1) Which of the following is/are true for LSB insertion steganography technique?
a. The original media file can be exactly recovered at the receiving end.
b. It is vulnerable to media manipulation attacks.
c. One of more least significant bits of each element in the media file are used for hiding information.
d. All of these.
Answer: b, c
Solution: In LSB steganography, one or more lower significant bits of each element in a media file (pixels in an image, audio samples in an audio file, etc.) is/are modified to store some hidden information. Since the lower significant bits are only modified, the quality of the media is not degraded much. However, if some signal processing transformations are carried out (e.g. compress an image and again decompress), the lower significant bits might get disturbed and the hidden information might get lost. Option (a) is false as the quality of the media file is degraded, as some parts of the media file are modified. The correct options are (b) and (c).
2) Which of the following are examples of behavioral biometrics?
d. Iris scan
Answer: b, c
Solution: Behavioral biometrics refer to those biometrics that are related to human behavior. Signature (hand and finger movement) and Gait (walking style) are examples of behavioral biometrics. However, fingerprint and iris scan are properties of the human body and not dependent on the behavior. Hence, the correct options are (b) and (c).
3) Consider a color image of size 1000 x 1000, where each pixel is stored in 24-bits (containing red, green and blue components as 8-bits each). How many bytes of information can be hidden in the image by using single-LSB steganography technique?
d. None of these
Solution: Each pixel consists of 24 bits or 3 bytes, and hence 3 bits of information can be stored in each pixel. The number of bits of hidden information that can be stored in the whole image will be 1000 x 1000 x 3 bits = 1000 x 1000 x 3 / 8 bytes = 375000 bytes. The correct answer is (a).
4) Which of the following are true in biometric systems?
a. For authentication application, a user template is compared against a single template stored in the database.
b. For verification / identification application, a user template is compared against all the templates stored in the database.
c. Multimodal biometrics is used to improve accuracy.
d. None of these.
Answer: a, b, c
Solution: When biometric is used for authenticating a known person, his/her biometric template is compared against the corresponding template stored in the database. Thus, option (a) is true. However, for identifying a person whose id is not known, his/her biometric template has to be compared with all the templates stored in the database. Thus, option (b) is also true. To improve the accuracy of identification/recognition, multiple biometrics are used (e.g. fingerprint and iris scan). Thus, option (c) is also true.
5) How is the Smurf denial-of-service attack mounted?
a. By sending ICMP echo request to a broadcast address, and using the victim IP address as sender.
b. By opening a large number of TCP half-open connections.
c. By sending an echo packet that is larger than the maximum permissible size.
d. None of these.
Solution: Smurf attack works in the following manner. The attacker fabricates an IP packet, with the (spoofed) IP address of the victim as the source address, and using a broadcast address as the destination address. The packet will be broadcast to all the hosts in the target network, each of which will be sending back an ICMP echo response packet to the victim host. A large number of packets will hit the victim, creating a denial-of-service scenario. Thus, the correct option is (a).