Internet Security
Exam Materials
Course Introduction
Internet Security focuses on the principles, techniques, and tools used to protect online systems and data from cyber threats. The course covers fundamental concepts such as authentication, encryption, firewalls, intrusion detection and prevention, secure communication protocols, and the management of digital identities. Students will learn about common attack vectors, including malware, phishing, and denial-of-service attacks, and the strategies to mitigate these risks. Emphasis is placed on securing web applications, networks, and personal data in an increasingly interconnected digital world, including an overview of legal and ethical considerations. Practical exercises and case studies help illustrate real-world security challenges and the application of best practices in diverse online environments.
Recommended Textbook
Cryptography and Network Security 6th Edition by William Stallings
Available Study Resources on Quizplus
20 Chapters
842 Verified Questions
842 Flashcards
Source URL: https://quizplus.com/study-set/3983
Page 2
Chapter 1: Overview
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80023
Sample Questions
Q1) The OSI security architecture provides a systematic framework for defining security attacks,mechanisms,and services.
A)True
B)False
Answer: True
Q2) The three concepts that form what is often referred to as the CIA triad are ________ .These three concepts embody the fundamental security objectives for both data and for information and computing services.
A)confidentiality,integrity and availability
B)communication,integrity and authentication
C)confidentiality,integrity,access control
D)communication,information and authenticity
Answer: A
Q3) __________ prevents either sender or receiver from denying a transmitted message.Thus,when a message is sent,the receiver can prove that the alleged sender in fact sent the message and when a message is received,the sender can prove that the alleged receiver in fact received the message.
Answer: Nonrepudiation
To view all questions and flashcards with answers, click on the resource link above.
3
Chapter 2: Classical Encryption Techniques
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80022
Sample Questions
Q1) The best known multiple letter encryption cipher is the __________ which treats digrams in the plaintext as single units and translates these units into ciphertext digrams.
Answer: Playfair
Q2) Rotor machines are sophisticated precomputer hardware devices that use substitution techniques.
A)True
B)False
Answer: True
Q3) __________ encryption is a form of cryptosystem in which encryption and decryption are performed using the same key.
Answer: Symmetric
Q4) Steganography renders the message unintelligible to outsiders by various transformations of the text.
A)True
B)False
Answer: False
Q5) The most widely used cipher ever is the __________ . Answer: Data Encryption Standard (DES)
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Block Ciphers and the Data Encryption Standard
Available Study Resources on Quizplus for this Chatper
27 Verified Questions
27 Flashcards
Source URL: https://quizplus.com/quiz/80021
Sample Questions
Q1) The ________ cipher structure,which dates back over a quarter century and which,in turn,is based on Shannon's proposal of 1945,is the structure used by many significant symmetric block ciphers currently in use.
Answer: Feistel
Q2) Fast software encryption/decryption and ease of analysis are two considerations in the design of a Feistel cipher.
A)True
B)False
Answer: True
Q3) If the bit-stream generator is a key-controlled algorithm the two users only need to share the generating key and then each can produce the keystream.
A)True
B)False
Answer: True
Q4) Feistel's is a practical application of a proposal by Claude Shannon to develop a product cipher that alternates confusion and ________ functions.
Answer: diffusion
To view all questions and flashcards with answers, click on the resource link above.
5
Chapter 4: Basic Concepts in Number Theory and Finite
Fields
Available Study Resources on Quizplus for this Chatper
26 Verified Questions
26 Flashcards
Source URL: https://quizplus.com/quiz/80020
Sample Questions
Q1) GF stands for __________ field in honor of the mathematician who first studied finite fields.
Q2) In the context of abstract algebra we are usually not interested in evaluating a polynomial for a particular value of x.To emphasize this point the variable x is sometimes referred to as the __________ .
A)monic
B)constant
C)indeterminate
D)coefficient
Q3) A field is a set in which we can do addition,subtraction, multiplication and division without leaving the set.
A)True
B)False
Q4) If a is an integer and n is a nonzero integer,we define a mod n to be the remainder when a is divided by n.The integer n is called the __________ and the remainder is called the residue.
Q5) A polynomial fx)over a field F is called __________ if and only if fx)cannot be expressed as a product of two polynomials,both over F,and both of degree lower than that of fx).
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Advanced Encryption Standard
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80019
Sample Questions
Q1) In the AddRoundKey transformation the 128 bits of State are bitwise XORed with the _________ of the round key.
A)256 bits
B)128 bits
C)64 bits
D)512 bits
Q2) The __________ is a block cipher intended to replace DES for commercial applications.It uses a 128-bit block size and a key size of 128,192,or 256 bits.
Q3) The AES cipher begins and ends with an)_________ stage because any other stage, applied at the beginning or end,is reversible without knowledge of the key and would add no security.
A)Substitute bytes
B)AddRoundKey
C)MixColumns
D)ShiftRows
Q4) The transformations AddRoundKey and InvMixColumn alter the sequence of bytes in State.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Block Cipher Operation
Available Study Resources on Quizplus for this Chatper
44 Verified Questions
44 Flashcards
Source URL: https://quizplus.com/quiz/80018
Sample Questions
Q1) Hardware efficiency,software efficiency,preprocessing,random access,provable security,and simplicity are all advantages of __________ mode.
Q2) OFB mode requires an initialization vector that must be unique to each execution of the encryption operation.
A)True
B)False
Q3) A typical application of Output Feedback mode is stream oriented transmission over noisy channel,such as satellite communication.
A)True
B)False
Q4) A number of Internet based applications have adopted two-key 3DES,including PGP and S/MIME.
A)True
B)False
Q5) Given the potential vulnerability of DES to a brute-force attack,an alternative has been found.
A)True B)False
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Random and Pseudorandom Number
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80017
Sample Questions
Q1) An algorithm that is used to produce an open-ended sequence of bits is referred to as a ___________ .
Q2) The __________ test is the most basic test of randomness and must be included in any test suite.
A)frequency
B)runs
C)unpredictability
D)Maurer
Q3) A widely used technique for pseudorandom number generation is an algorithm known as the linear congruential method.
A)True
B)False
Q4) The seed that serves as input to the PRNG must be secure for cryptographic applications.
A)True
B)False
Q5) The __________ is drawn from the physical environment of the computer and could include things such as keystroke timing patterns,disk electrical activity,mouse movements,and instantaneous values of the system clock.
To view all questions and flashcards with answers, click on the resource link above. Page 9
Chapter 8: More Number Theory
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80016
Sample Questions
Q1) To determine whether an odd integer n is prime with a reasonable degree of confidence repeatedly invoke TEST n)using randomly chosen values for a.If,at any point,TEST returns _________ then n is determined to be nonprime.
Q2) Although it does not appear to be as efficient as the Miller-Rabin algorithm,in 2002 a relatively simple deterministic algorithm that efficiently determines whether a given large number is a prime was developed.This algorithm is known as the _________ algorithm.
Q3) The number 37 is prime so therefore all of the positive integers from 1 to 36 are relatively prime to 37.
A)True
B)False
Q4) If p is prime and a is a positive integer,then ap = amod p)is an alternative form of _________ theorem.
A)Rijndael's
B)Vignere's
C)Euler's
D)Fermat's
Q5) An integer p > 1 is a __________ number if and only if its only divisors are + 1 and + 1.
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Public-Key Cryptography and Rsa
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80015
Sample Questions
Q1) Asymmetric encryption utilizes only a public key for encryption and decryption.
A)True
B)False
Q2) Asymmetric encryption is also known as ___________ .
A)public-key encryption
B)private-key encryption
C)optimal encryption
D)digital-key encryption
Q3) A __________ is an attack in which the adversary chooses a number of ciphertexts and is then given the corresponding plaintexts,decrypted with the target's private key.
Q4) Plaintext is recovered from the ciphertext using the paired key and a
A)digital signature
B)recovery encryption
C)decryption algorithm
D)encryption algorithm
Q5) __________ encryption is a form of cryptosystem in which encryption and decryption are performed using a public key and a private key.
Page 11
Q6) A __________ is when two sides cooperate to exchange a session key.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 10: Other Public-Key Cryptosystems
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80014
Sample Questions
Q1) The purpose of the ___________ algorithm is to enable two users to securely exchange a key that can then be used for subsequent encryption of messages.
Q2) Asymmetric algorithms are typically much slower than symmetric algorithms so they are not used to generate open-ended __________ generator bit streams.
Q3) We use a cubic equation in which the variables and coefficients all take on values in the set of integers from 0 through p - 1 and in which calculations are performed modulo p for a __________ over Zp.
Q4) For cryptography the variables and coefficients are restricted to elements in a __________ field.
A)primitive
B)infinite
C)public
D)finite
Q5) The security of ECC depends on how difficult it is to determine k given kP and P. A)True
B)False
To view all questions and flashcards with answers, click on the resource link above.
12
Chapter 11: Cryptographic Hash Functions
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80013
Sample Questions
Q1) Big-endian format is the most significant byte of a word in the low-address byte position.
A)True
B)False
Q2) When a hash function is used to provide message authentication,the hash function value is often referred to as a ___________ .
Q3) It is possible to use a hash function but no encryption for message authentication.
A)True
B)False
Q4) Message authentication is achieved using a __________ .
A)DES
B)MDF
C)SHA
D)MAC
Q5) A hash function that satisfies the properties of variable input size,fixed output size,efficiency,preimage resistant,second preimage resistant and __________ is referred to as a strong hash function.
Q6) A message authentication code is also known as a __________ hash function.
To view all questions and flashcards with answers, click on the resource link above. Page 13
Chapter 12: Message Authentication Codes
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80012
Sample Questions
Q1) To attack MD5,the attacker can choose any set of messages and work on these offline on a dedicated computing facility to find a collision.
A)True
B)False
Q2) The order in which the frame check sequence and encryption functions are performed is not critical for authentication.
A)True
B)False
Q3) Attacks on MACs can be grouped into two categories: brute-force attacks and __________ .
Q4) The __________ mode of operation was standardized by NIST specifically to support the security requirements of IEEE 802.1 WiFi wireless local area networks but can be used in any networking application requiring authenticated encryption.
Q5) When an entire message is encrypted for confidentiality using either symmetric or asymmetric encryption the security of the scheme generally depends on the __________ of the key.
Q6) A __________ takes a variable length message and a secret key as input and produces an authentication code.
To view all questions and flashcards with answers, click on the resource link above. Page 14
Chapter 13: Digital Signatures
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80011
Sample Questions
Q1) With a __________ attack the attacker is given access to a set of messages and their signatures.
A)known message
B)key-only
C)directed chosen message
D)generic chosen message
Q2) The most important development from the work on public-key cryptography is the digital signature.
A)True
B)False
Q3) The digital signature function does not include the authentication function.
A)True
B)False
Q4) The __________ is formed by taking the hash of the message and encrypting the message with the creator's private key.
A)timestamp
B)message digest
C)hash code
D)digital signature
To view all questions and flashcards with answers, click on the resource link above. Page 15
Chapter 14: Key Management and Distribution
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80010
Sample Questions
Q1) The __________ is the issuer of certificates and certificate revocation lists and may also support a variety of administrative functions.
A)CRL issuer
B)certified user
C)certification authority
D)registration authority
Q2) Typically the session key is used for the duration of a logical connection,such as a frame relay connection or transport connection,and then it is permanently stored.
A)True
B)False
Q3) Master keys can be distributed in some noncryptographic way such as physical delivery.
A)True
B)False
Q4) A __________ consists of a public key,an identifier of the key owner,and the whole block signed by a trusted third party and can be used by participants to exchange keys without contacting a public key authority in a way that is as reliable as if the keys were obtained directly from a public key authority.
To view all questions and flashcards with answers, click on the resource link above. Page 16
Chapter 15: User Authentication Protocols
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80009
Sample Questions
Q1) There are four general means of authenticating a user's identity.They are: something the individual knows,something the individual possesses,something the individual is,and something the individual __________ .
Q2) A centralized,automated approach to provide enterprise-wide access to resources by employees and other authorized individuals with a focus of defining an identity for each user,associating attributes with the identity,and enforcing a means by which a user can verify identity is __________ .
A)enterprise management
B)identity management
C)federated identity management
D)realm management
Q3) The ticket granting ticket is encrypted with a secret key known only to the AS and the __________ .
Q4) A solution,which eliminates the burden of each server having to confirm the identities of clients who request service,is to use an __________ that knows the passwords of all users and stores these in a centralized database and shares a unique secret key with each server.
Q5) __________ is an authentication service developed as part of Project Athena at MIT.
To view all questions and flashcards with answers, click on the resource link above. Page 17
Chapter 16: Network Access Control and Cloud Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80008
Sample Questions
Q1) A _________ is a person or organization that maintains a business relationship with,and uses service from,cloud providers.
A)cloud auditor
B)cloud broker
C)cloud carrier
D)cloud consumer
Q2) The threat of data compromise decreases in the cloud.
A)True
B)False
Q3) Broad network access,measured service,resource pooling,and rapid elasticity are essential characteristics of ___________.
A)PaaS
B)network access control
C)cloud computing
D)EAP-TLS
Q4) A network access server does not include its own authentication services.
A)True
B)False
Q5) _________ defines how the TLS protocol can be encapsulated in EAP messages.
To view all questions and flashcards with answers, click on the resource link above. Page 18
Chapter 17: Transport-Level Security
Available Study Resources on Quizplus for this Chatper
26 Verified Questions
26 Flashcards
Source URL: https://quizplus.com/quiz/80007
Sample Questions
Q1) The SSL Record Protocol is used before any application data is transmitted.
A)True
B)False
Q2) The encryption of the compressed message plus the MAC must increase the content length by more than 1024 bytes.
A)True
B)False
Q3) An SSL session is an association between a client and a server and is created by the
A)Handshake Protocol
B)user
C)Spec Protocol
D)administrator
Q4) __________ refers to the combination of HTTP and SSL to implement secure communication between a Web browser and a Web server.
Q5) Phase 3 completes the setting up of a secure connection of the Handshake Protocol.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 19
Chapter 18: Wireless Network Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80006
Sample Questions
Q1) The IEEE 802.11 protocol stack consists of the logical link control layer,the medium access control layer,and the _________ layer.
Q2) The principal threats to wireless transmission are eavesdropping, altering or inserting messages,and disruption.
A)True
B)False
Q3) Derived from the GMK,the _________ is used to provide confidentiality and integrity protection for multicast/broadcast user traffic.
Q4) The integration service enables transfer of data between a station on an IEEE 802.11 LAN and a station on an integrated IEEE 802.x LAN.
A)True
B)False
Q5) The __________ layer keeps track of which frames have been successfully received and retransmits unsuccessful frames.
A)transmission
B)media access control
C)logical link control
D)physical layer
To view all questions and flashcards with answers, click on the resource link above. Page 20
Chapter 19: Electronic Mail Security
Available Study Resources on Quizplus for this Chatper
45 Verified Questions
45 Flashcards
Source URL: https://quizplus.com/quiz/80005
Sample Questions
Q1) For the text type of body no special software is required to get the full meaning of the text aside from support of the indicated character set.
A)True
B)False
Q2) Key IDs are critical to the operation of PGP and __________ key IDs are included in any PGP message that provides both confidentiality and authentication.
A)two
B)four
C)six
D)three
Q3) S/MIME cryptographic algorithms use __________ to specify requirement level.
A)CAN and MUST
B)SHOULD and CAN
C)SHOULD and MIGHT
D)SHOULD and MUST
Q4) The __________ is a directory lookup service that provides a mapping between the name of a host on the Internet and its numerical address.
Q5) PGP provides compression using the __________ algorithm.
To view all questions and flashcards with answers, click on the resource link above. Page 21
Chapter 20: Ip Security
Available Study Resources on Quizplus for this Chatper
44 Verified Questions
44 Flashcards
Source URL: https://quizplus.com/quiz/80004
Sample Questions
Q1) Transport mode provides protection to the entire IP packet.
A)True
B)False
Q2) _________ defines a number of techniques for key management.
A)KEP
B)KMP
C)SKE
D)IKE
Q3) _________ consists of an encapsulating header and trailer used to provide encryption or combined encryption/authentication.The current specification is RFC 4303.
A)SPI
B)ESP
C)ISA
D)IPsec
Q4) An end user whose system is equipped with IP security protocols can make a local call to an ISP and gain secure access to a company network.
A)True
B)False
Q5) Authentication makes use of the _________ message authentication code.
To view all questions and flashcards with answers, click on the resource link above. Page 22