Which of the following NIST Special Publication documents provides a guideline on network
security testing?

A.
NIST SP 800-42
Steg-Only Attack

B.
NIST SP 800-53A
Active Attacks

C.
NIST SP 800-60
2Mosaic

D.
NIST SP 800-53
Gifshuffle

E.
NIST SP 800-37

F.
NIST SP 800-59
and C are incorrect. NIST has developed a suite of documents for conducting Certification &
Accreditation (C&A). These documents are as follows: NIST Special Publication 800-37: This
document is a guide for the security certification and accreditation of Federal Information Systems.
NIST Special Publication 800-53: This document provides a guideline for security controls for
Federal Information Systems. NIST Special Publication 800-53A. This document consists of
techniques and procedures for verifying the effectiveness of security controls in Federal
Information System. NIST Special Publication 800-59: This document is a guideline for identifying
an information system as a National Security System. NIST Special Publication 800-60: This
document is a guide for mapping types of information and information systems to security
objectives and risk levels.
QUESTION 56
Which of the following tools is used to attack the Digital Watermarking?

F.
NIST SP 800-59
and C are incorrect. NIST has developed a suite of documents for conducting Certification &
Accreditation (C&A). These documents are as follows: NIST Special Publication 800-37: This
document is a guide for the security certification and accreditation of Federal Information Systems.
NIST Special Publication 800-53: This document provides a guideline for security controls for
Federal Information Systems. NIST Special Publication 800-53A. This document consists of
techniques and procedures for verifying the effectiveness of security controls in Federal
Information System. NIST Special Publication 800-59: This document is a guideline for identifying
an information system as a National Security System. NIST Special Publication 800-60: This
document is a guide for mapping types of information and information systems to security
objectives and risk levels.
QUESTION 56
Which of the following tools is used to attack the Digital Watermarking?

A.
NIST SP 800-42
Steg-Only Attack

B.
NIST SP 800-53A
Active Attacks

C.
NIST SP 800-60
2Mosaic

D.
NIST SP 800-53
Gifshuffle

Explanation:
2Mosaic is a tool used for watermark breaking. It is an attack against a digital
watermarking system. In this type of attack, an image is chopped into small pieces and then
placed together. When this image is embedded into a web page, the web browser renders the
small pieces into one image. This image looks like a real image with no watermark in it. This attack
Gifshuffle is used to hide message or information inside GIF images. It is done by shuffling the
Active Attacks and Steg-Only Attacks are used to attack Steganography.