英国能源、交通、健康、水和数字基础设施部门的基本服务运营商以及数字服务提供商受NIS 条例（2018 年网络和信息系统条例）的约束。
Cyber Security FIT2093 代写案例
1. How many different password combinations are possible when a 5-digit password is created based
on numbers 0 to 9 and letters a to z (lower case alphabets only)?
2. A _________ approach involves trying every possible key until an intelligible translation of the
ciphertext into plaintext is obtained.
c. block cipher
3. An indirect leakage of information to an attacker by deduction from given information is
4. An attack that involve writing or modification is called ________.
5. Ensuring that users have access rights that are sufficient for their needs but not more than
needed is an application of the principle of ________.
a. Least privilege
b. Input validation
c. Never trusting user input
d. Open design
6. An advantage of biometric authentication compared to passwords is ___________.
a. it avoids the need to memorise a secret
b. it has a lower false positive rate
c. it has a lower false rejection rate
d. none of the above
7. Which of the following is false about textbook RSA public key encryption?
a. Decrypting with a private key will undo encryption with the public key
b. Encrypting with a public key will undo decryption with the private key
c. Encrypting with a public key will undo encryption with the private key
d. Encryption with the private key will undo encryption with the private key
8. An advantage of encrypt-then-MAC compared to encryption only could be _______.
a. that encrypt-then-MAC should be faster than encryption only
b. none because encrypt should be enough to protect both confidentiality and integrity
c. that encrypt-then-MAC guarantees both integrity and confidentiality
d. that encrypt-then-MAC is slower to compute than encryption only
9. For long messages, CBC-MAC (CMAC) produces authentication tags that are much shorter than the length of ciphertexts produced by CBC mode of operation for encryption because ___________.
a. CMAC only outputs the last block in the cipher block chain
b. CMAC outputs all the blocks in the cipher block chain
c. CMAC outputs the first block in the cipher block chain
d. CMAC outputs the first 10 blocks in the cipher block chain
10. In the TLS protocol, the perfect forward secrecy property ensures that if an attacker steals a web server’s long term private key in time T, then ______.
a. the attacker cannot decrypt all ciphertexts sent to the server at past times T’ prior to T (even
if the attacker eavesdropped and recorded those ciphertexts)
b. the attacker cannot decrypt all ciphertexts sent to the server at future times T’ subsequent to T
c. the attacker cannot decrypt any ciphertexts at any time
d. None of the above
11. In the TLS protocol, the purpose of the handshake sub-protocol is to
a. Establish a shared symmetric key
b. Establish a shared public key
c. Perform symmetric key encryption
d. None of the above’
prevented from accessing any client’s browser page not on the attacker’s domain because
a. the browser’s Same Origin Policy
b. the attacker’s good intentions
c. the TLS session encryption
d. None of the above
b. the server fails to use encryption in its TLS session with the browser
c. the server has an SQL injection vulnerability
d. the server fails use a random salt in its password authentication
14. Which of the following is false?
Potential security risks for cloud-hosted databases _________.
a. include exposure of database contents in case of cloud server exposure
b. could be reduced by client-side encryption of the database prior to uploading to the cloud server
c. include unauthorised database access by a rogue cloud server provider employee
d. can be eliminated by using a TLS encrypted session to upload the database to the server
15. An important security property of blockchain systems is that ______.
a. it is infeasible for a dishonest insider to delete past data stored in blockchain
b. it is infeasible for a dishonest insider to insert new data into the blockchain
c. it is infeasible for dishonest insider to read past data stored in blockchain
d. none of the above