CS419 Exam 3
Spring 2018
Paul Krzyzanowski
April 23, 2018
99 Points - 3 Points each
For each statement, select the most appropriate answer.
- Which of the following is not an example of two-factor authentication?
(a) Password and a code sent to your phone via SMS.
(b) Access card and PIN.
(c) Fingerprint and a retina scan.
(d) All of these are examples of two-factor authentication. - Salt in a hashed password:
(a) Makes it virtually impossible to use a brute-force search to guess a password.
(b) Obscures the ability to see that multiple users have the same password in a password file.
(c) Turns normal passwords into one-time passwords.
(d) Ensures that passwords have special characters in addition to alphanumeric text. - The challenge-handshake authentication (CHAP) protocol relies on:
(a) Sending an encrypted password to the server.
(b) Showing that you can decrypt data sent by a server.
(c) Using a trusted third party to handle user authentication.
(d) Proving that you have a secret value that is shared with the server. - The Time-based One-Time Password (TOTP) protocol:
(a) Relies on a shared secret between the client and server.
(b) Allows an administrator to control when a user can log in.
(c) Provides a time limit for the number of login attempts.
(d) Enables an administrator to set an expiration time for user passwords. - A list of hashes is often used in an application signature to:
(a) Enable the user to pinpoint what modifications have been made to the application.
(b) Validate the integrity of the software even if some of the hashes are maliciously modified.
(c) Allow an operating system to check the integrity of the software as pieces of it are loaded into memory.
(d) Validate different parts of an application: code, data, stack, heap. - Biometric authentication algorithmically differs from other forms of authentication because it:
(a) Compares images instead of passwords.
(b) Uses data that cannot be shared.
(c) Relies on thresholds rather than exact matches.
(d) Provides a far higher degree of security. - A problem with CAPTCHA is that:
(a) Computer vision algorithms have been improving rapidly.
(b) It is easy for an attacker to try various combinations of text.
(c) Results are not sent over a secure link.
(d) The answer can be found directly in the JavaScript code of the challenge. - No CAPTCHA reCAPTCHA is a variation of CAPTCHA that:
(a) Presents a puzzle to solve instead of text to decode.
(b) Looks at a user's activity on the web page and server-side data to decide if it is a human.
(c) Provides alternatives to users, such as recognizing images or transcribing audio.
(d) Allows scripts as well as humans to interact with websites. - A CAM (Content Addressable Memory) overflow attack on an Ethernet switch requires sending Ethernet frames:
(a) With varying fake source addresses.
(b) To a huge set of destination addresses.
(c) At a rate faster than the switch can process.
(d) That are malformed to indicate a length longer than the actual payload. - A key problem with both ARP and DHCP is that:
(a) Neither queries nor responses are encrypted.
(b) Clients have no way of authenticating themselves.
(c) A client might send a message to the wrong server.
(d) A client has no way of knowing who the authoritative server is. - ARP cache poisoning attacks can be reduced by:
(a) Configuring a switch to disallow ARP responses from systems not designated as ARP servers.
(b) Ignoring responses that are not associated with your request.
(c) Requiring responses to be signed.
(d) First establishing an encrypted channel to the server. - SYN cookies were designed to:
(a) Provide a way for a client to authenticate a server.
(b) Create a shared secret between the client and server to encrypt traffic.
(c) Provide a time limit for establishing a TCP connection.
(d) Reduce the amount of state that a server sets up before finalizing a TCP connection. - The Border Gateway Protocol, BGP, is used to share routing information among ISPs. A security weakness with this protocol is:
(a) Hosts can bypass its advertisements and use alternate routes.
(b) An ISP can maliciously advertise better routes to divert traffic.
(c) It allows an attacker to impersonate an arbitrary host on the network.
(d) ISP routers that lose a shared key will not be able to communicate to external networks. - Network tunneling is best described as:
(a) Sending a stream of packets over an encrypted communication channel.
(b) Relaying messages via a trusted third party.
(c) Signing all messages between two communicating hosts.
(d) Encapsulating one packet within another. - Unlike IPsec with the Encapsulating Security Payload, SSL and TLS:
(a) Encrypt messages in both directions.
(b) Are designed for point-to-point connections over TCP.
(c) Use a MAC to ensure message integrity.
(d) Rely on a trusted third party. - A stateless screening router is unlikely to be able to be configured to drop:
(a) TCP packets addressed to your mail server computer but accessing port 80 (HTTP).
(b) Any UDP packets from a set of IP addresses known to be untrusted.
(c) TCP packets to your web server that contain URLs with malicious syntax.
(d) UDP packets from the external network that are disguised with internal source addresses. - A DMZ (demilitarized zone) is a subnet that contains:
(a) Systems offering Internet-facing services.
(b) No computers but acts as a barrier between the LAN and Internet.
(c) Internal hosts that may not be properly secured.
(d) Known malicious systems. - Signature-based intrusion detection systems (IDS):
(a) Scan incoming data to see if it matches known malicious patterns.
(b) Validate messages bidirectionally to ensure they conform to the right protocol.
(c) Detect deviations in network activity from known normal behavior.
(d) Drop all unsigned messages coming into the local network and add signatures to messages leaving the local network. - Deperimiterization creates a problem in network security because:
(a) One system may run a virtual machine (VM) and host multiple operating systems.
(b) A single operating system may host secure and non-secure services.
(c) Trusted hosts are not confined to specific known networks.
(d) Network traffic may be seen by malicious parties. - Denial of Service (DoS) amplification techniques rely on exploiting services where:
(a) Queries get forwarded to a larger number of hosts.
(b) Critical systems are taken out of service, causing systems that rely on them to die.
(c) Small queries generate large responses.
(d) Malware can infiltrate other systems to make them to participate in the attack. - Which statement is most accurate about Bitcoin?
(a) Each participant keeps a copy of all transactions since the beginning.
(b) Participants only keep a copy of uncommitted transactions.
(c) Each participant keeps a different portion of the ledger (transaction log).
(d) One server holds the master copy of the ledger but participants may cache recently used blocks. - In Bitcoin, a proof of work is performed to:
(a) Prove that a transaction has not been forged.
(b) Make it computationally extremely difficult to modify a block.
(c) Validate that the sender has sufficient coins for the transaction.
(d) Log the fact that a certain number of bitcoins have been created. - A transaction is considered confirmed by a merchant:
(a) After a majority of participants approve the transaction.
(b) When the block that contains the transaction is added to the blockchain.
(c) After at least one participant approves it.
(d) After a certain number of additional blocks are added to the blockchain. - If a web client at cs.rutgers.edu loads a web page from pk.org that downloads JavaScript from github.com, the JavaScript code on the page can access content (e.g., cookies) belonging to:
(a) pk.org
(b) github.com
(c) cs.rutgers.edu
(d) All of the above. - Cross-site request forgery (XSRF) is a problem that occurs when:
(a) JavaScript on one page can access resources from a different site.
(b) A user clicks a maliciously placed link containing a command to a site that identifies the user via cookies.
(c) A server masquerades as another web site.
(d) A server presents cookies that are labeled for another site. - Cross-site scripting (XSS) is an attack that allows an attacker to:
(a) Run JavaScript hosted from a different server than the web page.
(b) Run a script on a web page that accesses resources on a different site.
(c) Add JavaScript to a trusted web site.
(d) Run a script that replaces links on a page to point to malicious sites. - Extended validation certificates are considered more secure than domain validated certificates because:
(a) They force a session to be established that is encrypted in both directions.
(b) They require two-factor authentication to establish a connection.
(c) The user has to authenticate with a password after an SSL session is established.
(d) The CA puts extra effort into validating the identity of the certificate holder. - The main mechanism that Android uses to isolate applications is:
(a) User IDs.
(b) Containers.
(c) Namespaces.
(d) Kernel-level sandboxes. - The main mechanism that iOS uses to isolate applications is:
(a) User IDs.
(b) Containers.
(c) Namespaces.
(d) Kernel-level sandboxes. - ARM's TrustZone:
(a) Uses hardware to speed up encryption, decryption, hashing, and key generation operations.
(b) Runs a separate operating system in isolated memory for security-sensitive features.
(c) Is a region of protected memory that is accessible only to privileged applications.
(d) Is a set of flags in the memory management unit to assign regions of memory to an application. - A DVD contains an encrypted movie. The decryption key is:
(a) Programmed into the player.
(b) Encrypted on the DVD with a master key that the player knows.
(c) Encrypted on the DVD via each of 409 player keys for various trusted manufacturers of DVD players.
(d) Obtained from a trusted server prior to playing the DVD. - A null cipher:
(a) Signs messages but does not encrypt them.
(b) Is a stubbed-out encryption function that performs no actual encryption.
(c) Encrypts with a key of all 0s with the hope that the adversary doesn't realize there is encrypted text present.
(d) Intermixes plaintext with non-relevant text. - Chaffing and winnowing:
(a) Shifts characters in text slightly to create a steganographic bit pattern.
(b) Encrypts data with a null cipher (chaffing) that a trusted receiver then decrypts (winnowing).
(c) Adds concealed data inside an image or audio file.
(d) Intermixes legitimate messages with proper MACs with non-relevant messages with invalid signatures.