Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CSCI 325 Exam 2
| Question | Answer |
|---|---|
| What does AES stand for? | Advanced Encryption Standard. |
| What was AES originally called? | Rijndael. |
| When and by whom was AES selected? | Selected in 2001 by NIST (National Institute of Standards and Technology). |
| Why is AES considered more secure than DES? | AES uses larger key sizes, more encryption rounds, and stronger mathematical transformations, making it harder to brute-force. |
| What kind of cryptographic algorithm is AES? | A symmetric block cipher. |
| What block size does AES use? | 128 bits. |
| What are the possible AES key sizes? | 128, 192, and 256 bits. |
| What are the main operations in AES? | SubBytes, ShiftRows, MixColumns, and AddRoundKey. |
| What is a man-in-the-middle attack? | An attack where an unauthorized party intercepts and possibly alters communication between two parties who believe they are communicating directly. |
| How can man-in-the-middle attacks be prevented? | Through encryption, authentication, and certificate validation. |
| What does “authenticity” mean in cybersecurity? | Verifying that data or a message comes from the claimed source. |
| What is parity? | The simplest error detection code that adds one extra bit to ensure an even or odd total number of 1s. |
| What is even parity? | When the parity bit is set so the total number of 1s is even. |
| What can a single-bit parity detect? | A single-bit change (but not multiple-bit errors). |
| What can parity not do? | Identify which bit changed or correct the error. |
| What is a buffer overflow? | When a program writes more data to a buffer than it can hold, overwriting adjacent memory. |
| What causes buffer overflows? | Failing to check input lengths or array limits. |
| What are some countermeasures for buffer overflows? | Check input length. Confirm array limits. Double-check boundary conditions. Use safe string-handling utilities. Validate user input. |
| Why is monitoring input important for overflow prevention? | To ensure inputs don’t exceed allocated memory and cause data corruption or code execution. |
| What is an undocumented access point? | Hidden or secret access built into a program, often left by developers for debugging. |
| Why are backdoors dangerous? | Attackers can use them to gain unauthorized access. |
| How can backdoors be detected or prevented? | Through code reviews, audits, and avoiding secret developer entries. |
| What is a null-terminated string? | A string ending with a null byte (0x00) to mark the end. |
| : What happens if a string is unterminated? | The program keeps reading memory until it finds a null, causing buffer overflows or leaks. |
| How can attackers exploit unterminated strings? | By feeding long or malicious input that overruns the buffer. |
| How can null-terminated string issues be prevented? | Specify string length, validate input, and use secure string functions. |
| What is a race condition? | When two or more processes access shared resources at the same time, leading to unpredictable results. |
| Why are race conditions a problem? | They cause data corruption or security breaches if processes don’t synchronize correctly. |
| How can race conditions be fixed? | By using synchronization methods like locks, semaphores, or atomic operations. |
| What are the security implications of a race condition? | Attackers can exploit timing to alter system behavior or gain elevated privileges. |
| What is malicious code? | Any code designed to cause harm, steal data, or gain unauthorized access. |
| What are the three main types of malicious code? | Virus – Attaches to other programs. Worm – Self-replicates across networks. Trojan Horse – Appears useful but hides malicious actions. |
| What is a polymorphic virus? | A virus that changes its code to avoid detection. |
| How do we handle polymorphic viruses? | Treat each version as a new virus and use behavior-based detection. |
| What is malware embedding? | Inserting malicious code within legitimate programs or files. |
| Why do attackers use embedding? | To hide malicious code and make detection harder. |
| What is “stealth in storage”? | Techniques malware uses to conceal itself, such as hiding in system files or directories. |
| How can hidden malware be discovered? | Through signature-based, heuristic, and behavioral analysis tools. |
| What are four characteristics of malicious code? | Harm, Transmission, Activation, and Stealth. |
| What is encryption? | Converting plaintext into ciphertext to protect data confidentiality. |
| What is a Caesar cipher? | A substitution cipher that shifts each letter by a fixed number in the alphabet. |
| Example: Encrypt “ABC” with shift 3. | “DEF”. |
| What is a Keyword cipher? | A substitution cipher that begins with a chosen keyword followed by unused letters of the alphabet. |
| What is a Vigenère cipher? | A cipher using a keyword repeated over the message to shift letters based on the Vigenère square. |
| What is a Columnar cipher? | A transposition cipher that rearranges letters into columns based on a keyword’s alphabetical order. |
| What is the difference between substitution and transposition ciphers? | Substitution replaces characters; transposition rearranges their order. |
| How can frequency analysis break substitution ciphers? | By analyzing letter frequency patterns to deduce substitutions. |
| What does "affecting your own data" mean in cybersecurity? | Modifying or corrupting your own stored data through programming errors. |
| What’s the most common programming issue related to data corruption? | Buffer overflows or improper input validation. |
| What’s the difference between authentication and encryption? | Encryption protects confidentiality; authentication verifies identity. |
| What is an off-by-one error? | It occurs when a loop or array index goes one element too far or too short, causing incorrect behavior or memory issues. |
| List three controls to detect or prevent off-by-one errors. | Perform bounds checking on array indices. Use safe string or array libraries that limit size. Run code reviews or static analysis tools to detect index mistakes. |
| How could an email system be used to leak information? | Transmitting unencrypted messages. |
| What controls can detect or prevent email leakage? | Encryption (TLS, PGP). |
| What are the four main access control mechanisms? | Per-subject access control list. Per-object access control list. Access control matrix. Capability list. |
| How can human failure compromise encrypted data? | Leaving encryption keys unsecured or written down. |
| How can human failure compromise identification and authentication? | Using weak or shared passwords. |
| How can human failure compromise access control? | Failing to revoke access after someone leaves an organization. |
| What are advantages of a government PKI? | Centralized trust, uniform standards, widely accepted authority. |
| What are disadvantages of a government PKI? | Risk of surveillance, political abuse, slow bureaucracy, and single point of failure. |
| What are advantages of private PKIs? | Competition, specialization, faster updates, decentralized trust. |
| What are disadvantages of private PKIs? | Harder to ensure universal trust; differing verification standards; risk of corruption. |
Created by:
user-1979725