100%(2)100% fanden dieses Dokument nützlich (2 Abstimmungen)
2K Ansichten7 Seiten
Virtual private networks (vpns) do not provide the functionality of a privately owned network using the nternet. T is $ore e)pensive to reconfigure VPNs to include new sites than it is to add or re$ove the corresponding physical connections in a private co$$unications network. The syste$ and processes used to issue and $anage asy$$etric keys and digital certificates are known as "asy$etric encryption"
Virtual private networks (vpns) do not provide the functionality of a privately owned network using the nternet. T is $ore e)pensive to reconfigure VPNs to include new sites than it is to add or re$ove the corresponding physical connections in a private co$$unications network. The syste$ and processes used to issue and $anage asy$$etric keys and digital certificates are known as "asy$etric encryption"
Virtual private networks (vpns) do not provide the functionality of a privately owned network using the nternet. T is $ore e)pensive to reconfigure VPNs to include new sites than it is to add or re$ove the corresponding physical connections in a private co$$unications network. The syste$ and processes used to issue and $anage asy$$etric keys and digital certificates are known as "asy$etric encryption"
Accounting Information Systems, 12e (Romney/Steinbart)
Chapter 9 Information Systems Controls for Systems ReliabilityPart 2: Confidentiality and
Privacy 1) Concerning virtual private networks (VPN), which of the following is not true? A) VPNs provide the functionality of a privately owned network using the nternet! ") #sing VPN software to encrypt infor$ation while it is in transit over the nternet in effect creates private co$$unication channels, often referred to as tunnels, which are accessi%le only to those parties possessing the appropriate encryption and decryption keys! C) &he cost of the VPN software is $uch less than the cost of leasing or %uying the infrastructure (telephone lines, satellite links, co$$unications e'uip$ent, etc!) needed to create a privately owned secure co$$unications network! () t is $ore e)pensive to reconfigure VPNs to include new sites than it is to add or re$ove the corresponding physical connections in a privately owned network! Answer* ( Page +ef* ,-. /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic ,) 5hich of the following is not associated with asy$$etric encryption? A) No need for key e)change ") Pu%lic keys C) Private keys () 4peed Answer* ( Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 7asy AAC4"* Analytic 2) &he syste$ and processes used to issue and $anage asy$$etric keys and digital certificates are known as A) asy$$etric encryption! ") certificate authority! C) digital signature! () pu%lic key infrastructure! Answer* ( Page +ef* ,-, /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 1 Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all .) 5hich of the following descri%es one weakness of encryption? A) 7ncrypted packets cannot %e e)a$ined %y a firewall! ") 7ncryption protects the confidentiality of infor$ation while in storage! C) 7ncryption protects the privacy of infor$ation during trans$ission! () 7ncryption provides for %oth authentication and non:repudiation! Answer* A Page +ef* ,-. /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic ;) #sing a co$%ination of sy$$etric and asy$$etric key encryption, Chris <ai sent a report to her ho$e office in 4yracuse, New =ork! 4he received an e$ail acknowledge$ent that the docu$ent had %een received and then, a few $inutes later, she received a second e$ail that indicated that the hash calculated fro$ the report differed fro$ that sent with the report! &his $ost likely e)planation for this result is that A) the pu%lic key had %een co$pro$ised! ") the private key had %een co$pro$ised! C) the sy$$etric encryption key had %een co$pro$ised! () the asy$$etric encryption key had %een co$pro$ised! Answer* C Page +ef* ,-1 /%0ective* 1earning /%0ective 2 (ifficulty * (ifficult AAC4"* Analytic -) 7ncryption has a re$arka%ly long and varied history! &he invention of writing was apparently soon followed %y a desire to conceal $essages! /ne of the earliest $ethods, attri%uted to an ancient +o$an e$peror, was the si$ple su%stitution of nu$%ers for letters, for e)a$ple A > 1, " > ,, etc! &his is an e)a$ple of A) a hashing algorith$! ") sy$$etric key encryption! C) asy$$etric key encryption! () a pu%lic key! Answer* " Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic ?) An electronic docu$ent that certifies the identity of the owner of a particular pu%lic key! A) Asy$$etric encryption ") (igital certificate C) (igital signature () Pu%lic key Answer* " Page +ef* ,-, /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic , Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all @) &hese syste$s use the sa$e key to encrypt and to decrypt! A) Asy$$etric encryption ") 9ashing encryption C) Pu%lic key encryption () 4y$$etric encryption Answer* ( Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 7asy AAC4"* Analytic A) &hese are used to create digital signatures! A) Asy$$etric encryption and hashing ") 9ashing and packet filtering C) Packet filtering and encryption () 4y$$etric encryption and hashing Answer* A Page +ef* ,-1 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 16) nfor$ation encrypted with the creatorBs private key that is used to authenticate the sender is A) asy$$etric encryption! ") digital certificate! C) digital signature! () pu%lic key! Answer* C Page +ef* ,-1 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 11) 5hich of the following is not one of the three i$portant factors deter$ining the strength of any encryption syste$? A) <ey length ") <ey $anage$ent policies C) 7ncryption algorith$ () Privacy Answer* ( Page +ef* ,;A /%0ective* 1earning /%0ective 2 (ifficulty * 7asy AAC4"* Analytic 2 Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all 1,) A process that takes plainte)t of any length and transfor$s it into a short code! A) Asy$$etric encryption ") 7ncryption C) 9ashing () 4y$$etric encryption Answer* C Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 12) 5hich of the following descriptions is not associated with sy$$etric encryption? A) A shared secret key ") Caster encryption C) 1ack of authentication () 4eparate keys for each co$$unication party Answer* C Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 1.) 7ncryption has a re$arka%ly long and varied history! 4pies have %een using it to convey secret $essages ever since there were secret $essages to convey! /ne powerful $ethod of encryption uses rando$ digits! &wo docu$ents are prepared with the sa$e rando$ se'uence of nu$%ers! &he spy is sent out with one and the spy $aster retains the other! &he digits are used as follows! 4uppose that the word to %e encrypted is 4P= and the rando$ digits are 2;,! &hen 4 %eco$es V (three letters after 4), P %eco$es # (five letters after P), and = %eco$es A (two letters after =, restarting at A after D)! &he spy would encrypt a $essage and then destroy the docu$ent used to encrypt it! &his is an early e)a$ple of A) a hashing algorith$! ") asy$$etric key encryption! C) sy$$etric key encryption! () pu%lic key encryption! Answer* C Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 1;) /ne way to circu$vent the counterfeiting of pu%lic keys is %y using A) a digital certificate! ") digital authority! C) encryption! () cryptography! Answer* A Page +ef* ,-, /%0ective* 1earning /%0ective 2 (ifficulty * 7asy AAC4"* Analytic . Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all 1-) n a private key syste$ the sender and the receiver have EEEEEEEE, and in the pu%lic key syste$ they have EEEEEEEE! A) different keysF the sa$e key ") a decrypting algorith$F an encrypting algorith$ C) the sa$e keyF two separate keys () an encrypting algorith$F a decrypting algorith$ Answer* C Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 7asy AAC4"* Analytic 1?) Asy$$etric key encryption co$%ined with the infor$ation provided %y a certificate authority allows uni'ue identification of A) the user of encrypted data! ") the provider of encrypted data! C) %oth the user and the provider of encrypted data! () either the user or the provider of encrypted data! Answer* ( Page +ef* ,-, /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic 1@) 5hich of the following is not one of the 16 internationally recogniGed %est practices for protecting the privacy of custo$ersB personal infor$ation? A) Providing free credit report $onitoring for custo$ers ") nfor$ custo$ers of the option to opt:out of data collection and use of their personal infor$ation C) Allow custo$ersB %rowsers to decline to accept cookies () #tiliGe controls to prevent unauthoriGed access to, and disclosure of, custo$ersB infor$ation Answer* A Page +ef* ,;-:,;? /%0ective* 1earning /%0ective , (ifficulty * 3oderate AAC4"* Analytic 1A) /n 3arch 2, ,66@, a laptop co$puter %elonging to Colding 4'uid &echnology was stolen fro$ the trunk of Hiao HanBs car while he was attending a conference in Cleveland, /hio! After reporting the theft, Hiao considered the i$plications of the theft for the co$panyBs network security and concluded there was nothing to worry a%out %ecause A) the co$puter was protected %y a password! ") the co$puter was insured against theft! C) it was unlikely that the thief would know how to access the co$pany data stored on the co$puter! () the data stored on the co$puter was encrypted! Answer* ( Page +ef* ,;@ /%0ective* 1earning /%0ective 2 (ifficulty * 7asy AAC4"* Analytic ; Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all ,6) Heff (avis took a call fro$ a client! IHeff, need to interact online and real ti$e with our affiliate in ndia, and want to $ake sure that our co$$unications arenBt intercepted! 5hat do you suggest?I Heff responded I&he %est solution will %e to i$ple$ent A) a virtual private network!I ") a private cloud environ$ent!I C) an asy$$etric encryption syste$ with digital signatures!I () $ultifactor authentication!I Answer* A Page +ef* ,-. /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic ,1) n developing policies related to personal infor$ation a%out custo$ers, Colding 4'uid &echnologies adhered to the &rust 4ervices fra$ework! &he standard applica%le to these policies is A) security! ") confidentiality! C) privacy! () availa%ility! Answer* C Page +ef* ,;. /%0ective* 1earning /%0ective , (ifficulty * 7asy AAC4"* Analytic ,,) Heff (avis took a call fro$ a client! IHeff, need for $y custo$ers to $ake pay$ents online using credit cards, %ut want to $ake sure that the credit card data isnBt intercepted! 5hat do you suggest?I Heff responded I&he %est solution will %e to i$ple$ent A) a virtual private network!I ") a private cloud environ$ent!I C) an encryption syste$ with digital signatures!I () a data $asking progra$!I Answer* C Page +ef* ,-1 /%0ective* 1earning /%0ective , (ifficulty * 3oderate AAC4"* Analytic - Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all ,2) (escri%e so$e steps you can take to $ini$iGe your risk of identify theft! Answer* 4hred docu$ents containing personal infor$ation! Never send personally identifying infor$ation in unencrypted e$ail! "eware of e$ailJphoneJprint re'uests to verify personal infor$ation that the re'uesting party should already possess! (o not carry your social security card with you! Print only your initials and last na$e on checks! 1i$it the a$ount of other infor$ation preprinted on checks! (o not use your $ail%o) for outgoing $ail! (o not carry $ore than a few %lank checks with you! #se special software to digitally clean any digital $edia prior to disposal! 3onitor your credit cards regularly! Cile a police report as soon as you discover a purse or wallet $issing! 3ake photocopies of driverBs license, passports and credit cards and keep in a safe location! $$ediately cancel any stolen or lost credit cards! Page +ef* ,;- /%0ective* 1earning /%0ective , (ifficulty * 3oderate AAC4"* Analytic ,.) (escri%e sy$$etric encryption and identify three li$itations! Answer* 4y$$etric encryption syste$s use the sa$e key to encrypt and decrypt data! 4y$$etric encryption is $uch faster than asy$$etric encryption, %ut the sender and receiver need to know the shared secret key, which re'uires a different secure $ethod of e)changing the key! Also, different secret keys $ust %e used with each different co$$unication party! Cinally, there is no way to prove who created a specific docu$ent! Page +ef* ,-6 /%0ective* 1earning /%0ective 2 (ifficulty * 3oderate AAC4"* Analytic ? Copyright 8 ,61, Pearson 7ducation, nc! pu%lishing as Prentice 9all