Big Data & Privacy 1
Big Data & Privacy 2
Big Data & Privacy 3
Big Data & Privacy 4
Random
100
Which of the following most accurately describes Moore's Law:
A. Moore's Law describes a relationship of boolean logic statements involving AND and OR
B. Moore's Law is the principle that one should assume that any traffic on the Internet is insecure
C. Moore's Law is the observation that computing power tends to double every two years
D. Moore's Law explains why cracking modern cryptography is a "computationally hard" problem
C. Moore's Law is the observation that computing power tends to double every two years
100
Choose the answer that is NOT a feature of Public Key Cryptography:
A. A key for decrypting is never made public
B. Using public key guarantees that only the intended recipient can decrypt the message
C. A Public Key database ensures 3rd party accountability of security
D. Allows secure communication without establishing a *shared* encryption key ahead of time.
C. A Public Key database ensures 3rd party accountability of security
Public-key cryptography is any cryptographic system that uses pairs of keys. Public keys may be distributed and paired with private keys which are known only to the owner. Since the public and private keys are given by the owner, no third parties should be held accountable for the security of the information.
100
What is 20 MOD 15?
5
100
Which of the following statements is the LEAST TRUE about personal data that technology companies potentially collect about their users?
A. Companies frequently offer services free of charge in exchange for access to data about their users
B. Personal data about users may be saved by a company permanently, never to be deleted.
C. Companies can sell the personal information of users to advertisers or other businesses
D. Companies are required by law to give users options to personalize what data they collect about them
D. Companies are required by law to give users options to personalize what data they collect about them
100
a program that runs on a computer to do something the owner of the computer does not intend.
virus
200
Fill in the blank of the following statement: "______ encryption is a method of encryption involving one key for both encryption and decryption."
A. Symmetric
B. Asymmetric
C. Public key
D. SSL
A. Symmetric
200
A programmer is writing a system that is intended to be able to store large amounts of personal data. As the programmer develops the data system, which of the following is LEAST likely to impact the programmer's choices in designing the structure of the system?
A. Maintaining privacy of the information stored in the data set.
B. Scalability of the system.
C. Structuring the metadata of the information for analysis.
D. The frequency of a particular item occurring in a data set.
D. The frequency of a particular item occurring in a data set.
200
Describe to a person who knows nothing about encryption why public key encryption is secure and is hard to crack.
- Public key encryption is built on top of one way functions, functions that are easy to do but hard to reverse
- The functions used for public key encryption have two separate keys, a public one which allows for encrypting a message and a private one which allows for decrypting.
- Since only the person a message is intended for has the private key, only they can decrypt a message
- The functions used cannot be cracked by even the fastest computers available today in any reasonable amount of time.
- Since the protocol for encryption is public, we (or other computer scientists) can test it ourselves and confirm its security. So far it seems that public key encryption techniques are truly secure.
200
The Chart below from Google Trends shows the prevelance of some search terms in the United States between 2004 and the present. Describe as accurately as possible what the graph displays.
Generally speaking, since 2009 more people use "red" in their search terms more than they use "blue", "yellow", "green", or "purple"
200
an encryption layer of HTTP that uses public key cryptography to establish a secure connection.
SSL/TLS
300
A coffee shop is considering accepting orders and payments through their phone app and have decided to use public key encryption to encrypt their customers' credit card information. Is this a secure form of payment?
A. No, public key encryption allows the credit card information to be read by the public.
B. No, the internet protocols are open standards and thus everything sent over the internet is sent "in the clear".
C. Yes, public key encryption is built upon computationally hard problems that even powerful computers cannot easily solve.
D. Yes, public key encryption is secure because it transmits credit card information in binary.
C. Yes, public key encryption is built upon computationally hard problems that even powerful computers cannot easily solve.
300
What is a Distributed Denial of Service (DDoS) attack?
A. A coordinated effort by a group to simultaneously attempt to gain entry to foreign government's servers or systems
B. An effort by network engineers to focus all systems on catching a user or computer that has illegally gained access.
C. An attempt to compromise a single target by flooding it with requests from multiple systems.
D. An attempt to harass or extort all customers of one or more Internet Service Providers (ISPs).
C. An attempt to compromise a single target by flooding it with requests from multiple systems.
300
What is a Caesar cipher? As part of your answer demonstrate encrypting the plaintext messages: CS IS COOL with a caesar cipher.
A Caesar cipher is a type of substitution encoding in which each letter in the message is replaced by a letter at a fixed position down the alphabet.
For example, you might use a a shift of 3 places:
original: ABCDEFGHIJKLMNOPQRSTUVWXYZ cipher: XYZABCDEFGHIJKLMNOPQRSTUVW
Using this shift CS IS COOL becomes ZP FP ZLLI
300
Which of the following activities poses the greatest personal cybersecurity risk?
A. Making a purchase at an online store that uses public key encryption to transmit credit card information.
B. Paying a bill using secure electronic payment system.
C. Reserving a hotel room by e-mailing a credit card number to a hotel.
D. Withdrawing money from a bank account using an automated teller machine (ATM).
C. Reserving a hotel room by e-mailing a credit card number to a hotel.
300
software that runs on servers (often routers) that only allows traffic through according to some set of security rules.
firewall
400
Pick the two expressions involving the Modulo operation that compute to the exact same value (choose 2)
A. 9 MOD 8
B. 1 MOD 16
C. 52 MOD 32
D. 9 MOD 64
A. 9 MOD 8
B. 1 MOD 16
Modulo: A modulo is an operation that helps find the remainder of a number. Specifically, given two numbers, x and y, the result of the modulo operation is the remainder after doing x divided by y.
400
Which of the following scenarios is most characteristic of a phishing attack.
A. You accidentally run a piece of code that automatically spreads from one computer to another, exploiting a common vulnerability
B. You get an email from the IT support desk that asks you to send a reply email with your username and password to verify your account
C. You get an unwanted email trying to sell you a low quality product or service that seems "fishy."
D. You accidentally install a piece of software that monitors your activity to steal personal information like your passwords, date of birth, social security number, etc.
B. You get an email from the IT support desk that asks you to send a reply email with your username and password to verify your account
Phishing: The activity of defrauding an online account holder of financial information by posing as a legitimate company.
In this case, receiving an email that requires you to send personal information (such as a password) is considered a phishing attack.
400
The Caesar Cipher has 25 different shifts to try. How many possibilities are there to try in a random substitution cipher?
A. 26
B. 26 x 25
C. 26 x 25 x 24 x***x 3 x 2 x 1
D. 26^26
C. 26 x 25 x 24 x***x 3 x 2 x 1
400
Which of the following is LEAST likely to indicate a phishing attack?
A. An e-mail from your bank asks you to call the number on your card to verify a transaction.
B. An e-mail from a merchant asks that you click on a link to reset your password.
C. An e-mail from a utility company asks you to enter your date of birth and social security number for verification purposes.
D. An e-mail indicates that you have won a large sum of money and asks you to enter your bank account number so that the money can be transferred to you.
A. An e-mail from your bank asks you to call the number on your card to verify a transaction.
400
Which general term refers to all kinds of harmful software, including viruses, worms,trojan horses and spyware?
Malware
500
Which of the following statements best describes the properties of public key encryption?
A. Public key encryption is an encryption method which relies on separate keys for encrypting and decrypting information.
B. Public key encryption is a highly secure encryption scheme that in which a single shared key is used by both the sender and receiver of the message.
C. Public key encryption makes use of certain types of problems which are easier for humans to solve than computers.
D. Public key encryption makes use of mathematical problems which no algorithm can be used to solve.
A. Public key encryption is an encryption method which relies on separate keys for encrypting and decrypting information.
500
Why is the Vigenere cipher hard to crack? (select 2)
A. One cannot solve using frequency analysis directly.
B. The key length is variable and potentially very long
C. The key is always secret to both the sender and receiver of the message.
D. A Vigenere cipher relies upon an "alphabet shift" algorithm.
A. One cannot solve using frequency analysis directly.
B. The key length is variable and potentially very long
500
Give 2 characteristics of an ideal encryption scheme.
- Easy/fast to encode data
- Easy to decode data if you know the key but difficult to crack without it
- Decoding returns the exact data that was encoded originally
- Encoded message is easy to transmit or communicate
500
A new bank plans to make customer convenience a priority by minimizing the amount of time a customer waits in line. The bank is considering two options: a single line where the customer at the front waits the next available teller, or separate lines for each teller. The bank decides to use a computer simulation of these two options to determine the average wait time for customers.
Which of the following is NOT true about the bank's plan?
A. The bank can incorporate other factors, such as the number of tellers, in the simulation.
B. The bank can use the simulation to investigate these two options without causing inconvenience for customers.
C. The bank may consider new alternatives based on the simulation results.
D. The simulation will not produce usable results because actual customer data are not available.
D. The simulation will not produce usable results because actual customer data are not available.
500
a thief trying to trick you into sending them sensitive information. Typically these include emails about system updates asking you send your username and password, social security number or other things.
phishing