IT Security Questions.
Choose the best answer (one) and give reason in a few sentences for your choice or not choosing other. Please give a reference. To get the full credit, the reason should be in your own words, not a copy from a reference/internet source. Such a copy will be considered plagiarizing. Remember I have the same access. I may not catch every time but if I catch you may get 0 for the entire assignment. Without a reason, and/or reference as noted you will not get the full credit. Remember have your name on each page
Q1. (4 pts) Businesses are motivated to use cryptography to protect information because
A. information is the most difficult asset to protect
B. information is the asset with the greatest organizational value
C. information is the easiest thing to protect
D. networks and systems are very difficult to protect adequately
Q2. (4 pts) Which of the following is an example of a comprehensive security strategy? ______
A. We already use encryption, so we are safe.
B. We can detect intrusions with our intrusion detection software and have a firewall. These are supplemented by our use of cryptography.
C. . We have security software and hardware, an information security officer, a security budget, employee training, and a disaster recovery system in place.
Q3. (4 pts) What is the basis of the modern cryptography? _________________
A. manipulation of data
B. mathematical principles
C. creating disguises for information
D. none of the above
Q4 (4 pts) Buffer overflow can lead to___________
A. Lead to unauthorized access
B. Denial of Service
C. Trojan horses
D. -Password cracking
What are the consequences?
Q5. (4 pts) The Man in the Middle attack be thwarted by
A. By using email
B. Sending message in two parts
C. By encrypting the message
D. By making it boring
Reason and reference: –
Q6. (4 pts) Which of the following are properties of information?
A. It has evolved from data and is processed data.
B. It has identity.
C. It can be mathematically manipulated
D. A and B
E. A and C
F. A, B and C
No Reason required
Q7 (4 pts) The denial of service is considered as
A. Intrusion threat
B. Session hijacking threat
C. Network threat
D. Operating system threat
Q8 (4 pts) Which of the following choices is not part of a suggested information security plan?
A. protection of the information itself at the core
B. hardening of our resources (systems and networks)
C. authentication of those accessing the information
D. Sharing strong passwords
Q9 (4 pts) The best trust model for e commerce is _______
A. Public Key Certificates and Certificate Authorities
C. PGP Web of Trust
D. A, B, and C
Reason and reference: –
Q10(4 pts) Hardening of DES cannot be accomplished by encrypting twice by two different keys: True or False
Q11 (10 pts) (APA format, Time New Roman 12 pts type double spaced, 200-250 words)
Compare CAIN and CIA. Could you suggest any improvement in then?