1.
Hash function will address which of the concerns about electronic message:
A. Message confidentiality
B. Message integrity
C. Message availability.
D. Message compression
2. Digital signature will address which of the concerns about electronic message:
A. Authentication and integrity of data
B. Authentication and confidentiality of data
C. Confidentiality and integrity of data
D. Authentication and availability of data
Digital signature provides integrity, authentication and non-repudiation for electronic message. It does not ensure message confidentiality or availability of data. Digital Signature is created in below two steps:Step 1: Create Hash (Message digest) of the message.Step 2: Encrypt the hash (as derived above) with private key of the sender.
3.
A digital signature is created by the sender to prove message integrity by :
A.encrypting the message with the sender's private key. Upon receiving the data, the recipient can decrypt the data using the sender's public key.
B. encrypting the message with the recipient's public key. Upon receiving the data, the recipient can decrypt the data using the recipient's public key.
C. initially using a hashing algorithm to produce a hash value or message digest from the entire message contents. Upon receiving the data, the recipient can independently create it.
D.encrypting the message with the sender's public key. Upon receiving the data, the recipient can decrypt the data using the recipient's private key.
Digital Signature is created in below two steps:Step 1: Create Hash (Message digest) of the message.Step 2: Encrypt the hash (as derived above) with private key of the sender.
4.
Digital signature addresses which of the following concerns about electronic message?
A.
A. Unauthorized archiving
B.
B. Confidentiality
C.
C. Unauthorized copying
D.
D. Alteration
5.
Which of the following is used to address the risk of hash being compromised ?
A. Digital signatures
B. Message encryption
C. Email password
D. Disabling SSID broadcast.
Digital signature is created by encrypting hash of the message. Encrypted hash cannot be altered without knowing public key of sender.
6.
Digital signature provides which of the following?
A. Non-repudiation, confidentiality and integrity
B. Integrity, privacy and non-repudiation
C. Integrity, authentication and non-repudiation
D. Confidentiality , privacy and non-repudiation
Digital signature provides integrity, authentication and non-repudiation for electronic message. It does not ensure message confidentiality or availability of data.
7.
The MAIN reason for using digital signatures is to ensure data:
A.
A. privacy.
B.
B. integrity.
C.
C. availability.
D.
D. confidentiality
Digital signatures provide integrity because hash of the message changes in case of any unauthorised changes in the data (file, mail, document, etc.) thus ensuring data integrity.
8.
Which of the following message services provides the strongest evidence that a specific action has occurred?
A. Proof of delivery
B. Non-repudiation
C. Proof of submission
D. Authorization
Non-repudiation is the assurance that someone cannot deny something. Non-repudiation services provide evidence that a specific action occurred Typically, non-repudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.. Digital signatures are used to provide non-repudiation.
9.
Which of the following ensures a sender's authenticity ?
A. Encrypting the hash of the message with the sender's private key
B. Encrypting the message with the receiver's Public key
C. Encrypting the hash of the message with the sender's public
D. Encrypting the message with the receiver's private key
Sender encrypts the hash of the message using his private key. The receiver can decrypt the same with the public key of the sender, ensuring authenticity of the message. If recipient is able to decrypt the message successfully with public key of sender, then it proves authentication i.e message is infact sent from the sender. It ensures non-repudiation i.e sender cannot repudiate having sent the message.
10.
An organisation states that digital signatures are used when receiving communications from customers. This is done by :
A. A hash of the data that is transmitted and encrypted with the organisation’s private key
B. A hash of the data that is transmitted and encrypted with the customer's private key
C. A hash of the data that is transmitted and encrypted with the customer's public key
D. A hash of the data that is transmitted and encrypted with the organisation's public key
Digital Signature is created in below two steps:Step 1: Create Hash (Message digest) of the message.Step 2: Encrypt the hash (as derived above) with private key of the sender.In above scenario, sender is customer. Hence hash to be encrypted by using customer’s (sender’s) private key.
11.
Digital signatures helps to:
A.
A. help detect spam.
B.
B. provide confidentiality.
C.
C. add to the workload of gateway servers.
D.
D. decreases available bandwidth.
12.
Basic difference between hashing & encryption is that hashing:
A. cannot be reversed.
B. can be reversed.
C. is concerned with integrity and security.
D. creates output of bigger length than original message.
Hashing works one way. By applying a hashing algorithm to a message, a message hash/digest is created. If the same hashing algorithm is applied to the message digest, it will not result in the original message. As such, hashing is irreversible, while encryption is reversible. This is the basic difference between hashing and encryption.
13.
An organization is sharing critical information to vendors through email. Organization can ensure that the recipients of e-mails (i.e vendors) can authenticate the identity of the sender (i.e employees) by:
A. employees digitally signs their email messages.
B. employees encrypting their email messages.
C. employees compressing their email messages.
D. password protecting all e-mail messages.
By digitally signing all e-mail messages, the receiver will be able to validate the authenticity of the sender. Encrypting all e-mail messages would not ensure the authenticity of the sender .
14.
Digital signature ensures that the sender cannot later deny generating and sending the message. This is known as:
A.
A. Integrity.
B.
B. authentication.
C.
C. nonrepudiation.
D.
D. security.
15.
In an e-commerce application, which of the following should be rely on to prove that the transactions were actually made?
A.
A. Proof of delivery
B.
B. Authentication
C.
C. Encryption
D.
D. Non-repudiation
16.
Mr. A has sent a message along with encrypted (by A’s private key) hash of the message to Mr. B. This will ensure:
A. authenticity and integrity.
B. authenticity and confidentiality.
C. integrity and privacy.
D. privacy and nonrepudiation.
Explanation: In the above case, message is not encrypted (only hash is encrypted) and hence it will not ensure privacy or confidentiality. Encryption of the hash will ensure authencity and integrity.
17.
Digital signatures require the:
A. signer to have a public key of sender and the receiver to have a private key of the sender.
B. signer to have a private key of the sender and the receiver to have a public key of the sender.
C. signer and receiver to have a public key.
D. signer and receiver to have a private key.
18.
A digital signature contains a hash value (message digest) to:
A. ensure message integrity.
B. define the encryption algorithm.
C. confirm the identity of the originator.
D. compress the message.
The message digest is calculated and included in a digital signature to prove that the message has not been altered. It should be the same value as a recalculation performed upon receipt. Hence it helps to ensure message integrity.
19.
Which of the following should be disabled to increase security of wireless network against unauthorized access?
A. MAC (Media Access Control) address filtering
B. Encryption
C. WPA-2 (Wi-Fi Protected Access Protocol)
D. SSID (service set identifier) broadcasting
A Service Set Identifier (SSID) is the network name broadcasted by a router and it is visible for all wireless devices. When a device searches the area for wireless networks it will detect the SSID. Disabling SSID broadcasting adds security by making it more difficult for unauthorized users to find the network.For better security controls, MAC filtering & WPA-2 should be enabled (and not disabled).
20.
Which of the following technique is more relevant to test wireless (Wi-Fi) security of an organization?
A. WPA-2
B. War dialling
C. War driving
D. Social Engineering
‘War Driving’ technique is used by hacker for unauthorised access to wireless infrastructure. War driving is a technique in which wireless equipped computer is used to locate and gain access to wireless networks. Same is done by driving or walking in and around building. ‘War Driving’ is also used by auditors to test wireless.WPA-2 is an encryption standard and not a technique to test the security.War dialling is a technique for gaining access to a computer or a network through the dialling of defined blocks of telephone numbers.
No comments:
Post a Comment