Quiz
Cybersecurity
- True/False? Task Manager is one way to detect the malicious processes of a Root Kit on Windows computers.
- A Man-in-the-Middle Attack is an example of what kind of breach of the CIA Triad?
- Name at least eight common types of malware.
- What's the preferred secure configuration of AES?
- Parawise Transient Key = (PMK) + (__ Nonce) + (______ Nonce) + (__ ___ Address) + (______ ___ Address)
- True/False? It's not uncommon for DDoS attackers to assist Botnet attackers.
- In regard to AES, what are two advantages of working with modern CPUs from IBM?
- What three key lengths does AES support?
- What are the four most-frequent letters in the English language?
- What are the three kinds of DOS attacks?
- What are the four most-common written pairs referenced in #9.
- What are two security downsides to SSO?
- Despite a max encryption key of 2,048 bits, why is RC4 (Rivest Cipher 4) discouraged from use as a Stream Symmetric Cipher?
- What's the library commonly used in tools for packet capture and analysis like Wireshark?
- Which key among the five individual ones of the PTK encrypts broadcast or multicast traffic?
- True/False? The strength of an HMAC (Keyed-Hash MAC) depends on the key generated.
- True/False? The Galois/Counter Mode can't run parallel to AES?
- What's the file extension for an encrypted file?
- For a Dynamic ARP Inspection, what two things are matched in the DHCP Snooping table before discarding an ARP packet?
- True/False? For a Self-Signed Certificate, a client can sign a private key with a public key.
- What about the direction of network traffic differs between a firewall and a NID monitoring it?
- True/False? OAuth is an authentication system and OpenID is an authorization system?
- Typically, what port does OpenVPN use?
- How many bits of encryption -- thanks to the OpenSSL library -- does OpenVPN use?
- Name two kinds of offline or physical social-engineering tactics.
- What three ciphers are prone to Frequency Analysis of its plaintext?
- In the combined L2TP/IPSec standard, which protocol provides the tunneling and which provides the secure channel?
- What's the most secure authentication of a client by a server but requires much operational overhead?
- What's an alternative to VPNs?
- What makes it possible for the Elliptical Curve key to generate smaller, randomized values over RSA, DSA, and DH?
- MD5 is a Cryptographic Hashing Function that operates on blocks of ___ bits and generates a hash digest of ___ bits.
- True/False? The Diffie-Hellman (DH) algorithm for key exchange from each party = ([Public Key] X [Private Key]) + (Public Key) .
- What's the encryption strength of a Keyed-Hash Message Authentication Code (HMAC)?
- True/False? IDS will reconfigure firewall settings to block malicious network traffic.
- What physical factor of U2F (Universal 2nd Factor) prevents the introduction of malicious software?
- What can prevent the decoding of captured wireless network traffic that's encrypted?
- What's the term for two data inputs that produce the same digest or hash function?
- What steps must a Message Authorization Code (MAC) take to encrypt a message in CBC Mode?
- What's the best standard in wireless network security with less overhead and management compared to #32?
- True/False? Asymmetric Cryptography is known also as Private Key Cryptography.
- What mechanism in U2F (Universal Second Factor) prevents phishing attacks?
- What's the exponent for possible Salt values by systems like Linux, BSD, and Solaris that use 128-bit Salts?
- What's the standard for the format of digital certificates?
- SHA1 is a Cryptographic Hashing Function that operates on blocks of ___ bits and generates a hash digest of ___ bits.
- What differs in how MACs, HMACs, CMACs, and CBC-MACs are generated?
- Name a popular piracy-susceptible software that's a major attack vector for malware?
- Name two implementations of LDAP.
- Rather than login credentials, what does an ID provider use to authenticate a user to an SSO provider?
- What's the standard that formats a Digital Certificate?
- What's the latest standard of the format in $43?
- What are three things does a Digital Certificate verify?
- True/False? In WPA2, the CCMP (Counter Mode CBC-MAC Protocol) cipher encrypts traffic prior to authentication.
- What kind of secret key is burned into a TPM (Trusted Platform Module) at the manufactory?
- What's the desktop equivalent of a Secure Element in the hardware of mobile devices?
- What's the difference in function between a Message Integrity Check (MIC) and a MAC?
- What does the Caesar Cipher -- one of the best-known substitution ciphers -- use as its key?
- What's the mobile equivalent to the TPM (Trusted Platform Module)?
- In addition to cellular networking, what are two ways a mobile device can detect location?
- True/False? L2TP (Layer 2 Tunneling Protocol) provides encryption rather than encapsulation of tunneling protocols and traffic not supported by a VPN network.
- True/False? U2F protects against a Man-in-the-Middle Attack because its authentication occurs over an SSL connection.
- What kind of request does a server receive in a Ping Flood?
- Unlike WPA, what cipher is WPA2 based on -- in Counter Mode?
- What kind of Injection Attack targets a user? A Website?
- A Half-Open Attack is another name for what kind of DOS attack?
- What are three types of Injection Attacks?
- What kind of request does a client send in a SYN Flood?
- What's an XXS attack?
- How might a POD attack be related to a Backdoor Attack?
- With a self-signed certificate, the server used which key (public/private) to sign which key (public/private)?
- True/False? TACACS+ deals with AAA for networks and RADIUS for network devices.
- What makes DES (Data Encryption Standard) only 56 bits though it's technically 64 bits?
- What are the three kinds of Man-in-the-Middle Attacks?
- True/False? A user authenticates to a back-end RADIUS server via the Network Access Server (NAS).
- The PGP application uses keys no smaller than ___ bits?
- A Brute-Force Attack is an example of what kind of Password Attack?
- What's the latest recommended revision of TLS?
- True/False? To maintain its secure connection over an untrusted network, the SSH protocol limits the mechanisms for key exchange (i.e. Symmetric Encryption) or any desired client-side authentication.
- What's one of the most-secure encryption applications for email?
- True/False? An IV must be sent as plaintext in a data packet to enable decryption.
- What federal agency approved AES for Block Symmetric Encryption of top-secret info?
- True/False? You can revert to plaintext the digest of a Cryptographic Hash.
- What Hashing Function does TLS/SSL use?
- True/False? TLS sessions use Asymmetric Cryptography to encrypt the data.
- True/False? A cryptographic system is still secure if the Encryption Algorithm remains secret.
- True/False? An Initialization Vector injects random data into a Decryption Key.
- What does HTTP over TLS or SSL mean?
- True/False? In Kerberos, authorization occurs when the client sends a Client-to-Server ticket to the SS.
- What's the difference between OTP and Universal 2nd Factor?
- At present, what authentication protocol does Windows use?
- What's the best standard in wireless network security, but requires lots of overhead and management?
- How few times might the same encryption key be used before a cipher can be broken to recover plaintext?
- How are Stegography and Cryptography different?
- True/False? A CMAC requires asymmetric cipher encryption and a public key to generate the Message Access Control.
- What encryption key lengths (2) does WEP support?
- What kind of Injection Attack might accompany session-hopping in a Man-in-the-Middle Attack?
- Ciphertext has two components: the Key and the __________ _________ .
- Why don't multiple passwords provide extra security in Multi-Factor Authentication?
Related: Cybersecurity 2 (Notes)
Related: Cybersecurity 3 (Notes)
Related: Making sense of the encryption algorithm in cybersecurity (2021)
Related: Computer Networking (Quiz)
Related: "Cybersecurity and Cyberwar" (2020)
Related: Cybersecurity 3 (Notes)
Related: Making sense of the encryption algorithm in cybersecurity (2021)
Related: Computer Networking (Quiz)
Related: "Cybersecurity and Cyberwar" (2020)