2.0 Cryptography

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following would you find on a CPS

A declaration of security that the organization is implementing for all certificates

What is a PKI

A hierarchy of computers for issuing certificates

Which of the following best describes the content of the CRL

A list of all revoked certificates

What type of key or keys are used in symmetric cryptography

A shared private key

Which of the following best describes high amplifications when applied to hashing algorithms

A small change in the message results in a big change in the hash value.

A private key has been stolen. What action should be taken to deal with this crisis

Add the digital certificate to the CRL

When two different messages produce the same hash value, what has occurred

Collision

By definition, which security concept ensures that only authorized parties can access data

Confidentiality

You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal?

Confidentiality

You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal

Confidentiality

Hashing algorithms are used to perform what activity

Create a message digest

Which of the following algorithms are used in asymmetric encryption (Select two.)

Diffie-Hellman, RSA

What is the most obvious means of providing non-repudiation in a cryptography system

Digital signatures

Which of the following security measures encrypts the entire contents of a hard drive

Drive Lock

Which of the following security measures encrypts the entire contents of a hard drive?

DriveLock

Which of the following is the employment of two separate key pairs in order to separate the security functions of confidentiality and integrity in a communication system

Dual key pair

Which of the following protocols are most likely used with digital signatures (Select two.)

ECC, RSA

Which of the following security solutions would prevent a user from reading a file which she did not create?

EFS

Which of the following security solutions would prevent a user from reading a file which she did not create

EFS

You want to implement BitLocker to encrypt data on a hard disk even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do

Enable the TPM in the BIOS

You would like to implement BitLocker to encrypt data on a hard disk even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do?

Enable the TPM in the BIOS

Which IPSec sub protocol provides data encryption

Encapsulating Security Payload (ESP)

Which of the following is not a valid example of steganography

Encrypting a data file with an encryption key

What is the main function of a TPM hardware chip

Generate and store cryptographic keys

Which protocol is used for securely browsing a Web site

HTTPS

Which of the following is used to verify that a downloaded file has not been altered

Hash

Which of the following is the best countermeasure against man-in-the-middle attacks

IPSec

Which of the following network layer protocols provides authentication and encryption services of IP based network traffic

IPSec

Which of the following can be used to encrypt Web, e-mail, telnet, file transfer, and SNMP traffic

IPSec (Internet protocol security)

You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. You use EFS to encrypt the C:\Secrets folder and its contents. Which of the following is true in this scenario? (Select two.)

If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, it will be saved in an unencrypted state. Only the user who encrypted the C:\Secrets\confidential.docx file will be able to open it by default.

You want to protect data on hard drives for users with laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do?

Implement BitLocker with a TPM

You want to protect data on hard drives for users with laptops. You want to drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do

Implement BitLocker with a TPM

Which of the following is not true concerning symmetric key cryptography

Key management is easy when implemented on a large scale.

Which of the following is the weakest hashing algorithm

MD-5

Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature

Mary's private key

You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. Which system components are encrypted in this scenario? (Select two.)

Master boot record C:\ volume

By definition, which security concept uses the ability to prove that a sender sent an encrypted message

Non-repudiation

By definition, which security concept uses the ability to prove that a sender sent an encrypted message?

Non-repudiation

When a sender encrypts a message using their own private key, what security service is being provided to the recipient

Non-repudiation

You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server

Obtain a certificate from a public PKI

How many keys are used with symmetric key cryptography

One

Which of the following encryption methods combines a random value with the plaintext to produce the cipher text

One-time pad

Which of the following algorithms are used in symmetric encryption (Select three.)

Blowfish, AES, 3DES

Which of the following is the best countermeasure for man-in-the-middle attacks

Public Key Infrastructure (PKI)

Which of the following protocols can TLS for key exchange?

RSA, Diffie- Hellman

Which of the following is an entity that accepts and validates information contained within a request for certificate

Registration authority

Which of the following is the strongest hashing algorithm

SHA-1

Telnet is inherently insecure its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH

Which of the following protocols can be used to securely manage a network device from a remote connection?

SSH

You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure the other cannot see your credit card number on the Internet

SSL

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.

SSL

Mary wants to send a message to Sam so the only Sam can read it. Which key would be used to encrypt the message

Sam's public key

A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. What must the receiver use to access the hashing value to the verify the integrity of the transmission

Sender's public key

Which of the following technologies is based upon SSL (Secure Socket Layer)

TLS (Transport Layer Security)

What is the purpose of key escrow

To provide a means to recover from a lost private key

How many keys are used with asymmetric or public key cryptography

Two

When a cryptographic system is used to protect confidentiality of data, what is actually protected

Unauthorized users are prevented from viewing or accessing the resource.

Which of the following items are contained in a digital certificate

Validity period, public key

Which standard is most widely used for certificates?

X.509

You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the Web site. The two hashes match. What do you know about the file

Your copy is the same as the copy posted on the website.

The session keys employed by SSL (Secure Socket Layer) are available in what bit lengths?

128 bit and 40 bit

You want to encrypt data on a removable storage device. Which encryption method would you choose to use the strongest method possible

AES

A PKI is a method for managing which type of encryption

Asymmetric

Which of the following are characteristics of ECC (Select two.)

Asymmetric encryption, Uses a finite set of values within an algebraic field.

Which of the following statements is true when comparing symmetric and asymmetric cryptography

Asymmetric key cryptography is used to distribute symmetric keys.

You want a security solution that protects the entire hard drive, preventing access even when it is moved to another system. Which solution would you choose?

BitLocker

Which of the following generates the key pair used in asymmetric cryptography

CSP

What's the primary function of the IKE protocol use with IPSec?

Create a security association between communicating partners

Which of the following is used for secure exchange of symmetric encryption keys

Diffie-Hellaman

Which of the following is the weakest symmetric encryption method

DES

Your company system is a participant in an asymmetric cryptography system. You've crafted a message to be sent another user. Before transmission, you hash the message, then encrypt the hashing using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, what protection does the hashing activity provide

Integrity

What is the cryptography mechanism which hides secret communications within various forms of data

Steganography

What form of cryptography is best suited for bulk encryption because it is so fast

Symmetric key cryptography

Certificate revocation should occur under all but which of the following conditions

The certificate owner has held the certificate beyond the established lifetime timer

What action is taken when the private key associated with a digital certificate becomes compromised

The certification is revoked and added to the Certificate Revocation List

Which of the following would require that a certificate be placed on the CRL

The private key is compromised.


Conjuntos de estudio relacionados

Rhetorical Theory: Quiz 2, 3, 4, 5 &6

View Set

CH 22 Nursing Management of the Postpartum Woman at Risk; CH 23 Nursing Care of the Newborn With Special Needs; CH 24 Nursing Care of the Newborn at Risk PrepU (Developmental)

View Set

Campbell Biology; Chapter 5: Worksheet

View Set

142 Acute & Chronic Illness - PRACTICE QUESTIONS

View Set

Chapter 20: Trauma and Surgical Management

View Set

UNIT #2: Regulation of Investment Adviser Representative

View Set

Ch 20 Trauma and Surgical Management

View Set