrating that she knows the secret, the password.However, because the claimant reveals this secret , it is susceptible to interception by the adversary.In challenge response authentication , the claimant proves that she knows the secret without sending it. In other words the claimant does not send the secret to the verifier, the verifier either has it or finds it.
In challenge response authentication, the claimant proves that she knows the secret without sending it to the verifier.
In challenge response authentication, the claimant proves that she knows the secret without sending it to the verifier.
Question 73 |
Consider following three statements about Data Encryption Standard (DES).
(I) DES uses a 56 bit key to encrypt 64 bit data blocks.
(II) DES is a Block cipher.
(III) DES provides Cipher Block Chaining mode to overcome the problem of poor diffusion.
The false statement from above statements is/are
Only (I) | |
Only (I) and (III) | |
Only (III)
| |
None from (I), (II) and (III)
|
Question 73 Explanation:
DES is a block cipher, and encrypts data in blocks of size of 64 bit each, means 64 bits of plain text goes as the input to DES, which produces 64 bits of cipher text. The same algorithm and key are used for encryption and decryption, with minor differences. The key length is 56 bits. The basic idea is show in figure.To overcome the problem of poor diffusion, DES provides a cipher block chaining (CBC) mode.
Hence all the statements are true.
Hence all the statements are true.
Question 74 |
Which of the following is a symmetric key algorithm?
Blowfish | |
IDEA | |
AES | |
All the above |
Question 74 Explanation:
Blowfish,IDEA,AES all are private key or symmetric key encryption algorithms.
Question 75 |
Which of the following is a security requirement?
Confidentiality and Integrity | |
Authentication
| |
Non-repudiation
| |
All the above |
Question 75 Explanation:
Confidentiality-No other person can look into the information.Only for whom it is intended can look into it.
Integrity-No one can change the information. Authentication-It guarantees the identity of the sender. Non-repudiation-Nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. To repudiate means to deny.
Hence all are the security requirement.
Integrity-No one can change the information. Authentication-It guarantees the identity of the sender. Non-repudiation-Nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. To repudiate means to deny.
Hence all are the security requirement.
Question 76 |
The RSA algorithm is names after _________ who invented it
John Richradson, John Smith and Len Adleman | |
Ron Rivest, John Smith and L Hospital | |
Ron Rivest, Adi Shamir and Len Adleman | |
None of the above |
Question 76 Explanation:
The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in 1977. The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the difficulty of factoring large integers.
Question 77 |
Expansion for DES, a most widely used encryption algorithm, is
Digital Encryption Standard
| |
Digital Encryption Specification
| |
Data Encryption Standard | |
Data Encryption Specification |
Question 77 Explanation:
Full form of DES is Data Encryption Standard.
Question 78 |
The main purpose of encryption is to provide
Data Security | |
Data Integrity | |
Data Redundancy | |
(1) and (2) |
Question 78 Explanation:
The main purpose of encryption is to provide data confidentiality or data security.
Question 79 |
Which of the following is false?
Public-key cryptography is also known as asymmetric cryptography | |
Asymmetric cryptography uses a pair of cryptographic keys
| |
A message encrypted with the private key can be decrypted only with the corresponding public key | |
The private key is kept secret, while the public key is widely distributed |
Question 79 Explanation:
3 is false because a message encrypted with the private key can be decrypted only with the corresponding public key in asymmetric key cryptography but in symmetric key cryptography a message encrypted with the private key can be decrypted only with the same private key.
Question 80 |
A cryptographic system that uses only symmetric key cryptography cannot provide digital signature because :
Symmetric key cryptography is computationally infeasible. | |
Symmetric key cryptography involves key distribution. | |
Symmetric key cryptography is unreliable. | |
Digital signature requires a pair of private – public keys. |
Question 80 Explanation:
Digital signature requires a pair of private-public keys, due to which symmetric key cryptography cannot provide digital signature.
Question 81 |
If a message “CONGRATS” is encoded as “AMLEPYRQ”, the encryption key is :
+ 3 | |
+ 2 | |
– 3 | |
– 2 |
Question 81 Explanation:
C-2 = A
O-2 = M
N - 2 = L
G-2 = E
R-2 = P
A-2 = Y
T-2 = R
S-2 = Q
O-2 = M
N - 2 = L
G-2 = E
R-2 = P
A-2 = Y
T-2 = R
S-2 = Q
Question 82 |
Match the terms with the definition.
(a) Masquerading (i) Session is intercepted
(b) Phishing (ii) One pretends to be someone else
(c) Hijacking (iii) A email misleads a user into entering
confidential information
Codes:
(a) (b) (c)
(i) (ii) (iii)
| |
(i) (iii) (ii)
| |
(iii) (ii) (i) | |
(ii) (iii) (i) |
Question 82 Explanation:
Masquerading-One pretends to be someone else.
Phishing-Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Hijacking-Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades as one of them. So interception between two entities is done.
Phishing-Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Hijacking-Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades as one of them. So interception between two entities is done.
Question 83 |
Which of the following make(s) filtering decisions based on application payload?
packet filter | |
deep inspection firewall | |
reverse proxy | |
stateful packet inspection firewall |
Question 83 Explanation:
Filtering decisions based on application payload requires all the five layers till application layer .And deep inspection firewall have all the five layers.
There are 83 questions to complete.