printable version
Test 3 Review B
[1]
[2]
[3]
[4]
[5]
[6]
[7]
Problem R3b.1.
In storing passwords, what is “salt,” and how
does it help keep the passwords secure?
Salt is a random sequence of characters that is generated for
each user separately, and it is stored along with the
cryptographic hash of the result of appending the
password onto the hash. To verify a password entered by a user
logging in, we read the user's salt from the database, append
the password to it, perform a cryptographic hash, and then
confirm that this result matches what is stored in the
database.
This is much more secure than simply
storing the hash of the password, since doing the latter makes
it far easier to perform a dictionary attack: The attacker can
perform a single hash of a frequently-used password and compare
it to all hashed values, whereas with a salted system, the
attacker must try each individual salt value along with the
frequently-used password, slowing the decryption process down
considerably.
Problem R3b.2.
Why do experts recommend that short passwords of eight or
fewer characters should be avoided?
People trying to crack a password can feasibly try hashing
each possible combination of eight or fewer characters, to see
which combination hashes to what is stored in a database.
A short password guarantees that this attack will find a combination
that works. However, it is infeasible with current technology to
hash all possible combinations of nine characters, so more than
eight characters avoids this type of exhaustive attack.
Problem R3b.3.
What is displayed when the below program is executed?
nums = [7, 9, 6, 7, 8]
map = {}
for i in range(5):
n = nums[i]
map[n] = i
for key in map:
print('{0} to {1}'.format(key, map[key]))
7 to 3 (Lines may be reordered in any way.)
9 to 1
8 to 4
6 to 2
Problem R3b.4.
What is displayed by the following Python fragment?
words = 'The quick brown fox jumps over the lazy dog'
map = {}
for word in words.split():
map[len(word)] = word
for k in range(3, 6):
print('{0} {1}'.format(k, map[k]))
Problem R3b.5.
Suppose census
is a dictionary mapping state names to
populations. Complete the following so that it displays the total
population of all the states.
for state in census:
print total_pop
total_pop = 0
for state in census:
total_pop += census[state]
print total_pop
Problem R3b.6.
Suppose we have a dictionary scores
mapping names (each a string) to test scores (each an integer).
Write a program fragment that displays the name of each student
whose score is 100.
for name in scores:
if scores[name] == 100:
print(name)
Problem R3b.7.
We have a dictionary identified by word_counts
in
which all keys are strings. What is wrong with the following program to
remove all keys
that start with p, and what can be
done to repair it?
for key in word_counts:
if len(key) > 0 and key[0] == 'p':
word_counts.pop(key)
While we are iterating through the keys of a dictionary (as
with for
…in
), Python will not allow us to
change that very same dictionary, as pop
does.
The best way to repair this would be to create a secondary
list into which we place all the keys we wish to remove.
Then, after completing our iteration through the list, we
would have a second loop through this secondary list
in which we could remove each key that was added into this
list.