Chapter 7

Which one of the following statements about cryptographic keys is incorrect? A. All cryptographic keys should be kept secret. B. Longer keys are better than shorter keys when the same algorithm is used. C. Asymmetric algorithms generally use longer keys than symmetric algorithms D. Digital certificates are designed to share public keys

A

Steganography:

Art of using cryptographic techniques to embed secret messages within another file

Digital certificate:

Assurance people are truly communication with someone

David would like to send Mike a message using a asymmetric encryption algorithm. If David wishes to digitally sign the message that he is sending to Mike, what key would he use to create the digital signature? A. David's public key B. David's private key C. Mike's public key D. Mike's private key

B

acme widgets has 10 employees and they all need the ability to communicate with one another use a asymmetric encryption system. 11th employee is added, how many new keys must be added? A. 1 B. 2 C. 10 D. 11

B

What type of cipher operates on one character of text at a time? A. Block cipher B. Bit cipher C. Stream cipher D. Balanced cipher

C

What type of cryptographic attack attempts to force a user to reduce the level of encryption that they use to communicate with a remote server? A. Birthday B. Frequency C. Downgrade D. Rainbow Table

C

Which one of the following certificate formats is closely associated with Windows binary certificate files? A. DER B. PEM C. PFX D. P7B

C

polyalphabetic substitution cipher:

Multiple Substitution alphabets

Cryptography:

Practice of encoding information in a manner that it cannot be decoded without access to the required decryption key.

Asymmetric encryption:

Provides each user with a pair for keys

David would like to send Mike a message using a asymmetric encryption algorithm. What key should he use to encrypt the message? A. David's public key B. David's private key C. Mike's public key D. Mike's private key

D

David would like to send Mike a message using a asymmetric encryption algorithm. When Mike receives the message that David encrypted for him, what key should he use to decrypt the message? A. David's public key B. David's private key C. Mike's public key D. Mike's private key

D

Mike sendng David an encrypted message using a symmetric encryption algorithm. What key should he use to encrypt the message? A. Mikes public key B. Mikes private key C. Davids public key D. Shared secret key

D

Norm is using full-disk encryption technology to protect the contents of laptops against theft. What goal of cryptography is he attempting to achieve? A. Integrity B. Nonrepudiation C. Authentication D. Confidentiality

D

Vince is choosing a symmetric encryption algorithm for use in his organization. He would like to choose the strongest algorithm from the choices below. What algorithm should he choose? A. DES B. 3DES C. RSA D. AES

D

What type of digital certificate provides the greatest level of assurance that the certificate owner is who they claim to be? A. DV B. OV C. UV D. EV

D

Brian discovers that a user suspected of stealing sensitive information is posting many image files to a message board. What technique might the individual be using to hide sensitive information in those images? A. Steganography B. Homomorphic encryption C. Replay Attack D. Birthday attack

A

David would like to send Mike a message using a asymmetric encryption algorithm. When Mike receives the digitally signed message from David, what key should he use to verify the digital signature? A. David's public key B. David's private key C. Mike's public key D. Mike's private key

A

What type of security solution provides a hardware platform for the storage and management of encryption keys? A. HSM B. IPS C. SIEM D. SOAR

A

Which one of the following servers is almost always an offline CA in a large PKI deployment? A. Root CA B. Intermediate CA C. RA D. Internal CA

A

Kevin is configuring a web server to use digital certificates. What technology can he use to allow clients to quickly verify the status of that digital certificate without contacting a remote server? A. CRL B. OCSP C. Certificate stapling D. Certificate pinning

C

Acme Widgets has 10 employees and they all need the ability to communicate with one another using a symmetric encryption system. The system should allow any two employees to securely communicate without other employees eavesdropping. If an 11th employee is added to the organization, how many new keys must be added to the system? A. 1 B. 2 C. 10 D. 11

C

Alans team needs to perform computations on sensitive personal information but does not need access to the underlying data. What technology can the team use to perform these calculations without accessing the data? A. Quantum computing B. Blockchain C. Homomorphic encryption D. Certificate pinning

C

Glenn recently obtained a wildcard certificate for *.mydomain.com Which one of the following domains would not be covered by this certificate? A. mydomain.com B. core.mydomain.com C. dev.www.mydomain.com D. mail.mydomain.com

C

Goals of cryptography:

Confidentiality, integrity, authentication, nonrepudiation

Transposition cipher:

Transposing or scrambling letters in a certain matter

Symmetric encryption:

Uses the same shared secret key to encrypt and decrypt info