1. Which term relates specifically to the art and science of code breaking?

Cryptology

2. Program which secretly takes over another networked computer

2. What key length does AES not support?

512-bit.

3. The Caesar Cipher is an example of what kind of cipher?

Substitution.

5. Which of the following is a disadvantage of asymmetric cryptology?

Slower than symmetric cryptology.

6. Which of the following allows attackers to break passwords?

Crackers.

7. One of oldest types of malicious software

Logic Bomb

8. Which type of attack attempts to alter system resources or affect their operation. ?

active attack

9. Which key exchange technique allows parties to exchange secret keys over an insecure medium without exposing the keys?

Diffie-Hellma.

10. What best describes a Trojan Horse?

Malicious code disguised as or inserted into a legitimate program.

11. Which type of algorithm is a widely used MAC based on DES-CBC ?

Data Authentication

12. Centralized access control provides remote users with all of the following properties except

Availability

13. What are three principals of identification and authentication?

Something you know, something you are, something you have

14.Which type of encryption occurs between original source and final destination?

end-to-end encryption

15. Which type of encryption occurs between original source and final destination?

end-to-end encryption

16. Which of the following restoring system to clean state ?

Reaction

17. Which of the following is a knowledge-based authentication mechanism?

Password

18. Usually targeted at Microsoft Outlook mail agent &Word/Excel documents:

Email Virus

19. Often used to propagate a virus/worm orinstall a backdoor

Trojan Horse

20. Exploits known flaws in network systems:

Zombie

21. Which of the following often used to launch distributed denial of service ( DDoS ) attacks?

TROJAN

22. Which of the following field of both cryptography and cryptanalysis ?

Symmetric-key

23. What is Denial of Service in Threat Modeling?

attack is to deliberately cause an application to be less available

24. Which Threat Modeling impersonating an innocent user's credentials?

Repudiation

25. Which of the following first attested use in military affairs ?

26. Only have 26 possible ciphers ?

Caesar ciphers.

27. Would need a 676 entry frequency table to analyse

Verses 26 for a monoalphabetic

Security of the Playfair Cipher

28. Which of the following a 5X5 matrix of letters based on a keyword?

Playfair Key Matrix.

29. What is OPSEC ?

is a risk management instrument that enables a manager or commander to view an operation or activity from the perspective of an adversary. It is a process of identifying, analyzing and controlling critical information.

30. Knowing keyword can recover the first few letters:

Autokey Cipher

31. Used a series of cylinders, each giving onesubstitution, which rotated and changed after each letter was encrypted

Rotor Machines

32. The pad, or key, must be chosen at random, used  only once, and must beknown only by the sender  and receiver.

One-Time Pad Encryption

33. The use of the keystream is identical to the use of  the key in a one-time pad cipher ?

STREAM CIPHERS

34.

A5 / 1 only produces a single keystream bit:

The RC4 algorithm

35. Define exponentiation as repeatedapplication of operator:

Cyclic Group a^-3 = a.a.a

• and let identity be: e=a⁰

• a group is cyclic if every element is a power of some fixed element

36. Often used to launch distributed denial ofservice ( DDoS )attacks ?

Trojans

37. Which theorem useful in public key and primality testing?

Fermat's and Euler's Theorems

38. For a connection that changes from HTTP to HTTPS, what flaw arises if you do not change the session identifier?

Session Replay.

39. For a connection that changes from HTTP to HTTPS, what flaw arises if you do not change the session identifier?

Session Replay.

40. For a connection that changes from HTTP to HTTPS, what flaw arises if you do not change the session identifier?

Session Replay.

41. What is the art and science of making and breaking “secret codes.”

Cryptology

42. What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?

SQL Injection.

43. Which threat can be prevented by having unique usernames generated with a high degree of entropy?

Authentication bypass.

44. The original data, the input to an encryption function or theoutput of a decryption function. ?

Plaintext