Insert here your Last Name First Name Page | 1
INFA 640- Cryptography and Data Protection Midterm Exam Spring 2017 (Due on Sunday) 11:59 ESTInstructions
· Take this test during the week (with late submission Monday; a maximum of 10% penalty) Work alone. You may not confer with other class members, or anyone else, directly or by e-mail or otherwise, regarding the questions, issues or your answers. You may use your notes, textbooks, and other published materials.
· It is scored based on 100 points for the test.
· When composing your answers, be thorough. Do not simply examine one alternative if two or more alternatives exist. However, choose only one as your answer giving reasons for your choice. The more complete your answer, the higher your score will be. Be sure to identify any assumptions you are making in developing your answers, and describe how your answer would change if the assumptions were different. For multiple choice questions if you think there are two correct answers choose the best one and justify your answers. Please write justification in your own words, avoid cut and paste or merely copying the sentences from references. If you are describing methodology, please describe it in sufficient details so that by following it, anybody can reach the same result without additional help from you.
· While composing your answers, be VERY careful to cite your sources. Use only reputable sources. Personal blogs or the websites that are set up to sell are not reputable sources. Remember, failure to cite sources constitutes an academic integrity violation.
· For Parts I and II, when you are providing justification as I mentioned above reference is required. If you are giving reference of a book, I will need page number(s). I cannot go through the complete book to verify your reference. The page number gives me some indication that you have.
· Your answers should be contained in a Microsoft Word (or compatible format that can be opened by MSWord) document, as an attachment; uploaded to your assignments folder. If you use some other word processor, please make sure that the numbering does not change. I will return files (ungraded) in any other format if I cannot open them in one try. I may also check your part III answers with Turnitin.
· Please submit questions regarding the exam to your instructor at [email protected]. Since I can check the emails on my smart phone, I check email a lot more often than “questions to instructor” section in LEO. If questions submitted are generic, I will post them in the discussion area or as a new news item.
· Please be sure to put your name in the header on every page including page #’s.
· You will be getting an absolute grade out of 100 for this test. However, the final course grade will depend on the relative performance of the class.
· Name your file “ Lastname Firstname INFA640 Midterm”. Replace “Lastname” with your last name and so on. Naming files as instructed will help me to save time..
Insert here your Last Name First NamePage 1 INFA 64.docx
1. Insert here your Last Name First Name
Page | 1
INFA 640- Cryptography and Data Protection Midterm Exam
Spring 2017 (Due on Sunday) 11:59 ESTInstructions
· Take this test during the week (with late submission Monday;
a maximum of 10% penalty) Work alone. You may not confer
with other class members, or anyone else, directly or by e-mail
or otherwise, regarding the questions, issues or your answers.
You may use your notes, textbooks, and other published
materials.
· It is scored based on 100 points for the test.
· When composing your answers, be thorough. Do not simply
examine one alternative if two or more alternatives exist.
However, choose only one as your answer giving reasons for
your choice. The more complete your answer, the higher your
score will be. Be sure to identify any assumptions you are
making in developing your answers, and describe how your
answer would change if the assumptions were different. For
multiple choice questions if you think there are two correct
answers choose the best one and justify your answers. Please
write justification in your own words, avoid cut and paste or
merely copying the sentences from references. If you are
describing methodology, please describe it in sufficient details
so that by following it, anybody can reach the same result
without additional help from you.
· While composing your answers, be VERY careful to cite your
sources. Use only reputable sources. Personal blogs or the
websites that are set up to sell are not reputable sources.
Remember, failure to cite sources constitutes an academic
integrity violation.
· For Parts I and II, when you are providing justification as I
mentioned above reference is required. If you are giving
2. reference of a book, I will need page number(s). I cannot go
through the complete book to verify your reference. The page
number gives me some indication that you have.
· Your answers should be contained in a Microsoft Word (or
compatible format that can be opened by MSWord) document,
as an attachment; uploaded to your assignments folder. If you
use some other word processor, please make sure that the
numbering does not change. I will return files (ungraded) in any
other format if I cannot open them in one try. I may also check
your part III answers with Turnitin.
· Please submit questions regarding the exam to your instructor
at [email protected]. Since I can check the emails on my smart
phone, I check email a lot more often than “questions to
instructor” section in LEO. If questions submitted are generic, I
will post them in the discussion area or as a new news item.
· Please be sure to put your name in the header on every page
including page #’s.
· You will be getting an absolute grade out of 100 for this test.
However, the final course grade will depend on the relative
performance of the class.
· Name your file “ Lastname Firstname INFA640 Midterm”.
Replace “Lastname” with your last name and so on. Naming
files as instructed will help me to save time.
_____________________________________________________
_________________________
Part I (Each 4 Pts. Total 40.) Choose the best one. Please
provide reason of your choice in a few sentences or reasons not
choosing the other choices. Reason must be in your own words.
Use guidelines for reference as given in the instructions.
1. Risk assessments only need to be conducted one time in the
life of a security plan. True/False justify your answer
2. Which is not a weakness of a shift cipher?
a. Natural language letter frequency makes them easy to
decode.
b. The number of letters in the alphabet makes them easy to
3. decode.
c. Once the shift is determined the message is decoded almost
instantly.
d. Once you have the code book you can decode the message
Reason: _
3. What is the basis of the modern cryptography?
_________________
A. the laws of mathematics
B. manipulation of data
C. creating disguises for information
D. none of the above
Reason:
4. Historically, the primary reason for advances in cryptography
has been _____________.
a. protecting business assets
b. wars
c. the need for individual privacy
d. keeping diplomatic conversations secret
Reason: _
5. A _______________ requires that the cipher alphabet
changes throughout the encryption process.
a. monoalphabetic substitution cipher
b. polyalphabetic substitution cipher
c. quantum cipher
d. alphanumeric shift cipher
Reason: _
6. NP problems have solution times that are
__________________.
a. based on guessing and are not predictable
b. always quadratic and are predictable
c. linear
d. based on the number of prime factors
Reason: _
7. Binary numbers obscure the _________ of information.
a. word distribution
b. meaning
4. c. typing
d. identity
Reason: _
8. As the trustworthiness of a system increases, our __________
decreases.
a. demand for keys
b. confidence
c. risk exposure
d. need for security
Reason: _
9. The _______ controls the action of the algorithm.
a. user
b. plain text
c. cipher text
d. key
Reason: _
10. What has become a major web problem with respect to
security?
a. mapping attacks
b. on-line surveys
c. user ignorance
d. scripting errors
Reason: _
_____________________________________________________
_________________________Part II (6 points each, Total 30)
Q1a Complete the following Truth Table: F denotes false and
T denotes true
A
B
C=A or B
D= A xor B
E= A and B
F
F
5. F
T
T
T
T
F
Q1b In the following Θ denotes one of the following operators:
’or’, ‘xor’ or ‘and’.
Input1 Θ input2 = Result where, input1 and, Inpuut2 are ‘A’
and ‘B’ and Result is one of C, D, or E.
Which operation will yield? That is what is Θ
input1 (2) Θ result = input 2(1)
Q2 Using the English alphabet (i.e., mod 26 arithmetic) let
plaintext = {p1, p2, pn} and corresponding cipher text = {c1,
c2, cn}.
Suppose the encryption function is ci = pi + 10 (mod 26). You
receive the cipher text message EWEM SC K QBOKD
CMRYYV
What are the decryption function, and the decrypted/recovered
plaintext? What type of cipher is this? Show your steps.
Q3 You are Alice. You have agreed with your friend Bob that
you will use the Diffie-Hellman public-key algorithm to
6. exchange secret keys. You and Bob have agreed to use the
public base g = 5 and public modulus p = 809.
You have secretly picked the value SA = 13. You begin the
session by sending Bob your calculated value of TA. Bob
responds by sending you the value TB = 609.
What is the value of your shared secret key? Can you guess
Bob’s secret value SB and what it would be? Show each and
every step of your calculations
Q4 Bob believes that he has come up with a nifty hash
function. He assigns a numeric value VChar to each letter in the
alphabet equal to the letter’s position in the alphabet, i.e., VA =
1, VB = 2, …, VZ = 26. For a message, he calculates the hash
value H = (VChar 1 x VChar 2 x VChar 3 …x VChar N)
mod(26).
Bob uses this function to send a one-word message, GLARE, to
his banker Bill, along with his calculated hash value for the
message. Alice is able to intercept the message, and generates
an alternative message that has a hash value that collides with
Bob’s original hash value.
Give definition and properties of the hash function.
Show a message that Alice may have used to spoof Bob’s
message, and demonstrate that its hash value collides with
Bob’s original hash.
Q5 Consider the following plaintext message: THE
SIXTEENTH PRESIDENT WAS ABRAHAM LINCOLN.
0. (3 pts) If this message is sent unencrypted and successfully
received, what is its entropy? And why?
0. (3 pts) If this message is encrypted with DES using a random
56-bit key, what is the encrypted message’s entropy? And why
_____________________________________________________
_________________________
Part III
Essay Question: Length: 800- 900 words. Use APA format for
in-line citations and references. (30 pts.)
7. Compare and contrast symmetric and asymmetric encryption
algorithms.
· Your response should include a brief overview of the
cryptographic basis for each type of algorithm, and a
comparison of their relative strengths and vulnerabilities.
· Describe how a hacker might go about cracking a message
encrypted with each type of algorithm.
· Suggest a specific application for each type of algorithm
(symmetric and asymmetric) where the advantages clearly
outweigh the disadvantages.
· Remember to address all points
A couple of questions have surfaced regarding the final paper:
1 The 10 to 15 page paper for content does NOT include the
cover page, the table of contents, and the works cited page ….
· The objective of this assignment is to meet or exceed the
content requirement addressing 3 theories or concepts in each
areas Human Relations, Communications, Intercultural
Relations, and Ethics.
Human Relations
Communications
Intercultural
Ethics
Theory 1
Example 1
Example 2
Example 3
Theory 1
Example 1
Example 2
Example 3
Theory 1
Example 1
8. Example 2
Example 3
Theory 1
Example 1
Example 2
Example 3
Theory 2
Example 1
Example 2
Example 3
Theory 2
Example 1
Example 2
Example 3
Theory 2
Example 1
Example 2
Example 3
Theory 2
Example 1
Example 2
Example 3
Theory 3
Example 1
Example 2
Example 3
Theory 3
Example 1
Example 2
Example 3
Theory 3
Example 1
Example 2
Example 3
Theory 3
Example 1
9. Example 2
Example 3
2 Ethics issue …. You only need 3 of the Ethical Yardstick or a
combination of 2 Ethical Yardsticks and Strategic Ambiguity
3 Remember to include in the Introduction the type of
organization (vertical, horizontal …note most are vertical) and
an Organization chart
4 Remember to identify 3 key findings of your study in the
conclusion
5 The last task is to prepare an Executive Summary which
should be a page describing an overview of your findings in
each of the concepts or theories as well as including your 3 key
findings.
6 Remember to include a Works Cited page
7 The 10 minute Oral Video presentation of your PowerPoint or
Prezi should be 10 minutes
8 Remember to review the rating sheet to ensure you have
complied with the requirements for this project.
This course has been about meeting the criteria for each
assignment and conforming to an expected timeframe; also
known as project management and time management. This
approach provides the framework for working within constraints
of a business environment.
Once you get into the business/government/non-profit world
you will be expected to comply with the organization’s “way of
doing things” which means you will need to focus on
Why/What/How/Who should be included in successfully
meeting the project or program goals. There will also be a time
management requirement, that is the “When” will the project be
due. This time management of “When” may include incremental
milestones as well as a final expected due date.
Administrative Communication is more than writing reports or
newsletters. It is about accurately communicating why the
organization has certain program goals, what is going on in the
organization, how the programs will be implement, and who
10. will be responsible for different aspects of the program. All of
these elements are controlled by when the expected program
will meet its milestones.
The ICA has been designed to be a capstone for the
administrative communication techniques presented in the
course.