ITN 266 EXAM QUESTIONS AND
ANSWERS ALL CORRECT
What type of organization is subject to FISMA?
e-commerce firms
medical firms
government organizations
companies that accept credit card payments - Answer- government organizations
The FTC can ________.
Both impose fines and require annual audits by external auditing firms for many years
impose fines
Neither impose fines nor require annual audits by external auditing firms for many years
require annual audits by external auditing firms for many years - Answer- Both impose
fines and require annual audits by external auditing firms for many years
Once a company's resources are enumerated, the next step is to ________.
create a protection plan for each
classify them according to sensitivity
enumerate threats to each
assess the degree to which each is already protected - Answer- classify them according
to sensitivity
The growing number of compliance laws and regulations is driving firms to use formal
governance frameworks to guide their security processes. True / False - Answer- True
Independence is best provided for IT security by placing it within the IT department.
True / False - Answer- False
________ is the security guarantee that people who intercept messages cannot read
them.
Availability
Confidentiality
Integrity
Encryption - Answer- Confidentiality
A ________ is a mathematical process used in encryption and decryption.
plaintext
cipher
coding method
key - Answer- cipher
, What usually is the longest stage in a cryptographic system dialogue?
keying
negotiation of security methods and parameters
ongoing communication
mutual authentication - Answer- ongoing communication
In authentication, the party trying to provide its identity to the other party is called the
applicant. True / False - Answer- False
DES uses block encryption. True / False - Answer- True
The hash size in MD-5 is 160 bits. True / False - Answer- False
In order to be considered strong today, a symmetric encryption key must be at least
________ bits long.
1,000
100
6
8 - Answer- 100
Nearly all encryption for confidentiality uses symmetric key encryption ciphers. True /
False - Answer- True
Someone who pretends to be someone else is ________.
cryptanalyst
an impostor
a hacker
a social engineer - Answer- an impostor
________ is efficient enough in processing power and RAM requirements to be used on
small devices, such as PDAs and cell phones.
AES
3DES
Neither 3DES nor AES
Both 3DES and AES - Answer- AES
Hashing is a reversible process. True / False - Answer- False
In cryptographic systems, keying takes place during the second handshaking stage.
True / False - Answer- False
A ________ is a random string of 40 to 4,000 bits (ones and zeros) used to encrypt
messages.
key
plaintext
code
ANSWERS ALL CORRECT
What type of organization is subject to FISMA?
e-commerce firms
medical firms
government organizations
companies that accept credit card payments - Answer- government organizations
The FTC can ________.
Both impose fines and require annual audits by external auditing firms for many years
impose fines
Neither impose fines nor require annual audits by external auditing firms for many years
require annual audits by external auditing firms for many years - Answer- Both impose
fines and require annual audits by external auditing firms for many years
Once a company's resources are enumerated, the next step is to ________.
create a protection plan for each
classify them according to sensitivity
enumerate threats to each
assess the degree to which each is already protected - Answer- classify them according
to sensitivity
The growing number of compliance laws and regulations is driving firms to use formal
governance frameworks to guide their security processes. True / False - Answer- True
Independence is best provided for IT security by placing it within the IT department.
True / False - Answer- False
________ is the security guarantee that people who intercept messages cannot read
them.
Availability
Confidentiality
Integrity
Encryption - Answer- Confidentiality
A ________ is a mathematical process used in encryption and decryption.
plaintext
cipher
coding method
key - Answer- cipher
, What usually is the longest stage in a cryptographic system dialogue?
keying
negotiation of security methods and parameters
ongoing communication
mutual authentication - Answer- ongoing communication
In authentication, the party trying to provide its identity to the other party is called the
applicant. True / False - Answer- False
DES uses block encryption. True / False - Answer- True
The hash size in MD-5 is 160 bits. True / False - Answer- False
In order to be considered strong today, a symmetric encryption key must be at least
________ bits long.
1,000
100
6
8 - Answer- 100
Nearly all encryption for confidentiality uses symmetric key encryption ciphers. True /
False - Answer- True
Someone who pretends to be someone else is ________.
cryptanalyst
an impostor
a hacker
a social engineer - Answer- an impostor
________ is efficient enough in processing power and RAM requirements to be used on
small devices, such as PDAs and cell phones.
AES
3DES
Neither 3DES nor AES
Both 3DES and AES - Answer- AES
Hashing is a reversible process. True / False - Answer- False
In cryptographic systems, keying takes place during the second handshaking stage.
True / False - Answer- False
A ________ is a random string of 40 to 4,000 bits (ones and zeros) used to encrypt
messages.
key
plaintext
code
