Cryptography and Network Security Principles and Practice 7th Edition by Stallings Test bank
10. __________ is the protection of transmitted data from passive attacks.
A) Access control B) Data control
C) Nonrepudiation D) Confidentiality
11. A(n) __________ service is one that protects a system to ensure its availability
and addresses the security concerns raised by denial- of- service attacks.
A) replay B) availability
C) masquerade D) integrity
12. __________ threats exploit service flaws in computers to inhibit use by
legitimate users.
A) Information access B) Reliability
C) Passive D) Service
13. A(n) __________ is a potential for violation of security, which exists when there
is a circumstance, capability, action or event that could breach security and
cause harm.
A) threat B) attack
C) risk D) attack vector
14. The protection of the information that might be derived from observation of
traffic flows is _________ .
A) connectionless confidentiality B) connection confidentiality
C) traffic- flow confidentiality D) selective- field confidentiality
15. Data appended to, or a cryptographic transformation of, a data unit that
allows a recipient of the data unit to prove the source and integrity of the
data unit and protect against forgery is a(n) ___________ .
Cryptography and Network Security: Principles and Practice, 7 th Edition, by William
Stallings
A) security audit trail B) digital signature
C) encipherment D) authentication exchange
SHORT ANSWER
1. A ___________ is any process, or a device incorporating such a process, that is
designed to detect, prevent, or recover from a security attack. Examples are
encryption algorithms, digital signatures and authentication protocols.
2. An __________ attack attempts to alter system resources or affect their operation.
3. "The protection afforded to an automated information system in order to attain
the applicable objectives of preserving the integrity, availability and confidentiality
of information system resources" is the definition of _________ .
4. A loss of __________ is the disruption of access to or use of information or an
information system.
5. Irreversible __________ mechanisms clude hash algorithms and message
codes, which are used in digital signature and message
authentication applications.
6. In the United States, the release of student grade information is regulated by the
__________ .
7. A loss of _________ is the unauthorized modification or destruction of information.
8. A _________ attack attempts to learn or make use of information from the system
but does not affect system resources.
9. An _________ is a branching, hierarchical data structure that represents a set of
potential techniques for exploiting security vulnerabilities.
10. Two specific authentication services defined in X.800 are peer entity
authentication and _________ authentication.
11. In the context of network security, ___________ is the ability to limit and control the
access to host systems and applications via communications links.
12. __________ prevents either sender or receiver from denying a transmitted
Cryptography and Network Security: Principles and Practice, 7 th Edition, by William
Stallings
message. Thus, when a message is sent, the receiver can prothat the alleged
sender in fact sent the message and when a message is received, the sender can
prove that the alleged receiver in fact received the message.
13. Viruses and worms are two examples of _________ attacks. Such attacks can be
introduced into a system by means of a disk that contains the unwanted logic
concealed in otherwise useful software. They can also be inserted into a system
across a network.
14. An __________ is an assault on system security that derives from an intelligent act
that is a deliberate attempt to evade security services and violate the security policy
of a system.
15. __________ is the use of a trusted third party to assure certain properties of a data
exchange.