A7005E 2016-10-28 - TENTAMEN PDF

Preview

Summary

TENTAMEN...

Description

EXAMINATION Luleå University of Technology

Course: A7005E Course name: Client Security Architecture Date: 2016-10-28 (Friday) Time: 09:00 – 14:00 (5 hours) Aid: Dictionary

Teacher on duty (complete telephone number): Ali Ismail Awad, +46 (0)920 49 34 14

Teacher on duty (complete telephone number):

Teacher on duty (complete telephone number):

Teacher on duty (complete telephone number):

Grade scale: Total number of questions and score:

U/G/VG. G >= 60 Mark, VG >= 80 Mark 2 Questions (50 points) of totally 100 Mark

Other information:

General instructions Check that you have received all the tasks/questions. All new answers begin on a separate page. Print, write clearly.

After examination The result of your examination are posted on “My pages” on the Student web Examination results are posted within 15 workdays after the examination. For the courses with more than 60 students taking the examination the results are posted within 20 workdays after the examination. Uppgifter till tryckeriet för tentor campus Luleå Project number SRT: 341980 Hur många sidor: 4 (Excluding this one)

Hur många ex: 11 Dubbel eller enkelsidigt: Enkelsidigt

Start of the Exam Question (1) [25 points in total, and 2 mark each. Total = 50 Mark] True

False

1. Lower layer security does not impact upper layers in the Client Security Architecture. 2. Ideally new systems should be constructed on an unprotected network in order to prevent installation restrictions. 3. Public-key cryptography is symmetric encryption process. 4. A virus that attaches to an executable program can do anything that the program is permitted to do. 5. Triple DES provides stronger security than AES algorithm. 6. In AES, the length of the key must be equal to the length of the input block. 7. A Trojan horse is an apparently useful program containing hidden code that, when invoked, performs some harmful function. 8. Public-key cryptography is mostly used for message authentication 9. The firewall can protect against attacks that bypass the firewall. 10. RSA is a public-key cryptography algorithm. 11. A traditional packet filter makes filtering decisions on an individual packet basis and does not take into consideration any higher layer context. 12. SHA-1 is designed for use as a MAC because it does not rely on a secret key. 13. A firewall can serve as the platform for IPSec. 14. An important aspect of a distributed firewall configuration is security monitoring. 15. The number of keys used by the encryption algorithm classifies the cipher algorithm into block or stream cipher. 16. User authentication is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic. 17. Depending on the application, user authentication on a biometric system involves either verification or identification. 18. Identification is the means of establishing the validity of a claimed identity provided by a user. 19. A prime disadvantage of an application-level gateway is the additional processing overhead on each connection. 20. Human aspect should be neglected in the holistic design of a Client Security Architecture. 21. Some form of protocol is needed for public-key distribution. 22. Every bot has a distinct IP address. 23. To be of practical use an IDS should detect a substantial percentage of intrusions while keeping the false alarm rate at an acceptable level. 24. HMAC can be proven secure provided that the embedded hash function has some reasonable cryptographic strengths. 25. DKIM has been widely adopted by a range of e-mail providers and many Internet service providers.

Page 1

Question (2) [25 points in total, and 2 mark each. Total =50 Mark] 1. The basic tool that permits widespread use of S/MIME is ________. A. the domain key B. the public-key certificate C. the MIME security payload D. radix-64 2. In the case of ________ only the digital signature is encoded using base64. A. enveloped data B. signed and enveloped data C. signed data D. clear-signed data 3. The most complex part of TLS is the __________. A. Signature B. Message header C. Payload D. Handshake protocol 4. The _________ scheme has reigned supreme as the most widely accepted and implemented approach to public-key encryption. A. SHA-1 B. HMAC C. MD5 D. RSA 5. The principal attraction of __________ compared to RSA is that it appears to offer equal security for a far smaller bit size, thereby reducing processing overhead. A. ECC B. MD5 C. Diffie-Hellman D. None of the above 6. Although the _________ attack is a serious threat, there are simple countermeasures that can be used such as constant time calculations, random delays or blinding computations. A. Timing B. Chosen ciphertext C. Mathematical D. None of the above 7. _________ attacks have several approaches, all equivalent in effort to factoring the product of two primes. A. Mathematical B. Brute-force C. Chosen ciphertext D. Timing 8. __________ is a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. A. Session key B. Subkey C. Key distribution technique D. Ciphertext key 9. A __________ gateway sets up two TCP connections, one between itself and a TCP user on an inner host and one between itself and a TCP user on an outside host. A. Packet filtering B. Stateful inspection C. Application-level D. Circuit-level 10. __________ scans for attack signatures in the context of a traffic stream rather than individual packets. A. Pattern matching B. Protocol anomaly C. Traffic anomaly D. Stateful matching 11. __________ are attacks that attempt to give ordinary users root access. A. Privilege-escalation exploits B. Directory transversals C. File system access D. Modification of system resources Page 2

12. The __________ is what the virus “does”. A. infection mechanism C. logic bomb

B. trigger D. payload

13. A __________ is code inserted into malware that lies dormant until a predefined condition, which triggers an unauthorized act, is met. A. logic bomb B. trapdoor C. worm D. Trojan horse 14. A __________ attack is a bot attack on a computer system or network that causes a loss of service to users. A. spam B. phishing C. DDoS D. sniff 15. A __________ uses macro or scripting code, typically embedded in a document and triggered when the document is viewed or edited, to run and replicate itself into other such documents. A. boot sector infector B. file infector C. macro virus D. multipartite virus 16. Recognition by fingerprint, retina, and face are examples of __________. A. face recognition B. static biometrics C. dynamic biometrics D. token authentication 17. The __________ strategy is when users are told the importance of using hard to guess passwords and provided with guidelines for selecting strong passwords. A. reactive password checking B. computer-generated password C. proactive password checking D. user education 18. To counter threats to remote user authentication, systems generally rely on some form of ___________ protocol. A. eavesdropping B. challenge-response C. Trojan horse D. denial-of-service 19. A __________ attack involves an adversary repeating a previously captured user response. A. client B. Trojan horse C. replay D. eavesdropping 20. The most important symmetric algorithms, all of which are block ciphers, are the DES, triple DES, and the __________. A. SHA B. RSA C. AES D. DSS 21. If the only form of attack that could be made on an encryption algorithm is brute-force, then the way to counter such attacks would be to __________ . A. use longer keys B. use shorter keys C. use more keys D. use less keys 22. The purpose of a __________ is to produce a “fingerprint” of a file, message, or other block of data. A. secret key B. digital signature C. keystream D. hash function Page 3

23. Digital signatures and key management are the two most important applications of __________ encryption. A. private-key B. public-key C. preimage resistant D. advanced 24. The DSS makes use of the _________ and presents a new digital signature technique, the Digital Signature Algorithm (DSA). A. HMAC B. XOR C. RSA D. SHA-1 25. Cryptographic systems are generically classified by _________. A. the type of operations used for transforming plaintext to ciphertext B. the number of keys used C. the way in which the plaintext is processed D. all of the above End of the Exam Best wishes

Page 4...