CECS 378-FINAL EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026

CECS 378-FINAL EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026 Diffie-Hellman is not an encryption algorithm. 1) True 2) False - Answers True One of Diffie-Hellman's limitations is no authorization 1) True 2) False - Answers False Two of the most important symmetric encryption algorithms are: 1) Triple-DES 2) Diffie-Hellman 3) DES 4) None of the above 5) RSA - Answers Triple-DES, DES In your PKI lab, the root certificate included the private and public key 1) True 2) False - Answers False Discretionary Access Control (DAC) is determined by the... 1) Individual 2) Group 3) Data owner 4) Manager 5) Data Custodian - Answers Data Owner A Symmetric block encryption algorithm takes in 512-bits as an input and outputs? 1) 2048-bits 2) 1024-bits 3) 512-bits 4) 256-bits - Answers 512-bits Which are the 3 types of Intrusion Detection Systems (IDS)? 1) Host-Based, Local Network-Based, Distributed/Hybrid 2) Heuristic-Based, Local Network-Based, Distributed/Hybrid 3) Host-Based, Network-Based, Distributed/Hybrid 4) Hyper-V-Based, Local Network-Based, Distributed/Hybrid - Answers Host-Based, Network-Based, Distributed/Hybrid Which model deals with no readdown? 1) Bibe Model 2) Bell-LaPadule 3) Biba model 4) Bell-LaPadula - Answers Biba Model Most controls systems should not be set to deny by default. 1) True 2) False - Answers False TOR is completely bulletproof 1) True 2) False - Answers False In Steganography the _____________ of the picture may be the message 1) Pixel 2) MSB 3) Bit 4) LSB 5) Header - Answers LSB Diffie-Hellman makes use of Asymmetric encryption 1) True 2) False - Answers True During a common attack methodology, privilege escalation means? 1) Being able to Remote into another server 2) Having a Top Secret Clearance 3) Being able to run Powershell 4) Being able to do all of the same functions as an Administrator - Answers Being able to do all of the same functions as an Administrator Eavesdropping is known as what type of attack? 1) Difficult 2) Passive 3) Easy 4) Moderate - Answers Passive If you give access to someone; you should be able to take it away 1) True 2) False - Answers True DoS stands for Denial-of-State 1) True 2) False - Answers False Which of the following are block cipher examples? (Check all that apply) 1) Blowfish 2) DES 3) AES 4) 3DES 5) Diffie-Hellman 6) RSA - Answers DES, 3-DES Select ALL correct answers(s). UDP Three-Way connection handshake is 1) None of the above 2) ACK 3) SYN 4) SYN-ACK - Answers ACK, SYN, SYN-ACK Preventing access to a file, user or directory is part of which access control? 1) Denying Access 2) Defining Access 3) Revoking Access 4) Limiting Access 5) Allowing Access 6) Revising Access - Answers Denying Access Script-kiddies are the hardest to defend against 1) True 2) False - Answers False Email encryption uses SSL/TLS 1) True 2) False - Answers True Select ALL correct answers(s). The 3 different levels of intruders are... 1) Foreman 2) Journeyman 3) Master 4) Senior 5) Intermediate 6) Apprentice - Answers Journeyman, Master, Apprentice I am not a Robot, is part of which control 1) Discretionary Access Control 2) Rule-Based Access Control 3) Mandatory Access Control 4) Required Access Control 5) Role-Based Access Control 6) Attribute-Based Access Control - Answers Attribute-Based Access Control The principal of least privilege allows full access to everyone 1) True 2) False - Answers False UDP protocol is mainly used for - Answers Video streaming File System ACLs, consist of which 3 permissions? 1) Allow 2) Decrypt 3) Execute 4) Read 5) Write 6) Encrypt - Answers Execute, Read, Write High value traffic could be legitimate even if one suspects a DoS attack 1) True 2) False - Answers True Some windows System calls are: 1) ntdll, msvcpp, kernel32, user32 2) ntdll, chown, kernel32, user32 3) ntdll, msvcpp, kernel32, getpid 4) ntdll, chown, kernel32, getpid - Answers ntdll, msvcpp, kernel32, user32 Giving access to Carole, who is a CSULB employee. Is part of which Access Control? 1) Limiting Access 2) Revoking Access 3) Denying Access 4) Revising Access 5) Defining Access 6) Allowing Access - Answers Allowing Access The Bell-LaPadula model deals with confidentiality and read up 1) True 2) False - Answers False The Biba model deals with availability, no read down and no write up 1) True 2) False - Answers False Select ALL correct answer(s). There are two types of intruders 1) Hactivists 2) Script-Kiddies 3) Persistent Threats 4) Cyber Criminals - Answers Hacktivists, Cyber Criminals PGP makes use of symmetric encryption 1) True 2) False - Answers False The traffic protocols used in your PKI lab were HTTPS, HTTP and TCP 1) True 2) False - Answers True Select ALL correct answers(s). Based on your classmate's presentation a keylogger can be used for... 1) Surveillance 2) Listening 3) Data exfiltration 4) Spying - Answers Data Exfiltration, Spying Select ALL correct answers(s). Which of the following are part of intrusion examples... 1) Distributing Legal software 2) Web server defacement 3) Using an unattended workstation 4) Using approved devices 5) Running packet sniffers - Answers Web server defacement, using an unattended workstation, running packet sniffers Select ALL correct answers(s). Which of the following deal with confidentiality? 1) Necessary component of privacy 2) Unauthorized users should be block 3) Refers to the ability to prevent data from being changed 4) Clearance levels 5) No changes should be made to the data, unless those authorized 6) Critical Infrastructure - Answers Necessary component of privacy, unauthorized user should be blocked, clearance levels Access Control is composed of 4 basic tasks 1) Limiting Access 2) Allowing Access 3) Denying Access 4) Revisiting Access 5) Defining Access 6) Revoking Access - Answers Limiting Access, Allowing Access, Denying Access, Revoking Access Carole is a remote CSULB employee who just got terminated yesterday. Place the following in the order that they should be turn off by their priority. 1) Deactivate Badge 2) Revoke VPN access 3) Remove Access to email - Answers Remove Access to email, revoke VPN access, deactivate badge Place the following steps in order from an Authorization perspective Identification (1) Authentication (2) Authorization (3) - Answers Identification, Authentication, Authorization Select ALL correct answers(s). Which of the following devices are used to control network traffic? 1) Honeypot 2) Router 3) Firewall 4) CAT5 5) Two-Factor 6) F5 Load Balancer - Answers Router, Firewall, F5 Load Balance One way to prevent a DoS attack is by use of 1) Updates 2) Cookies 3) Anti-Virus 4) Logs - Answers Cookies In UNIX/Linux, if Carole has her permissions set to "r-x" it means she has no... 1) Admin Permissions 2) Write Permission 3) Execute Permission 4) Read Permission 5) Root Permission - Answers Write Permission A honeypot is designed to block attacks 1) True 2) False - Answers False ICMP traffic makes use of port 80 and 443 1) True 2) False - Answers False Updating your incident response plan is part of patching your computer 1) True 2) False - Answers True What is Authorization 1) Security mechanism used to determine user/client privileges 2) Security mechanism used to determine security levels 3) Security mechanism used to identify user/client privileges - Answers Security mechanism used to determine user/client privileges IDS stands for? 1) Intrusion Detection System 2) Intrusion Detention System 3) Intrusion Defense System - Answers Intrusion Detection System Diffie-Hellman is used in SSL, TLS, IPSec 1) True 2) False - Answers True If Jessica is part of the HR group, and her permissions are based on her organizational unit. What type of access control it is being used? 1) Discretionary Access Control 2) Mandatory Access Control 3) Required Access Control 4) Role-Based Access Control 5) Rule-Based Access Control - Answers Role-Based Access Control Access Control List are often refer to as "ackles" 1) True 2) False - Answers True The use of hashes deals with: 1. Integrity 2. Identification 3. Confidentiality 4. Availability - Answers Integrity Symmetric encryption is known as single-key encryption 1. True 2. False - Answers True The four types of category attacks are? 1. Interception Attack 2. All of the above 3. Malicious Attack 4. Fabrication Attack 5. Interruption Attack 6. None of the above - Answers Interception, Fabrication, Interruption Asymmetric algorithms are the most commonly used algorithms 1. True 2. False - Answers False CIA stands for 1) Confidentiality, Integrity, Authentication 2) Confidentiality, Integrity, Availability 3) Confidentiality, Integrity, Authorization 4) Confidentiality, Integrity, Access - Answers Confidentiality, Integrity, Availability Which cipher is based on a transposition, involving shifting each letter by a number (typically 3)? 1) ROT13 2) One-time pad 3) Ceasar cipher 4) Jefferson's disk 5) Kerckhoff's principle - Answers Caesar cipher Decryption is the process of encrypting plaintext 1) True 2) False - Answers False In AES, during "Substitute Bytes" we consider 8-bts. The rightmost 4 bits will give us our 1) Column value 2) None of the above 3) Last value 4) Initial value 5) Row value - Answers column value Blockchain can be described in short, as following: 1) Timestamped append-only log, Database, Consensus Protocol 2) Time append-only log, Database, Consensus Protocol 3) Timestamped append log, Database, Consensus Protocol 4) Timestamped append-only log, Database, Consensus Prototype - Answers 1) timestamped append-only log, database, consensus protocol RSA only uses a private key 1) True 2) False - Answers False DES follows the Feistel structure, and it requires for the following steps to be done in a specific order - Answers plain text should be split into two halves, right side should be run through a function along with the key, output from function goes to the left, left and right output from function are XOR with one another, left and right would be swapped In DES, you shift only one bit on which of the following rounds? 1) Round 5 2) Round 3 3) Rounf 16 4) Round 1 - Answers Round 1, Round 16 Bitcoin uses the following algorithm: 1) SHA256 2) SHA384 3) SHA512 - Answers SHA-256 hash algorithm In AES, each round uses how many keys? 1) 32 2) 16 3) 4 4) 8 - Answers 4 keys One-time pad can only use the _____ once 1) Plaintext 2) Algorithm 3) Key - Answers key In RSA, we can pick any number that would give us a result of ____ to decrypt 1) 10 2) 0 3) 1 4) 5 - Answers 5 Row transposition Ciphers re-orders the column according to the given key before reading it off 1) True 2) False - Answers True According to our lecture, 4 words equals to 16 bytes 1) True 2) False - Answers False DES stands for... 1) Decryption Enhanced Structure 2) Data Encryption Structure 3) Data Encryption Standard 4) Data Elliptic Standard 5) Decryption Enhanced Standard - Answers Data Encryption Standard Symmetric cryptography means - single key for both encryption and decryption 1) True 2) False - Answers True Triple-DES uses a key size of 1) 148-bits 2) 192-bits 3) 256-bits 4) 112-bits - Answers 112 bits A vulnerability cannot be identified and corrected 1) True 2) False - Answers False Most asymmetric block ciphers are based on the Feistel Cipher Structure 1) True 2) False - Answers False In DES, during the initial permutation, we are dealing with 56-bits 1) True 2) False - Answers False DES subkeys are 56 bits in size 1) True 2) False - Answers True In AES, one column represents 1-byte 1) True 2) False - Answers False AES cipher algorithm has a restriction, to a block of 128-bits 1) True 2) False - Answers True Feistel Cipher design principles usually calls for 16 rounds 1) True 2) False - Answers True In DES keys are actually stored as 64-bits long, but which of the following bits are not used 1) bit 32 2) bit 8 3) bit 1 4) bit 22 5) bit 12 - Answers every 8th bit, bit 8 and 32 Steganography makes use of some of the following extensions 1) .bit 2) .go 3) .tor 4) .exe 5) .jpeg 6) .png 7) .py - Answers .jpeg, .bit, .png Transposition order means: 1) Rearranging 2) Shifting 3) Moving 4) Flipping - Answers shifting A nonce is 1) A random number one 2) A number that is one 3) A random number that is only used once - Answers a random number that is only used once Triple-DES uses the same algorithm as DES, but it involves repeating the algorithm 3 times 1) True 2) False - Answers True Consider the following 8-bits (), in AES during the "Substitution Bytes" function. What would be our row value 1) C 2) A 3) D 4) 6 5) B - Answers B In AES, we have _____ subkeys 1) 4 2) 128 3) 44 4) 40 - Answers 44 Permissions blockchains 1) Requires one's identity 2) Use a consensus model