Question

Part 1: True and False Questions. Write your answer, “T” or “F”, to each question in the following Answer Table. (10 questions at 2 points each, 20 points totally)

1. A Denial-of-Service attack does not require the attacker to penetrate the target's security defenses.

2. The biggest advantage of public-key cryptography over secret-key cryptography is in the area of key management/key distribution.

3. Packet filters protect networks by blocking packets based on the packets’ contents.

4. Intrusion Detection Systems (IDS) provide no protection from internal threats.

5. AES uses the Indirect-Rijndael algorithm.

6. A hash algorithm uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.

7. In terms of privacy laws, companies have no advantage over the government in terms of the types of data that a company can collect. Public companies and governments are subject to the same laws and statues (i.e. HIPPA and GLBA) regarding data collection.

8. Consider data that is stored over time in a mandatory access control based system. The contents of files containing highly classified (“top secret”) information are not necessarily more trustworthy than material stored in files marked unclassified.

9. 3DES (Triple DES) requires the use of three independent keys.

10. Deleting the browsing history and cookies in a computer system can completely delete the recently visited sites.

Answer 1

1. A Denial-of-Service attack does not require the attacker to penetrate the target's security defenses. True

2. The biggest advantage of public-key cryptography over secret-key cryptography is in the area of key management/key distribution. True

3. Packet filters protect networks by blocking packets based on the packets’ contents. False

4. Intrusion Detection Systems (IDS) provide no protection from internal threats. True

5. AES uses the Indirect-Rijndael algorithm. True

6. A hash algorithm uses a one-way cryptographic function, whereas both secret-key and public-key systems use two-way (i.e., reversible) cryptographic functions.

7. In terms of privacy laws, companies have no advantage over the government in terms of the types of data that a company can collect. Public companies and governments are subject to the same laws and statues (i.e. HIPPA and GLBA) regarding data collection.

8. Consider data that is stored over time in a mandatory access control based system. The contents of files containing highly classified (“top secret”) information are not necessarily more trustworthy than material stored in files marked unclassified.

9. 3DES (Triple DES) requires the use of three independent keys.

10. Deleting the browsing history and cookies in a computer system can completely delete the recently visited sites.