CMSC 426 MC Final Exam Questions & Answers 2024/2025
6 views 0 purchase
Course
CMSC 426 MC
Institution
CMSC 426 MC
CMSC 426 MC Final Exam Questions & Answers 2024/2025
Which of the following encryption functions has perfect secrecy?
a) XOR cipher
b) RC4 stream cipher
c) 3DES block cipher
d) One-time pad - ANSWERSd) One-time pad
Which of the following describes the security of Diffie Hellman Key Exch...
CMSC 426 MC Final Exam Questions &
Answers 2024/2025
Which of the following encryption functions has perfect secrecy?
a) XOR cipher
b) RC4 stream cipher
c) 3DES block cipher
d) One-time pad - ANSWERSd) One-time pad
Which of the following describes the security of Diffie Hellman Key Exchange?
a) An attacker would need to factor one of Alice or Bob's public integers in order to recover one of the
private integers.
b) An attacker would need to solve the discrete logarithm problem to recover Alice or Bob's private
integer from the public values.
c) An attacker would need to know a secret value agreed upon by Alice and Bob in advance of the key
exchange.
d) None of the above - ANSWERSb) An attacker would need to solve the discrete logarithm problem to
recover Alice or Bob's private integer from the public values.
Which of the following describes why random padding must be appended to the plaintext m prior to
encryption when using RSA?
a) If enough ciphertexts which share the same values for m and e are intercepted, the plaintext can be
decrypted (even if n is not the same)
b) It is possible for an attacker to perform a chosen plaintext attack
c) If m and e are not large enough, the ciphertext can be trivially decrypted
d) All of the above - ANSWERSd) All of the above
Why is Blum-Blum-Shub random number generator not often used in real-world settings?
a) The algorithm is slow and only produces one bit of random output at a time
,b) The algorithm can produce pseudo-random bits as output, but it is not proven to be cryptographically
secure
c) A kleptographic backdoor was found in the algorithm and it was revoked from a NIST standard
d) The outputs were found not to be randomly distributed - ANSWERSa) The algorithm is slow and only
produces one bit of random output at a time
Suppose an 8-bit plaintext 11010111 and an 8-bit key 10110001. Using an XOR cipher, which of the
following would be the ciphertext?
a) 00101110
b) 10110100
c) 01100110
d) 01011101 - ANSWERSc) 01100110
Which register is used as a pointer to the value which was most recently pushed onto the stack?
a) ESI
b) ESP
c) EBP
d) EIP - ANSWERSb) ESP
Which of the following is a weakness of the Lan Manager (LM) hash used on legacy versions of
Windows?
a) The hash function made passwords case-insensitive
b) The hash function relied on DES encryption
c) The hash digest could be split into two parts, and each half could be cracked separately
d) All of the above - ANSWERSd) All of the above
What is the assembly instruction PUSH EAX equivalent to?
a) Adding 4 to ESP, then copying EAX into the location pointed to by ESP
b) Subtracting 4 from ESP, then copying EAX into the location pointed to by ESP
c) Copying EAX into the location pointed to by ESP, then adding 4 to ESP
, d) Copying EAX into the location pointed to by ESP, then subtracting 4 from ESP - ANSWERSb) Subtracting
4 from ESP, then copying EAX into the location pointed to by ESP
Suppose that Alice encrypts a message using AES with a 256-bit key. How many possible values can the
key have?
a) 256^8
b) 2^256
c) 8^256
d) 2^(256*8) - ANSWERSb) 2^256
Eve intercepts a hash h and is able to recover m such that h = H(m). What kind of hashing resistance does
this violate?
An advantage of symmetric cryptography is that encryption and decryption are usually faster than
asymmetric cryptography. T/F? - ANSWERSTrue
Salting works by hashing a password, and then concatenating random bytes (the salt) to the hash digest.
T/F? - ANSWERSFalse
A symmetric key can be used for digitally signing a message. T/F? - ANSWERSFalse
Salted password hashes are an effective defense against rainbow tables. T/F? - ANSWERSTrue
A domain controller running Active Directory is used to manage authentication on a Windows domain.
T/F? - ANSWERSTrue
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Bensuda. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.49. You're not tied to anything after your purchase.