Cybersecurity

Quiz
Cybersecurity

True/False? Task Manager is one way to detect the malicious processes of a Root Kit on Windows computers.
A Man-in-the-Middle Attack is an example of what kind of breach of the CIA Triad?
Name at least eight common types of malware.
What's the preferred secure configuration of AES?
Parawise Transient Key = (PMK) + (__ Nonce) + (______ Nonce) + (__ ___ Address) + (______ ___ Address)
True/False? It's not uncommon for DDoS attackers to assist Botnet attackers.
In regard to AES, what are two advantages of working with modern CPUs from IBM?
What three key lengths does AES support?
What are the four most-frequent letters in the English language?
What are the three kinds of DOS attacks?
What are the four most-common written pairs referenced in #9.
What are two security downsides to SSO?
Despite a max encryption key of 2,048 bits, why is RC4 (Rivest Cipher 4) discouraged from use as a Stream Symmetric Cipher?
What's the library commonly used in tools for packet capture and analysis like Wireshark?
Which key among the five individual ones of the PTK encrypts broadcast or multicast traffic?
True/False? The strength of an HMAC (Keyed-Hash MAC) depends on the key generated.
True/False? The Galois/Counter Mode can't run parallel to AES?
What's the file extension for an encrypted file?
For a Dynamic ARP Inspection, what two things are matched in the DHCP Snooping table before discarding an ARP packet?
True/False? For a Self-Signed Certificate, a client can sign a private key with a public key.
What about the direction of network traffic differs between a firewall and a NID monitoring it?
True/False? OAuth is an authentication system and OpenID is an authorization system?
Typically, what port does OpenVPN use?
How many bits of encryption -- thanks to the OpenSSL library -- does OpenVPN use?
Name two kinds of offline or physical social-engineering tactics.
What three ciphers are prone to Frequency Analysis of its plaintext?
In the combined L2TP/IPSec standard, which protocol provides the tunneling and which provides the secure channel?
What's the most secure authentication of a client by a server but requires much operational overhead?
What's an alternative to VPNs?
What makes it possible for the Elliptical Curve key to generate smaller, randomized values over RSA, DSA, and DH?
MD5 is a Cryptographic Hashing Function that operates on blocks of ___ bits and generates a hash digest of ___ bits.
True/False? The Diffie-Hellman (DH) algorithm for key exchange from each party = ([Public Key] X [Private Key]) + (Public Key) .
What's the encryption strength of a Keyed-Hash Message Authentication Code (HMAC)?
True/False? IDS will reconfigure firewall settings to block malicious network traffic.
What physical factor of U2F (Universal 2nd Factor) prevents the introduction of malicious software?
What can prevent the decoding of captured wireless network traffic that's encrypted?
What's the term for two data inputs that produce the same digest or hash function?
What steps must a Message Authorization Code (MAC) take to encrypt a message in CBC Mode?
What's the best standard in wireless network security with less overhead and management compared to #32?
True/False? Asymmetric Cryptography is known also as Private Key Cryptography.
What mechanism in U2F (Universal Second Factor) prevents phishing attacks?
What's the exponent for possible Salt values by systems like Linux, BSD, and Solaris that use 128-bit Salts?
What's the standard for the format of digital certificates?
SHA1 is a Cryptographic Hashing Function that operates on blocks of ___ bits and generates a hash digest of ___ bits.
What differs in how MACs, HMACs, CMACs, and CBC-MACs are generated?
Name a popular piracy-susceptible software that's a major attack vector for malware?
Name two implementations of LDAP.
Rather than login credentials, what does an ID provider use to authenticate a user to an SSO provider?
What's the standard that formats a Digital Certificate?
What's the latest standard of the format in $43?
What are three things does a Digital Certificate verify?
True/False? In WPA2, the CCMP (Counter Mode CBC-MAC Protocol) cipher encrypts traffic prior to authentication.
What kind of secret key is burned into a TPM (Trusted Platform Module) at the manufactory?
What's the desktop equivalent of a Secure Element in the hardware of mobile devices?
What's the difference in function between a Message Integrity Check (MIC) and a MAC?
What does the Caesar Cipher -- one of the best-known substitution ciphers -- use as its key?
What's the mobile equivalent to the TPM (Trusted Platform Module)?
In addition to cellular networking, what are two ways a mobile device can detect location?
True/False? L2TP (Layer 2 Tunneling Protocol) provides encryption rather than encapsulation of tunneling protocols and traffic not supported by a VPN network.
True/False? U2F protects against a Man-in-the-Middle Attack because its authentication occurs over an SSL connection.
What kind of request does a server receive in a Ping Flood?
Unlike WPA, what cipher is WPA2 based on -- in Counter Mode?
What kind of Injection Attack targets a user? A Website?
A Half-Open Attack is another name for what kind of DOS attack?
What are three types of Injection Attacks?
What kind of request does a client send in a SYN Flood?
What's an XXS attack?
How might a POD attack be related to a Backdoor Attack?
With a self-signed certificate, the server used which key (public/private) to sign which key (public/private)?
True/False? TACACS+ deals with AAA for networks and RADIUS for network devices.
What makes DES (Data Encryption Standard) only 56 bits though it's technically 64 bits?
What are the three kinds of Man-in-the-Middle Attacks?
True/False? A user authenticates to a back-end RADIUS server via the Network Access Server (NAS).
The PGP application uses keys no smaller than ___ bits?
A Brute-Force Attack is an example of what kind of Password Attack?
What's the latest recommended revision of TLS?
True/False? To maintain its secure connection over an untrusted network, the SSH protocol limits the mechanisms for key exchange (i.e. Symmetric Encryption) or any desired client-side authentication.
What's one of the most-secure encryption applications for email?
True/False? An IV must be sent as plaintext in a data packet to enable decryption.
What federal agency approved AES for Block Symmetric Encryption of top-secret info?
True/False? You can revert to plaintext the digest of a Cryptographic Hash.
What Hashing Function does TLS/SSL use?
True/False? TLS sessions use Asymmetric Cryptography to encrypt the data.
True/False? A cryptographic system is still secure if the Encryption Algorithm remains secret.
True/False? An Initialization Vector injects random data into a Decryption Key.
What does HTTP over TLS or SSL mean?
True/False? In Kerberos, authorization occurs when the client sends a Client-to-Server ticket to the SS.
What's the difference between OTP and Universal 2nd Factor?
At present, what authentication protocol does Windows use?
What's the best standard in wireless network security, but requires lots of overhead and management?
How few times might the same encryption key be used before a cipher can be broken to recover plaintext?
How are Stegography and Cryptography different?
True/False? A CMAC requires asymmetric cipher encryption and a public key to generate the Message Access Control.
What encryption key lengths (2) does WEP support?
What kind of Injection Attack might accompany session-hopping in a Man-in-the-Middle Attack?
Ciphertext has two components: the Key and the __________ _________ .
Why don't multiple passwords provide extra security in Multi-Factor Authentication?

Related: Cybersecurity 2 (Notes)
Related: Cybersecurity 3 (Notes)
Related: Encryption Algorithm (2021)
Related: Computer Networking (Quiz)
Related: "Cybersecurity and Cyberwar" (2020)

Buy me a coffee

QuizCybersecurity​

Quiz
Cybersecurity