C839 - Intro To Cryptography - Study Prep
Which light-weight public key cipher is best paired with RFID implementations? A) Elli B) Trivium C) Rabbit D) Chaskey
A
From the list of symmetric block cipher modes below, which would facilitate parallel processing of blocks? Select all that apply. A) CTR B) CFB C) CBC D) OFB
A
Lightweight cryptography is best suited for which practical applications? Select all that apply. A) Tablets B) RFID C) Smart phones D) Servers
BD
Select the stream ciphers from the list below. Select all that apply. A) RC2 B) ChaCha C) IDEA D) RC4
BD
Which attributes from the list below describe Blowfish? A) 512 bit key size B) 1-256 bit key size (common = 128, 192, or 256) C) 0-2048 key size D) 32-448 key size (common = 128, 192, or 256)
D
Hashing involves creating a _____ function which cannot be ______. A) one-way, reversed B) two-way, verified C) signing, verified D) two-way, reversed
A
From the choices below, select the mechanisms that can be used to provide error detection in binary data to support the integrity pillar of the CIA triad. Select all that apply. A) Cyclic Redundancy Check (CRC) B) Initialization vector C) Padding D) Checksum
AD
Select the common tunneling protocols from the list below. Select all that apply. A) IPSec B) RIP C) SMTP D) L2TP
AD
Select the poly alphabetic ciphers from the list below. Select all that apply. A) Enigma Machine B) Caesar C) Pigpen D) Vigenere
AD
3DES operates with 64 bit blocks, 56 bit keys and 16 rounds. A) True B) False
B
8 bytes is equivalent to ____ bits. A) 1 B) 64 C) 16 D) 256
B
What is an example of a symmetric algorithm? A) RSA B) AES C) SHA D) MD5
B
Which cipher is used with WEP? A) RC5 B) RC4 C) TKIP D) AES
B
Which part of the public key infrastructure (PKI) defines how a credential is used? A) certificate authority (CA) B) Certificate policy (CP) C) Public Key Cryptography Standards (PKCS) D) registration authority (RA)
B
Which port does Secure Socket Tunneling Protocol (SSTP) use? A) 389 B) 443 C) 1701 D) 1723
B
How does a dictionary attack break a cipher? A) Factors the prime numbers used within an RSA algorithm B) Looks for rollover of the same value for an IV C) Takes a list of the most common words and tries each entry D) Matches hash values back to the original plaintext
C
How many characters are used in an LM hash password? A) 7 B) 8 C) 14 D) 16
C
How many rounds does 3DES encryption entail? A) 24 B) 12 C) 48 D) 16
C
How many rounds does AES use? A) 2 B) 8, 10, or 12 C) 10, 12, or 14 D) 16
C
In terms of a backdoor in cryptography, what are the two main methods used? Select all that apply. A) Steel B) Bit-wise C) Key escrow D) NOBUS
CD
Skipjack was designed by the NSA for the _________ and is a ___________ cipher that can use an ______ bit key size and a ______ bit block size
Clipper Chip, symmetric block, 80, 64
Which cipher uses a series of ciphers based on a keyword? A) Affine B) Atbash C) Caesar D) Vigenère
D
The Initialization Vector (IV) _________ method under the FIPS 140 standard defines four security levels: __________. ________, ________, and _________. This is also known as acronym ________.
Nonce-Generated IV, Counter IV, Fixed IV, Random IV, OSCP
_______ is a revised version of the FISH cipher which addresses _________ attacks and is the most widely used _________ cipher
PIKE, known plaintext, symmetric stream
SHA2 is a message digest which covers a SHA bit range of ________ to _______ and is an NSA __________ algorithm based on the ___________ standard which defines ________________ code
SHA256, SHA384, Suite B, RFC 2104, Hash-based Message Authentication (HMAC)
Elliptic-Curve DSA (ECDSA) is an NSA ___________ algorithm based on the ___________ which defines ________________ Service, also known as _______
Suite B, RFC 1510, Kerberos Network Authentication, V5
El Gamal is the slowest of the ________ ciphers and is used in recent versions of _____. El Gamal is an extension of _____.
asymmetric, PGP, Diffie-Hellman
CAST is a ______ cipher and can use a ______ or ______ bit key and a _____ bit block
symmetric block, 128 or 256, 64
Serpent is a ________ cipher and can use a ______, ______, ______ bit keys and _________ bit blocks
symmetric block, 128/192/256, 128
AES is a ________ cipher and can use ____, ____, and ____ key sizes and a ____ bit block size. AES is based on the ___________ which defines ______________.
symmetric block, 128/192/256, 128, PKCS#14, Pseudorandom Number Generation
Blowfish is a _______ cipher and can use a ____ to ____ bit key size and a _____ bit block.
symmetric block, 32 to 48, and 64
DES and 3DES both _______ ciphers and use a ____ bit key size and a ____ bit block size
symmetric block, 56, 64
Both RC5 & RC6 are ______ ciphers and can use _______ bit keys and ______, ______, and ______ bit blocks
symmetric block, up to 2048, 32/64/128
Twofish was designed to replace DES and is a ________ cipher and can use _______ bit key size and a ____ bit block.
symmetric block, up to a 256 , 128
RCA is a _______ cipher and can use a key size of _____ to _____ bit keys in up to _______ rounds
symmetric stream, 1 to 256, 255
Which of the following is the standard for digital certificates? a. X.509 b. CA c. CRL d. RFC 2298
A
Select the common methods used to crack RSA from the list below. Select all that apply. A) Factorizing N B) Pad reversal C) Different e Value D) CRT
ACD
How many transformation rounds does AES use with a 192-bit key? A) 10 B) 12 C) 14 D) 16
B
Modulus Operator Math. Solve the following: 12 (mod 5) = A) 10 B) 2 C) 5 D) 24
B
The major difference between Hyperledger and Ethereum is that Hyperledger does not offer the smart contracts feature. A) True B) False
B
Select the stream ciphers form the list below. Select all that apply. A) 3DES B) RC4 C) Cha Cha D) DES
BC
From the list below, which term is best described as random bits added to a password hash to help with safeguarding passwords in storage? A) CRC B) Rainbow Table C) Salt D) Rounds
C
The initialization vector used with WEP is _____ bits long? A) 40 B) 128 C) 24 D) 48
C
Which algorithm is designated as a Type 2 product by the National Security Agency (NSA)? A) DES B) AES C) SKIPJACK D) WEP
C
TKIP (Temporal Key Integrity Protocol) uses a ____-bit key for encryption. A) 48 B) 40 C) 24 D) 128
D
Which default port must be open for the IPsec key exchange to be successful? A) UDP 162 B) TCP 389 C) TCP 465 D) UDP 500
D
Propagating Cipher Block Chaining (PCBC) mode is a _______ standard _______ algorithm method
federal, symmetric
CAST5 is a symmetric block cipher with a block-size of 64 bits. A) True B) False
A
Modulo-2 multiplication operations is equivalent to logical ____ operations. A) AND B) XOR C) OR
A
The difference between a certificate being revoked vs a certificate being on hold is that hold status can be reversed and revoked status cannot. A) True B) False
A
Which of the following is a block cipher? a. AES b. RC4 c. DH d. RSA
A
________ published the first successful attack against the Vigenère cipher in 1863. A) Kasiski B) Bellaso C) Kerckhoff D) Kramer
A
Shawn plans to employ the symmetric block cipher AES for his encryption needs, but is interested in having the speed of operation that stream-based ciphers provides. In selecting the block cipher mode for his AES implementation which of the below options should he consider? Select all that apply. A) CFB B) OFB C) ECB D) CTR
ABD
Which of the activities below happen during the first phase required to set up an IPSec connection? Select all that apply. A) Define encryption method B) Define hashing method C) Define SA lifetime D) Define key exchange method
ABD
Which of the choices below represent hash values SHA-2 is capable of producing? Select all that apply. A) 512-bit B) 256-bit C) 128-bit D) 384-bit
ABD
Which of the following are defined as standards for hashing methods within ISO/IEC 29192-5:2016? Select three. A) Lesamanta-LW B) SPONGENT C) PRESENT D) PHOTON
ABD
A developer wants to encrypt an HTML file on his MacBook using an AES encryption. Which command should the developer run in the terminal to encrypt the HTML file? A) aesencrypt -d filename.html B) aescrypt -e filename.html C) aesencrypt -e filename.html D) aescrypt -d filename.html.aes
B
A developer wants to send a message to a system administrator over the internet, so the developer uses the system administrator's publicly known key to send the message. The system administrator is able to decrypt the message using a unique private key. Which encryption method are the developer and system administrator using to communicate the message? A) Stream encryption B) Asymmetric encryption C) Block encryption D) Symmetric encryption
B
A developer wants to send a system administrator a message and wants to use a cipher that reorders the plaintext characters to create the ciphertext. Which cipher meets this requirement? A) Playfair cipher B) Transposition cipher C) Shift cipher D) Substitution cipher
B
A major problem in encryption is that the ciphertext can be played back where an intruder can copy an encrypted message and play it back, as the same plaintext will always give the same ciphertext. What can be added to the ciphering process help address this problem? A) Twofish B) Salt C) ASCII text D) Codes
B
A proven method used to crack WPA-2 involves capturing the _______, cracking the hashed message, and matching it against a list of common passwords. A) token passing process B) four-way handshaking process C) two-way handshaking process D) initialization vector
B
ASCII utilizes 8-bit values and supports up to 65,536 characters. A) True B) False
B
In lightweight cryptography, block sizes are relatively smaller than those used in conventional cryptography and are typically how many bits? Select all that apply. A) 90 B) 80 C) 64 D) 128
BC
Of the choices below, which can be categorized as an option for the "Something you have" authentication category? Select all that apply. A) Thumb print B) Token C) Smart Card D) Password
BC
Select the methods from the list below that contribute to improving the performance of brute force analysis. A) Sandboxing B) parallel processing C) increasing power of computers D) light-weight cryptography
BC
A _____ is a function is not reversible. a. Stream cipher b. Asymmetric cipher c. Hash d. Block Cipher
C
What is 29 mod 12? A) 0 B) 3 C) 5 D) 7
C
Why should an asymmetric public key be used to encrypt a symmetric key that is being sent to one person? A) It uses the same key to encrypt and decrypt large amounts of media, one bit at a time. B) It encrypts and decrypts data in blocks of characters at a time with a complex algorithm. C) It encrypts a small amount of information, which is decrypted with the corresponding private key. D) It signs files and encrypts the hash of the file to verify integrity and authenticity.
C
Wi-Fi Protected Access 2 (WPA-2) uses ____-bit or ___-bit AES. A) 24, 40 B) 24, 28 C) 128, 256 D) 40, 80
C
With Electronic codebook (ECB) what happens? a. The cipher text from the current round is XORed with the plaintext for the next round. b. The cipher text from the current round is XORed with the plaintext from the previous round. c. The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption. d. The block cipher is turned into a stream cipher
C
With ______, the tunnel is created with a symmetric key method, and then a signature is created with a defined hashing method. A) TELNET B) HTTP C) TLS D) ICMP
C
With _________, the routing is done using computers of volunteers around the world to route the traffic around the Internet, and within each hop the chances to trace the original source significantly reduces. A) Netgear B) Cisco C) TOR D) HTTP
C
_____ won the NIST hash function competition, and is proposed as the SHA-3 standard. A) Skein B) MD-7 C) Keccak D) SHA-MAX
C
A bank's customer opens the log-in page of the bank to do an online banking transaction. How can the customer verify that the bank's digital certificate is trustworthy and has not been canceled by the issuing certificate authority (CA)? A) Submit a request to the certification authority B) Check the CRL distribution point (CDP) C) Check the PKI D) Check the certificate revocation list (CRL)
D
A bank's customer wants to log in to a bank's website at https://www.bankname.com to do an online banking transaction. How can this customer make sure the bank is authentic and someone else is not pretending to be the bank? A) Choosing a symmetric session key B) Sending a Client Hello C) Receiving a Server Hello D) Verifying that the public key belongs to the bank through the bank's digital certificate
D
A bitcoin transaction in simplest terms consists of an owner of bitcoin transferring ownership to another party. Valid transactions are captured by ______ who will hash, compile, and eventually integrate the mined block into a blockchain network if legit. A) hackers B) bankers C) ADMINs D) miners
D
A business wants to use keys issued by a trusted third party to demonstrate it is a legitimate organization to potential customers. Which key should the business send to potential customers to prove its identity? A) Private key of the root CA B) Public key of the root CA C) Private key of the company D) Public key of the company
D
A company wants to protect the content of employees' laptops to make sure that, in case of a loss, someone who finds the laptop cannot easily bypass the operating system access controls by placing the hard drive in another computer system. Which encryption method can the company use for this scenario? A) Self-encrypting drive B) File encryption C) Trusted Platform Module D) Full disk encryption
D
A developer wants to send a system administrator an encrypted email message and uses a system administrator's email address to generate the public key. Which encryption method is a developer using in this process? A) Elliptic-curve cryptography B) Knapsack encryption C) Homomorphic encryption D) Identity-based encryption
D
From the list below select the file type digital certificates are most often exported to. A) .XLS B) .XOR C) .CER D) .DOC
D
_______ is light-weight cryptography method for hashing and is based on an AES-type approach. It can create 80-bit, 128-bit, 160-bit, 224-bit and 256-bit hashes. It takes an arbitrary-length input and produces a variable-length output. A) ELLI B) Trivium C) PRESENT D) PHOTON
D
________ provides a cryptography method to give a verifiable method that a data entity was created at a defined time. A) TOTP B) OTP C) HOTP D) TSP
D
______is seen as a replacement for RSA, especially for embedded systems which would struggle to cope with the processing requirements of RSA. A) RSA-Lite B) RSA-1 C) MD5 D) Elliptic curve
D
ECC is an ________ cipher which leverages ____________ characteristics. ECC is faster than RSA and similarly provides both authentication and encryption. ECC uses _______ than RSA and is used in smaller devices like ________
asymmetric, discrete logarithm, less resources, smartphones
Counter (CTR) mode is a _____________ algorithm method under the FIPS _______ standard, which defines _________ symmetric block ciphers.
stream symmetric, 197, AES
Output Feedback (OFB) mode is a ________ and _________ algorithm method, based on the FIPS _______ standard which defines ______________.
stream, symmetric, 198, Hash-based Message Authentication Code (HMAC)
SHARK is a _______ round ______ cipher and can use a ______ bit key and a _____ bit block
6, symmetric block, 128, 64
TEA is a _____ round ______ cipher and can use a ______ bit key and a _____ bit block
64, symmetric block, 128, 64
IDEA is a _____ round _______ cipher and can use a _______ bit key size and a _______ block size
8, symmetric block, 128, 64
A ___ attack on a hash can take advantage of similar content, or instances where part of the message has some significance to the original, and generates the same hash signature. A) Pre-image B) Collision C) Dictionary D) Full context
A
A ____ generates a true random number, and uses some form of random process. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. Overall the method is generally slow, especially if it involves human interaction, but is non-deterministic and aperiodic. A) True random number generator (TRNG) B) Pseudo-random number generator (PRNG) C) Deterministic random number generator (DRNG) D) Periodic random number generator (PRNG)
A
A ______ is a value which only has factors of 1 and itself, and used in areas such as key exchange and in public key encryption. A) Prime number B) Digit C) Modulus Operator D) Binary
A
A business wants to use keys issued by a trusted third party to demonstrate to potential customers that it is a legitimate organization. Which key is used to sign the certificate issued to the business? A) Private key of the root CA B) Public key of the root CA C) Private key of the company D) Public key of the company
A
A major disadvantage associated with symmetric encryption centers around the need to do what? A) Exchange the secret key B) Manage the public key C) Manage the key pair D) Exchange the public key
A
A mining node that successfully completes the creation of a current Blockchain is __________. A) rewarded with bitcoins B) a class 1 felon C) deducted bitcoins D) violating privacy
A
A number that is used only one time, then discarded is called what? a. Nonce b. IV c. Salt d. Chain
A
A weakness of PKI involves users being tricked into installing a root CA, later used to validate fake certificates. A) True B) False
A
A weakness of one-way hashing is that the same piece of plaintext will result in the same ciphertext. Which can lead lead to eventual cracking depending the strength of the the algorithm and other factors. What can be applied to help counter the this weakness? A) salt B) SRAM C) ether D) collisions
A
AES has proven to be free from major vulnerabilities due to factors such as it's relatively strong encryption. What aspect of AES can diminish that fact and make it susceptible to different types of attacks resulting in compromise? A) Poor implementation of the encryption method B) Intermittent steam operations C) Lack of variable key lengths D) Use of variable key lengths
A
According to current US export law, RSA moduli larger than how many bits may not be used for key exchange in software exported from the US. A) 512 B) 256 C) 64 D) 128
A
An administrator needs to encrypt the following word with the Atbash cipher: security Which ciphertext is correct? A) hvxfirgb B) hemfirjc C) hexfirgc D) hyxfigrb
A
Asymmetric key encryption makes use of two keys and symmetric key encryption makes use of a single key. A) True B) False
A
Bitcoin currency is created when users mine for it, using computers to perform complex calculations through special software. A) True B) False
A
Describe the benefit of Authenticity in cryptography A) Idea that the communication is with intended person B) Keeping things secret C) Knowing that a message was not changed D) Denies ability of someone to say "it wasn't me"
A
Each of the choices below are examples of certificate types except for which? A) X.400 B) PKCS #10 C) PKCS #7 D) X.509
A
Employee B sends Employee A an encrypted message. What does Employee A use to decrypt the message from Employee B? A) Employee A's private key B) Employee B's private key C) Employee A's public key D) Employee B's public key
A
Encryption keys of mobile devices are commonly stored on the device within the TPM chip, and can only be revealed with a password or fingerprint. What are common features would add difficulty to for an attacker trying to brute force a stolen device to access the key? A) lock-out time B) screen protector C) sim protector D) nonces
A
From the list below, which hash option is used in Microsoft Windows environments storing passwords that are fewer than 15 characters long? A) LM B) NTFS C) AES D) PIX
A
From the list below, which is used for performing full disk encryption? A) FileVault B) aescrypt C) Flip D) BitBlockerX
A
Given the access control list below, what does the number "23" signify? access-list 23 deny ip 150.10.1.254 0.0.0.0 176.16.0.0 255.255.255.0 A) The access list number B) Telnet C) The destination port D) The protocol number
A
Hashed versions of passwords in Unix environments are stored in the _______ . A) passwd file B) GSA-certified safe C) registry D) hosts file
A
How can the bank prove the integrity of the message that a bank's customer is sending to its servers? A) By using the HMAC value from the client's encrypted message B) By using the bank's digital certificate C) By using an initialization vector (IV). D) By sending a Server Hello to the client
A
How does TKIP improve WPA over WEP? A) Hashes the initialization vector and secret key B) Implements a RADIUS server C) Implements an authentication server D) Creates an AES encryption key
A
How does cipher block chaining (CBC) create randomness in a second block after encrypting the first block with an initialization vector (IV)? A) Uses the results of the IV to encrypt the next block B) Increments the IV to encrypt the next block C) Creates a new, random IV to encrypt the next block D) Generates a new IV to encrypt the next block
A
How many transformation rounds does AES use with a 128-bit key? A) 10 B) 12 C) 14 D) 16
A
In comparing ECC and RSA, which would be better suited for use with embedded systems? A) ECC, as embedded systems which would struggle to cope with the processing requirements of RSA B) RSA, as embedded systems which would struggle to cope with the processing requirements of ECC
A
In comparing symmetric encryption to asymmetric encryption, which would be best suited for real-time encryption solutions where fast conversion is needed? A) symmetric B) asymmetric
A
In comparing symmetric stream encryption to symmetric block encryption, which is faster and would be better suited for real-time applications? A) Stream B) Block
A
In lightweight cryptography, keys are relatively smaller than those used in conventional cryptography and are often how many bits? A) <90 B) >128 C) >90 D) 128
A
In the Cisco environment, passwords hashed with the Type 5 method have a hash value of how many bits? A) 128 B) 512 C) None D) 256
A
In which authentication does the client proves its identity to the server? This might be though a hardware address, a nonce, or an IP address. With this method, both the client and the server identify themselves to each other, and is thus the most secure method, as we reduce the risk of a spoof device on either end. A) One-way client authentication B) Mutual authentication C) One-way server authentication
A
Jeff wants to implement a password generation solution within a controlled environment at his organization that limits the time the password is valid to 10 minutes for visiting contractors. What can Jeff use as a solution? A) TOTP B) Bcrypt C) Crypt D) TSP
A
John is going to use RSA to encrypt a message to Joan. What key should he use? a. Joan's public key b. A shared key c. Joan's private key d. A random key
A
LDAP is based on what standard? A) x.500 B) RFC1321 C) x.509 D) FIPS 180
A
Large volumes of plaintext need to be encrypted, and the encryption keys need to be securely distributed. Which approach should be used for encryption and distribution? A) Encrypt by using symmetric keys and distribute by using asymmetric keys B) Encrypt by using asymmetric keys and distribute by using symmetric keys C) Encrypt by using symmetric keys and distribute by using symmetric keys D) Encrypt by using asymmetric keys and distribute by using asymmetric keys
A
Lightweight cryptography solutions must have a RAM and ROM requirement that is less taxing than that of conventional cryptography. A) True B) False
A
Mike and Ike have decided to use MD5 and Diffie Hellman Group 5 for a tunnel they plan to establish using IPSec. During which phase of the IPSec connection setup must these algorithms be negotiated? A) Phase 1 B) Phase 4 C) Phase 3 D) Phase 2
A
Mike and Ike have decided to use a time-based Security Association (SA) of 5,000 seconds for a tunnel they plan to establish using IPSec. During which phase of the IPSec connection setup will the SA lifetime be established? A) Phase 2 B) Phase 4 C) Phase 3 D) Phase 1
A
Online banking transactions are almost identical every time and the data being transported back and forth is almost always the same. This makes the transaction very susceptible to attacks. How can a bank customer make sure that each banking session is different to mitigate an attack on the communication with the bank? A) By using an initialization vector (IV) B) By receiving a Server Hello C) By using the bank's digital certificate D) By sending a Client Hello
A
Order the steps required to send a confidential, authenticated message that incorporates hashing to ensure integrity. 1. Receiver computes hash of the original message and compares to the now decrypted original hash to ensure they matches 2. Sender produces a hash of the message and encrypts it using sender's private key 3. Receiver decrypts packaged up [original message + encrypted hash] with receiver's private key 4. Sender packages up [original message + encrypted hash] and encrypts both with receiver's pubic key 5. Receiver decrypts the encrypted hash with sender's public key A) 2, 4, 3, 5, 1 B) 4, 2, 5, 1, 3 C) 1, 2, 3, 4, 5 D) 5, 3, 1, 2, 4
A
Output Feedback (OFB) creates a synchronous stream output. A) True B) False
A
Public key encryption is an asymmetric key method that uses a public key (which can be distributed) and a private key (which should be kept private). A) True B) False
A
RC4 has a variable key length that ranges from ___ to ____ . A) 1-256 bytes B) 1-2048 bytes C) 1-256 bits D) 40-2048 bits
A
RC4 has a variable key size up to ___ bits. A) 2048 B) 192 C) 128 D) 128
A
RC5 can use block sizes of 32, 64, and 128 bits and capability to operate with key sizes up to ____ bits. A) 2048 B) 1024 C) 128 D) 256
A
Salting the password protects an LDAP hash from an attack involving what? A) Rainbow Table B) Ciphertext C) Frequency Anaysis D) Known Plaintext
A
Select the correct attributes for the symmetric block cipher Skipjack from the list below. A) 64 bit block size, 80 bit key size B) 80 bit block size, 128 bit key size C) 80 bit block size, 64 bit key size D) 64 bit block size, 128 bit key size
A
Shawn has received an X.509 certificate in binary format, but with the system he needs to import the cert into does not accept certificates in this state. What does he likely need to do to address the issue he has? A) convert to PEM B) convert to DER C) convert to X.500 D) convert to X.400
A
Sue is planning to employ asymmetric cryptography within her organization and wants the means by which public keys are shared to include some form of verification. Of the choices below, which would be the best approach. A) Provide distributable digital certificates to communication parties B) Post the key pair on a company site accessible to the public C) Share the private key instead using Diffie Hellman D) Post public keys on a company site accessible to the public
A
The Counter (CTR) block cipher mode converts the block cipher into a stream cipher. A) True B) False
A
The major problem of symmetric-key encryption is figuring out how to pass the secret key between communicating endpoints. A) True B) False
A
The message digest produced by SHA-1 is ____ bits. A) 160 B) 128 C) 64 D) 256
A
The strength of the Diffie-Hellman method normally relates to the size of the ______ which are used in the key exchange. A) prime number bases B) public Keys C) least Significant Bit D) blocks
A
This allows a new unique password to be created for each instance, based on an initial seed. A) One-Time Password B) Timed One-Timed Password C) Hashed One-Time Password
A
This pads with spaces and is only used with ASCII text. A) Space B) Null C) Random D) Zero Length
A
What IP protocol number does Encapsulating Security Protocol (ESP) use? A) 50 B) 51 C) 500 D) 443
A
What advantage do symmetric algorithms have over asymmetric algorithms? a. They are faster b. They are more secure c. It is easier to exchange keys d. It is easier to implement them in software
A
What are the two main applications of public-key encryption? A) Secret-key protection and identity checking B) Secret and public-key protection C) Data encryption and identity checking D) Data encryption and public-key protection
A
What defines a prime number? A) Only has factors of itself and 1 B) Only has factors of itself and 2 C) Evenly divisible by 3.14 D) Evenly divisible by 10
A
What does a frequency analysis attack to break encryption involve? A) Analyzing ciphertext to identify text variation and comparing the text to standard English characters B) Performing an exhaustive search to attempt every possible mapping or key C) Interfering between two parties and sometimes intercepting or modifying data in the communication stream D) Identifying part of the ciphertext and the corresponding plaintext
A
What does cipher block chaining (CBC) use with the key to encrypt subsequent blocks of plaintext? A) Previous generated ciphertext B) Previous generated plaintext C) Two blocks of plaintext D) Secondary block of plaintext
A
What happens to the hash of a file if it is rehashed after the first character of the file is changed? A) The entire hash is different. B) The beginning of the hash is altered. C) The hash is unaltered. D) The hash algorithm is replaced.
A
What is a concern with storing long-term secrets on media or memory? A) Integrity B) Randomness C) Modularization D) Assertions
A
What is a vulnerability of the Data Encryption Standard (DES)? A) Key length is too long. B) Key length is too short. C) Bits are rearranged in a semi-ordered fashion during the encryption process D) The plaintext is split into two equal halves that are labeled L and R.
A
What is an IV? a. A fixed size random stream that is added to a block cipher to increase randomeness. b. Random bits added to a hash. c. The key used for a cryptography algorithm d. The cipher used.
A
What is one of the primary characteristics of a blockchain in the context of Bitcoin? A) Adding blocks to a blockchain is computationally expensive. B) The security of the chain in a blockchain is independent of its length. C) Transactions between each block are chained. D) Transactions within each block are chained.
A
What is referenced to determine if a certificate has been revoked? A) Certificate Revocation List B) Certificate Revocation Authority C) Certificate Approver D) Revocation List
A
What is the key size for RC4 with WEP? A) 40 bits B) 128 bits C) 256 bits D) 512 bits
A
What is the key size in bits for the light-weight symmetric stream cipher Enocoro? A) 128 B) 80
A
What is the key size in bits for the light-weight symmetric stream cipher Rabbit? A) 128 B) 80
A
What is the mathematical formula used for symmetric decryption? A) P = E (K,C) B) C = E (K,P) C) E = C (K,P) D) K = C (P,E)
A
What is the maximum length (in bits) of encryption keys used by the WEP protocol? A) 40 B) 56 C) 128 D) 256
A
What method can be use to overcome the weakness in Diffie Hellman involving the ease at which values of Diffie Hellman parameters that use the DHE_EXPORT cipher set can be precomputed? A) Use a strong group B) Enable Export Cipher Suites C) Use key clustering D) Use multiple co-prime factors
A
What must occur in order for a cipher to be considered 'broken'? a. Finding any method that is more efficient than brute force. b. Uncovering the algorithm used c. Decoding the key d. Rendering the cipher no longer useable
A
What needs to be installed on end users' computers to allow them to trust applications that have been digitally signed by the developer? A) Sender's public key B) Sender's private key C) Receiver's public key D) Receiver's private key
A
What size block does Skipjack use? a. 64 b. 128 c. 256 d. 512
A
What type of encryption allows us to operate on data without having to decrypt it first. A) homomorphic B) mono-alphabetic C) quantum D) homophonic
A
What variation of Diffie Hellman involves use of a different key for each connection? A) DHE B) ECC C) DH-Secure D) DHRA
A
When IPSec transport mode is used, traffic is encrypted while moving through the trusted network and cannot be checked by firewalls, IDSs and virus scanners. A) True B) False
A
When employing ______ methods in key exchange, a different key is used for each connection. This ensures the leakage of any long-term key would not cause all the associated session keys to be breached. A) Ephemeral B) Rotating C) Entropy D) Stealth
A
When using _____ with IPSec, the payload and the original IP header is encrypted and then a new packet header is added to the start of the data packet. A) AES B) IKE C) ESP D) AH
A
When using a PKI setup with certificate usage to ensure trust, a certificate generated by a trusted root CA is digitally signed with the _____ of the CA, so that the _______ of the CA can be used to check the validity of it. A) private key, public key B) public key, private key C) pubic key, ephemeral key D) private key, private key
A
Which IEEE 802.1x authentication protocol is associated with username/password? A) LEAP B) EAP-TLS C) PEAP D) EAP-SIM
A
Which IPSec mode is depicted below? Untrusted Network User1 <---- Encrypted Traffic ----> User2 A) Transport mode B) Tunnel mode C) Traverse mode D) Payload mode
A
Which IPSec mode is depicted below? Untrusted Network unencrypted traffic <---- Encrypted Traffic ----> Unencrypted traffic A) Tunnel mode B) Traverse mode C) Transport mode D) Untrusted mode
A
Which algorithm implements an unbalanced Feistel cipher? a. Skipjack b. 3DES c. RSA d. Blowfish
A
Which attack from the list below entails an attacker determining the amount of time that a user takes to decrypt the message to find the key? A) time attack B) TOCTOU-3 C) time resetting D) NTP Server enumeration
A
Which attribute is associated with WPA-2? A) AES-CCMP encryption B) RC4, TKIP, 48-bit IV C) RC4. 40 bit-encryption, 24-bit IV
A
Which backdoor cryptography method involves having a copy of the encryption key that law enforcement agents could use if they require access to the data? A) Key escrow B) Encryption by default C) RSA cracking D) NOBUS backdoor
A
Which cipher uses a five-by-five matrix with nonrepeating characters? A) Playfair B) Rail code C) Pigpen D) Vigenère
A
Which cipher uses a grid to map letters into numeric values? A) Bifid B) SHA-1 C) Caesar D) Vigenère
A
Which code tracking attack method is where the intruder uses brute force to decrypt the ciphertext and tries every possible key? A) Exhaustive search B) Known plaintext attack C) Man-in-the-middle D) Chosen-ciphertext
A
Which cryptographic algorithm is used to protect network-level communications? A) IPSec B) TLS C) SSL D) VPN
A
Which cryptographic algorithm takes an arbitrary block of data and returns a fixed-sized string? A) Hashing function B) Secret-key algorithm C) Public-key algorithm D) Digital signature algorithms
A
Which encryption process minimizes known plaintext attacks against Advanced Encryption Standard (AES)? A) Randomizing the initialization vector B) Using a hashing algorithm C) Increasing the block size D) Decreasing the block size
A
Which encryption technology is a serial combination of hashing, data compression, symmetric-key cryptography, and public key infrastructure (PKI) and can be used for encrypting texts, emails, files, and directories or for full disk encryption? A) Pretty Good Privacy (PGP) B) Wired Equivalent Privacy (WEP) C) Diffie-Hellman (DH) D) Rivest-Shamir-Adleman (RSA)
A
Which feature of Wi-Fi Protected Access (WPA) increases the difficulty of attack? A) Temporal Key Integrity Protocol (TKIP) B) Pre-shared key (PSK) C) Extensible Authentication Protocol (EAP) D) Internet Key Exchange (IKE)
A
Which information protection method has an 80-bit key and operates on 64-bit data blocks? A) Skipjack B) IDEA C) DES D) Twofish
A
Which key would an administrator use to encrypt data so only the CEO can decrypt it? A) CEO's public key B) CEO's private key C) Administrator's private key D) Administrator's public key
A
Which lightweight symmetric encryption method operates on a 64-bit block using rounds of substitution boxes (S-boxes) and permutation boxes (P-boxes)? A) PRESENT B) SIMON C) SPECK D) SPONGENT
A
Which method of encryption uses a polyalphabetic substitution cipher to encrypt a plaintext message? A) Vigenère cipher B) BIFID cipher C) Pigpen cipher D) Caesar cipher
A
Which mode encrypts each group with the same key, leaving each group independent of the others? A) ECB B) CBC C) CFB D) OFB
A
Which mode of block encryption results in the same outcome for matching blocks of a plaintext message? A) Electronic Code Book (ECB) B) Output feedback (OFB) C) Cipher block chaining (CBC) D) Cipher feedback (CFB)
A
Which mode produces the same ciphertext from two identical plaintext blocks? A) Electronic codebook (ECB) B) DES C) Block Encryption D) AES
A
Which of the below 5 keys make up the Pairwise-Transient-Keys (PTK) that is used with TKIP setup for the unicast packets sent by clients? A) MIC Authenticator Rx Key (MIC Rx) B) Key Encryption Key (KEK) C) Temporal Key (TK) D) MIC Authenticator Tx Key (MIC Tx) E) Key Confirmation Key (KCK)
A
Which of the following equations describes the encryption process for RSA? a. M^e% n b. P = C^d% n c. D^e% n + B d. y^2 = x^3 + Ax + B
A
Which of the following is generally true about key sizes? a. Larger key sizes increase security b. Smaller key sizes increase security c. Key size is irrelevant to security d. Key sizes must be more than 256 bits to be secure
A
Which of the following would be the fastest? a. AES b. RSA c. DH d. EC
A
Which of the symmetric block ciphers from the list below operates on 64 bit blocks and key size of 128 bits. A) XTEA B) Skipjack C) AES D) RSA
A
Which prime number factorization method is associated with the RSA algorithm? A) Integer factorization B) Discrete logarithms C) Elliptic curve relationships
A
Which security components are provided by digital signature? A) Integrity, non-repudiation, and proof of origin B) Non-repudiation, integrity, and confidentiality C) Proof of origin, confidentiality, and non-repudiation D) Confidentiality, integrity, and proof of origin
A
Which stage of key/certificate management includes registration, key pair generation, certificate creation and certificate/key distribution, certificate dissemination, and key backup? A) Initialization B) Cancelation C) Issued
A
Which substitution cipher system reverses the sequence of the alphabet? A) Atbash B) Caesar C) ROT13 D) Affine
A
Which technique solves polyalphabetic substitution ciphers by deducing the key length? A) Kasiski's method B) Frequency analysis C) Exhaustive search D) Rainbow tables
A
Which type of attacks are Diffie-Hellman methods vulnerable to? A) Man-in-the-middle B) Brute-force C) Rainbow D) Dictionary
A
Which type of certificate must be certified by an authority to verify it with other participants? A) Public Certificate B) Private Certificate C) Certificate Provider D) Revocation Authority
A
Which wireless security standard uses a 128-bit RC4 stream cipher for encrypted communications? A) WPA B) WEP C) VPN D) GSM
A
Wi-Fi Protected Access (WPA) uses ____-bit RC4. A) 128 B) 48 C) 40 D) 24
A
With Bitcoins, the _____ key defines our identity and we use it to sign for transactions, and prove our identity to others with the ______ key when making use of ECC. A) private, public B) ephemeral, local C) public, private D) local, ephemeral
A
With IPSec _____ mode, we have end-to-end tunneling, where the encryption scope spans across of the network, and where no intermediate scanning is possible for the content stored within the packets. A) Transport B) Payload C) Datagram D) Tunnel
A
With key exchange we typically have a time-out for the key to be used. At the end of this period what happens to the key? A) The key is renegotiated B) The key is revoked C) The key is placed on hold D) The key is discarded
A
With symmetric encryption, a single secret key is used to both encrypt and decyrpt a given message. A) True B) False
A
With the ___ block cipher mode operation, first the data blocks are XOR'd with the encrypted version of the initialization vector. Following that, the output of the first stage encryption is fed into the next stage, and encrypted, with the output being XOR'ed with the second block. A) OFB B) Choice 3 C) ECB D)CTR
A
Within IEEE 802.1x, which protocol from the list below supports authentication for server supplied digital certificates? A) PEAP B) LEAP C) EAP-TLS D) WEP
A
___ operates with 128 bit blocks and a variable key size of 128, 192, or 256 bits. A) AES B) Skipjack C) XTEA D) 3DES
A
____ is a Key Derivation Function defined in RFC 2898 that generates a salted hash. It is often used to create an encryption key from a defined password, and where it is not possible to reverse the password from the hashed value. A) PBKDF2 B) ECC C) Scrypt D) ccCrypt2
A
_____ authentication refers to a condition where the user authenticates themselves to the end service. A) End-to-end B) Intermediate C) Full D) Intermediary
A
_____ is a quantum algorithm likely to be paired with quantum computers in the near future for RSA cracking due to its ability to determine the prime number factors of a given number. A) Shor's algorithm B) Paul Hsieh's Algorithm C) SPECK D) Bernstein Algorithm
A
______ cryptography uses asymmetric cryptographic primitives based on lattices. It has been known about for several decades, and is now being investigated because of its quantum robustness, whereas many of the existing public key methods such as RSA and Diffie-Hellman cryptosystems can be broken with quantum computers. A) Lattice-based B) Heavy-weight C) Hash-based D) Light-weight
A
______ have fast multiplication circuits, and thus can be used to perform multiplications and search a range of prime numbers at a speed which would break most existing RSA implementations. A) Quantum computers B) Internet of Things Devices C) Lightweight cryptographic systems D) Embedded systems
A
______ is a block cipher created by Mitsubishi and NTT. A) Camellia B) Diffie-Hellman C) SHA-1 D) RC4
A
________ is a polyalphabetic cipher that employs an improved code over the scrambled alphabet approach, where a different mapping, based on a keyword, is used for each character of the cipher. A) Vigenère cipher B) BIFID C) ROT D) Caesar cipher
A
____________cryptography uses one key to encrypt a message and a different key to decrypt it. a. Asymmetric b. Symmetric c. Stream d. Secure
A
From the choices below, select two common problems associated with CRL usage. A) Certificates can be revoked in error B) Many systems do not continually check the list whenever a certificate is used. C) Files becoming too small over time hindering query ability D) Validation creep
AB
From the list below, select the concepts considered as potentially viable upgrades to cryptography to provide a level of robustness to meet forthcoming processing power in quantum computers. Select two. A) Lattice-based cryptography B) Multivariate polynomial cryptography C) Lightweight cryptography D) Mono-alphabet Substitution
AB
From the list below, select the stream encryption method(s) that would be used for encryption in GSM cellular networks. Select all that apply. A) A5/2 B) A5/1 C) B5/1 D) MD5
AB
Of the choices below, select the ones that are prime numbers. Select all that apply. A) 73 B) 71 C) 72 D) 74
AB
Select the asymmetric cryptosystems from the list below. A) RSA B) ECC C) AES D) RC4
AB
Select the symmetric block ciphers from the list below. A) Blowfish B) IDEA C) RSA D) RC4
AB
Select the the weaknesses in WEP from the list below. Select all that apply. A) Susceptibility to message replay B) Susceptibility to Fluhrer, Mantin, Shamir attack C) Small value of IV D) Lack of message tampering identification
AB
The two main phases of RC4 operation include ___ and _____. A) key ciphering B) key setup C) verifying D) signing
AB
WPA-2 uses the AES-CCMP block encryption method and supports what two modes of operation? A) Enterprise B) Personal C) Global D) Post-shared
AB
Which two components involved in performing encryption are known to the party that will perform decryption before symmetric encryption is applied? Choose 2 answers. A) Cryptographic algorithm B) Cryptographic key C) Plaintext content D) Initialization vector E) Nonce value
AB
AES is capable of operating with keys of varying sizes. Which key sizes from the list below is AES capable of using? Select 3. A) 128 B) 256 C) 192 D) 64
ABC
From the list below select three viable methods for exchanging the secret key in symmetric cryptography? A) Use a key exchange protocol B) Use Diffie-Hellman C) Encrypt the key with a public key and pass it to the other side where the matching private key can be used to decrypt it D) Use Kerberos
ABC
RC5 is capable of operating with blocks of varying sizes. Which block sizes from the list below can RC5 use? Select 3. A) 64 B) 128 C) 32 D) 192
ABC
Select the light-weight stream ciphers from the list below. Choose three. A) Trivium B) Grain C) Mickey V2 D) CLEFIA
ABC
Use of AES, SHA and other conventional cryptography solutions are impractical for use in IoT and embedded systems due to what factors? Select all that apply. A) They consume too much battery power B) They take up too much physical space C) They consume too much too processing power D) They provide outdated encryption capabilities
ABC
What are three elements that directly relate to password strength and their susceptibility to cracking? Select 3. A) The range of characters in the password B) The cracking speed of a brute force generator C) The number of characters in the password D) The type of system or account created for
ABC
From the list below, select the items that the gas price per transaction in Etheruem directly influences. Select all that apply. A) DoS prevention B) Infinite loop prevention C) Spanning tree D) Code designer efficiency
ABD
Select the light-weight symmetric stream ciphers from the list below. A) Mickey v2 B) Rabbit C) Simon D) Enocoro
ABD
Which of the following is required for a hash? a. Variable length input, fixed length output b. Few collisions c. Minimum key length d. Not reversible e. Not vulnerable to a brute force attack f. Must use SALT
ABD
From the list below select the protocol(s) used for authentication within IEEE 802.11. Select all that apply. A) PEAP B) WPA-2 C) LEAP D) WEP
AC
From the list below, select the advantages ChaCha has over software-enable AES. Select two. A) Faster speed B) Variable key size option C) More protection against timing attacks D) Larger block sizes
AC
From the list below, which choices are most in line with the the purpose of hashing. Select two. A) Protect integrity B) Protect confidentiality C) Allows you to check whether a file has been changed D) Allows you to check whether a file has been viewed
AC
Given the list below, the most common practical uses for public-key cryptography include_______. Select two. A) Identity checking B) Hashing data C) Key protection D) Encrypting of data within a tunnel
AC
Of the choices below, which can be categorized as an option for the "Something you know" authentication category? Select all that apply. A) Username B) Thumb print C) Password D) Token
AC
Select the common methods used to crack RSA form the list below. Select two. A) Side-channel attacks B) DDoS attacks C) Factorization D) XSS attacks
AC
Select the symmetric stream ciphers from the list below. Choose all that apply. A) RC4 B) RC6 C) ChaCha D) RC5
AC
Steve is shopping for a symmetric encryption solution with a minimum 128-bit key size. Of the choices below, which would meet his criteria? Select two. A) IDEA B) Skipjack C) AES D) DES
AC
Which of the following modes can be used to turn a block cipher into a stream cipher? (select 2) a. CTR b. PCBC c. OFB d. CFB e. ECB
AC
From the list below, select the common methods of authentication. Select All that apply. A) One-way client authentication B) Multi Fraction Authentication C) One-way server authentication D) Mutual authentication
ACD
From the list below, select the items that are included in a distributable digital certificate. Select 3. A) Issuer name B) Private key C) Public key D) Start date
ACD
Select the block ciphers from the list below. Select all that apply. A) IDEA B) ChaCha C) RC5 D) Blowfish
ACD
Select the implementation aspects that cause potential security problems with AES. A) Use of electronic code book B) Use of 256-bit keys for encryption C) Use of nonrandomized values for key generation D) Use of encryption keys generated by a password
ACD
Which of the activities below happen during the first phase required to set up an IPSec connection? Select all that apply. A) Key exchange methods are defined B) AH and ESP use is determined C) Tunnel Policies are defined D) Hashing Method is defined
AD
Which two concerns does the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) address? Choose 2 answers A) Confidentiality B) Nonrepudiation C) Availability D) Integrity
AD
______ and _______ devices have limited numbers of gates available for security, and are often highly constrained with the power drain on the device, making use of conventional cryptography within them impractical. A) Sensor network B) Smart phone C) Tablet D) RFID
AD
A major flaw of SSL v2 was the usage of "export-grade ciphersuites" which essentially forces implementation of keys that are ________. A) unbreakable B) crackable C) salted D) HTTP
B
A security analyst decrypted a data set with the same key that originally encrypted the data set. Which cryptographic operation did the analyst use? A) Asymmetric B) Symmetric C) Hashing D) Kerberos
B
A security analyst is validating the integrity and authenticity of a data transaction. Which PKI component is being used? A) Digital certificate B) Digital signature C) Asymmetric encryption D) Symmetric encryption
B
According to Moore's law, computing capability essentially doubles every how often? A) 12 months B) 18 months C) 24 months D) 5 years
B
All of the following are key exchange protocols except for____ a. DH b. AES c. MQV d. ECDH
B
An attacker tricks a victim user to sign for seemingly harmless messages, performs a mathematical calculation to ascertain the actual signature, and then uses the signature to sign items as the victim. What attack on cryptography does this scenario describe? A) Meet-in-the Middle Attack B) Blinding Attack C) Chinese Remainder Attack D) Bleichenbacher's Attack
B
As part of the process an organization wishing to have a certificate it generates signed by a CA, the organization must create a _____ which contains the details of the organization (such as the organization name, the domain-name, the contact email address, the locality, and the unit name). A) CRT B) CSR C) OCSP D) XSS
B
Bitcoin leverages ECC to ____ transactions. A) monitor B) sign for C) store D) prevent
B
Bitcoin miners with the ______ resources have the best chances of successfully mining transactions to gain rewards. A) stealthiest B) fastest C) newest D) quietest
B
Bitcoins generate a 256-bit random key which is converted into a ______ key, and which has a 256-bit private key and a 512-bit public key. A) shared B) Wif C) TOR D) pseudo-random
B
Blowfish and Twofish are examples of what? A) Exotic aquatic species B) Symmetric block ciphers C) Symmetric Stream ciphers D) Asymmetric block ciphers
B
Describe the benefit of Confidentiality in cryptography A) Idea that the communication is with intended person B) Keeping things secret C) Knowing that a message was not changed D) Denies ability of someone to say "it wasn't me"
B
Determination of whether AH, ESP or both will be used in a given IPSec connection occurs in the 1st phase, IKE. A) True B) False
B
Each time a Bitcoin miner processes a transaction, the reward increases which in turn ensures the supply of coins increases over time. A) True B) False
B
El Gamal is a symmetric key cryptography method that is used in both encryption and digital signing. It is used in many applications and uses discrete logarithms. A) True B) False
B
Ethereum was created by Vitalik Buterinin in 2015 and was built on the Bitcoin/Blockchain concept but included which additional concept? A) cryptography B) smart contracts C) transactions D) crypto currency
B
FIPS 140-4 is the Secure Hash Standard. A) True B) False
B
From the list below select the protocol(s) used for encryption within IEEE 802.11. Select all that apply. A) LEAP B) WPA C) PEAP D) EAPS
B
From the list below, select the management protocol most commonly associated with UDP port 500 by default. A) Windows Remote Management (WinRM ) B) Internet Key Exchange (IKE) C) Remote Desktop Protocol (RDP) D) Simple Network Management Protocol (SNMP)
B
From the list below, which conventional cryptography method is considered suitable for solutions requiring lightweight cryptography such as IoT devices, due to its relative secure nature and flexibility of block and key sizes? A) AES B) RC5 C) eXtended TEA D) SHA256
B
Given the access control list below, which IP address is the "from" IP? access-list 23 deny ip 150.10.1.254 0.0.0.0 176.16.0.0 255.255.255.0 A) 255.255.255.0 B) 150.10.1.254 C) 150.10.1.0 D) 176.16.0.0
B
How can you make sure that all the session keys used in client-server key exchange are not compromised even if the server's long-term encryption key is compromised? A) Elliptic-curve ciphers B) Perfect Forward Secrecy C) PKI D) OpenSSL
B
How does CBC mode encryption function? A) Encrypts each block with the same key, where each block is independent of the others B) Uses an initialization vector (IV) to encrypt the first block, then uses the result of the encryption to encrypt the next block C) Uses a self-synchronizing stream on the blocks, where the initialization vector (IV) is encrypted and XORed with the data stream D) Converts from block into stream, then uses a counter value and a nonce to encrypt the data
B
If the round function is a cryptographically secure pseudorandom function, then ___ rounds is sufficient to make the block cipher a pseudorandom permutation. a. 2 b. 3 c. 15 d. 16
B
If the round function is a cryptographically secure pseudorandom function, then ___rounds is sufficient to make it a "strong" pseudorandom permutation. a. 3 b. 4 c. 15 d. 16
B
In _________ encryption, two electronic keys are used, one is used to encrypt the plaintext, and the other is used to decrypt it back to plaintext. A) random-key B) asymmetric-key C) symmetric D) secret-key
B
In _________ encryption, we use a single electronic key to encrypt the plaintext, and the same key is then used to decrypt. A) asymmetric-key B) secret-key C) public-key D) random-key
B
In _________ encryption, we use a single electronic key to encrypt the plaintext, and the same key is then used to decrypt. A) public-key B) symmetric C) random-key D) asymmetric-key
B
In comparing public and private blockchain implementations, which offers the best level of trust and security? A) Private B) Public
B
In which authentication method do both the client and the server identify themselves to each other, and is thus the most secure method, as we reduce the risk of a spoof device on either end? A) One-way client authentication B) Mutual authentication C) One-way server authentication
B
Josh sends Shawn a digitally signed message using asymmetric cryptography. What key will Josh use to sign the message? A) Shawn's public key B) Josh's private key C) Shawn's private key D) Josh's public key
B
Of the choices below, which can be categorized as an option for the "Something you are" authentication category? Select all that apply. A) Password B) Thumb print C) Token D) Smart Card
B
One of the core advantages of using RC4 is that the key length is fixed. A) True B) False
B
Public-key cryptography involves use a single secret key to both encrypt and decrypt a message. A) True B) False
B
RC4 employs a key size of ____ bits when used in TKIP implementations. A) 40 B) 128 C) 256 D) 80
B
RC4 is a symmetric block cipher commonly used with SSL and WEP. A) True B) False
B
RSA derives its security from the computational difficulty of factoring large integers that are the product of two large ______ numbers. A) Odd B) Prime C) Even D) Rational
B
RSA encryption keys can be guessed if the values are non-deterministic. A) True B) False
B
Regarding crypto currency, BTC is to Bitcoin as _____ is to Ethereum. A) gas B) ether C) ETT D) geth
B
Regarding digital certificates, a self-signed certificate provides the highest degree of credibility and validity. A) True B) False
B
SPECK is an Ultra-Lightweight stream cipher that is optimized for performance in hardware implementations. A) True B) False
B
Select the correct attributes for the symmetric block cipher IDEA from the list below. A) 128 bit blocks, 64 bit keys, >17 rounds B) 64 bit blocks, 128 bit keys, >17 rounds C) 128 bit blocks, 128 bit keys, 8 rounds D) 64 bit blocks, 128 bit keys, <17 rounds
B
Shawn has configured IPSec tunnel mode within his network environment to facilitate the security team being able to employ intrusion detection and and virus scanning of traffic entering/leaving the trusted network. There have several instances where certain traffic entering the network could still not be scanned. From the list below, what could be the reason. A) Transport vs Tunnel mode should be used B) The network connection used SSL C) TCP/IP was used D) The payload is stripped at the firewall
B
Shawn sends Patrick a digitally signed message using asymmetric cryptography. What key will Shawn use to encrypt the message before sending it to Patrick? A) Shawn's public key B) Patrick's public key C) Shawn's private key D) Patrick's private key
B
Sue is looking for a solution to implement at her organization to provide email encryption and authentication capability. From the list below, which solution would be her best choice? A) POP B) PGP C) SMTP D) PMP
B
Sue's organization uses RFID technology extensively. She has been tasked to identify a potential asymmetric light-weight cryptography option to consider. Which option from the list below best fits the need? A) PHOTON B) ELLI C) Enocoro D) CLEFIA
B
TKIP employs a ____ bit IV value. A) 128 B) 48 C) 24 D) 40
B
The Pigpen cipher uses a polyalphabet substitution method. A) True B) False
B
The Temporal Key (TK) is used to decrypt multicast and broadcast traffic. A) True B) False
B
The ____ attack involves an attacker modifying messages. A) replay B) active C) man in the middle D) brute force
B
The _______ cryptosystem, is a homomorphic encryption scheme which allows two types of computation: - addition of two ciphertexts, and - multiplication of a ciphertext by a plaintext number A) ECC B) Paillier C) RC5 D) MD5
B
The birthday paradox concept is employed in the birthday attack on hashes in effort to identify a _____ of a given hash. A) anomaly B) collision C) change D) LSB
B
The core part of PKI is the concept of the ________. These are self-signed certificates from a root CA, and where all the certificates signed by it are trusted. A) root signature B) root certificate C) CRL D) intermediate signature
B
The major improvement NTLM provides over LM is the incorporation of salt to increase security of hashes. A) True B) False
B
The major problem of asymmetric-key encryption is figuring out how to pass the secret key between communicating endpoints. A) True B) False
B
The major weakness with Diffie Hellman is its susceptibility to having certain parameter values easily _________. A) modified in transit B) precomputed C) replicated D) modified
B
The strength of the Diffie-Hellman method normally relates to the size of the prime number bases which are used in the key exchange. A 1024-bit prime number would fall under which base? A) Second Base B) Group 2 C) Base A (Alpha) D) 1st Base
B
This allows for a new unique passcode to be created for each instance, based on an initial seed and for a given time period A) One-Time Password B) Timed One-Timed Password C) Hashed One-Time Password
B
This pads will NULL bytes and is only used with ASCII text. A) Space B) Null C) Random D) Zero Length
B
Use of RSA would be ideal for implementation in embedded systems with limited capacity for heavy power and processing overhead. A) True B) False
B
Use of a centralized server with Bitcoin facilitates ease of management of transactions. A) True B) False
B
Using substitution without transposition leads to what weakness? a. None, this is a valid approach b. Letter/word frequency is maintained c. The key can easily be derived d. It is vulnerable to chosen ciphertext attacks
B
WEP uses the block cipher RC4 configured for operation with 40-bit keys. A) True B) False
B
What cipher uses a 26-character key mapping and converts a plaintext input to fixed length chunks of Morse Code used to derive ciphertext letters? A) Morse Code Cipher Suite B) Fractioned Morse Cipher C) Hashed Morse Code D) Block Morse Cipher
B
What describes a cipher code mapping used only once and then discarded essentially making it uncrackable? A) Private key B) One-time pad C) Initialization vector D) Secret key
B
What is a common problem with using pre-shared keys (PSKs)? A) Key collision B) Secure key exchange C) Key generation D) Secure key escrow
B
What is a difference between WPA-Enterprise and WPA-Personal? A) Support for Temporal Key Integrity Protocol B) Support for an authentication server C) Use of a session key D) Use of a 48-bit initialization vector
B
What is the basis for the FISH algorithm? a. The difficulty in factoring numbers b. The Lagged Fibonacci generator c. Equations that describe an ellipse d. Prime number theory
B
What is the benefit of the time-out mechanism typically included in the Diffie Hellman key exchange process? A) No benefit B) Allows a smaller time window for an attacker to determine the key C) Allows the generator to produce multiple key in a short time which increases bit size D) Prevents excess entropy
B
What is the difference between OFB and CFB with regard to the output from a previous block fed into the cipher stage of the current block? A) CFB current block takes the plaintext of the previous block as an input while OFB current block takes the output of the XOR process of the previous block. B) OFB current block takes the output from the cipher stage of the previous block while CFB current block takes the output of the XOR process of the previous block. C) OFB current block takes the plaintext of the previous block as an input while CFB current block takes the output of the XOR process of the previous block. D) CFB current block takes the output from the cipher stage of the previous block while OFB current block takes the output of the XOR process of the previous block.
B
What is the key size in bits for the light-weight symmetric stream cipher Grain? A) 128 B) 80
B
What is the key size in bits for the light-weight symmetric stream cipher Mickey v2? A) 128 B) 80
B
What is the key size in bits for the light-weight symmetric stream cipher Trivium? A) 128 B) 80
B
What is the most commonly used format for certificates? A) X.509 v2 B) X.509 v3 C) sha-1 D) sha-2
B
What is the outcome when using the binary AND function on 11011 and 10100? A) 01110 B) 10000 C) 11110 D) 21111
B
What should be used when large amounts of data need to be encrypted and decrypted for secure storage based on groupings of 128, 192, or 256 bits? A) Symmetric stream B) Symmetric block C) Asymmetric public key D) Asymmetric private key
B
What size key does Skipjack use? a. 56 bit b. 80 bit c. 128 bit d. 256 bit
B
When IPSec tunnel mode is used, traffic is encrypted while moving through the trusted network and cannot be checked by firewalls, IDSs and virus scanners. A) True B) False
B
Which IEEE 802.1x authentication protocol is associated with client-side digital certificates? A) LEAP B) EAP-TLS C) PEAP D) EAP-SIM
B
Which attack from the list below takes advantage of the fact that some encryption schemes use the time of the computer to create the key and involves resetting this time or determining the time that the message was created to gain useful information? A) TOCTOU B) time resetting C)time attack D) Race condition
B
Which attribute is associated with WPA? A) AES-CCMP encryption B) RC4, TKIP, 48-bit IV C) RC4. 40 bit-encryption, 24-bit IV
B
Which attributes from the list below describe Twofish? A) 0-2048 key size B) 1-256 bit key size (common = 128, 192, or 256) C) 512 bit key size D) 32-448 key size (common = 128, 192, or 256)
B
Which block size does the Advanced Encryption Standard (AES) use? A) 64 B) 128 C) 192 D) 256
B
Which certificate management process involves key recovery? A) Initialization B) Issued C) Cancellation D) Hold
B
Which characteristic makes a hashing function suitable for use in signature schemes? A) Collision detection B) Collision resistance C) Collision avoidance D) Signature verification
B
Which cipher makes use of a grid which maps letters into numeric values as part of the encryption process? A) ADFGVX B) BIFID C) Playfair D) Caesar
B
Which code tracking attack method is where the intruder knows part of the ciphertext and the corresponding plaintext? The known ciphertext and plaintext can then be used to decrypt the rest of the ciphertext. A) Exhaustive search B) Known plaintext attack C) Man-in-the-middle D) Chosen-ciphertext
B
Which computing architecture type stores the least significant byte in the lowest memory address? A) Most Significant Bit B) Little Endian C) Fixed Architecture D) MSB
B
Which computing architecture type stores the most significant byte in the lowest memory address? A) MSB B) Big Endian C) Little Endian D) Fixed Architecture
B
Which concept stipulates that algorithms should be openly shared and scrutinized, but keys must be absolutely secured? A) Communication Theory of Secrecy Systems B) Kerckhoffs's principle C) Feistel function D) Mathematical Theory of Communication
B
Which cryptanalysis method involves a person being tricked into encrypting a set of known messages? A) Ciphertext-only attack B) Chosen plaintext attack C) Frequency analysis D) Kasiski examination
B
Which cryptographic algorithm has a 128-bit HASH size? A) Secure Hash Algorithm 1 (SHA-1) B) Message Digest Algorithm 5 (MD5) C) Triple Data Encryption Standard (3DES) D) Advanced Encryption Standard (AES)
B
Which encryption mode always produces the same result for the same plaintext? A) CBC B) ECB C) CFB D) CTR
B
Which encryption standard uses the same key to encrypt and decrypt messages? A) Asymmetric Key Encryption B) Symmetric Key Encryption C) Public Certificate D) CRL
B
Which factor increases the required number of attempts in a brute-force attack? A) Larger block size B) Larger key size C) More rounds D) More calculation
B
Which key combination is used to decrypt and verify a digital signature? A) Recipient's public key to decrypt and sender's private key to verify the signature B) Recipient's private key to decrypt and sender's public key to verify the signature C) Sender's public key to decrypt and recipient's private key to verify the signature D) Sender's private key to decrypt and recipient's public key to verify the signature
B
Which key method is used to create the tunnel in SSL/TLS connections? A) Session key method B) Symmetric key method C) Hashing method D) Asymmetric key method
B
Which light-weight symmetric block cipher has a variable block size of 32, 48, 64, 96, 128 bits and is optimized for hardware implementations? A) PHOTON B) SIMON C) SPECK D) PRESENT
B
Which light-weight symmetric block cipher uses an SPN (substitution permutation network) method and operates on 64 bit blocks, and 80 or 128 bit keys? A) DES B) PRESENT C) AES D) PHOTON
B
Which light-weight symmetric stream cipher has an 80-bit key size and 80-bit IV? A) PRESENT B) Trivium C) Skipjack D) Enocoro
B
Which mechanism mitigates a copy-and-paste attack when using AES? A) Electronic Code Book (ECB) B) Output feedback (OFB) loop C) Message digest 6 (MD6) D) Secure Hash Algorithm 1 (SHA-1)
B
Which of the below 5 keys make up the Pairwise-Transient-Keys (PTK) that are used by the AP when using data encryption? A) MIC Authenticator Rx Key (MIC Rx) B) Key Encryption Key (KEK) C) Temporal Key (TK) D) MIC Authenticator Tx Key (MIC Tx) E) Key Confirmation Key (KCK)
B
Which of the following algorithms uses three different keys to encrypt the plain text? a. AES b. 3DES c. Blowfish d. Skipjack
B
Which of the following is a type of encryption that has two different keys. One key can encrypt the message and the other key can only decrypt it? a. Symmetric b. Asymmetric c. Block cipher d. Stream cipher
B
Which of the following is not an asymmetric system? a. DH b. AES c. RSA d. PGP
B
Which of these hashing methods provides the best method for generating a unique password each time based on an initial seed value? A) HMAC B) One-time passwords (OTP) C) Salting D) LM hashing
B
Which prime number factorization method is associated with the El Gamal algorithm? A) Integer factorization B) Discrete logarithms C) Elliptic curve relationships
B
Which stage of key and certificate management would most likely involve CRL and OCSP? A) Issuance B) Cancellation C) Initialization D) Recycle
B
Which stage of key/certificate management includes certificate expiration, certificate revocation, Key history and key archiving? A) Initialization B) Cancelation C) Issued
B
Which symmetric encryption technique uses a 56-bit key size and a 64-bit block size? A) AES B) DES C) 3DES D) IDEA
B
Which system is used to generate digital certificates that could be trusted by both parties? A) Digital certificate reader B) PKI C) Certificate authority D) Digital certificate
B
Which type of cryptography is being used when the author uses secret inks? A) Cryptanalysis B) Steganography C) Digital encryption D) One-time pad
B
With Cipher feedback (CFB) what happens? a. The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption. b. The ciphertext block is encrypted then the ciphertext produced is XOR'd back with the plaintext to produce the current ciphertext block. c. The block cipher is turned into a stream cipher d. The key is reapplied
B
With Cipher-block chaining (CBC) what happens? a. The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption. b. Each block of plaintext is XORed with the previous ciphertext block before being encrypted c. The cipher text from the current round is XORed with the plaintext for the next round. d. The block cipher is turned into a stream cipher
B
With asymmetric encryption, a single secret key is used to both encrypt and decrypt a given message. A) True B) False
B
Within Virtual Private Network (VPN) tunneling we aim to create a connection from a host machine to a trusted network, and which is tunneled through a private network. A) True B) False
B
_____ authentication refers to a condition where only part of the conversation between the entities is authenticated. A) Full B) Intermediate C) End-to-end D) Intermediary
B
_____ is the largest positive integer that divides into two numbers without a remainder. A) OTP B) GCD C) AND D) MOD
B
_____-bit prime numbers is the minimum recommended for use with Diffie Hellman to counter attacks involving key precomputation. A) 128 B) 2048 C) 768 D) 256
B
______ is a command line interface for running Ethereum node implemented in Go Language. Using the interface allows you to join Ethereum networks, transfer ether between accounts or even mine ethers. A) Splunk B) Geth C) Ether D) Gas
B
______ is an authentication architecture that addresses scalability issues of prior authentication solutions and utilizes tickets as part of the identification and authentication process. A) Pre-shared key B) Kerberos C) IPSEC D) TGS
B
______ pertains to the vulnerability in Diffie Hellman that involves the ease at which 512-bit keys can be determined using graphic processors running in the Cloud. A) SATE B) FREAK C) WACK D) SCUM
B
________ is an alternative to PKI (Public Key Infrastructure), and involves generating the encryption key from a piece of the identity of the recipient. A) ECC B) IBE C) PHOTON D) IKE
B
________ is the method considered for replacing AES as a lightweight cryptography option that uses 64-bit blocks, and 80 or 128 bit keys. A) FLIGHT B) PRESENT C) SPONGENT D) PHOTON
B
Select the options from the list below that support some form of homomorphic encryption. Select all that apply. A) SHA-256 B) Paillier C) RSA D) SHA-1
BC
What are two hashing or encoding methods used for passwords in Cisco devices? A) NTLM B) Type 5 C) Type 7 D) Type 6
BC
Which of the following wireless technologies leverages the Advanced Encryption Standard (AES) block cipher? Select two. A) WEP B) 802.11i C) WPA-2 D) WPA
BC
Conventional cryptography is best suited for which practical applications? Select all that apply. A) RFID B) Smart phones C) Desktops D) Tablets
BCD
Lightweight cryptography is best suited for which practical applications? Select all that apply. A) Smart phones B) Embedded Systems C) Sensor Networks D) RFID
BCD
Which of the following are valid key sizes for AES (choose three)? A) 64 B) 128 C) 192 D) 256
BCD
Within ASCII encoding, characters are mapped to what type of values? Select all that apply. A) UTF-8 B) Hex C) Binary D) Decimal
BCD
Conventional cryptography is best suited for which practical applications listed below? Select all that apply. A) Embedded Systems B) Servers C) Sensor Networks D) Smart phones
BD
From the list below, select the items that could pose concerns to someone wanting to participate in a key escrow service. Select all that apply. A) Compromise due to mining B) Compromise due to extortion C) Compromise due to expiration D) Compromise due to Insider threat
BD
From the list below, select the mechanisms that can be used to prevent all session keys involved with key exchange from being compromised. A) Use of key sanctioning B) Use of Forward Secrecy (FS) C) Use of Key escrow D) Ephemeral approach
BD
From the list below, select the options that underscore weaknesses in WEP. Select all that apply. A) No IV used B) Small value of IV C) No master key used D) Lack of message tampering identification
BD
A ____ repeats a random number after a given time (periodic). They are fast and are also deterministic, and are useful in producing a repeatable set of random numbers. A) True random number generator (TRNG) B) Periodic random number generator (PRNG) C) Pseudo-random number generator (PRNG) D) Deterministic random number generator (DRNG)
C
A cipher is defined as what ________. a. Any algorithm used in cryptography b. The key used to encrypt a message c. The algorithm(s) needed to encrypt and decrypt a message d. Encrypted text
C
A developer wants to encrypt a real-time application where speed and simplicity are both requirements. The developer wants to use a cipher method that can operate on the data stream to encrypt the individual bit of the message one by one. Which encryption method meets these requirements? A) Counter mode B) Cyber block chaining C) Stream encryption D) Block encryption
C
A password is typically hashed on Windows and Linux to make it difficult for an intruder to determine the password. Which method is used in Microsoft Windows to store users' hashed passwords for computers that connect to an Active Directory domain? A) Bcrypt B) SYSKEY C) NTLMv2 D) LM
C
A poor implementation of AES that involves keys being generated by a password, makes it susceptible to which type of attack? A) Pad-and-Store attack B) Smurf attack C) Brute force D) Fraggle attack
C
A system administrator wants to encrypt a computer hard drive to make sure the contents of the computer are not readable in case the computer is lost or stolen. The encryption method must be efficient, scalable, and secure. Which encryption method meets this requirement if the administrator wants to minimize the impact on the computer's CPU? A) Use of file encryption on all the files on the hard drive B) Self-encrypting drive C) Trusted platform module D) Hardware security module
C
A______ is a random number that is only used once, and is generated by one party and sent using a secure handshaking process. A) Round B) Co-prime C) Nonce D) Prime
C
According to Kirchhoff, the one component of a given crypto system that must be kept secret to prevent compromise of the system is the _____. A) source code B) algorithm C) key D) signature
C
An administrator has configured a virtual private network (VPN) connection utilizing IPsec tunnel mode with Encapsulating Security Payload (ESP) between the corporate office and a remote office. Where can the packets be inspected by intrusion detection systems (IDSs) and virus scanners? A) Only at the headquarters B) Only at the offsite location C) At the headquarters and the offsite location D) Between the headquarters and the offsite location
C
An attack on passwords that involves knowing the mapping between hashed values and the original data is called a ________ . A) Dictionary Attack B) Static Mapping Attack C) Rainbow table attack D) Frequency Analysis
C
An instance where two different pieces of data are hashed separately, but both result in a single identical hash value is described by what term? A) Null Value B) Avalanche C) Collision D) Digest
C
Aside from any unexpected occurrences that result in revocation, what defines the valid period of a digital certificate? A) Key Schedule B) CRL C) Start and end dates D) OCSP
C
Chaskey is a light-weight cryptography method used for signing messages that employs a ____ bit key size. A) 256 B) 64 C) 128 D) 16
C
DES has a key space of what? a. 2^128 b. 2^192 c. 2^56 d. 2^64
C
Describe the benefit of Integrity in cryptography A) Idea that the communication is with intended person B) Keeping things secret C) Knowing that a message was not changed D) Denies ability of someone to say "it wasn't me" E) Proving where a message came from
C
Describe the benefit of Proof of Origin in cryptography A) Idea that the communication is with intended person B) Keeping things secret C) Proving where a message came from D) Knowing that a message was not changed
C
Diffie Hellman group 1 uses a _____-bit prime number. A) 1024 B) 1536 C) 768 D) 2048
C
Employee A created a secret key and wants to send it to Employee B without any coworkers being able to decrypt the message. Which key needs to encrypt the message? A) Employee A's public key B) Employee A's private key C) Employee B's public key D) Employee B's private key
C
From the list below, select a viable method for overcoming Diffie Hellman's susceptibility to man in the middle attacks. A) Use initialization Vectors B) Use HTTP C) Use public key encryption D) Use TKIP
C
Historically, wireless systems have often used stream ciphers rather than block ciphers due to what limitations present in the wireless systems? A) Cryptographic export limitations B) Limitations in block cipher security C) Memory and processing limitations D) Standard Deviation variances
C
Identify the symmetric block cipher with a key size of 56 bits and a 64 bit block size a) RCA b) FISH c) DES d) SERPENT
C
If you are sending an encrypted message to a colleague using secret-key (symmetric) cryptography, of the choices below, (1) which key would you use to encrypt the message, and (2) which key would your colleague use to decrypt the message? A) (1) your public key, (2) your colleague's public key B) (1) your public key, (2) your private key C) (1) your colleague's public key, (2) your colleague's private key D) (1) your secret key, (2) your secret key
C
In relationship to hashing, the term _____refers to random bits that are used as one of the inputs to the hash. Essentially the is intermixed with the message that is to be hashed. a. IV b. Vector c. Salt d. Stream
C
In which authentication does the server sends its authentication credentials to the client, such as with a digital certificate? The client then checks this and will verify that it has been created by an entity which it trusts. This is the method used by SSL when a connection is made, and which is used by secure application protocols such as HTTPS, FTPS, SSH. and so on. A) One-way client authentication B) Mutual authentication C) One-way server authentication
C
Of the choices below, which employs 64-bit block sizes and a 56-bit key size? A) Twofish B) AES C) DES D) Skipjack
C
Order the basic steps involved in the creation of a digital certificate signed by a trusted CA. a - Requester creates a Certificate Signing Request (CSR). b - Trusted CA generates the digital certificate for the requester. c - Trusted CA signs the requester's digital certificate with CA's own private key. d - Requester generates a key-pair (one public, one private). A) a, b, c, d B) c, d, a, b C) d, a, b, c D) b, c, d, a
C
RC4 employs a key size of ____ bits when used in WEP implementations. A) 128 B) 256 C) 40 D) 80
C
Regarding an elliptic curve, a non vertical line will intersect the curve how many times? A) 1 B) 2 C) 3 D) 4
C
Regarding key generation involved with Bitcoin transactions, (1) what size is the private key that is initially generated, and (2) what size is the Elliptic Curve public key that is generated? A) (1) 128-bit private key, (2) 256-bit Elliptic Curve public key B) (1) 512-bit private key, (2) 256-bit Elliptic Curve public key C) (1) 256-bit private key, (2) 512-bit Elliptic Curve public key D) (1) 128-bit private key, (2) 128-bit Elliptic Curve public key
C
Shawn recently transitioned from WEP to WPA-Enterprise within his organization. One of the reasons for the switch was to add protection against bit flipping attacks suffered while using WEP. What aspect of the new set up protects against those types of attacks? A) IV B) TKIP C) MIC D) CRC-32
C
Shawn works in Seattle, but is currently away on vacation in the Caribbean on a white sand beach sipping a tropical fruit juice from a pineapple. He attempts to log into work from his work laptop to get a jump on a few items he has to complete upon his return to work the next day but receives an authentication error and is unable to get in. He navigates to several other webpages and has no issues. What is a likely reason for the access denial? A) Shawn's organization employs federated authentication B) Shawn's internet connection is not working C) Shawn's organization employs a "somewhere you are" authentication factor D) Shawn's organization employs SSO
C
Since block ciphers operate using fixed sized blocks, instances where data involved does not fit perfectly in a given block occurs. This opens the door for attackers to analyze blocks for patterns which can ultimately lead to a compromise. What is a common method used with block ciphers to counter this? A) Salting B) Whitening C) Padding D) Hashing
C
TKIP (Temporal Key Integrity Protocol) uses a ____-bit IV value. A) 24 B) 128 C) 48 D) 40
C
The A5/1 cryptosystem uses a 64 bit key size and is used with _____ networks. A) Cisco B) Air-gapped C) GSM cellular D) embedded system
C
The TOR network is most closely related to which term below? A) Conspicuous B) Neutral C) Anonymity D) Exposed
C
The ____ attack entails forcing the key negotiation process involved with Diffie Hellman to default to 512-bit prime numbers, a bit size that facilitates precomputation of associated keys within a reasonable time frame. A) De-authentication attack B) Smurf C) DHE_EXPORT Downgrade D) Ephemeral-Prime Downgrade
C
The ______ format addresses the problems of brute forcing an MD5 hash by incorporating salt, and basically iterates the hash value 1,000 times. This considerably slows an intruder as they try to crack the hashed value. A) MD5-1K B) MD1K C) APR1 D) MAR1
C
The encryption that happens in a secure tunnel is normally achieved with _____ encryption and the associated key that will be used for the communication is protected using _____ encryption. A) PKI, hash B) asymmetric, symmetric C) symmetric, asymmetric D) hash, symmetric
C
The goal of _______ cryptography is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks. A) super B) lightweight C) post-quantum D) quantum
C
The high reward that comes with successful crypto mining makes it highly competitive. What aspect makes the process challenging and limits those in contention? A) math calculations required B) lab space required C) computing power required D) insider trading knowledge required
C
The light-weight cryptography method PRESENT uses a ____ method of encryption. A) Ephemeral key B) One-way C) SPN D) Presentation-based
C
The name Rijndael is a portmanteau of the names of the inventers of which symmetric block cipher and often used interchangeably to describe said cipher? A) RC4 B) SHA-256 C) AES D) RC5
C
The standard hash function works by taking a _______ input and producing a ______output. A) fixed, variable B) fixed, fixed C) variable, fixed D) variable, variable
C
The____ cryptosystem is also known as KASUMI. A) A5/1 B) A5/2 C) A5/3 D) A5/4
C
This allows a new unique passcode to be created each instance, based on a counter value and an initial seed. A) One-Time Password B) Timed One-Timed Password C) Hashed One-Time Password
C
This pads with 0x80 (10000000) followed by zero (null) bytes. A) Space B) Null C) Bits D) Cryptographic Message Syntax (CMS)
C
This pads with random bytes with the last byte defined by the number of padding bytes. A) Space B) Null C) Random D) Zero Length
C
Tianhe-2 and Titan are examples of what? A) symmetric block ciphers B) certificate authorities C) supercomputers D) symmetric stream ciphers
C
Use of a PKI (Public Key Infrastructure), where digital certificates are generated by a trusted _____ is a secure option for ensuring certificates used can be trusted as valid. A) PRNG (Pseudo-random Number Generator) B) root RA (Registration Authority) C) root CA (Certificate Authority) D) Intermediate RA (Registration Authority)
C
What algorithm does the clipper chip use? a. Blowfish b. Twofish c. Skipjack d. PIKE
C
What is an attribute of the Rivest Cipher 4 (RC4) algorithm? A) It performs CRC after every iteration B) Salting is performed. C) It requires a unique nonce. D) It does not require a unique nonce.
C
What is the hash value, in bits, produced by the Keccak algorithm used in Ethereum gas calculations? A) 1024 B) 128 C) 256 D) 512
C
What is the largest key size that AES can use? a. 56 b. 128 c. 256 d. 512
C
What is the largest key size that RC4 can use? a. 56 bytes b. 128 bytes c. 256 bytes d. 512 bytes
C
What is the length (in bits) of an MD5 hash output? A) 32 B) 64 C) 128 D) 256
C
What is the length (in bits) of the private key used to sign transactions and associated with an individual wallet in the context of Bitcoin? A) 64 B) 128 C) 256 D) 512
C
What is the order of the steps involved with a WPA2 4-way handshake? a) GTK + MIC b) ANonce c) SNonce + MIC d) ACK A) b, a, c, d B) d, b, a, c C) b, c, a, d D) a, c, b, d
C
What is the result of A|B and B|C? A) a|b B) b|c C) a|c D) b|c
C
What is the role of a key in asymmetric encryption and decryption? A) A public key is used for both encryption and decryption. B) A private key is used for both encryption and decryption. C) A public key is used for encryption, and a private key is used for decryption. D) A private key is used for encryption, and a public key is used for decryption.
C
What is used to efficiently encrypt large files? A) Asymmetric Encryption B) Hashing C) Symmetric Encryption D) RC4
C
What is used when creating a digital signature, using public key infrastructure (PKI)? A) The digest as the key after hashing the message B) The private key of the person receiving the message C) The private key of the person creating the message D) The symmetric key known between the sender and receiver
C
What should an administrator use to import and export all items written using X.509 that are part of a chain of trust? A) CER B) Public Key Cryptography Standard (PKCS) #7 C) Public Key Cryptography Standard (PKCS) #12 D) RTF
C
What term below best describes a publicly available ledger/database of trustworthy transactions used by Bitcoin that aids in preventing individuals from spending crypto-currency that they do not have? A) Gas B) Ethereum C) Blockchain D) BTC
C
What type of code aims to overcome the ease at which letter and symbol probability in ciphertext can be analyzed, by varying the number of codes mapped to each character? A) Differential substitution code B) Pseudo code C) Homophonic substitution code D) Source Code
C
When setting up the table for use with the Playfair cipher, you should ensure no letters are repeated and also be sure to omit which letter from the matrix? A) None, all 26 letters must be included B) Z C) J D) A
C
Which IEEE 802.1x authentication protocol is associated with server-side digital certificates? A) LEAP B) EAP-TLS C) PEAP D) EAP-SIM
C
Which algorithm relies on factoring the product of large prime numbers? A) Elliptical curve B) ElGamal C) Rivest-Shamir-Adleman D) Diffie-Hellman
C
Which attack commonly used against SSL involves an attacker capturing the cipher for the pre-shared key, and then re-ciphering with an additional value? A) Kerckhoff attack B) Kasiski Attack C) Bleichenbacher's attack D) Kerberos attack
C
Which attack happens when an attacker takes a legitimate message and sends it into the network at some future time? A) time resetting B) chosen plaintext C) replay D) active
C
Which attribute is associated with WEP? A) AES-CCMP encryption B) RC4, TKIP, 48-bit IV C) RC4. 40 bit-encryption, 24-bit IV
C
Which attribute of a hashing function makes a birthday attack possible? A) Worm infiltration B) Out of date encryption C) Partial-message collision D) Collision detection
C
Which block algorithm includes a provision for the decryption key kept in a key escrow? A) Blowfish B) Serpent C) Skipjack D )Twofish
C
Which code tracking attack method is where the intruder is hidden between two parties and impersonates each of them to the other? A) Exhaustive search B) Known plaintext attack C) Man-in-the-middle D) Chosen-ciphertext
C
Which cryptanalysis technique examines ciphertext for recurring letter combinations? A) Rainbow table B) Dictionary attack C) Frequency analysis D) Exhaustive search
C
Which encryption mode is least secure? A) AES B) MD5 C) Electronic codebook (ECB) D) Block Encryption
C
Which feature in Wired Equivalent Privacy (WEP) provides integrity control when sending packets over a wireless network? A) Nonce B) Network password C) Cyclic redundancy check D) Secret key
C
Which hash algorithm produces a 160-bit output value? A) MD5 B) DES C) SHA-1 D) SHA-160
C
Which key does the certificate authority (CA) use to digitally sign keys that it issues? A) recipients private key B) recipient public key C) servers private key D) servers public key
C
Which key is used to sign a message or a message digest? A) Recipient's private key B) Recipient's public key C) Sender's private key D) Sender's public key
C
Which light-weight algorithm has a primary target implementation in 8 bit CPUs for short message hashing? A) SPONGENT B) SHA-512 C) Lesamnta-LW D) SHA-256
C
Which light-weight symmetric stream cipher has a 128-bit key size and a 64-bit initialization vector? A) CLEFIA B) Grain C) Rabbit D) XTEA
C
Which mechanism can be used to ensure perfect forward secrecy during key exchange when using symmetric encryption? A) MD5 B) ECDSA C) ECDH D) SHA-2
C
Which mode is a stream algorithm that concatenates an incrementing value with a nonce? A) CAT B) Nonce C) Counter (CTR) D) RC4
C
Which of the below 5 keys make up the Pairwise-Transient-Keys (PTK) that is used for the encryptions/decryption of unicast packets? A) MIC Authenticator Rx Key (MIC Rx) B) Key Encryption Key (KEK) C) Temporal Key (TK) D) MIC Authenticator Tx Key (MIC Tx) E) Key Confirmation Key (KCK)
C
Which of the following encryption algorithms relies on the inability to factor large prime numbers? a. EC b. AES c. RSA d. MQV
C
Which of the following is a protocol for exchanging keys? a. EC b. RSA c. DH d. RSA
C
Which of the following is an asymmetric cipher? a. DES b. RC4 c. RSA d. AES
C
Which of the following is used to encrypt email and create digital signatures? a. AES b. SHA1 c. RSA d. DES
C
Which of the following would be the weakest encryption algorithm? a. AES b. RSA c. DES d. EC
C
Which part of the public key infrastructure (PKI) is used to ensure that the format for a credential can be used by anyone on the internet? A) certificate authority (CA) B) Certificate policy (CP) C) Public Key Cryptography Standards (PKCS) D) registration authority (RA)
C
Which prime number factorization method is associated with the Elliptic Curve algorithm? A) Integer factorization B) Discrete logarithms C) Elliptic curve relationships
C
Which protocol indicates the virtual private network (VPN) is using Authentication Header (AH)? A) 48 B) 50 C) 51 D) 58
C
Which simple cipher method attempts to bolster complexity by adding additional alphabets to be used for the substitution rounds and can change its mapping depending on a variable keyword? A) cipher disk B) Morse Code C) polyalphabet D) mono-alphabetic
C
Which simple cipher method entails creation of a single mapping from a given alphabet to a cipher alphabet? A) polyalphabet B) Morse Code C) mono-alphabetic D) cipher disk
C
Which stage of key/certificate management includes certificate retrieval, certificate validation, key recovery and key update? A) Initialization B) Cancelation C) Issued
C
Which symmetric block cipher uses a 112-bit key and 64-bit blocks? A) RC2 B) RC4 C) 3DES D) AES
C
Which task does a root CA perform before publishing its own certificate? A) Encrypting it with its private key B) Encrypting it with its public key C) Signing it with its private key D) Signing it with its public key
C
Which technique does related-key cryptanalysis use to decipher a message? A) Ciphertext messages are created from plaintext that is chosen by the analyst to determine how the algorithm works. B) Encrypted messages are gathered, and the analyst looks for patterns to figure out which algorithm is being used. C) Messages are encrypted using different secrets, and the analyst compares the messages to figure out how the algorithm works. D) Plaintext messages and corresponding ciphertext are gathered to help the analyst learn about the algorithm.
C
Which technique should a security analyst use to determine the key length in a Vigenère cipher? A) Frequency analysis B) Brute force C) Kasiski examination D) Known plaintext
C
Which two pioneers are called the fathers of asymmetric cryptography used in PKI? A) Sir Francis Bacon and Alan Turin B) Will Friedman and Ron Rivest C) Whitfield Diffie and Martin Hellman D) Thomas Jefferson and Blaise de Vigenère
C
Which type of attack involves the attacker mixing parts of two different encrypted messages and is able to create a new message? This message is likely to make no sense, but may trick the receiver into doing something that helps the attacker. A) Transference Attack B) Side station attack C) Cut-and-paste D) Replay attack
C
Which type of cipher is ChaCha? A) Asymmetric B) Block C) Stream D) Hash
C
Which type of random number generator would be the best choice if you were interested in avoiding repeating to reduce chances of a value being guessed? A) Periodic random number generator (PRNG) B) Pseudo-random number generator (PRNG) C) True random number generator (TRNG) D) Deterministic random number generator (DRNG)
C
Which type of random number generator would be the best choice if you were looking for fast speed? A) True random number generator (TRNG) B) Periodic random number generator (PRNG) C) Pseudo-random number generator (PRNG) D) Deterministic random number generator (DRNG)
C
____ calculations can be used to justify that RSA works correctly and accurately, i.e. prove that the decrypted message is indeed the original message from the sender. A) Pseudorandom B) Homomorphic C) Fermat's little theorem D) Moore's law
C
______ is a light-weight online service that can be used to check the validity of a certificate. A) CRL B) OCRL C) OCSP D) OSCP
C
______ is a public key encryption method that is an extension of El Gamal but adds a one-way hashing method which protects against an adaptive chosen ciphertext attack. A) AES-CBC B) SHA-Gamal C) Cramer-Shoup D) AES
C
______ is an encoding method that works by translating characters into sequences of dots and dashes. A) Dot encryption B) Cryptanalysis C) Morse Code D) Cryptography
C
Quark is a light-weight cryptography method used for hashing and stream encryption. What size message digest is Quark capable of producing when used for hashing? Select all that apply. A) 128 B) 256 C) 64 D) 112
CD
What methods can be use to overcome the weakness in Diffie Hellman involving the ease at which values of Diffie Hellman parameters that use the DHE_EXPORT cipher set are precomputed? Select all that apply. A) Use Co-prime factors B) Enable Export Cipher Suites C) Disable Export Cipher Suites D) Use ECDHE
CD
AES with Galois is essentially AES in __________ mode and is an NSA ________ algorithm which uses ___________ encryption and is based on the ___________ standard which defines the _____________ standard.
Counter (CTR), Suite B, symmetric, PKCS#15, Cryptographic Token Information Format
1 point Joe is trying to find a hashing solution to use as a simple checker which does not consume much processing power. What would you recommend him look into? A) Obsolete hashes B) Quantum Computing C) Two-way hashing D) non-cryptographic hashes
D
A Windows credential is identified as follows: user:FDA95FBABC199D22LLD3B435B51876KK:199DDFD4EF0E9CD9KMNC6FE771IL124B8::: What is used to store this password? A) MD5 B) Bcrypt C) SHA-512 D) NTLM
D
A certificate is considered ______ in instances where a private key is thought to be compromised, but where an investigation has shown that it has not been breached. A) Revoked B) Repealed C) On hiatus D) On hold
D
A crypto miner is competing with other miners to mine a new token that will be added to the cryptocurrency blockchain. Which technique can the miner use to mine the block? A) Chain linking B) Record of transaction C) Smart contracts D) Proof of work
D
A developer wants to encrypt a data stream using a symmetric key and wants to encrypt the data in such a way that the cipher method encrypts the individual bits. Which cipher method can the developer use to meet this requirement? A) Key entropy B) Cipher block chaining C) Block cipher D) Stream cipher
D
A developer wants to install a newly released patch received from a software manufacturer. Which cryptographic algorithm can the developer use to trust that the software truly came from the vendor and that the patch has not been altered or manipulated? A) Public-key algorithm B) Secret-key algorithm C) Hashing function D) Digital signature algorithms
D
A developer wants to send a system administrator an encrypted message but is concerned that an intruder might copy the encrypted message and play back the ciphertext to decode the original message. How can the developer make sure that the ciphertext does not give the original plaintext if played back? A) Use shift row transformation B) Use electronic code book C) Use RC5 cipher D) Add salt with an initialization vector
D
A developer wants to send an encrypted message to a system administrator by generating a hash value for the message. The developer is also afraid that a third party might be able to reverse the derived cipher back to the original message. Which attack method is commonly used to map the hashed values back to the original message? A) Man-in-the-middle attack B) Dictionary attack C) Brute-force attack D) Rainbow table attack
D
A developer wants to share a secret key with a system administrator using a public key encryption method for the key exchange. What is the first step in the process of sending the session key to a system administrator? A) The system administrator encrypts the session key with the developer's public key. B) The developer sends the system administrator a public key. C) The developer encrypts the session key with the system administrator's public key. D) The system administrator sends the developer a public key.
D
A pre-compiled list of hash values for possible passwords is called a ______ and is used in cracking efforts by attackers. A) Bash compiler B) Block list C) Lookup table D) Rainbow table
D
A social media company refuses to hand over the encryption keys involved in secure communications to the government for an ongoing investigation. Which cryptographic backdoor will allow only the government agents to crack the encryption, but no one else? A) RSA cracking B) Encryption by default C) Key escrow D) NOBUS backdoor
D
A system administrator received an encrypted message from one of the company's software vendors. Which cryptographic technique can the system administrator use to authenticate the message sender and also ensure that the message has not been tampered with? A) One-time passwords (OTP) B) Salting C) LM hash D) Hash-based message authentication code (HMAC)
D
A wireless client wants to gain access to a network. Which wireless security standards can the network device use to authenticate the client? A) WPA-2 B) WEP C) WPA D) LEAP
D
AES has proven to be free from major vulnerabilities, but AES use of ECB makes it susceptible to which which type of attack? A) Dictionary attack B) Hash attack C) Pad-and-Store attack D) Copy-and-Paste attack
D
An attacker is trying to break an encrypted message. The attacker is able to access the crypto device and wants to run plaintexts through the device to see how its encryption process works. What method is the attacker using to break the message? A) Known plaintext attack B) Man-in-the-middle attack C) Ciphertext-only attack D) Chosen attack
D
An improvement over the ECB block cipher mode is to use ____ which entails incorporating an initialization vector for the first block, and then using the results from the previous block to encrypt the current block. A) SHA B) DSA C) CTR D) CBC
D
An intruder is trying to break a cryptographic code by attacking both the plaintext and the ciphertext at the same time. Which type of attack is the intruder using? A) Frequency analysis B) Linear cryptanalysis C) Differential cryptanalysis D) Double DES attack
D
An intruder wants to break an encrypted message. After successfully accessing the crypto device, the attacker first runs a plaintext through the device to see how its encryption process works. Then the intruder alters the plaintext to see how the alteration affects the ciphertext that is being generated. What attack method is the intruder using? A) Chosen attack B) Known plaintext attack C) Ciphertext-only attack D) Adaptive chosen attack
D
Apply binary XOR to find the output string for the following: 1 0 0 1 1 0 1 1 1 1 1 1 1 1 1 0 A) 11111111 B) 00000000 C) 10011010 D) 01100101
D
Bob's password is hashed, and so is John's. Even though they used different passwords, the hash is the same. What is this called? a. A mistake b. Convergence c. Transposition d. A collision
D
Cramer-Shoup is a public key encryption method that is an extension of El Gamal but adds a _______ which protects against an adaptive chosen ciphertext attack. A) initialization vector B) pseudo-random number generator C) randomizer D) one-way hashing method
D
Cryptography provides various security benefits. Which cryptographic benefit is used in e-commerce to provide proof that a customer cannot deny being the source of a transaction? A) Proof of origin B) Confidentiality C) Integrity D) Non-repudiation
D
Deriving key pairs in public-key cryptography involves multiplying two large prime numbers. The difficulty of, and time required to determine the prime numbers used in that process, forms the basis of public-key cryptography security. The process used to determine the original primes is known as______. A) Hypothesis B) Forward engineering C) Quantum binary D) Factoring
D
Describe the benefit of Non-repudiation in cryptography A) Idea that the communication is with intended person B) Keeping things secret C) Knowing that a message was not changed D) Denies ability of someone to say "it wasn't me"
D
During Ephemeral Diffie Hellman with RSA (DHE-RSA) operation, a pre-master secret is used to create a master key by using a ____. A) Yarrow B) PRNG C) Ethereum D) Pseudorandom Function (PRF)
D
From the list below, select the cryptoystem used with 3GPP. A) Skipjack B) Elli C) FNV D) A5/3
D
From the list below, which block cipher makes the block cipher into a self-synchronizing stream cipher? A) ECB B) ECC C) RSA D) CFB
D
Given the two sets (Set A and Set B) of objects below, select the true statement from the list below that represents: A — {ball, frisbee, kite} B — {kite, racket, rope} A) {ball, frisbee, racket, rope} B) {ball, frisbee, kite, racket, rope } C) {C} D) {kite}
D
HMAC is used to verify the integrity and authentication of a message and involves hashing with ______ as well as with standard hash functions. A) Nonce B) a non-cryptographic hash C) Initialization vector D) a secret key
D
How did the ATBASH cipher work? a. By shifting each letter a certain number of spaces b. By Multi alphabet substitution c. By rotating text a given number of spaces d. By substituting each letter for the letter from the opposite end of the alphabet (i.e. A becomes Z, B becomes Y, etc.)
D
How do you measure the amount of computational effort required to perform a transaction or execute a contract on the Ethereum blockchain? A) Proof of work B) Hyperledger C) Record of transaction D) Gas
D
How is X mod N if N = PQ represented in number theory? A) (((( A- B)( Q − 1 mod Q))mod Q) Q+ B )mod P B) ( P mod X, Q mod X) C) (((( A+ B)( Q − 1 mod P))mod P) Q+ B )mod P D) ( X mod P, X mod Q)
D
How is information about Bitcoin transactions stored? A) Command and control center B) Platform as a service in the cloud C) Infrastructure as a service in the cloud D) Distributed peer-to-peer network
D
If I roll a single standard die, what is the probability that I roll a "3"? A) .5 B) .050 C) .333 D) 0.167
D
In Bitcoin transactions, a 256-bit random key is converted into a Wif with an address is in Base-58 format. Where is the WiF stored? A) Bitcoin Exchange Registry (BER) B) Bitcoin Vault C) Bitcoin Transfer Registry (BTR) D) Bitcoin wallet
D
In terms of probability, the events that make up the possible outcome of a coin toss would be considered what? A) independent B) inter-dependent C) Prime D) mutuality exclusive
D
In the process of doing an encryption and decryption, a security engineer steps away for lunch. While the security engineer was gone, an unsuspecting intruder sat down at the engineer's desk and ran ciphertext through the crypto device to see the result. Which attack method best describes this scenario? A) Adaptive chosen attack B) Chosen attack C) Adaptive chosen ciphertext attack D) Chosen ciphertext attack
D
Laura wants to increase the randomness and unpredictability of the cryptosystem she has in use at her organization. What is she trying to incorporate? A) avalanche B) output C) stream D) entropy
D
MD4 produces a _____-bit hash value. A) 64 B) 256 C) 40 D) 128
D
MD5 produces a hash value of what size? A) 512 bits B) 160 bits C) 80 bits D) 128 bits
D
Of the two knapsack problems resident in public key cryptography, which is the more difficult to solve? A) Escrow key B) Secret key C) Private key D) Public key
D
Pads with the same value as the number of padding bytes. A) Space B) Null C) Bits D) Cryptographic Message Syntax (CMS)
D
Rather than look in a list, one can use a protocol to find revoked certificates. What protocol is that? a. RFC b. IPSec c. CRL d. OCSP
D
Regarding block cipher mode methodology, with a ____ cipher, if we lose any part of the ciphertext, we could not rebuild the rest of the cipher stream as the current cipher block is based on a previous one, and these build together as a chain, so that subsequent blocks cannot be decrypted. A) one-way B) hash C) self-synchronizing D) non-synchronizing
D
Regarding keys generated for Diffie Hellman operations, what is the difference between a static key and a ephemeral key? A) Ephemeral keys come from a digital certificate, and static keys are generated for each connection B) Static keys are generated based on a counter, and ephemeral keys are self-signed C) Ephemeral keys are generated based on a counter, and static keys are self-signed D) Static keys come from a digital certificate, and ephemeral keys are generated for each connection
D
SHA-1 produces a ____-bit hash value. A) 64 B) 128 C) 256 D) 160
D
Scrambled alphabet cipher schemes are easy to implement, but also easy to break mainly via observation of what? A) Key size B) Common images C) Easily identifiable symbols D) Letter and word frequency
D
Secure Hash Algorithm-1 (SHA-1) produces a hash value of how many bits? A) 64 B) 80 C) 160 D) 128
D
Shawn and his colleague collaborate on a project and keep the project information secret within a file named "project1" encrypted with Aescrypt. The password is set to "1project". What command would be used to decrypt the file to view its contents? A) aesdecrypt project1 1project B) aesdecrypt project1 C) aescrypt -e project1 D) aescrypt -d project1
D
Shawn sends Patrick a digitally signed message using asymmetric cryptography. What key will Patrick use to decrypt the message once received? A) Patrick's public key B) Shawn's public key C) Shawn's private key D) Patrick's private key
D
Shawn sends Patrick a digitally signed message using asymmetric cryptography. What key will Patrick use to verify the message was indeed sent by Shawn? A) Patrick's private key B) Shawn's private key C) Patrick's public key D) Shawn's public key
D
Steve is looking for a mechanism to use to for generating RSA private keys and does not have budget to leverage any pricey solution. What would you recommend Steve look into as a potential solution? A) OCSP B) Splunk C) CRL D) OpenSSL
D
The A5/1 key is ___ bits long. A) 8 B) 48 C) 128 D) 64
D
The A5/3 cryptosystem is based on the MISTY block cipher and has a ____ bit key size. A) 40 B) 64 C) 80 D) 128
D
The ____ cipher adds complexity to employing grids for enciphering text by using four 5 by 5 matrices arranged in a square where each matrix contains 25 letters. A) BIFID B) Five-by-Five Cipher C) ADFGVX D) Four-square cipher
D
The aim of the ______ cipher is to scramble plaintext letters by writing a message in sequence across a number of rails. A) ROT-13 B) ROT-Rail C) Pigpen D) Rail Fence
D
The main contribution of _______ is to create the concept of peer-to-peer smart contracts which enables users to create their own contracts, and which will be strictly abided to. A) Solidity B) Cryptkash C) Bitcoin D) Ethereum
D
There are different parts involved in Bitcoin transactions. Which part of the transaction defines the number of bitcoins to be transferred to the receiver with the receiver's public key ID? A) The IN part of the transaction B) The LOG part of the transaction C) The PROOF OF WORK part of the transaction D) The OUT part of the transaction
D
There are different parts involved in Bitcoin transactions. Which part of the transaction involves the Bitcoin receiver sending their public key to the sender, and the sender then uses their private key to create a signature for the transaction, and also adds a public key? A) The PROOF OF WORK part of the transaction B) The OUT part of the transaction C) The LOG part of the transaction D) The IN part of the transaction
D
This hash function uses 512-bit blocks and implements preset constants that change after each repetition. Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words that are further encrypted and rearranged a. SHA1 b. RSA c. SHA256 d. FORK256
D
This is a 128 bit hash that is specified by RFC 1321. It was designed by Ron Rivest in 1991 to replace an earlier hash function. a. SHA1 b. RSA c. SHA256 d. MD5
D
This pads with zeros except for the last byte which is equal to the number (length) of padding bytes. A) Space B) Null C) Random D) Zero Length
D
TrueCrypt is a software program that creates an encrypted file on your computer and lets you access the encrypted file using a drive letter. What is used to generate the salted key used with TrueCrypt? A) Bitlocker B) veracrypt C) Bcrypt D) PBKDF2
D
WEP employs a ____ bit initialization vector. A) 128 B) 48 C) 40 D) 24
D
What IP protocol number does the Authentication Header (AH) protocol use? A) 50 B) 443 C) 500 D) 51
D
What are the two common options for implementing a blockchain? A) Bitcoin and Ethereum B) Hyperledger and smart contracts C) Ethereum and cryptocurrency D) Hyperledger and Ethereum E) Block address
D
What aspect of a given Ethereum transaction may detract a crypto currency miner from pursuing it? A) high fee B) gas creep C) ether creep D) low fee
D
What can XOR use as a pseudorandom number to create unique ciphertext? A) Symmetric key B) Message digest C) Permanent password D) Initialization vector
D
What describes the unit that is used to measure the amount of work that is required to perform a single Keccak-256 hash when dealing with Ethereum? A) Ether B) Bytes C) Work Factor D) Gas
D
What does Output feedback (OFB) do? a. The cipher text from the current round is XORed with the plaintext for the next round. b. The cipher text from the current round is XORed with the plaintext from the previous round. c. The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption. d. A block cipher is converted into a stream cipher by generating a keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext
D
What does an end user need to verify a Rivest-Shamir-Adleman (RSA) digitally signed message? A) recipients privet key B) recipients public key C) senders private key D) senders public key
D
What is a potential weakness of a pseudo-random number generator (PRNG)? A) Unknown internal state B) Different state used each time C) Random internal state D) Same state used more than once
D
What is a rainbow table? A) List of matching usernames and passwords B) Precompiled list of common words C) List of commonly used passwords D) Precompiled list of hash values
D
What is the hidden message in a steganographic communication? A) Bit B) Carrier C) Channel D) Payload
D
What is the name of the attack Diffie Hellman is vulnerable to where an attacker sits in-between, passes values back and forward, and negotiates two keys: one between the 1st legitimate end and the other between the other legitimate end involved in the communication. A) DHE_EXPORT Downgrade B) DH Interception C) DH Hijacking D) MITM
D
What is the result of a hash function? A) RC4 B) Public key C) decryption D) Digest
D
What method was developed to facilitate key exchange using a one-way function? A) PRNG Method B) Clipper Chip Method C) Escrow method D) Diffie-Hellman method
D
What prevents a rainbow table attack during the encryption process? A) Increasing key size B) Decreasing key size C) Stretching D) Salting
D
What term associated with key exchange describes the theory that a comprise of the long-term keys will not compromise any previous session keys. A) Key Collision B) Forward Secrecy C) Salting the hash D) Key Clustering
D
What will the eventual advent of quantum computers mean for most public-key cryptosystems presently in use? A) It will bolster lightweight cryptography B) No significant impact C) It will revoke multiple keys D) It will break most of them
D
When IPSec ______ mode is used, the connection is tunneled over a public network, but the network traffic is unprotected on either side of the connection. A) Traverse B) Transport C) Payload D) Tunnel
D
When using WPA-2, the MIC is calculated using what? A) nonce B) CRC C) TIGER D) HMAC-MD5
D
When using _____ with IPSec, the payload less the original IP header is encrypted and then the original header is added to the start + an additional security field at the start and end of the data packet. A) AES B) IKE C) AH D) ESP
D
Which IEEE 802.1x authentication protocol is associated with the Sim cards? A) LEAP B) EAP-TLS C) PEAP D) EAP-SIM
D
Which IT security standard provides internationally-recognized criteria for validating and approving encryption devices for deployment? A) FIPS 199 B) SP 800-53 C) FISMA D) FIPS 140-2
D
Which PKI component generates digital certificates? A) Certificate signing request (CSR) B) Certificate policy (CP) C) Certificate revocation list (CRL) D) Certificate authority (CA)
D
Which algorithm is used to generate the thumbprint of a certificate? A) RSA B) 3DES C) AES D) SHA-1
D
Which aspect of blockchain involves solving a complex mathematical puzzle with proof of work when calculating the block address needed to add a block to a blockchain? A) Hyperledger B) Smart contracts C) Block address D) Block mining
D
Which attack entails an attacker choosing a ciphertext and obtaining its decryption under an unknown key. The attacker then has a chance to enter one or more known ciphertexts into a system and obtains the resulting plaintexts. From these pieces of information the attacker can attempt to recover the hidden secret key used for decryption. A) Script analysis B) Chosen plaintext C) Guestimation D) Chosen ciphertext
D
Which attack tries every combination of letters, numbers, and special characters? A) Rainbow table B) Birthday C) Dictionary D) Brute-force
D
Which cipher from the list below uses graphical characters such as symbols of some sort for mapping vs mapping to alphabetic characters? A) Caesar B) ROT-13 C) Atbash D) Pigpen Cipher
D
Which code tracking attack method is where an attacker analyzes results of ciphertext he/she has in effort to recover the hidden secret key used for decryption? A) Exhaustive search B) Known plaintext attack C) Man-in-the-middle D) Chosen-ciphertext
D
Which combination of applications mostly uses lightweight cryptography? A) Tablets and RFID B) Servers and RFID C) Desktops and smartphones D) RFID and sensor networks
D
Which combination of ciphers and keys is used in bitcoin mining? A) Chain Block Ciphers (CBC), 512-bit private key, 256-bit public key B) Elliptic curve ciphers (ECC), 512-bit private key, 256-bit public key C) Chain Block Ciphers (CBC), 256-bit private key, 512-bit public key D) Elliptic curve ciphers (ECC), 256-bit private key, 512-bit public key
D
Which combination of cryptographic algorithms are used in hash functions? A) RSA and MD5 B) RC4 and SHA family C) MD5 and RC4 D) MD5 and SHA
D
Which combination of cryptographic algorithms is used to create digital signatures based on the U.S. Digital Signature Standards? A) SHA-2 and AES B) SHA-1 and AES C) AES and RSA D) SHA-2 and RSA
D
Which cryptanalysis attacks involve examining patterns in the random characters combined with the plaintext message to produce the ciphertext to see how long the key goes before it starts to repeat? A) Linear cryptanalysis B) Frequency analysis C) Algebraic attacks D) Keystream analysis
D
Which cryptographic cipher is stream-based? A) RC2 B) RC5 C) RC6 D) RC4
D
Which cryptographic concept is used to validate where a message came from? A) Non-repudiation B) Integrity C) Confidentiality D) Proof of origin
D
Which encryption algorithm did the National Institute of Standards and Technology (NIST) designate as a specification for the encryption of electronic information? A) IDEA B) DES C) 3DES D) AES
D
Which encryption algorithm operates on 64-bit blocks of plaintext using a 128-bit key and has over 17 rounds with a complicated mangler function? A) Blowfish B) RC5 C) Skipjack D) International Data Encryption Algorithm (IDEA)
D
Which encryption component ensures that the compromise of a long-term key prevents the compromise of any previous session keys? A) Integrity check B) Client hello C) Server hello D) Forward secrecy
D
Which encryption cracking method involves an intruder sending a legitimate message into the network at some future time? A) Time attack B) Cut-and-paste C) Chosen-ciphertext D) Replay system
D
Which encryption method is used in mobile networks? A) SHA-256 B) Chacha20 C) WPA-PSK D) A5 stream encryption method
D
Which extension designates a file containing a password-protected private key? A) .cer B) .pem C) .p7b D) .p12
D
Which field displays the hash, or digest, of the certificate in an X.509 certificate? A) Subject B) Issuer C) Version D) Thumbprint
D
Which initiative allows publicly-available cryptographic algorithms to be exported and imported freely among member countries without any types of restrictions to prevent destabilizing accumulations of arms and dual-use goods and technologies? A) Missile Technology Control Regime (MTCR) B) Arms Export Control Act (AECA) C) International Traffic in Arms Regulations (ITAR) D) Wassenaar Arrangement
D
Which internationally recognized standard is used in public-key infrastructure (PKI) to define the format of public-key certificates? A) FIPS 199 B) Digital Signature Standard (DSS) C) FIPS 140-2 D) X.509 standard
D
Which light-weight cryptography method for signing messages has a relatively undemanding hardware implementation (only ~3,333 gates required at 1MHz clock rate) making it suitable for IoT implementation? A) Grain B) Elli C) AES D) Chaskey
D
Which light-weight symmetric block cipher has a variable block size of 32, 48, 64, 96, 128 bits and is optimized for software implementations? A) PRESENT B) SIMON C) PHOTON D) SPECK
D
Which method of authentication involves authenticating only part of the conversation between the sender and the receiver? A) Two-way authentication B) One-way server authentication C) One-way client authentication D) Intermediate authentication
D
Which method of brute-force attack uses a list of common words and phrases in an attempt to break passwords? A) Known plaintext attack B) Rainbow table attack C) NT password hashing D) Dictionary attack
D
Which mode does the Fortuna algorithm use to generate random numbers? A) Electronic codebook (ECB) B) Cipher block chaining (CBC) C) Output feedback (OFB) D) Counter (CTR)
D
Which mode generates the key stream with a nonce and incrementing value? A) Certificate Revocation List (CRL) B) Nonce mode C) Rivest Cipher 4 (RC4) D) Counter (CTR)
D
Which network-based virtual private network (VPN) prevents unauthorized logins by preventing packet retransmission? A) Cipher block chaining (CBC) B) Hypertext Transfer Protocol Secure (HTTPS) C) Microsoft Point-to-Point Encryption (MPPE) D) Internet Protocol Security (IPsec)
D
Which of the below 5 keys make up the Pairwise-Transient-Keys (PTK) that are used in the creation of the Message Integrity Code? A) MIC Authenticator Rx Key (MIC Rx) B) Key Encryption Key (KEK) C) Temporal Key (TK) D) Key Confirmation Key (KCK)
D
Which of the below 5 keys make up the Pairwise-Transient-Keys (PTK) that is used with TKIP setup for the unicast packets sent by APs? A) MIC Authenticator Rx Key (MIC Rx) B) Key Encryption Key (KEK) C) Temporal Key (TK) D) MIC Authenticator Tx Key (MIC Tx) E) Key Confirmation Key (KCK)
D
Which of the following asymmetric algorithms is described by U.S. Patent 5,231,668 and FIPS 186? a. RSA b. AES c. RC4 d. DSA
D
Which of the following is a key exchange protocol? a. RSA b. AES c. DES d. MQV
D
Which of the following is an asymmetric algorithm related to the equation y^2= x^3 + Ax + B? a. Blowfish b. AES c. RSA d. Elliptic Curve
D
Which of the following is an asymmetric algorithm that was first publically described in 1977? a. RSA b. Elliptic Curve c. Twofish d. DESx
D
Which programs run on a blockchain to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without any intermediary's involvement or time loss? A) Gas B) Hyperledger C) Block mining D) Smart contracts
D
Which solution is used in a Layer 2 Tunneling Protocol (L2TP) virtual private network (VPN) to secure data in transmission? A) Cipher block chaining (CBC) B) Hypertext Transfer Protocol Secure (HTTPS) C) Microsoft Point-to-Point Encryption (MPPE) D) Internet Protocol Security (IPsec)
D
Which symmetric block cipher commonly operates with a 40-bit key size and 64-bit blocks? A) AES B) RC4 C) 3DES D) RC2
D
Which symmetric block cipher operates on a 112-bit key size, and 64-bit block size? A) DES B) Quark C) RC4 D) 3DES
D
Which system of encryption is used to authenticate users on wireless local area networks in a home environment? A) Chacha20 B) SHA-256 C) A5 stream encryption method D) WPA-PSK
D
Which type of cipher converts a letter to a number, passes it through a mathematical function, and then converts it back to a letter? A) Atbash B) Caesar C) ROT13 D) Affine
D
Who sends the digital certificate and the selected cipher suites to use during RSA key exchange in HTTPS connections? A) Neither the server nor the client B) The client C) The server and the client D) The server
D
Why is symmetric stream used to encrypt video when speed is a major concern? A) It signs files and encrypts that hash of the file to verify integrity and authenticity. B) It encrypts and decrypts data in blocks of characters at a time with a complex algorithm. C) It encrypts a small amount of information, which is decrypted with a private key. D) It uses the same key to encrypt and decrypt large amounts of media.
D
With ________, we commonly see 8-bit, 16-bit and 32-bit microcontrollers, which might struggle to cope with the real-time demands for conventional cryptography methods. A) Supercomputers B) Servers C) Desktops D) Embedded systems
D
With regard to Bitcoins, the ______, refers to the first transaction created. A) crypto currency source B) blockchain C) crypto currency D) genesis record
D
With the ______ concept for algorithms, instead of using keys, a secret is split into parts, and only when a number of them are added together will the original message be created. A) Secret Key B) Key Distribution C) Key Dissolution D) Secret Sharing
D
Within _____, the server signs the Diffie-Hellman parameter (using a private key from an RSA key pair) to create a pre-master secret, and where a master key is created which is then used to generate a shared symmetric encryption key. A) ECDH B) DHE C) DH-Secure D) DHE-RSA
D
____ is a deprecated symmetric block cipher designed by the NSA that was used with the Clipper chip. A) SPECK B) SIMON C) SPONGENT D) SKIPJACK
D
_____ cryptography is better suited for real-time communications implementations than ______ cryptography. A) Asymmetric, Public-key B) Asymmetric, symmetric C) Conventional, Light-weight D) Symmetric, Asymmetric
D
_____ is a light-weight symmetric cryptography method developed by the NSA that uses variable key and block sizes and optimized for hardware implementations. A) XTEA B) PHOTON C) AES D) SIMON
D
______ is a hash generator option for passwords that uses salt to create a non-recurrent hash. A) Noesis B) Ha$her C) Arcsight D) Bcrypt
D
______ is the standard for SHA-3, Permutation-Based Hash and Extendable-Output Functions, and provides revision to the Applicability Clause of the Secure Hash Standard. A) FIPS 180-4 B) RFC1321 C) FIPS 140-2 D) FIPS 202
D
DSA is an ________ cipher is a Federal Information Processing Standard for ___________ under the FIPS _____ standard.
asymmetric, digital signatures, 186,
RSA is an _______ cipher which leverages ____________ characteristics and uses a ______ to ______ bit variable key size. RSA provides ______ and _______. Authentication is carried out through ________.
asymmetric, prime number, 1024 to 4096, digital signatures
Diffie-Hellman (DH) does not involve __________ and is vulnerable to ______________ attacks.
authentication, Man-in-the-middle (MITM)
The Elliptic Curve Diffie-Hellman (ECDH) _____________ algorithm is considered an NSA ___________ algorithm and is a key agreement standard based on the ____________ which defines the ______________ standard. ECDH uses the ________ hash
key exchange, Suite B, PKCD#8, Private-Key Information Syntax, Message Digest (MD5)
Key Exchange Algorithm (KEA) is a ___________ algorithm which uses an ____________ random number generator type based on the ________/_________ standard which defines the __________ standard
key exchange, algorithmic software generator, PKCS#5, RFC 2898, Password-based Encryption
Menezes-Qu-Vanstone (MQV) is a ___________ algorithm which uses a _____________ random number generator type based on the ________ standard which defines the _____________ Key Agreement standard
key exchange, hardware generator, PKCS#3, Diffie-Hellman
Diffie-Helman (DH) is a _____________ algorithm which uses a ___________ random number generator type based on the the _______ standard which defines the _______ cryptography standard
key exchange, table lookup, PKCS#1, RSA
IV (Initialization Vector) is used in ___________ methods under the FIPS _________ standard which is the ___________ algorithm, or _________.
symmetric algorithm, 180-2, Secure Hash, SHA-1
RC4 is a weak _______ cipher and involves a _______ bit state size and a key size of _______ bits, but variants of RC4 allow key sizes from ____ to _____ bits (recommended _______ bit minimum)
symmetric stream, 2064, 256, 1 to 2048, 40
FISH is a ________ cipher that uses keys from a ___________ and data stream is _________ with the key
symmetric stream, Lagged Fibonacci pseudorandom number generator, XORed
Cypher Block Chaining (CBC) mode is a ________ algorithm method based on the FIPS ________ standard which defines _____________
symmetric, 186, digital signatures
Cipher Feedback (CFB) mode is a ________ algorithm method under the FIPS ______ standard which defines ____________
symmetric, 201, Identity Verification
Electronic Code Book (ECB) mode is a _________ algorithm method which encrypts each _______ block to a same-length _________ block.
symmetric, plaintext, cipher