Answers Information Security Example Questions

1. It takes time to recover from information security attacks. What type of attacks take the most time to
resolve?
(a) Attacks performed by insiders
(b) Denial of service attacks
(c) Phishing attacks
(d) Virus attacks

2. A consequence of losing information confidentiality can be that e-mail

(a) becomes publicly available
(b) is modified before it reaches the addressee
(c) can be sent by someone imposing as somebody else
(d) cannot be sent anymore because the mail transfer units are down for repair

3. For the RUG ‘defense in depth’ is exemplified by

(a) spam filters installed by Google, SURF, and your own computer
(b) deep packet inspection of network traffic performed by system administrators
(c) deep packet inspection of network traffic performed by the outer RUG firewall computer
(d) outing all wireless network traffic through a single core router before connecting to the Internet

4. For the RUG variation of defenses is realized by

(a) offering multiple operating systems (Windows, Apple, Linux)
(b) computers using firewalls and spam filters
(c) having a generic firewall at the point where the RUG’s network connects to the Internet and a
operating-specific firewall in your own computer
(d) Google handling the e-mail, and SURFnet handling the Internet connection

5. The enemy intercepts an encrypted message. Eventually the enemy is able to decrypt the message, but
it required exhaustive searching. The encryption method we used
(a) violates Kerckhoffs’ principle
(b) can still be considered ‘secure’ (as in: ‘Perfect Secrecy’)
(c) cannot be considered ‘secure’
(d) might have been the Viginere cipher

1
 6. Using a one-time pad plain text P is encrypted to encrypted text E using key K. Only letters are used
and the indices of the letters in the key determine the shifts of the letters in the plain text.

To retrieve the key when P and E are available

(a) decrypt E using P

(b) decrypt P using E
(c) 1 and 2 can both be used
(d) 1 and 2 cannot be used when shifting characters, but can be used when the xor operator is used
instead of shifting characters

7. Transposition ciphers use permutation matrices. Using the notation P’ to indicate the transposed
matrix P; P1, P2 are permutation matrices, T is the matrix containing the plain text, and E the matrix
containing the encrypted text, then A

(a) E = P1 T P2, T = P1’ E P2’

(b) E = P1 T P2, T = P2’ E P1’
(c) E = P1 P2 T, T = P1’ P2’ E
(d) E = P1 P2 T, T = P2’ P1’ E

8. With Feistel ciphers blocks are split in left and right halves. If only one encryption round is used, then
(a) the left half is not modified and becomes the left half in the next round, where-after the key
schedule is applied to the left half in the next round
(b) the left half is not modified and becomes the right half in the next round
(c) the right half is not modified and becomes the right half in the next round, where-after the key
schedule is applied to the right half in the next round
(d) the right half is not modified and becomes the left half in the next round

9. DES is
(a) implemented as a stream cipher
(b) implemented as a Feistel cipher using L and R blocks of 64 bits (8 bytes) each
(c) susceptible to brute force attacks
(d) also known as the ‘Lucifer’ encryption method

10. (Using Ci to indicate the i-th encrypted block, Pi to indicate the i − th plain text block)

Information leakage can be a problem with the CBC block cipher mode

(a) if Pi is equal to Pi+1 then the corresponding encrypted blocks are also identical
(b) if Ci is equal to Cj then Pi is equal to Pj
(c) if Ci is equal to Cj then Pi ⊕ Pj is known
(d) if Ci is equal to Cj then Pi ⊕ Pj equals Ci-1 ⊕ Cj-1

2
11. A linear Diophantine equation xe + yf = g uses e = 4, y = 8. Once the equation is solved for x and
y then an alternative solution for x and y
(a) does not exist, as solutions of linear Diophantine equations are unique
(b) can be 4 + x and -4 + y
(c) can be 8 * x and -8 * y
(d) can be 4 * x and -4 * y

12. When computing pow(333, 29) mod 17

(a) you can compute pow(333 mod 17, 29) mod 17 instead
(b) you can compute pow(333, 29 mod 17) mod 17 instead
(c) start with the least significant bit of 29
(d) start with the most significant bit of 29

13. When computing pow(x, y) mod z bit patterns, then

(a) when encountering a 0 bit your value so far is squared
(b) when encountering a 1 bit your value so far is squared
(c) when encountering a 0 bit your value so far is multiplied by the base value (i.e., x)
(d) when encountering a 1 bit your value so far is multiplied by the base value (i.e., x)

14. Using x = pow(g, k) mod p, the Diffie-Hellman key exchange

(a) computes key x from a computed g, and public k and p values
(b) computes key x from a computed k, and public g and p values
(c) computes key x from a computed p, and public g and k values
(d) none of the above
t

15. When Alice and Bob use Ephemeral Diffie-Hellman

(a) they send their computed pow(g, x) mod p to their partner, and then destroy both their x and
pow(g, x) mod p values
(b) they compute their x that is used in pow(g, x) mod p, and send x, encrypted with their shared
encryption key K to their partner
(c) after obtaining their partner’s pow(g, x) mod p they use their own y to compute pow(g,
xy) mod p
(d) they must make sure that their shared encryption key K is not compromised, or an attacker will
be able to retrieve the session key

16. What is NOT a requirement for a cryptographically strong hash function

(a) the hash value is smaller than the message
(b) the hash value must be efficiently computable

3
 (c) the message cannot be retrieved from the hash value
(d) the hash values of different messages are different

17. To verify the integrity of a message M its hash value h(M) can be computed
(a) The recipient, receiving message M in an e-mail attachment and h(M) in a second attachment is
able to verify that the received M equals the sender’s M
(b) The procedure described in the 1st alternative can only be used if HMAC, using h(K | M), is used,
where K is a key shared by the sender and recipient (the operator | concatenates the right-hand
message to the left-hand message)
(c) The procedure described in the 1st alternative can only be used if HMAC, using h(M |
K), is used, where K is a key shared by the sender and recipient
(d) None of the above alternative can be used to verify the integrity of a message M

18. Alice and Bob agree on a key K. They use HMAC to compute a hash value of a message they send to each
other, using the h(K, M) procedure. Eve has no access to K, but can intercept M and h(K, M)
(a) Eve can modify M and, recompute the hash value, and forward both to the recipient
(b) Eve can append information to M, recompute the hash value, and forward both to the
recipient
(c) Both 1 and 2
(d) Neither 1, nor 2

19. When Alice and Bob exchange messages, they use HMAC, a shared key K, and messages M, as well as a
hashing function h(). Trudy wants to interfere. B/D
(a) Using h(K, M) is OK, assuming h(M1) != h(M2)
(b) Using h(M, K) is OK, assuming h(M1) != h(M2)
(c) Using h(K, M) is OK, assuming Trudy cannot access K
(d) Using h(M, K) is OK, assuming Trudy cannot access K

20. A Cyclic Redundancy Check (CRC) computation uses divisor bits 11111 and bitstream bits (1st bit
received) 1110001100 (last bit received).

What is the CRC value (using bits)? UNKNOWN: answer is 1000, but not on list of an-
swers. If we need to flip the bits first, then we get 1111 (D). If the checksum is appended
to the message and we remove the last 4 digits (n-1), we get 0011 (B).
(a) 1
(b) 11
(c) 111
(d) 1111

21. The main reason for requiring that every now and then a new password must be selected is:
(a) to prevent brute force attacks against your password

4
 (b) to reduce the risk of abuse caused by you sharing your credentials with others
(c) to reduce the risk of abuse caused by the tendency of people to select weak passwords
(d) that the computer you’re connecting to does not support cryptographic keys

22. For authentication an organization requires you to use a password of letters and digits. There are 26
letters in the alphabet, and there are 10 digit characters. Using these requirements, how many different
passwords of 8 characters can be constructed? D
(a) 262
(b) 2512
(c) 862
(d) 628

23. In a protocol where Alice and Bob want to realize mutual authentication (h() indicates a hashing
function, Kab is an encryption key shared between Alice and Bob, E(M; K) is an encryption function
to encrypt M using key K),

Alice may start the communication by sending to Bob: C

(a) E(h(Alice’s password); Kab )
(b) E("I’m Alice"; Kab ), Alice’s nonce
(c) "I’m Alice", E(Alice’s nonce; Kab )
(d) E("I’m Alice", Alice’s nonce; Kab )

24. When Pa is Alice’s public key, Pb is Bob’s public key, Sa is Alice’s secret key, Sb is Bob’s secret key,
then, when Alice must authenticate herself to Bob she must return the nonce that she received from
Bob back to Bob.

In this process, Bob sends: C

(a) Sa (nonce)
(b) Sb (nonce)
(c) Pa (nonce)
(d) Pb (nonce)

25. Alice and Bob agree on using K, a shared encryption key. Also, they may use ephemeral Diffie-Hellman.

For each new session they agree to use a separate encryption key Y. When Alice constructs Y, which
protocol should NOT be used to inform Bob about Y? (EM,x indicates M, encrypted with key x) B/C
(a) Alice sends E{pow(g, a) mod p}, Bob replies with E{pow(g, b) mod p}
(b) Alice sends E{M2,K}, Bob replies with E{M3,K}
(c) Alice sends E{Y,K}, Bob replies with E{M,Y}
(d) None of the above protocols should be used

26. When creating your PGP key, two pairs of keys are created

5
 (a) The public key used for encrypting should be signed by people from whom you receive encrypted
messages
(b) The public key used for signing should be signed by people from whom you receive
signed messages
(c) The secret key used for encrypting should be signed by people to whom you send encrypted
messages
(d) The secret key used for signing should be signed by people to whom you send encrypted messages

27. Different from using clear-text information exchange, GPG can be used to
(a) Guarantee the confidentiality and integrity of the exchanged information
(b) Verify the authenticity and author of the exchanged information
(c) Both 1 and 2
(d) Neither 1, nor 2

28. To decrypt a document or e-mail using PGP

(a) you need access to your private key
(b) you need access to the recipient’s public key
(c) both 1 and 2
(d) neither 1, nor 2

29. In the way PGP is normally used, and if it is correctly used, then you cannot verify the authenticity of
a received message
(a) if it is signed by the sender
(b) if you signed the sender’s public key
(c) if the sender signed your public key
(d) if the sender’s public key was signed by at least 3 people whose public keys were signed by you.

30. The authenticity of a Bob’s PGP key can be assumed if

(a) Bob’s public key is downloaded from a PGP key server offering a secure (https) connection
(b) you received Bob’s key from Alice, who you trust
(c) Bob gives you his public key, and shows you his passport
(d) Bob gives you the fingerprint of his public key and shows you his RUG-pass