Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

LAS QUE SON FALSAS VAN CORREGIDAS

CHAPTER 1: OVERVIEW
TRUE OR FALSE
T
F
1. The OSI security architecture provides a systematic
framework for
defining security attacks, mechanisms, and services.
La arquitectura de seguridad OSI proporciona un marco sistemtico
para definir los ataques, mecanismos y servicios de seguridad.
T
F
2. Security attacks are classified as either passive or
aggressive.
Lo correcto: los ataques de seguridad se clasifican como pasivos o
activos.
T
F
examples

3. Authentication protocols and encryption algorithms are

of security mechanisms.

Los protocolos de autenticacin y los algoritmos de cifrado son

ejemplos de mecanismos de seguridad.
T
F
level of

4. The more critical a component or service, the higher the

required availability.

Cuanto ms crtico sea un componente o servicio, mayor ser el nivel

de Disponibilidad requerida.
T
F
5. Security services include access control, data
confidentiality and
data integrity, but do not include authentication.
Lo correcto: Los servicios de seguridad incluyen control de acceso,
confidencialidad, integridad de datos, autenticacin, no repudio.

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

T
F
6. The field of network and Internet security consists of
measures to
deter, prevent, detect and correct security violations
that involve the transmission of information.
El campo de la seguridad de las redes e Internet consiste en medidas
para determinar, prevenir, detectar y corregir violaciones de seguridad
que impliquen la transmisin de informacin.
T
F
7. Patient allergy information is an example of an asset
with a high
requirement for integrity.
La informacin sobre la alergia del paciente es un ejemplo de un activo
con un alto requerimiento de integridad
T

8. The OSI security architecture was not developed as an

international standard, therefore causing an obstacle for
computer and communication vendors when
developing security features.

Lo correcto: La arquitectura de seguridad OSI FUE desarrollado como

un estndar internacional, los vendedores de computadoras y de
comunicaciones han desarrollado caractersticas de seguridad para
sus productos y servicios relacionados a esta definicin.
Pag 14
T
F
9. Data origin authentication does not provide protection
against the
modification of data units.
La autenticacin de origen de datos no proporciona proteccin contra
la modificacin de unidades de datos.
T
F
10. The emphasis in dealing with active attacks is on
prevention
rather than detection.
Lo correcto: El nfasis en el tratamiento de los ataques PASIVOS es la
prevencin mas que deteccin.

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

T
F
both

11. The connection- oriented integrity service addresses

message stream modification and denial of service.

El servicio de integridad orientado a la conexin corresponde tanto a la

modificacin del contenido de mensajes y denegacin de servicio.
T
F
12. All the techniques for providing security have two
components: a
security- related transformation on the information to
be sent and some secret information shared by the two
principals.
Todas las tcnicas para proporcionar seguridad tienen dos
componentes: una transformacin relacionada con la seguridad en la
informacin a ser enviada y alguna informacin secreta compartida por
los dos principales.
T
F
behalf of

13. Information access threats intercept or modify data on

users who should not have access to that data.

Las amenazas de acceso a la informacin interceptan o modifican

datos en nombre de usuarios que no deben tener acceso a esos datos.
T
F
14. The data integrity service inserts bits into gaps in a
data stream to
frustrate traffic analysis attempts.
El servicio de integridad de datos inserta bits en espacios en un flujo
de datos para frustrar los intentos de anlisis de trfico.
T
F
15. Symmetric encryption is used to conceal the contents
of blocks or
streams of data of any size, including messages, files,
encryption keys, and passwords.
El cifrado simtrico se utiliza para ocultar el contenido de bloques o
flujos de datos de cualquier tamao, incluidos mensajes, archivos,
claves de cifrado y contraseas.

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

MULTIPLE CHOICE
1. __________ is the most common method used to conceal small
blocks of data, such as encryption keys and hash function values,
which are used in digital signatures.
A) Symmetric encryption
algorithms

B) Data integrity

C) Asymmetric encryption
protocols

D) Authentication

Cifrado Asimtrico ___es el mtodo ms comn utilizado para ocultar

pequeos bloques de datos, como claves cifradas y valores de funcin
de hash, utilizadas en las firmas digitales.
2. A common technique for masking contents of messages or other
information traffic so that opponents can not extract the
information from the message is __________ .
A) integrity

B) encryption

C) analysis

D) masquerade

Una tcnica comn para enmascarar el contenido de mensajes u otro

trfico de informacin para que los atacantes no puedan extraer la
informacin del mensaje es___cifrado
3. __________ involves the passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect.
A) Disruption

B) Replay

C) Service denial

D) Masquerade

Repeticin__implica la captura pasiva de una unidad de datos y su

posterior retransmisin para producir un efecto no autorizado.
4. The three concepts that form what is often referred to as the CIA
triad are ________ . These three concepts embody the
fundamental security objectives for both data and for information
and computing services.

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

A) confidentiality, integrity and availability

B) communication, integrity and authentication
C) confidentiality, integrity, access control
D) communication, information and authenticity
5. A loss of __________ is the unauthorized disclosure of information.
A) authenticity
C) reliability

B) confidentiality
D) integrity

Una prdida de _confidencialidad_ es la divulgacin no autorizada de

informacin
6. Verifying that users are who they say they are and that each
input arriving at the system came from a trusted source is
_________ .
A) authenticity

B) credibility

C) accountability
D) integrity
Verificar que los usuarios son quienes dicen que son y que cada
entrada de datos proviene de una fuente de confianza es Autenticidad
7. A _________ level breach of security could cause a significant
degradation in mission capability to an extent and duration that
the organization is able to perform its primary functions, but the
effectiveness of the functions is significantly reduced.
A) catastrophic
C) low

B) moderate
D) high

Un nivel moderado de violacin de la seguridad podra causar una

degradacin significativa en la capacidad de la misin en la medida y
duracin que la organizacin pueda desempear sus funciones
primarias, pero la efectividad de las funciones se reduce
significativamente.

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

8. A __________ is any action that compromises the security of

information owned by an organization.
A) security attack
C) security alert

B) security service
D) security mechanism

Un _ataque de seguridad_ es cualquier accin que comprometa la

seguridad de la informacin de una organizacin
9. A __________ takes place when one entity pretends to be a
different entity.
A) replay

B) masquerade

C) service denial

D) passive attack

10.
__________ is the protection of transmitted data from
passive attacks.
A) Access control
C) Nonrepudiation

B) Data control
D) Confidentiality

11.
A(n) __________ service is one that protects a system to
ensure its availability and addresses the security concerns raised
by denial- of- service attacks.
A) replay

B) availability

C) masquerade

D) integrity

El servidio de _disponibilidad_ es aquel que protege un sistema para

asegurar su disponibilidad y aborda las preocupaciones de seguridad
planteadas por los ataques de denegacin de servicio.
12.
__________ threats exploit service flaws in computers to
inhibit use by legitimate users.
A) Information access

B) Reliability

C) Passive

D) Service

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

Las amenazas de servicio explotan fallas de servicio en las

computadoras para inhibir el uso por usuarios legtimos
13.
A(n) __________ is a potential for violation of security, which
exists when there is a circumstance, capability, action or event
that could breach (romper) security and cause harm (dao).
A) threat

B) attack

C) risk

D) attack vector

14.
The protection of the information that might be derived
from observation of traffic flows is _________ .
A) connectionless confidentiality
confidentiality
C) traffic- flow confidentiality
confidentiality

B) connection
D) selective- field

La proteccin de la informacin que puede derivarse de la observacin

de los flujos de trfico es la confidencialidad del trfico
15.
Data appended to, or a cryptographic transformation of, a
data unit that allows a recipient of the data unit to prove the
source and integrity of the data unit and protect against forgery
is a(n) ___________ .
A) security audit trail

B) digital signature

C) encipherment

D) authentication exchange

Los datos adjuntos o una transformacin criptogrfica de una unidad de datos

que permite a un destinatario de datos probar la fuente y la integridad de los
datos y proteger contra la falsificacin es un firma digital
SHORT ANSWER
1. A SECURITY MECHANISM___________ is any process, or a device
incorporating such a process, that is designed to detect, prevent, or
recover from a security attack. Examples are encryption algorithms,
digital signatures and authentication protocols.
Un _mecanismo de seguridad_es cualquier proceso, o la incorporacin

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

de un dispositivo, que est diseado para detectar, prevenir o

recuperarse de un ataque de seguridad. Ejemplos son algoritmos de
cifrado, firmas digitales y protocolos de autenticacin.
2. An ACTIVE__________ attack attempts to alter system resources or
affect their operation.
3. "The protection afforded to an automated information system in
order to attain the applicable objectives of preserving the integrity,
availability and confidentiality of information system resources" is the
definition of ____CIA_____ .
4. A loss of __AVAILABILITY________ is the disruption of access to or use
of information or an information system.
Una prdida de _DISPONIBILIDAD_ es la interrupcin del acceso o uso
de informacin o un sistema de informacin.
5. Irreversible _ encipherment (CIFRADO) _________ mechanisms include
hash algorithms and message authentication codes, which are used in
digital signature and message authentication applications.
Mecanismos de cifrado irreversible incluyen algoritmos hash y cdigos
de autenticacin de mensajes, que se usan en aplicaciones de firma
digital y autenticacin de mensajes
6. In the United States, the release of student grade information is
regulated by the
__FERPA________ .
7. A loss of _INTEGRIDAD________ is the unauthorized modification or
destruction of information.
8. A _PASIVO________ attack attempts to learn or make use of
information from the system but does not affect system resources.
9. The _AUTENTICACION_________ service is concerned with assuring
the recipient that the message is from the source that it claims to be
from. This service must also assure that the connection is not
interfered with in such a way that a third party can masquerade as one
of the two legitimate parties for the purposes of unauthorized
transmission or reception.
10. Two specific authentication services defined in X.800 are peer

Cryptography and Network Security: Principles and Practice, 6 th Edition,

by William Stallings

entity authentication and _DATA ORIGIN________ authentication.

11. In the context of network security, __ACCESS CONTROL_________ is
the ability to limit and control the access to host systems and
applications via communications links.
12. __NO REPUDIO________ prevents either sender or receiver from
denying a transmitted message. Thus, when a message is sent, the
receiver can prove that the alleged sender in fact sent the message
and when a message is received, the sender can prove that the alleged
receiver in fact received the message.
13. Viruses and worms are two examples of _SOFTWARE________
attacks. Such attacks can be introduced into a system by means of a
disk that contains the unwanted logic concealed in otherwise useful
software. They can also be inserted into a system across a network.
14. An _ATAQUE_________ is an assault on system security that derives
from an intelligent act that is a deliberate attempt to evade security
services and violate the security policy of a system.
15. ___NOTARIZATION (ENTIDAD CERTIFICADORA)_______ is the use of a
trusted third party to assure certain properties of a data
exchange.