Professional Documents
Culture Documents
EXAM Questions For The Course TTM4135 - Information Security May 2012
EXAM Questions For The Course TTM4135 - Information Security May 2012
EXAM Questions For The Course TTM4135 - Information Security May 2012
May 2012
Part 1
This part consists of 5 questions all from one common topic. The number of maximal points
for every correctly answered question is given next to the question. Maximal number of
points in this part of the exam is 28. Time for work on this test: ~60 minutes.
1. Student should mention that the universal forgery is an attack where the attacker finds an
efficient algorithm that provides digital signatures on arbitrary messages without knowing
the private key of the attacked entity.
2. Student should mention that DSS stands for Digital Signature Standard and among other
things it describes DSA that stands for Digital Signature Algorithm.
4. Student should mention that the term “direct digital signature” refers to a digital scheme
that involves only the communicating parties (source and destination) and it is assumed
that the destination knows the public key of the source.
5. Student should mention that a digital signature must have the following properties: 1. It
must verify the author and the date and time of the signature, 2. It must authenticate the
contents at the time of signature, and 3. It must be verifiable by third parties to resolve
disputes.
EXAM questions for the course TTM4135 - Information Security
May 2012
Part 2
This part consists of 40 questions. For every question 5 alternative answers are given, of which ONLY
ONE is correct. If you chose the correct answer you will earn 1.8 points, otherwise you will loose 0.45
points (i.e. the penalty is -0.45 points). If you not choose any answer - then you will not get any points
(i.e. the earned points are 0). Maximal number of points in this part of the exam is 72. Time for work on
this test: ~120 minutes.
3. Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data
unit to prove the source and integrity of the data unit and protect it against forgery is a(n)
___________ .
A. security audit trail
B. authentication exchange
C. encipherment
D. digital signature
E. verification
4. If the information has been a subject of an unauthorized modification then we say that it lost its
___________.
A. purity
B. integrity
C. reliability
D. validity
E. originality
7. In which attack scenario can we assume that the opponent has the least amount of information to
work with.
A. chosen ciphertext
B. known plaintext
C. ciphertext-only
D. chosen plaintext
E. chosen plaintext and ciphertext
8. An encryption scheme that requires large quantities of random keys that are as long as the messages
that have to be encrypted, and are distributed on a regular basis to both sender and receiver, is
known as:
A. Key-pad scheme
B. iPad scheme
C. crypto-pad scheme
D. time-pad scheme
E. one-time pad scheme
9. What is correct?
A. DES uses a 64-bit message block and a 56-bit key.
B. DES uses a 64-bit message block and a 64-bit key.
C. DES uses a 56-bit message block and a 64-bit key.
D. DES uses a 56-bit message block and a 48-bit key.
E. DES uses a 64-bit message block and a 128-bit key.
10. An imaginary perfect mapping that allows the maximum number of bijective encryption mappings
from the plaintext block to the ciphertext block of the same size is referred as the __________.
A. Ideal one-way function
B. Perfect secrecy cipher
C. Ideal diffusion cipher
D. Ideal round function
E. Ideal block cipher
11. An S-box satisfies the following criterion: For a 1-bit input change, at least n output bits change. We
say that the S-box satisfies the
A. Bit change criterion
B. Bijection criterion
C. Diffusion criterion
D. Guaranteed avalanche criterion
E. Confusion criterion
12. Two integers are __________ if their only common positive integer factor is 1
A. polynomials
B. congruent modulo
C. residual
D. relatively prime
E. odd
13. Which algorithm is typically used to test a large number for primality?
A. Fermat
B. Euler
C. Miller–Rabin
D. Newton
E. RSA
15. In Advanced Encryption Standard, the operations are performed on variables that have length
A. 64 bits
B. 128 bits
C. a single bit
D. 4 bits
E. 8 bits
16. In AES, the first and the last round begin with the following reversible part:
A. MixColumns
B. AddRoundKey
C. ShiftRows
D. Substitute bytes
E. KeyExpand
18. A standard that relies on AES and refers to data stored in sector-based devices is called:
A. XTS-AES
B. CBC-AES
C. OFB-AES
D. GMAC-AES
E. GHASH-AES
23. Two numbers are relatively prime if they have ________ prime factors in common.
A. 0
B. 1
C. -1
D. 2
E. several
27. Which protocol enables two users to establish a secret key using a public-key scheme based on
discrete logarithms:
A. Micali-Schnorr
B. Miller-Rabin
C. Fiat-Shamir
D. Diffie-Hellman
E. Rivest-Shamir-Adleman
28. Included in the definition of an elliptic curve is a single element denoted O which is called the point
at infinity or the __________ .
A. Zero point
B. Elliptic point
C. Far-away point
D. Abelian point
E. Intersection point
29. What is the mathematical term that describes the generic algorithm for finding collisions in hash
functions:
A. Preimage finding
B. Birthday paradox
C. Primality testing
D. Baby-step-giant-step
E. Rho-algorithm
30. The GCM mode makes use of two functions: __________, which is a keyed hash function, and
GCTR.
A. HMAC
B. SHA-2
C. GHASH
D. CCM
E. SHA-3
31. X.509 certificates are used in
A. HMAC
B. PKI
C. Wi-Fi
D. RSA
E. PGP
32. On IP level, when a key is needed for each pair of hosts that wish to communicate, then we talk
about:
A. Link encryption
B. Key encryption
C. End-to-end encryption
D. Key distribution
E. Hardware encryption
33. The overall scheme of Kerberos is that of a trusted third party authentication service based on the
famous:
A. Fiat – Shamir protocol
B. ElGamal protocol
C. Merkle trees protocol
D. Diffie – Hellman protocol
E. Needham – Schroeder protocol
35. What is the encoding scheme in PGP that enables the sending of binary files via e-mail:
A. Reed-Solomon coding
B. Turbo coding
C. Extended ASCII
D. Radix-64
E. CRC32
36. What is the name of the set of internet standards that can be added to the current versions of the
Internet Protocol (IPv4 and IPv6) that encompasses the three functional areas: authentication,
confidentiality and key management?
A. PKI
B. WNS
C. X.800
D. WAP
E. IPSec
38. If we establish transition probabilities among certain user commands in an intrusion detection
scheme, we are using the theory of:
A. Markov processes
B. Statistics
C. User profiling
D. Firewalls
E. Biometry
1. C 25. B
2. E 26. D
3. D 27. D
4. B 28. A
5. A 29. B
6. B 30. C
7. C 31. B
8. E 32. C
9. A 33. E
10. E 34. C
11. D 35. D
12. D 36. E
13. C 37. A
14. B 38. A
15. E 39. B
16. B 40. E
17. B
18. A
19. D
20. E
21. A
22. C
23. A
24. C