Chapter 15 Quiz
You work for a company that is implementing symmetric cryptography to process payment applications, such as card transactions, where personally identifiable information (PII) needs to be protected to prevent identity theft or fraudulent charges. Which of the following algorithm types would be best for transmitting large amounts of data?
Block
Kathy doesn't want to purchase a digital certificate from a public certificate authority, but needs to establish a PKI in her local network. Which of the follow actions should she take?
Create a local CA and generate a self-signed certificate.
Robert, an IT administrator, is working for a newly formed company. He needs a digital certificate to send and receive data securely in a Public Key Infrastructure (PKI). Which of the following requests should he submit?
He must send identifying data with his certificate request to a registration authority (RA).
Which type of cryptanalysis method is based on substitution-permutation networks?
Integral
Which of the follow is a characteristic of Elliptic Curve Cryptography (ECC)?
Is suitable for small amounts of data and small devices, such as smartphones.
Above all else, which of the following must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Private keys
In a ciphertext-only attack, what is the attacker's goal?
To recover the encryption key.
Which of the following best describes a feature of symmetric encryption?
Uses only one key to encrypt and decrypt data.
Which of the following is a characteristic of the Advanced Encryption Standard (AES) symmetric block cipher?
Uses the Rijndael block cipher.
Which of the following terms is the encrypted form of a message that is unreadable except to its intended recipient?
ciphertext
Match the types of cryptanalysis with the descriptions. Finds the affine approximations to the action of a cipher.
Linear cryptanalysis Differential cryptanalysis Integral cryptanalysis Integral cryptanalysis Linear cryptanalysis Differential cryptanalysis
Which of the following cryptography attacks is characterized by the attacker having access to both the plain text and the resulting ciphertext, but does not allow the attacker to choose the plain text?
Known plain text
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which of the following cryptographic keys would Mary use to create the digital signature?
Mary's private key
You have a secret key. Bob wants the secret key. He has threatened to harm your reputation at the office if you don't give him the secret key. What type of attack is Bob attempting to use?
Rubber hose attack
Bob encrypts a message using a key and sends it to Alice. Alice decrypts the message using the same key. Which of the following types of encryption keys is being used?
Symmetric
Which of the following best explains why brute force attacks are always successful?
They test every possible valid combination.
What are the countermeasures used to keep hackers from using various cryptanalysis methods and techniques? (Select two.)
Use a key size of 168 bits or 256 bits for symmetric key algorithms. Use passphrases and passwords to encrypt a key stored on disk.
Which of the following cryptography attacks is characterized by the attacker making a series of interactive queries and choosing subsequent plain texts based on the information from the previous encryption?
Adaptive chosen plain text
Match each cryptography attacks to its description. The attack repeatedly measuring the exact execution times of modular exponentiation operations.
Timing Rubber hose Adaptive chosen plain text Chosen key Related key Chosen ciphertext
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plain text to see the resulting ciphertext. Which of the following cryptographic attacks is being used?
Chosen plain text
