This document contains an introduction and questions for a final exam on computer security. It focuses on topics like hash functions, Message Authentication Codes (MACs), and the Manual Ability Classification System (MACS). Specifically, it tests knowledge about how hash functions ensure data integrity, how MACs authenticate messages, and the purpose of collision resistance in hash functions. It also contains questions evaluating the importance of these concepts for network security.
This document contains an introduction and questions for a final exam on computer security. It focuses on topics like hash functions, Message Authentication Codes (MACs), and the Manual Ability Classification System (MACS). Specifically, it tests knowledge about how hash functions ensure data integrity, how MACs authenticate messages, and the purpose of collision resistance in hash functions. It also contains questions evaluating the importance of these concepts for network security.
This document contains an introduction and questions for a final exam on computer security. It focuses on topics like hash functions, Message Authentication Codes (MACs), and the Manual Ability Classification System (MACS). Specifically, it tests knowledge about how hash functions ensure data integrity, how MACs authenticate messages, and the purpose of collision resistance in hash functions. It also contains questions evaluating the importance of these concepts for network security.
1.What is the primary purpose of hash functions in network
security? a. Data compression b. Data encryption c. Data integrity Answer: c. Data integrity. Hash functions are primarily used for ensuring the integrity of data by generating a fixed-size hash value unique to the input data, making it ideal for data integrity verification.
2. Choose the correct definition:
a. Message Authentication Code (MAC) is a type of hash function. b. MAC is used for authenticating messages. c. MAC is unrelated to cryptography. d. MAC stands for Multiple Access Code Answer: b. MAC is used for authenticating messages. Message Authentication Code (MAC) is a cryptographic technique used for verifying the authenticity and integrity of a message. 3. How many levels does the Manual Ability Classification System (MACS) describe a. 3 b. 5 c. 7 d. 10 Answer: b. 5. The Manual Ability Classification System (MACS) describes five levels based on a child's self-initiated ability to handle objects and their need for assistance.
4.What is the purpose of a MAC in network security ?
a. Data compression b. Data authentication c. Data transmission speed d. Data storage Answer: b. Data authentication. MAC is used for authenticating and ensuring the integrity of messages in network security.
5.Does the Manual Ability Classification System focus on software
or hardware capabilities? a. Software b. Hardware Answer: a. Software. The Manual Ability Classification System (MACS) focuses on a child's self-initiated ability to handle objects, which is a software-related capability. 6. Which of the following is not a property of a good hash function a. Deterministic b. Collision-resistant c. Reversible d. Efficient Answer: c. Reversible. A good hash function should be deterministic, collision-resistant, and irreversible.
7. Which of the following is not a commonly used hash function
a. SHA-256 b. MD5 c. AES d. SHA-1 Answer: c. AES. AES (Advanced Encryption Standard) is a symmetric encryption algorithm, not a hash function.
8. What type of information does a Message Authentication Code
authenticate a. public key b. Private key c. Message content d. IP address Answer: c. Message content. MAC is used to authenticate the content and integrity of a message. True or False
9.Hash functions are only used for data encryption. (True/False)
Answer: False. Hash functions are used for various purposes, including data integrity verification and digital signatures.
10.Hash functions are reversible. (True/False)
Answer: False. Hash functions are designed to be one-way and irreversible.
11.Is a MAC the same as a digital signature? (Yes/No)
Answer: No. MAC and digital signatures serve different purposes, with MAC focusing on message authentication.
12.The choice of a hash function does not impact the security of a
MAC. (True/False) Answer: False. The choice of a hash function is crucial for the security of a MAC.
13.Is a MAC used for data encryption. (True/False)
Answer: False. MAC is used for message authentication, not data encryption. Open Questions- (Answers may vary)
18.Describe a real-world scenario where the use of a Message
Authentication Code is crucial for secure communication. Answer: In online banking, a Message Authentication Code is crucial to verify the integrity of financial transactions, preventing unauthorized modifications and ensuring secure communication between the bank and the customer.
19.Explain the role of hash functions in preventing data tampering
during transmission. Answer: Hash functions play a vital role in ensuring data integrity during transmission by generating unique hash values for data. Any tampering would result in a different hash value, signaling potential data corruption.
20.Discuss the potential vulnerabilities of hash functions and how
they can be mitigated. Answer: Hash functions may be vulnerable to collision attacks. To mitigate, using stronger hash algorithms like SHA-256 and incorporating salting techniques enhances security and reduces vulnerability.
21.Indicate your level of agreement with the statement: "Hash
functions are essential for ensuring data integrity in network communication". Answer: Strongly agree. Hash functions are fundamental in guaranteeing data integrity by providing a reliable means to verify that data has not been tampered with during communication. Short Answer
22.Provide a brief explanation of HMAC and its significance in
network security. Answer: HMAC (Hash-based Message Authentication Code) is a specific type of MAC that uses a cryptographic hash function along with a secret key. Its significance lies in providing a secure and efficient way to authenticate the integrity and origin of messages, commonly used in network security protocols like TLS.
23.Provide a concise definition of collision resistance in hash
functions. Answer: Collision resistance in hash functions means that it is computationally infeasible to find two different inputs that produce the same hash output. This property is crucial to prevent malicious tampering and maintain the integrity of the hashed data.
24.Name one practical application where Message Authentication
Codes are commonly used. Answer: One practical application is in network communication protocols like TLS (Transport Layer Security), where Message Authentication Codes are used to ensure the integrity and authenticity of transmitted data. Additional Questions May Be Asked As Bounce Questions. Rating Questions And Answers May Vary (1 = Not Important, 5 = Very Important).
14.On a scale of 1 to 5, how important is it to choose a
cryptographic hash function with collision-resistant properties for network security, and why? Answer: 5. Choosing a hash function with collision-resistant properties is crucial as it prevents attackers from creating different inputs that produce the same hash value, enhancing data integrity.
15.On a scale from 1 to 5, rate the effectiveness of MACs in ensuring
message authenticity in network communication, and why? Answer: 5. MACs are highly effective in ensuring message authenticity by providing a cryptographic verification mechanism, making it difficult for unauthorized entities to tamper with messages.
16.On a scale of 1 to 5, how would you rate the difficulty of
implementing a secure hash function, and why? Answer: 3. Implementing a secure hash function can be complex due to the need for collision resistance and other security properties, but well-established algorithms like SHA-256 simplify the process.
17.On a scale of 1 to 5, how much do you trust the security of MACs
for authenticating messages, and why? Answer: 5. MACs are highly trusted for authenticating messages as they rely on cryptographic principles, making it challenging for adversaries to compromise message integrity.