CECS 378 MIDTERM 1 EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026

CECS 378 MIDTERM 1 EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026 Computer security - Answers The protection of an information system to preserve confidentiality, integrity, and availability. The CIA triad - Answers Confidentiality, integrity, and availability. Confidentiality - Answers Prevent unauthorized disclosure of information. Integrity - Answers Prevent unauthorized modification or destruction of information. Availability - Answers Ensure timely, reliable access to information and systems for authorized users. CIA tradeoff - Answers Improving one CIA goal can reduce another (for example, more confidentiality can reduce availability). Asset - Answers Something valuable to protect (hardware, software, data, networks). Vulnerability - Answers A weakness that can be exploited to violate security. Threat - Answers Something capable of exploiting a vulnerability. Attack - Answers An executed threat (a real attempt). Countermeasure - Answers An action, device, or technique that reduces threats, vulnerabilities, or attacks. Countermeasure goals - Answers Prevent, detect, and recover. Confidentiality loss (leak) - Answers Unauthorized disclosure of information. Integrity loss (corruption) - Answers Unauthorized modification or destruction of information. Availability loss (disruption) - Answers System access is prevented or severely slowed. Passive attack - Answers An attempt to learn information without affecting system resources. Active attack - Answers An attempt to alter system resources or affect operations. Passive attack example - Answers Eavesdropping or monitoring. Active attack example - Answers Replay, masquerade, message modification, or denial of service. Replay attack - Answers Capturing a valid transmission and retransmitting it later. Masquerade attack - Answers An attacker pretends to be an authorized user. Message modification - Answers An attacker alters a legitimate message in transit. Denial of service (DoS) - Answers An attacker prevents or inhibits normal system/service use. Insider attack - Answers An attack initiated from inside the security perimeter or by an authorized user. Outsider attack - Answers An attack initiated from outside the security perimeter or by an illegitimate user. Attack surface - Answers All reachable and exploitable entry points/vulnerabilities in a system. Attack surface examples - Answers Open ports, exposed services, input forms, interpreters, and people/social engineering. Attack tree - Answers A structured breakdown of paths/steps to reach an attack goal. Attack surface vs attack tree - Answers Surface is where you can get in; tree is how you would do it step-by-step. Why security is hard - Answers Attackers need one weakness; defenders must cover all weaknesses. Why security is costly - Answers Security often requires monitoring, time, and money. Why security is counterintuitive - Answers Security procedures can feel inconvenient even if they are correct. Security design principles - Answers General rules for designing secure systems. Economy of mechanism - Answers Keep the design simple to reduce bugs. Fail-safe defaults - Answers Deny by default; allow only when explicitly permitted. Complete mediation - Answers Check every access every time, not just once. Open design - Answers Do not rely on secrecy of design for security. Separation of privilege - Answers Require more than one condition or permission for access. Least privilege - Answers Give only the minimum permissions needed. Least common mechanism - Answers Minimize shared mechanisms used by multiple users. Psychological acceptability - Answers Security should be usable so people actually follow it. Least astonishment - Answers System behavior should be predictable to avoid mistakes. Fail-safe defaults (code flaw) - Answers Allowing access for anything that is not explicitly "access denied" can grant access on unexpected errors. Fail-safe defaults (fix) - Answers Default deny, and only allow when you explicitly get a success/allowed result. ATM confidentiality example - Answers Protect PIN, card data, and account information. ATM integrity example - Answers Prevent unauthorized withdrawals and balance changes. ATM availability example - Answers The ATM should work when customers need it. ATM priority idea - Answers Integrity and confidentiality are typically highest; availability must still be reasonable. Phone switch confidentiality example - Answers Protect call records, routing data, and customer information. Phone switch integrity example - Answers Route calls correctly and bill correctly. Phone switch availability example - Answers Calls must go through reliably (often the highest priority). Impact levels (low/moderate/high) - Answers Low = limited harm, moderate = serious harm, high = severe/catastrophic harm. Public web server (impact idea) - Answers Confidentiality low; integrity moderate; availability moderate. Law enforcement sensitive data (impact idea) - Answers Confidentiality high; integrity high; availability moderate/high. Routine finance admin data (impact idea) - Answers Confidentiality low/moderate; integrity moderate; availability moderate. SCADA power control (impact idea) - Answers Integrity high; availability high; confidentiality depends on the data type. Cryptography - Answers Secure communication techniques in the presence of adversaries. Encryption - Answers Transform plaintext into ciphertext to provide confidentiality. Decryption - Answers Reverse ciphertext back into plaintext. Cipher - Answers A pair of algorithms for encryption and decryption. Plaintext - Answers The original readable message/data. Ciphertext - Answers The scrambled/encrypted output. Key - Answers A secret value that controls encryption/decryption. Substitution - Answers Replace letters/symbols with other letters/symbols. Transposition - Answers Rearrange the positions of letters/symbols. Caesar cipher - Answers A substitution cipher using a fixed shift (example: ROT13). Book cipher - Answers Words replaced with numbers based on positions in a shared book. Symmetric encryption - Answers Both parties use the same secret key. Asymmetric encryption - Answers Uses a public/private key pair (different keys). Symmetric key requirement (reading) - Answers Two people need one shared secret key for a symmetric cipher. Biggest issue with symmetric crypto - Answers Key exchange / key distribution. Block cipher - Answers Encrypts data in fixed-size blocks. Stream cipher - Answers Encrypts data continuously one unit at a time. Block vs stream - Answers Block = chunks; stream = continuous output. DES - Answers An older symmetric block cipher (outdated today). 3DES - Answers DES performed three times; slower, somewhat stronger than DES. AES - Answers Modern symmetric block cipher standard (widely used). Brute-force attack - Answers Try every possible key until plaintext makes sense. Brute-force average work - Answers About half the keyspace on average. Cryptanalytic attack - Answers Uses patterns, language structure, or algorithm knowledge to reduce effort. Ciphertext-only attack - Answers Attacker only has ciphertext. Known-plaintext attack - Answers Attacker knows some plaintext or plaintext structure. Chosen-plaintext attack - Answers Attacker can choose plaintexts and observe ciphertexts. Chosen-ciphertext attack - Answers Attacker can choose ciphertexts and observe decrypt outputs. Computational security - Answers The cipher is "secure enough" if breaking it costs too much or takes too long compared to the data's value/lifetime. Modes of operation - Answers Ways to apply a block cipher securely to data longer than one block. ECB mode - Answers Encrypt each block independently with the same key. ECB weakness - Answers Patterns in plaintext can show up in ciphertext. CBC mode - Answers Each plaintext block depends on the previous ciphertext block (chaining). CBC benefit - Answers Reduces pattern leakage compared to ECB. ECB transmission error effect - Answers A ciphertext error affects only the corresponding plaintext block. CBC transmission error effect - Answers A ciphertext error corrupts that plaintext block and also affects the next plaintext block. CBC error in C1 (reading question) - Answers Only P1 and P2 are affected; blocks beyond P2 are not affected. CBC bit error in source P1 (encryption side) - Answers A change in P1 changes C1, which then changes C2..Cn (propagates forward in ciphertext). Message authentication - Answers Verifies messages are authentic and not altered (protects against active attacks). MAC (message authentication code) - Answers A value computed from message + secret key to provide integrity and authentication. What a MAC does not provide - Answers Confidentiality (a MAC does not encrypt). Hash function - Answers A function that maps any-size input to a fixed-length "fingerprint." Hash purpose - Answers Integrity checking and fingerprinting. Hash vs MAC - Answers Hash usually has no secret key; MAC uses a secret key. Preimage resistance - Answers Hard to find an input that produces a given hash output. Second-preimage resistance - Answers Hard to find a different input with the same hash as a chosen input. Collision resistance - Answers Hard to find any two different inputs with the same hash. SHA family - Answers SHA-1 is older; SHA-256/384/512 are stronger modern hashes. HMAC - Answers A MAC built from a hash function plus a secret key (integrity + authentication). Public-key cryptography - Answers Asymmetric cryptography using public/private keys. Public-key encryption rule - Answers Encrypt with the recipient's public key; decrypt with the recipient's private key. Main uses of public-key crypto - Answers Key exchange, key management, and digital signatures. RSA overview - Answers Public-key algorithm based on modular exponentiation with n = p*q. RSA public key - Answers (e, n) RSA private key - Answers (d, n) RSA encryption formula - Answers C = M^e mod n RSA decryption formula - Answers M = C^d mod n RSA security idea - Answers Security relies on the difficulty of factoring n. RSA "common factor with n" idea - Answers If a plaintext shares a factor with n, gcd(plaintext, n) can reveal p or q and break RSA.