What is the primary role of Asymmetric Encryption (e.g., RSA) in a hybrid security session?

To securely distribute the faster Symmetric Session Key.

To encrypt all bulk data because it is the most secure.

To provide the fixed-size output for hashing.

To prevent Denial of Service attacks.

Which network attack involves a malicious actor crafting IP packets with a false source address to impersonate a legitimate host?

Distributed Denial of Service (DDoS)

The main security advantage of using Subnetting to divide a network into smaller segments is to:

Isolate critical resources and limit the spread of a security breach.

Prevent all external connection attempts.

Speed up the network's packet processing.

What is the fundamental difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?

B. IDS monitors and alerts, while IPS monitors and actively blocks the threat.

A. IDS is active, while IPS is passive.

C. IDS uses signatures, while IPS uses anomaly detection.

D. IDS is host-based, while IPS is network-based.

A recipient verifies a digital signature using the sender's Public Key and successfully recovers the original hash value. What two conclusions can the recipient immediately draw based on this successful verification?

The message was signed by the holder of the Private Key (Authentication/Non-repudiation) and has not been tampered with (Integrity).

The message is confidential, and the key is strong.

The sender's private key was not used, and the integrity is verified.

The symmetric key used for the session is secure, and the file is small.

An attacker is attempting to sniff all network traffic between two workstations on the same local segment. The most effective way to mitigate this threat is to ensure the network uses a Switch instead of a Hub. Why?

The Switch operates at Layer 2 and directs frames only to the intended MAC address, preventing other hosts from receiving the data.

The Switch encrypts all Layer 3 data.

The Switch operates at Layer 3 and blocks all unauthorized IP addresses.

The Switch automatically implements an IDS.

A company decides to use Subnetting to separate its Finance department computers from its Guest Wi-Fi network. What is the primary security outcome of this action?

Limits the scope of a breach (e.g., if the Guest Wi-Fi is compromised, attackers cannot directly access the Finance subnet).

Ensures confidentiality using encryption.

Guarantees non-repudiation for all internal communications.

Makes the network entirely immune to IP Spoofing.

An organization deploys a security device that detects a known malware signature in a file transfer and immediately terminates the connection, preventing the file from reaching the internal host. This action was taken by a(n):

Intrusion Prevention System (IPS)

Intrusion Detection System (IDS)

A company implements a Stateful Inspection Firewall to control Layer 4 ports and an IPS using Signature-Based detection. The IPS fails to block a brand new, never-seen-before zero-day SYN Flood variant which successfully exploits the TCP handshake vulnerability. Which combination of concepts is relevant to the failure to block this attack? (3pts.)

The attack successfully bypassed the Signature-Based Detection (Week 8) because the zero-day attack had no known signature (Week 8), and the Stateful Firewall (Week 8) was vulnerable to attacks exploiting the TCP handshake (Week 7).

The IDS/IPS failed because it relied on Anomaly-Based Detection (Week 8) instead of Symmetric Encryption (Week 6).

The Firewall failed because it only operated at the Application Layer (Week 7) and required a stronger Hash Function (Week 6).

The failure was due to a weak Caesar Cipher (Week 5) used in the IP Addressing scheme (Week 7).

Evaluation of Modern Ciphers: A major defense contractor is developing a new encryption standard. Following Kerckhoff's Principle, which of the following scenarios poses the greatest security risk to the new cipher?

The user reuses the same short key for multiple different messages.

The cipher uses a 2048-bit key, which is considered computationally strong.

The plaintext is revealed to a third party after the decryption process.

The detailed mathematical procedure (algorithm) for encryption and decryption is leaked to the public.

(Evaluation: Kerckhoffs's Principle states the algorithm is assumed public; security relies on the key . A short, reused key is the fundamental point of failure, independent of the algorithm's secrecy.) Justification of Classical Ciphers: Why is the Vigenère Cipher fundamentally more resilient to basic cryptanalysis (like frequency analysis) than the simple Caesar Cipher?

Vigenère is polyalphabetic; it uses multiple shifting alphabets determined by a keyword, masking the true frequency of individual letters.

Vigenère uses a complex one-time pad (OTP) approach.

Vigenère is a transposition cipher, which is immune to frequency analysis.

Vigenère uses a much longer key length (56-bit vs. 26-bit).

Evaluation of Hybrid Cryptosystems: A global CDN (Content Delivery Network) must send terabytes of data daily while ensuring confidentiality. A pure Asymmetric Encryption system is ruled out for data transfer. What is the most critical reason for this exclusion?

Asymmetric encryption (e.g., RSA) is computationally too slow to encrypt large volumes of bulk data.

Asymmetric algorithms do not support the Integrity goal.

Asymmetric encryption is vulnerable to IP spoofing attacks.

Asymmetric encryption uses too many different keys, leading to key management failures.

Synthesis of Non-repudiation: A digital signature provides non-repudiation because the signer uses their Private Key to encrypt the document's hash. If the signer were to later deny sending the document, why would this defense fail in court?

Because only the signer should have exclusive control over the Private Key, linking the signing action irrefutably to them.

Because the symmetric key was weak and could have been easily compromised.

Because the Public Key is publicly available.

Because the document's plaintext was revealed before decryption.

Justification of Algorithm Choice: Why did the US government replace the Data Encryption Standard (DES) with the Advanced Encryption Standard (AES) as the standard symmetric cipher?

DES was vulnerable to brute-force attacks due to its short key length.

DES was too slow for modern computers.

AES is easier to implement in hardware.

AES is based on public-key cryptography.

Evaluation of Network Controls: A Network Administrator uses Subnetting to isolate the company's critical database servers from the rest of the network. They then configure the Router’s ACLs to only allow traffic from specific management workstations to that subnet. Which level of defense is the subnetting providing, and which is the ACL providing?

C. Subnetting provides logical network segmentation/isolation; ACLs provide granular packet filtering/access control.

A. Subnetting provides confidentiality; ACLs provide integrity.

B. Subnetting provides encryption; ACLs provide hashing.

D. Subnetting provides MAC addressing; ACLs provide port numbers.

Justification of Layering: A modern Firewall makes its access decisions based on the IP address (Layer 3) and the Port Number (Layer 4). Why is it functionally necessary for this critical security device to operate across multiple layers of the OSI model?

To match an incoming packet to a specific host (IP) and a specific application/service (Port Number) simultaneously.

To ensure the firewall can encrypt data (Layer 6).

To utilize MAC addressing (Layer 2) for advanced filtering.

To manage the TCP/IP connection state (Layer 4).

A company's security policy requires that any detected external network attack must be immediately and automatically stopped, without waiting for human intervention. Which security system is mandatory to meet this requirement?

Intrusion Prevention System (IPS)

Intrusion Detection System (IDS)

Synthesis of Firewall State: A hacker sends a sequence of random packets to an internal server without first initiating a proper three-way handshake. A Packet Filtering Firewall might allow these packets, but a Stateful Inspection Firewall would drop them. Why?

The Stateful Firewall does not find a corresponding entry for a legitimate, established session in its state table and deems the traffic unauthorized.

The Stateful Firewall detects a known virus signature.

The Packet Filter detects a violation of the Implicit Deny rule.

The Packet Filter cannot operate at Layer 4.

Comprehensive Scenario Analysis: A critical database server storing AES Keys is placed on its own dedicated Subnet and is protected by a Stateful Inspection Firewall. How does this layered defense strategy best protect the Confidentiality of the keys?

Subnetting isolates the server from general threats, while the Stateful Firewall restricts external access, ensuring only legitimate, authorized connections can transmit the keys, thus protecting confidentiality.

The Stateful Firewall actively encrypts all AES keys before storage.

Subnetting prevents the server from using weak symmetric algorithms.

The Firewall uses Anomaly Detection to check for the Caesar Cipher.

Information Assurance and Security 1 Midterm

University

•

46 Qs

Similar activities

TechJar Round 1

University

•

45 Qs

Kuis: Penerapan AI pada Website, Aplikasi, dan Game

12th Grade - University

•

50 Qs

Ujian Akhir Semester 1

8th Grade - University

•

45 Qs

Кәсіби ағылшын 51 - 100

University

•

50 Qs

SUMATIF Scracth kelas 8

8th Grade - University

•

50 Qs

LATIHAN SAS INFORMATIKA KELAS 9

9th Grade - University

•

45 Qs

Pengantar Teknologi Informasi

University

•

50 Qs

Uji Pengetahuan Informatika Kelas 8

8th Grade - University

•

50 Qs

Information Assurance and Security 1 Midterm

Quiz

•

Information Technology (IT)

•

University

•

Practice Problem

•

Easy

Regino Vll Guinto

Used 2+ times

FREE Resource

Symmetric Encryption Algorithm

Digital Signature Scheme

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

45 questions

Ujian Akhir Semester 1

Quiz

•

8th Grade - University

50 questions

Кәсіби ағылшын 51 - 100

Quiz

•

University

45 questions

LATIHAN SAS INFORMATIKA KELAS 9

Quiz

•

9th Grade - University

50 questions

Pengantar Teknologi Informasi

Quiz

•

University

45 questions

TechJar Round 1

Quiz

•

University

50 questions

BSIT3201_ME

Quiz

•

University

48 questions

CompTIA A+ Revision

Quiz

•

University

50 questions

EP&IS

Quiz

•

University

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

Discover more resources for Information Technology (IT)

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

7 questions

Different Types of Energy

Interactive video

•

4th Grade - University

20 questions

Slopes and Slope-Intercept Form

Quiz

•

8th Grade - University

7 questions

Force and Motion

Interactive video

•

4th Grade - University

7 questions

Biomolecules (Updated)

Interactive video

•

11th Grade - University

20 questions

Winter/Holiday Trivia

Quiz

•

KG - University

10 questions

WINTER WIN Time - ELA - 12/9/2025

Quiz

•

KG - University

7 questions

Human Impact on Resources

Interactive video

•

4th Grade - University

Information Assurance and Security 1 Midterm

46 questions

Which goal of cryptography is achieved by using hash functions to verify that a file has not been altered since it was created?

What is the technical term for the scrambled, unreadable result after an encryption algorithm has been applied to the readable message?

The security of a modern cryptosystem relies primarily on the secrecy and complexity of the key, even if the algorithm is publicly known. This concept aligns with:

The Caesar Cipher is an example of which type of classical cryptographic technique?

Classical relies on computers; Modern relies on manual methods. Which is correct?

Which type of encryption is defined using a single, shared secret key for both encryption and decryption?

The Advanced Encryption Standard (AES) is a widely used example of which type of algorithm?

In an Asymmetric Encryption system, which key must be kept secret and is used by the owner to decrypt messages sent to them?

What is the primary role of Asymmetric Encryption (e.g., RSA) in a hybrid security session?

A Digital Signature is created by encrypting the document's hash using the sender's Private Key. This process primarily enforces which cryptographic goal?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)