Database Exam Paper
Exam Name___________________________________
TRUE/FALSE. Write 'T' if the statement is true and 'F' if the statement is false. 1) With the introduction of the computer the need for automated tools for protecting files and other information stored on the computer became evident. 2) There is a natural tendency on the part of users and system managers to perceive little benefit from security investment until a security failure occurs. 3) There are clear boundaries between network security and internet security. 4) The CIA triad embodies the fundamental security objectives for both data and for information and computing services. 5) In developing a particular security mechanism or algorithm one must always consider potential attacks on those …show more content…
7) Patient allergy information is an example of an asset with a moderate requirement for integrity. 8) The more critical a component or service, the higher the level of availability required. 9) Data origin authentication provides protection against the duplication or modification of data units. 10) The emphasis in dealing with passive attacks is on prevention rather than detection. 11) Data integrity is the protection of data from unauthorized disclosure. 12) Information access threats exploit service flaws in computers to inhibit use by legitimate users. 13) Viruses and worms are two examples of software attacks. 14) A connection-oriented integrity service deals with individual messages without regard to any larger context and generally provides protection against message modification only. 15) Pervasive security mechanisms are not specific to any particular OSI security service or protocol layer. MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 16) _________ security consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. A) …show more content…
102) The private key is known only to its owner. 103) The security of the Diffie-Hellman key exchange lies in the fact that, while it is relatively easy to calculate exponentials modulo a prime, it is very easy to calculate discrete logarithms. 104) The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not authenticate the participants. 105) Even in the case of complete encryption there is no protection of confidentiality because any observer can decrypt the message by using the sender's public key. MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 106) ________ protects against passive attack (eavesdropping). A) SCR B) Message authentication C) Encryption D) Obfuscation 107) The most important hash function is ________ . A) MAC B)
TRUE/FALSE. Write 'T' if the statement is true and 'F' if the statement is false. 1) With the introduction of the computer the need for automated tools for protecting files and other information stored on the computer became evident. 2) There is a natural tendency on the part of users and system managers to perceive little benefit from security investment until a security failure occurs. 3) There are clear boundaries between network security and internet security. 4) The CIA triad embodies the fundamental security objectives for both data and for information and computing services. 5) In developing a particular security mechanism or algorithm one must always consider potential attacks on those …show more content…
7) Patient allergy information is an example of an asset with a moderate requirement for integrity. 8) The more critical a component or service, the higher the level of availability required. 9) Data origin authentication provides protection against the duplication or modification of data units. 10) The emphasis in dealing with passive attacks is on prevention rather than detection. 11) Data integrity is the protection of data from unauthorized disclosure. 12) Information access threats exploit service flaws in computers to inhibit use by legitimate users. 13) Viruses and worms are two examples of software attacks. 14) A connection-oriented integrity service deals with individual messages without regard to any larger context and generally provides protection against message modification only. 15) Pervasive security mechanisms are not specific to any particular OSI security service or protocol layer. MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 16) _________ security consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. A) …show more content…
102) The private key is known only to its owner. 103) The security of the Diffie-Hellman key exchange lies in the fact that, while it is relatively easy to calculate exponentials modulo a prime, it is very easy to calculate discrete logarithms. 104) The key exchange protocol is vulnerable to a man-in-the-middle attack because it does not authenticate the participants. 105) Even in the case of complete encryption there is no protection of confidentiality because any observer can decrypt the message by using the sender's public key. MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 106) ________ protects against passive attack (eavesdropping). A) SCR B) Message authentication C) Encryption D) Obfuscation 107) The most important hash function is ________ . A) MAC B)