2 - امنية المعلومات - إمتحان تجريبي، الترم الأول - للعام 1445 ه

27/10/2023 :‫ﺍﻟﺘﺄﺭﻳﺦ‬ ‫ﺟﺎﻣﻌﺔ ﺍﻟﻌﻠﻮﻡ ﻭﺍﻟﺘﻜﻨﻮﻟﻮﺟﻴﺎ‬
‫ ﺃﻣﻨﻴﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﻭﺍﻟﺸﺒﻜﺎﺕ‬:‫ﺍﻟﻤﻘﺮﺭ‬ ‫ﺍﻟﺤﺎﺳﺒﺎﺕ ﻭﺗﻜﻨﻮﻟﻮﺟﻴﺎ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ‬

‫ﻓﻬﺪ ﺁﻝ ﻗﺎﺳﻢ‬.‫ ﺩ‬:‫ﺍﻟﻤﺪﺭﺱ‬ ‫ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻭﺍﻟﺸﺒﻜﺎﺕ‬
‫ ﺍﺭﺑﻊ ﺳﺎﻋﺎﺕ‬:‫ﺍﻟﺰﻣﻦ‬
‫ﻫـ‬1445 ‫ ﻟﻠﻌﺎﻡ‬- ‫ ﺍﻟﺘﺮﻡ ﺍﻷﻭﻝ‬،‫ﺇﻣﺘﺤﺎﻥ ﺗﺠﺮﻳﺒﻲ‬

‫ ﺃﺟﺐ ﻋﻦ ﻛﻞ ﺍﻻﺳﺌﻠﺔ ﺍﻟﺘﺎﻟﻴﺔ‬- 2
1. Explain the PKP shortly?
2. Give an example of cryptography tools that used for encrypting confidential text in your message.
3. List four of Hash function tasks ?
4. Explain the function and relation between SPAP and PAP?
5. Name An alternative version of the common method for determining the revocation status of SSL
certificates?
6. Explain the name and the process of the archetypal block cipher .
7. Give one difference between integrity and confidentiality.
8. Explain shortly the security protocol that send a "challeng" message to the peer ?
9. Explain shortly the purpose of Encrypt-then-MAC mode.
10. When the validity of an intermediate CA expires?
11. what is the attribute of digital dertificate that determine the expiry date?
12. What the encryption type would you choose for large amount of data, and why?
13. Explain shortly SHA is a hash function?
14. What is name of techniques that hide a secret message with a normal message.
15. What is the process of data conversion into scrambled code that sent across private and public
network.
16. Name the alternative of OPENSSL in windows OS? and Explain its functions?
17. List the limitations of cryptography?
18. What is the symmetric key block cipher taht derived from previous version with two additional features?
19. Name the two functions used in both sides for using digital signature?
20. Name the method that designed to encipher and decipher blocks of data consisting of 64 bits and 56 bit
key.
21. What is HMAC stand for?
22. Compare between public key and private key using in cryptography process.
23. What is Sponge construction used for ?
24. How does AEDA mode thwart chosen ciphertext attacks?
25. Name An algorithm that can be used in the generation and verification of digital signatures for sensitive
applications.
26. How can you apply encryption algorithms in Quantum computers?
27. What is the most basic form of authentication ?
28. Explain shortly why they may use MD5 Calculator?
29. Name the technique used to length extension attaks can be prvented?
30. Descripe the general process of transforming plaintext of ciphertext using symmetric and using
asymmetric ciphers.
31. Name the technique in which an asymmetric algorithm encryption and decryption are done by the same
key holder?
32. ..Explain shortly the reason of why NIST published SHA...
33. How can you apply Public key encryption algorithm in low-power devices ?
34. what is the disadvantages of MD5?
35. List four Hash functions methods?
36. How do Individuals and organizations enusre non-repudiation?
‫ ﺍﺧﺘﺮ ﺍﺟﺎﺑﺔ ﻭﺍﺣﺪﺓ ﻟﻜﻞ ﻓﻘﺮﺓ ﻣﻤﺎ ﻳﻠﻲ‬:MCQ - 4
1. AES is used by US government agencies, it is a .................................... algorithm
a. private.
b. public.
c. symmetric-key.
d. asymmetric-key.
2. Individuals and organizations use digital ...................... to enusre non-repudiation.
(1 - 7)
a. signature.
b. encoder.
c. obfuscation.
d. decoder.
3. OPENSSL is a cryptographic ........... for applications that can protect communications from sniffing.
a. toolkit.
b. plan.
c. system.
d. algorithm.
4. ......... is developed to avoid larger cryptographic private and public key usage.
a. Quantum Cryptography.
b. Digatal Signature Algorithm.
c. Homomorphic Encryption.
d. Elliptic Curve Cryptography.
5. HPKP stands for ................ key pinning
a. HUB Private.
b. HTTP Public.
c. HTTP private.
d. HUB Public.
6. A modern technology that used for record and store the history of transactions in the form of blocks.
a. ChainBlock.
b. Blockchain.
c. BlockCypher.
d. Cypherchain.
7. what is the most basic form of authentication
a. PAP.
b. CHAP.
c. CAP.
d. HAP.
8. DER is a bingary encoding digital certificate format that used for both certificates and ............. keys
a. short.
b. public.
c. long.
d. private.
9. HPKP allows a web client to associate a specific .... key certificate with a particular server to minize the
risk of ........... attacks
a. MITE.
b. MITM.
c. MTIM.
d. TIME.
10. In DLT, multiple transactions are processed using multiple ........... which are linked togehter.
a. blocks.
b. chains.
c. files.
d. commands.
11. The techniques of hiding a secret message with a normal message.
a. Hashing.
b. Cryptography.
c. Blockchain.
d. Stegnography.
12. ............ encryption is a type of encryption that uses a key by sender and differnet key by reciver.
a. symmetric.
b. public.
c. asymmetric.
d. private.
13. A truest model, in which one master CA is the initial point of trust.
a. Hierarchical .
b. hybrid.
c. bridge.
d. peer-to-peer.
14. public key encryption is used ................. amount of data.
a. best.
b. bad.
c. small.
d. large.
(2 - 7)
15. One of the following not a prat of PKI.

a. Distribution.
b. Regesrtarion.
c. Certification.
d. Validation.
16. When the validity of an intermediate CA expires, the ........ CA is brought online to perform renewal tasks.
a. passive.
b. intermediary.
c. active .
d. root.
17. A digital certificate type used to prove the identity of the developer or publisher
a. code signing.
b. SAN.
c. sel-signed.
d. wildcard.
18. Increasing encryption process efficiency in low latency applications is done using ..........................
cryptography.
a. fast.
b. symmetric .
c. strong.
d. asymmetric .
19. Ciphers are ................ used to encrypt or decrypt the data.
a. devices.
b. protocols.
c. softwares.
d. algorithms.
20. One of the following is not a certification authority
a. eccouncil.
b. comodo.
c. identrust.
d. godaddy.
21. In windows an alternative of OPENSSL is the command .....................
a. certmgr.exe.
b. certexe.mgr.
c. certmsc.mgr.
d. certmgr.msc.
22. Hash functions are .......... way encryption techniques.
a. two.
b. four.
c. three.
d. one.
23. Digital certificates are issued by an intermediary, which also called ...................
a. CA.
b. AC.
c. SAD.
d. DAS.
24. internet key exchange first pahse is used to establish secure ............. between hosts
a. keys.
b. protocols.
c. channel.
d. connection .
25. A digital certificate type that used for minimized the compexity and cost.
a. wildcard.
b. SAN.
c. sel-signed.
d. code signing.
26. Length extension attaks can be prvented using .................................. hash technique.
a. SHA-4.
b. MD6.
c. HMAC.
d. MAC.
27. Public key encryption algorithm can used in low-power devices such as .......................
(3 - 7)
a. RSA.
b. AES.
c. ECC.
d. DSA.
28. Hiding the content of data is one of crytpography goals by using ..................... techniques.
a. decryption.
b. lightweight.
c. obfuscation.
d. encryption .
29. ................... is designed to encipher and decipher blocks of data consisting of 64 bits and 56 bit key.
a. CR6.
b. AES.
c. CR5.
d. DES.
30. Key management controls the complete ............. of the keys used in cryptosystem
a. usages.
b. lifecyle.
c. process.
d. exchange.
31. Private key encryption is used ................. amount of data.
a. small.
b. bad.
c. best.
d. large.
32. Digital Certificate expiry date could be known by an attribute called valid ..............
a. in.
b. by.
c. from.
d. to.
33. SHA is a hash function, is an abbriviation of .............................. algorithm
a. saving digest.
b. secure hashing.
c. saver hashing.
d. secure digest.
34. DSA and RSA are both ......................... algorithm
a. symmetric.
b. asymmetric.
c. de-facto.
d. standard.
35. Message hash code, private key and signature function are used for generating ...................
a. data cetrtification.
b. hash function.
c. message digest.
d. digital signature .
36. Thmubprint algorithm specifies the hashing algorithm used for digital .........................
a. encryption.
b. certification.
c. hashing.
d. signature.
37. The scramble code that results from the conversion of data is called .......
a. encryption.
b. plaintext.
c. decryption.
d. ciphertext.
38. In Key Escrow a certified third-party is keep secret keys which is useful as a ..................... for
cryptographic keys.
a. recovery.
b. intermediary.
c. backup.
d. mangement .
39. Has functions are not deployed for ..............
a. digital signature applications.
b. file integrity checking.
c. storing passwords.
d. plaintext data ecncryption .
(4 - 7)
40. ............. is used to protect confidential data such as email messages.
a. cryptoanalysis.
b. stagnography.
c. cryptography.
d. ciphertext.
41. Digital signature is used to protect data ........................
a. secrecy.
b. privacy.
c. integrity.
d. availability.
42. ................... cryptography algorihms are aimed at low-complexity applications such as RFID tags.
a. lightcost.
b. heavyweight.
c. lightweight.
d. highweight.
43. A parameterized algorithm with a variable block size, variable key size, and variable number of rounds.
a. RC6.
b. RC4.
c. RC3.
d. RC5.
44. Key stretching is the process of ................. a key that might be too .......... usally by making it ................
a. strenghening, longer, weak.
b. longer, weak, strenghening.
c. strenghening, weak, longer.
d. weak, strenghening, longer,.
45. A digital certificate type that used for protect multiple websites with a single SSL certificate
a. code signing.
b. sel-signed.
c. wildcard.
d. SAN.
46. A derivation of the .................. algorihm is converted to hashing algorithm to hash a password and add
salt to it for key stetching purposes.
a. blowfish .
b. nanofish.
c. microfish.
d. bluefish.
47. One of the following is not an objective of cryptography.
a. spamming.
b. authentication .
c. integrity.
d. confidentiality.
............ ‫ ﺍﻟﺘﻌﺎﻣﻞ ﻣﻊ ﺍﻟﺸﺒﻜﺎﺕ ﻭﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﻳﺤﺘﺎﺝ ﺇﻟﻰ ﺷﺨﺺ ﻋﻨﺪﻩ ﺧﺒﺮﺓ ﻛﺒﻴﺮﺓ ﻓﻲ‬.48
a. ..
b. ..
c. .....
d. ..
49. A chain of trust established by a set of certificates starting from the server certificates and ending with
the root certificates
a. Certificate Escrow.
b. Certificate chaining.
c. Key Escrow.
d. Key chaining.
50. 3DES ciphers are used instade of DES, due to the inherent ................ of DES.
a. weakness.
b. fastness.
c. strength.
d. slowness.
51. Digatal signature used two functions, .................. function and ............. function.
a. creating, verification.
b. signature, hashing.
c. creating, hashing.
d. signature, verification.
52. The process of data conversion into scrambled code that sent across private and public network.
(5 - 7)
a. decoding.
b. encryption .
c. decryption .
d. encoding .
53. ............ is an internet encryption and authentication system that its algorithm was developed by three
scientists and it takes thier names first letters.
a. DSA.
b. DES.
c. RSA.
d. AES.
54. The digital certificates are used for protecting transmission of .................. keys securely
a. short.
b. public.
c. long.
d. private.
55. .... is a symmetric key block cipher derived from .......... with two additional features.
a. RC6, RC5.
b. RC5, RC6.
c. RC4, RC3.
d. RC3, RC4.
56. A trust model, in which everyone in the network is a certificate authority.
a. bridge trust model.
b. hybrid trust model.
c. Hierarchical trust model.
d. web of trust model.
57. An advanced cryptographic algorithm designed to protect security for both conventional and quantum
computers.
a. elliptic curve cryptography.
b. homomorphic encryption .
c. post-quantum cryptography.
d. quantum cryptography.
58. sending a challeng message to the peer is used in the challenge-handshake ........... protocol
a. adminstration.
b. authentication .
c. authorization.
d. controling.
59. An asymmetric algorithm inwhich encryption and decryption are done by the same key holder.
a. Homomorphic Encryption.
b. Elliptic Curve Cryptography.
c. Quantum cryptography.
d. Digital Signature Algorithm.
60. One of the following is not a public key encryption algorithm.
a. ECC.
b. AES.
c. RSA.
d. DSA.
61. certificate revocation list is used for checking the certificate status, which also may done using
....................
a. OSPC.
b. CRL.
c. OCSP.
d. RCL.
62. ............ encryption is a type of encryption that uses the same key by sender and reciver.
a. public .
b. private.
c. asymmetric.
d. symmetric.
63. Substitution cipher is one of ......................... ciphers
a. modern .
b. strong.
c. excelent.
d. classical .
64. ..................... is a symmetric alogrithm that may has a 128-bit block size with key sizes of 128 bits for
.......-128 version or longer.
(6 - 7)
a. TSL.
b. DES.
c. AES.
d. SSL.
65. ............ takes a message as the input and then outputs a 128-bits fingerprint or message digest of the
input.
a. MD5.
b. MD4.
c. MD7.
d. MD6.
66. Hash value may called .........................
a. message digest.
b. memory digest.
c. footprinting.
d. lightprinting.
67. It is recommended to use modern algorihm than MD5 due to it non ............. resistant.
a. collision.
b. attacks.
c. encryption.
d. obfuscation.
68. An alternative version of the common method for determining the revocation status of SSL certificates.
a. certificate status.
b. certificate response.
c. certificate stapling.
d. certificate pinning.
69. An algorithm that can be used in the generation and verification of digital signatures for sensitive
applications.
a. DES.
b. RSA.
c. AES.
d. DSA.
70. Sponge construction is used for solving the problem of block size in .......................
a. SHA-3.
b. SHA-1.
c. SHA-2.
d. SHA-4.
71. One of the following is not from the limitations of cryptography
a. computational overhead.
b. entropy.
c. speed.
d. lightweight devices.
72. The SPAP is a ........... version of PAP
a. proprietary.
b. asymmerty.
c. symmetry.
d. public.
73. In peer-to-peer trust model, clients depend on their ........... CAs
a. intermediary.
b. local.
c. root.
d. global.
74. In internet key exchange second phase, a host negotiates SA security ............ to be used with IPsec.
a. parameters .
b. methods.
c. connections.
d. protocols.
(7 - 7)

2 - امنية المعلومات - إمتحان تجريبي، الترم الأول - للعام 1445 ه

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2 - امنية المعلومات - إمتحان تجريبي، الترم الأول - للعام 1445 ه

Uploaded by

Copyright:

Available Formats

27/10/2023 :‫ﺍﻟﺘﺄﺭﻳﺦ‬ ‫ﺟﺎﻣﻌﺔ ﺍﻟﻌﻠﻮﻡ ﻭﺍﻟﺘﻜﻨﻮﻟﻮﺟﻴﺎ‬

‫ ﺃﻣﻨﻴﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﻭﺍﻟﺸﺒﻜﺎﺕ‬:‫ﺍﻟﻤﻘﺮﺭ‬ ‫ﺍﻟﺤﺎﺳﺒﺎﺕ ﻭﺗﻜﻨﻮﻟﻮﺟﻴﺎ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ‬

‫ﻫـ‬1445 ‫ ﻟﻠﻌﺎﻡ‬- ‫ ﺍﻟﺘﺮﻡ ﺍﻷﻭﻝ‬،‫ﺇﻣﺘﺤﺎﻥ ﺗﺠﺮﻳﺒﻲ‬

15. One of the following not a prat of PKI.

40. ............. is used to protect confidential data such as email messages.

You might also like