1、山东建筑大学 网络工程12级 信息安全期末复习资料山东建筑大学 网络工程12级 信息安全期末复习资料1. Which of the following is a kind of passive attack? A(a) The release of message contents(b) Replay(c) Modification of messages(d) Denial of service2. Which of the following is a primary method to illegally capture user sensitive information such a
2、s user passwords on a network? C(a) Spamming(b) Spoofing (c) Sniffing (d) Smirking3. Which of the following is not an asymmetric algorithm? D(a) RSA(b)Diffie-Hellman(c) DSS(d) DES4. Triple Data Encryption Standard (DES) (three keys) is a method of encryption. What is the key size for triple DES encr
3、ypted data?D(a) 64 bits(b) 128 bits(c) 160 bits(d) 168 bits5. In public key cryptography, which key does the sender use to generate a signature?(a) Recipients public key(b) Recipients private key(c) Senders public key(d) Senders private key 6. What substantiates(证实) that a users claimed identity is
4、valid and is normally applied through a user password at time of logon? B(a) Integrity(b) Authentication(c) Identification(d) Confidentiality7. Which of the following types of malicious code is often not parasitic(寄生虫)?B(a)Virus病毒(b)Trap door(c)Trojan Horse木马(d)Worm蠕虫8. The technique that each plain
5、text block is XORed with the previous ciphertext block before being encrypted is called :B P50(a) Electronic Codebook(b) Cipher Block Chaining(c) Cipher Feedback(d) Round Function9. Proxy server is: B(a) Packet filter (b) Application-Level gateway(c) Circuit gateway(d) Stateful Inspection Firewalls1
6、0. Which approach is an application-specific security services that embedded within the particular application? B(a) IPSec(b) SSL(c) SET(d) TLSA _ layer security protocol provides end-to-end securityservices for applications. DA) data linkB) networkC) transportD) none of the above_ is actually an IE
7、TF version of _CA) TLS; TSSB) SSL; TLSC) TLS; SSLD) SSL; SLTA SYN flood is an example of what type of attack? BA) Malicious codeB) Denial-of-serviceC) Man-in-the-middleD) SpoofingAn attack in which the attacker simply listens for all traffic being transmitted across a network, in the hope of viewing
8、 something such as a user IDand password combination, is known as: CA) A man-in-the-middle attackB) A denial-of-service attackC) A sniffing attackD) A backdoor attackIn what type of attack does an attacker resend the series of commands and codes used in a financial transaction to cause the transacti
9、on to beconducted multiple times?A) SpoofingB) Man-in-the-middleC) ReplayD) BackdoorA piece of malicious code that must attach itself to another file to replicate itself is known as:A) A wormB) A virusC) A logic bombD) A Trojan9 A piece of malicious code that appears to be designed to do one thing (
10、and may in fact do that thing) but that hides some other payload (oftenmalicious) is known as:A) A wormB) A virusC) A logic bombD) A TrojanMalicious code that is set to execute its payload on a specific date or at a specific time is known as:A) A logic bombB) A Trojan horseC) A virusD) A time bombWh
11、en a message is sent, no matter what its format, why do we care about its integrity?A) To ensure proper formattingB) To show that the encryption keys are undamagedC) To show that the message has not been edited in transitD) To show that no one has viewed the messageIf a message has a hash, how does
12、the hash protect the message in transit?A) If the message is edited, the hash will no longer match.B) Hashing destroys the message so that it cannot be read by anyone.C) Hashing encrypts the message so that only the private key holder can read it.D) The hash makes the message uneditable.What is the
13、biggest drawback to symmetric encryption?A) It is too easily broken.B) It is too slow to be easily used on mobile devices.C) It requires a key to be securely shared.D) It is available only on UNIX.What is Diffie-Hellman most commonly used for?A) Symmetric encryption key exchangeB) Signing digital co
14、ntractsC) Secure e-mailD) Storing encrypted passwordsWhat is public key cryptography a more common name for?A) Asymmetric encryptionB) SHAC) An algorithm that is no longer secure against cryptanalysisD) AuthenticationHow many bits are in a block of the SHA-1 algorithm?A) 128B) 64C) 512D) 1024In what
15、 type of attack does an attacker resend the series of commands and codes used in a financial transaction to cause the transaction to be conducted multiple times?A) Spoofing B) Man-in-the-middleC) Replay D) BackdoorA piece of malicious code that must attach itself to another file to replicate itself
16、is known as:A) A worm B) A virusC) A logic bomb D) A TrojanWhen a message is sent, no matter what its format, why do we care about its integrity?A) To ensure proper formattingB) To show that the encryption keys are undamagedC) To show that the message has not been edited in transitD) To show that no
17、 one has viewed the messageA good hash function is resistant to what?A) Brute-forcingB) Rainbow tablesC) InterceptionD) CollisionsHow is 3DES an improvement over normal DES?A) It uses public and private keys.B) It hashes the message before encryption.C) It uses three keys and multiple encryption and
18、/or decryption sets.D) It is faster than DES.What is the best kind of key to have?A) Easy to rememberB) Long and randomC) Long and predictableD) ShortSecure Sockets Layer uses what port to communicate?A) 53B) 80C) 143D) 443Honeypots are used to:A) Attract attackers by simulating systems with open ne
19、twork servicesB) Monitor network usage by employeesC) Process alarms from other IDSsD) Attract customers to e-commerce sitesPreventative intrusion detection systems:A) Are cheaperB) Are designed to stop malicious activity from occurringC) Can only monitor activityD) Were the first types of IDSWhat a
20、re the two main types of intrusion detection systems?A) Network-based and host-basedB) Signature-based and event-basedC) Active and reactiveD) Intelligent and passiveWhat is a Trojan horse program?A) A program that encrypts e-mail for securityB) A program that appears legitimate but is actually mali
21、cious codeC) A program that runs only on a single computerD) A program that self-compiles before it runs_ is the science and art of transforming messages to make them secure and immune to attacks.A) Cryptography B) CryptoanalysisC) either (a) or (b) D) neither (a) nor (b)The _is the original message
22、 before transformation.A) ciphertext B) plaintextC) secret-text D) none of the aboveIn a(n) _, the key is called the secret key.A) symmetric-key B) asymmetric-keyC) either (a) or (b) D) neither (a) nor (b)4. DES has an initial and final permutation block and _ rounds.A) 14 B) 15 C) 16 D) none of the
23、 abovePGP depends upon which model of trust?A) direct trust model B) web of trust modelC) hierarchical trust model D) none of the above _) TLS_ is actually an IETF version of _SSL_A) TLS; TSS B) SSL; TLSC) TLS; SSL D) SSL; SLTA SYN flood is an example of what type of attack?A) Malicious code B) Deni
24、al-of-serviceC) Man-in-the-middle D) Spoofing/-Ture or False1. Inevitably, the best intrusion prevention system will fail.2. In an intrusion detection system, if authorized users are identified as intruders, it means a “false positive” alarm3. patterns of legitimate user behavior can be established
25、by observing past history, and significant deviation from such patterns can be detected.4. Threshold detection and profile based detection are two methods commonly used in statistical anomaly detection.5. Every SSL connection is associated with one SSL session, one SSL session can be shared multiple
26、 SSL connections.6. With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the key.7. MD5 is a hash algorithm, its output is always 160 bit no matter the length of the input.8. Diffie-Hellman is only used for key exchange, RSA can be used for key exchange,
27、 digital signature and encryption.9. Radix-64 conversion used in PGP will expands a message by 33%.10. According the numbers of keys used, cryptographic systems can be classified into two types as block cipher and stream cipher.11. “Users password should not be shorter than 8 characters” is a reacti
28、on password checking strategy.12. There has been a continuous arms race between virus writers and writers of anti-virus software.13. The firewall can protect against internal threats.14. The packet filter only matches the fields in IP header.11. SHA-1 is a hash algorithm, its output is always 160 bi
29、t no matter the length of the input. 12. DSS is only use for key exchange, RSA can be used for key exchange, digital signature and encryption.13. PGP makes use of x.509 certificate to provide trust.14. Proactive password checking is more promising approach than reactive password checking.15. 3DES pr
30、ovide an improvement over normal DES because it uses public and private keys.16. SHA-1 is a hash algorithm, its output is always 128 bit no matter the length of the input.17 DSS is only use for key exchange, RSA can be used for key exchange, digital signature and encryption.18.A virus infected versi
31、on of a file is longer than the corresponding uninfected one. 19. the main advantage of the use os statistical profiles is that a prior knowledge of security flaws is note required.1. In a packet-filtering router, Filtering rules are based on information such as :(1) 原IP地址 , (2) 目的IP地址 , (3) 原、目的传输层的地址 ,(4) IP协议阈 ,(5) 接口 2. SSL protocol includes four protocols, they are: (1)ssl握手协议 ,(2) 交换加密协议 ,(3) ssl警告协议 ,(4) ssl记录协议 3. Four basic techniques used in generating not guessabl