Ciphers
Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher was based on? A. Caesar B. The Jefferson disks C. Enigma D. SIGABA
A. Caesar
Which of the following is the MOST secure form of triple-DES encryption? A. DES-EDE3 B. DES-EDE1 C. DES-EEE4 D. DES-EDE2
A. DES-EDE3
Which of the following is NOT a true statement regarding the implementation of the 3DES modes? A. DES-EEE1 uses one key B. DES-EEE2 uses two keys C. DES-EEE3 uses three keys D. DES-EDE2 uses two keys
A. DES-EEE1 uses one key
Which of the following is more suitable for a hardware implementation? A. Stream ciphers B. Block ciphers C. Cipher block chaining D. Electronic code book
A. Stream ciphers
This is a block cipher that works on 64-bit blocks of data.
Blowfish
Which of the following is NOT an example of an asymmetric key algorithm? A. Elliptic curve cryptosystem (ECC) B. Diffie-Hellman C. Advanced Encryption Standard (AES) D. Merkle-Hellman Knapsack
C. Advanced Encryption Standard (AES)
Which of the following elements is NOT included in a Public Key Infrastructure (PKI)? A. Timestamping B. Repository C. Certificate revocation D. Internet Key Exchange (IKE)
D. Internet Key Exchange (IKE)
xxxx authentication provides the weakest form of authentication because it is not bound to a user, just to a computer or device.
MAC
Which of the following does NOT concern itself with key management? A. Internet Security Association Key Management Protocol (ISAKMP) B. Diffie-Hellman (DH) C. Cryptology (CRYPTO) D. Key Exchange Algorithm (KEA)
C. Cryptology (CRYPTO)
If AES block size are 128 bits, there are xx rounds
10
If AES block size are 192 bits, there are xx rounds
12
AES supports a block key sizes of
128, 192, and 256 bits
If AES block size are 256 bits, there are xx rounds
14
SHA produces a xxxxx-bit hash value, or message digest.
160
3DES uses ___ rounds in its computation
48
What is the key size of the International Data Encryption Algorithm (IDEA)? A. 64 bits B. 128 bits C. 160 bits D. 192 bits
B. 128 bits
The key length of this algorithm can be anywhere from 32 bits up to 448 bits, and the data blocks go through 16 rounds of cryptographic functions.
Blowfish
Which of the following was NOT designed to be a proprietary encryption algorithm? A. RC2 B. RC4 C. Blowfish D. Skipjack
C. Blowfish
A one-way hash provides which of the following? A. Confidentiality B. Availability C. Integrity D. Authentication
C. Integrity
message is encrypted with a symmetric block cipher in CBC mode, and the output of the final block of ciphertext is used as the MAC.
CBC-MAC
This DES mode does not reveal a pattern because each block of text, the key, and the value based on the previous block are processed in the algorithm and applied to the next block of text.
Cipher Block Chaining (CBC)
This DES mode is a combination of a block cipher and a stream cipher.
Cipher Feedback (CFB)
xxxx provides the same type of data origin authentication and integrity as CBC-MAC, but is more secure mathematically.
Cipher-Based Message Authentication Code (CMAC)
This DES mode uses no chaining and uses an IV counter that increments for each plaintext block that needs to be encrypted. The unique counter ensures that each block is XORed with a unique keystream value.
Counter (CTR) Mode
The RSA Algorithm uses which mathematical concept as the basis of its encryption? A. Geometry B. 16-round ciphers C. PI (3.14159...) D. Two large prime numbers
D. Two large prime numbers
Which of the following issues is not addressed by digital signatures? A. nonrepudiation B. authentication C. data integrity D. denial-of-service
D. denial-of-service
This algorithm provides much of the same functionality RSA provides: digital signatures, secure key distribution, and encryption, but is more efficient than RSA and any other asymmetric algorithm.
ECC
This public key algorithm that can be used for digital signatures, encryption, and key exchange. It is based not on the difficulty of factoring large numbers, but on calculating discrete logarithms in a finite field.
El Gamal
When compared to other algorithms, this algorithm is usually the slowest.
El Gamal
this is actually an extension of the Diffie-Hellman algorithm.
El Gamal
This DES mode works with blocks of data independently, data within a file does not have to be encrypted in a certain order.
Electronic code book
This function, a symmetric key would be concatenated with the message.
Hash MAC (HMAC)
This algorithm is used in PGP and other encryption software implementations. It was thought to replace DES, but it is patented.
IDEA
This DES mode is a block cipher can work in when it needs to emulate a stream because it encrypts small amounts of data at a time, but it has a smaller chance of creating and extending errors throughout the full encryption process.
Output Feedback (OFB)
This block cipher block sizes are 32, 64, or 128 bits, and the key size goes up to 2,048 bits.
RC5
This block cipher that was built upon RC5.
RC6
One advantage of using xxx is that it can be used for encryption and digital signatures.
RSA
DSA is a
asymmetric algorithm
Diffie-Hellman is a
asymmetric algorithm
ECC is a
asymmetric algorithm
El Gamal is a
asymmetric algorithm
Knapsack is a
asymmetric algorithm
RSA is a
asymmetric algorithm
3DES is a
symmetric algorithm
What is a Synchronous cryptosystems
use keystreams to encrypt plaintext one bit at a time
What are asynchronous cryptosystems?
uses previously generated output to encrypt the current plaintext values, like a block chain
What is the length of an MD5 message digest? A. 128 bits B. 160 bits C. 256 bits D. varies depending upon the message size.
A. 128 bits
What is a characteristic of using the Electronic Code Book mode of DES encryption? A. A given block of plaintext and a given key will always produce the same ciphertext. B. Repetitive encryption obscures any repeated patterns that may have been present in the plaintext. C. Individual characters are encoded by combining output from earlier encryption routines with plaintext. D. The previous DES output is used as input.
A. A given block of plaintext and a given key will always produce the same ciphertext.
The RSA algorithm is an example of what type of cryptography? A. Asymmetric Key. B. Symmetric Key. C. Secret Key. D. Private Key.
A. Asymmetric Key.
In an SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session? A. Both client and server B. The client's browser C. The web server D. The merchant's Certificate Server
A. Both client and server The client generates the "pre-master" secret.
Which is NOT a suitable method for distributing certificate revocation information? A. CA revocation mailing list B. Delta CRL C. OCSP (online certificate status protocol) D. Distribution point CRL
A. CA revocation mailing list
Where in a PKI infrastructure is a list of revoked certificates stored? A. CRL B. Registration Authority C. Recovery Agent D. Key escrow
A. CRL
Who first described the DoD multilevel military security policy in abstract, formal terms? A. David Bell and Leonard LaPadula B. Rivest, Shamir and Adleman C. Whitfield Diffie and Martin Hellman D. David Clark and David Wilson
A. David Bell and Leonard LaPadula
Which encryption algorithm is BEST suited for communication with handheld wireless devices? A. ECC (Elliptic Curve Cryptosystem) B. RSA C. SHA D. RC4
A. ECC (Elliptic Curve Cryptosystem)
In which mode of DES, will a block of plaintext and a key always give the same ciphertext? A. Electronic Code Book (ECB) B. Output Feedback (OFB) C. Counter Mode (CTR) D. Cipher Feedback (CFB)
A. Electronic Code Book (ECB)
Which of the following modes of DES is MOST likely used for Database Encryption? A. Electronic Code Book (ECB) B. Cipher Block Chaining (CBC) C. Cipher Feedback (CFB) D. Output Feedback (OFB)
A. Electronic Code Book (ECB)
What is the name of the protocol use to set up and manage Security Associations (SA) for IP Security (IPSec)? A. Internet Key Exchange (IKE) B. Secure Key Exchange Mechanism C. Oakley D. Internet Security Association and Key Management Protocol
A. Internet Key Exchange (IKE)
Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations? A. Internet Key exchange (IKE) B. Security Association Authentication Protocol (SAAP) C. Simple Key-management for Internet Protocols (SKIP) D. Key Exchange Algorithm (KEA)
A. Internet Key exchange (IKE)
Which of the following is NOT a property of a one-way hash function? A. It converts a message of a fixed length into a message digest of arbitrary length. B. It is computationally infeasible to construct two different messages with the same digest. C. It converts a message of arbitrary length into a message digest of a fixed length. D. Given a digest value, it is computationally infeasible to find the corresponding message.
A. It converts a message of a fixed length into a message digest of arbitrary length.
What is NOT true about a one-way hashing function? A. It provides authentication of the message B. A hash cannot be reverse to get the message used to create the hash C. The results of a one-way hash is a message digest D. It provides integrity of the message
A. It provides authentication of the message
Which key agreement scheme uses implicit signatures? A. MQV B. DH C. ECC D. RSA
A. MQV
Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender? A. Message Authentication Code - MAC B. PAM - Pluggable Authentication Module C. NAM - Negative Acknowledgement Message D. Digital Signature Certificate
A. Message Authentication Code - MAC
You are an information systems security officer at a mid-sized business and are called upon to investigate a threat conveyed in an email from one employee to another. You gather the evidence from both the email server transaction logs and from the computers of the two individuals involved in the incident and prepare an executive summary. You find that a threat was sent from one user to the other in a digitally signed email. The sender of the threat says he didn't send the email in question. What concept of PKI - Public Key Infrastructure will implicate the sender? A. Non-repudiation B. The digital signature of the recipient C. Authentication D. Integrity
A. Non-repudiation
Which type of encryption is considered to be unbreakable if the stream is truly random and is as large as the plaintext and never reused in whole or part? A. One Time Pad (OTP) B. One time Cryptopad (OTC) C. Cryptanalysis D. Pretty Good Privacy (PGP)
A. One Time Pad (OTP)
What is the name of a one way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed. A. One-way hash B. DES C. Transposition D. Substitution
A. One-way hash
Crime Prevention Through Environmental Design (CPTED) is a discipline that: A. Outlines how the proper design of a physical environment can reduce crime by directly affecting human behavior. B. Outlines how the proper design of the logical environment can reduce crime by directly affecting human behavior. C. Outlines how the proper design of the detective control environment can reduce crime by directly affecting human behavior. D. Outlines how the proper design of the administrative control environment can reduce crime by directly affecting human behavior.
A. Outlines how the proper design of a physical environment can reduce crime by directly affecting human behavior.
A public key algorithm that does both encryption and digital signature is which of the following? A. RSA B. DES C. IDEA D. Diffie-Hellman
A. RSA
Which of the following is a Hashing Algorithm? A. SHA B. RSA C. Diffie Hellman (DH) D. Elliptic Curve Cryptography (ECC)
A. SHA
Which of the following protocols would BEST mitigate threats of sniffing attacks on web application traffic? A. SSL or TLS B. 802.1X C. ARP Cache Security D. SSH - Secure Shell
A. SSL or TLS
Which of the following terms can be described as the process to conceal data into another file or media in a practice known as security through obscurity? A. Steganography B. ADS - Alternate Data Streams C. Encryption D. NTFS ADS
A. Steganography
What is the difference between the OCSP (Online Certificate Status Protocol) and a Certificate Revocation List (CRL)? A. The OCSP (Online Certificate Status Protocol) provides real-time certificate checks and a Certificate Revocation List (CRL) has a delay in the updates. B. The OCSP (Online Certificate Status Protocol) is a proprietary certificate mechanism developed by Microsoft and a Certificate Revocation List (CRL) is an open standard. C. The OCSP (Online Certificate Status Protocol) is used only by Active Directory and a Certificate Revocation List (CRL) is used by Certificate Authorities D. The OCSP (Online Certificate Status Protocol) is a way to check the attributes of a certificate and a Certificate Revocation List (CRL) is used by Certificate Authorities.
A. The OCSP (Online Certificate Status Protocol) provides real-time certificate checks and a Certificate Revocation List (CRL) has a delay in the updates.
Suppose that you are the COMSEC - Communications Security custodian for a large, multinational corporation. Susie, from Finance approaches you in the break room saying that she lost her smart ID card that she uses to digitally sign and encrypt emails in the PKI. What happens to the certificates contained on the smart card after the security officer takes appropriate action? A. They are added to the CRL B. They are reissued to the user C. New certificates are issued to the user D. The user may no longer have certificates
A. They are added to the CRL
Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use Hybrid Encryption Methods. What does this mean? A. Use of public key encryption to secure a secret key, and message encryption using the secret key. B. Use of the recipient's public key for encryption and decryption based on the recipient's private key. C. Use of software encryption assisted by a hardware encryption accelerator. D. Use of elliptic curve encryption.
A. Use of public key encryption to secure a secret key, and message encryption using the secret key.
Which of the following would best describe certificate path validation? A. Verification of the validity of all certificates of the certificate chain to the root certificate B. Verification of the integrity of the associated root certificate C. Verification of the integrity of the concerned private key D. Verification of the revocation status of the concerned certificate
A. Verification of the validity of all certificates of the certificate chain to the root certificate
Public key infrastructure (PKI) consists of programs, data formats, procedures, communication protocols, security policies, and public key cryptographic mechanisms working in a comprehensive manner to enable a wide range of dispersed people to communicate in a secure and predictable fashion. This infrastructure is based upon which of the following Standard? A. X.509 B. X.500 C. X.400 D. X.25
A. X.509
Within Crime prevention through Environmental Design (CPTED) the concept of territoriality is BEST described as: A. ownership. B. protecting specific areas with different measures. C. localized emissions. D. compromise of the perimeter.
A. ownership.
What is the role of IKE within the IPsec protocol? A. peer authentication and key exchange B. data encryption C. data signature D. enforcing quality of service
A. peer authentication and key exchange
The Data Encryption Algorithm performs how many rounds of substitution and permutation? A. 4 B. 16 C. 54 D. 64
B. 16
Which of the following binds a subject name to a public key value? A. A public-key certificate B. A public key infrastructure C. A secret key infrastructure D. A private key certificate
B. A public key infrastructure
Which of the following statements pertaining to stream ciphers is TRUE? A. A stream cipher is a type of asymmetric encryption algorithm. B. A stream cipher generates what is called a keystream. C. A stream cipher is slower than a block cipher. D. A stream cipher is not appropriate for hardware-based encryption.
B. A stream cipher generates what is called a keystream.
Which of the following is NOT a symmetric key algorithm? A. Blowfish B. Digital Signature Standard (DSS) C. Triple DES (3DES) D. RC5
B. Digital Signature Standard (DSS)
Which of the following is TRUE about digital certificate? A. It is the same as digital signature proving Integrity and Authenticity of the data B. Electronic credential proving that the person the certificate was issued to is who they claim to be. C. You can only get digital certificate from Verisign, RSA if you wish to prove the key belong to a specific user. D. Can't contain geography data such as country for example.
B. Electronic credential proving that the person the certificate was issued to is who they claim to be.
Which of the following would BEST describe a Concealment cipher? A. Permutation is used, meaning that letters are scrambled. B. Every X number of words within a text, is a part of the real message. C. Replaces bits, characters, or blocks of characters with different bits, characters or blocks. D. Hiding data in another message so that the very existence of the data is concealed.
B. Every X number of words within a text, is a part of the real message.
What are the three MOST important functions that Digital Signatures perform? A. Integrity, Confidentiality and Authorization B. Integrity, Authentication and Nonrepudiation C. Authorization, Authentication and Nonrepudiation D. Authorization, Detection and Accountability
B. Integrity, Authentication and Nonrepudiation
Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and delete security associations, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key establishment protocol, encryption algorithm, or authentication mechanism? A. OAKLEY B. Internet Security Association and Key Management Protocol (ISAKMP) C. Simple Key-management for Internet Protocols (SKIP) D. IPsec Key exchange (IKE)
B. Internet Security Association and Key Management Protocol (ISAKMP)
The primary purpose for using one-way hashing of user passwords within a password file is which of the following? A. It prevents an unauthorized person from trying multiple passwords in one logon attempt. B. It prevents an unauthorized person from reading the password. C. It minimizes the amount of storage required for user passwords. D. It minimizes the amount of processing time used for encrypting passwords.
B. It prevents an unauthorized person from reading the password.
The Diffie-Hellman algorithm is primarily used to provide which of the following? A. Confidentiality B. Key Agreement C. Integrity D. Non-repudiation
B. Key Agreement
Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT) by ensuring the message comes from its claimed originator and that it has not been altered in transmission? A. Secure Electronic Transaction (SET) B. Message Authentication Code (MAC) C. Cyclic Redundancy Check (CRC) D. Secure Hash Standard (SHS)
B. Message Authentication Code (MAC)
What is NOT true with pre shared key authentication within IKE / IPsec protocol? A. Pre shared key authentication is normally based on simple passwords B. Needs a Public Key Infrastructure (PKI) to work C. IKE is used to setup Security Associations D. IKE builds upon the Oakley protocol and the ISAKMP protocol.
B. Needs a Public Key Infrastructure (PKI) to work
What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition? A. Running key cipher B. One-time pad C. Steganography D. Cipher block chaining
B. One-time pad
Which one of the following is used to provide authentication and confidentiality for e-mail messages? A. Digital signature B. PGP C. IPSEC AH D. MD4
B. PGP
Which of the following algorithms is a stream cipher? A. RC2 B. RC4 C. RC5 D. RC6
B. RC4
Which of the following is not a one-way hashing algorithm? A. MD2 B. RC4 C. SHA-1 D. HAVAL
B. RC4
Which of the following is NOT an encryption algorithm? A. Skipjack B. SHA-1 C. Twofish D. DEA
B. SHA-1
Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys? This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis? A. Internet Security Association and Key Management Protocol (ISAKMP) B. Simple Key-management for Internet Protocols (SKIP) C. Diffie-Hellman Key Distribution Protocol D. IPsec Key exchange (IKE)
B. Simple Key-management for Internet Protocols (SKIP)
What can be defined as secret communications where the very existence of the message is hidden? A. Clustering B. Steganography C. Cryptology D. Vernam cipher
B. Steganography
Which of the following statements pertaining to Secure Sockets Layer (SSL) is FALSE? A. The SSL protocol was developed by Netscape to secure Internet client-server transactions. B. The SSL protocol's primary use is to authenticate the client to the server using public key cryptography and digital certificates. C. Web pages using the SSL protocol start with HTTPS D. SSL can be used with applications such as Telnet, FTP and email protocols.
B. The SSL protocol's primary use is to authenticate the client to the server using public key cryptography and digital certificates.
Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The originator encrypts information using the intended recipient's "public" key in order to get confidentiality of the data being sent. The recipients use their own "private" key to decrypt the information. The "Infrastructure" of this methodology ensures that: A. The sender and recipient have reached a mutual agreement on the encryption key exchange that they will use. B. The channels through which the information flows are secure. C. The recipient's identity can be positively verified by the sender. D. The sender of the message is the only other person with access to the recipient's private key.
B. The channels through which the information flows are secure.
Brute force attacks against encryption keys have increased in potency because of increased computing power. Which of the following is often considered a good protection against the brute force cryptography attack? A. The use of good key generators. B. The use of session keys. C. Nothing can defend you against a brute force crypto key attack. D. Algorithms that are immune to brute force key attacks.
B. The use of session keys
In a Public Key Infrastructure, how are public keys published? A. They are sent via e-mail. B. Through digital certificates. C. They are sent by owners. D. They are not published.
B. Through digital certificates.
Which of the following statements pertaining to key management is NOT true? A. The more a key is used, the shorter its lifetime should be. B. When not using the full keyspace, the key should be extremely random. C. Keys should be backed up or escrowed in case of emergencies. D. A key's lifetime should correspond with the sensitivity of the data it is protecting.
B. When not using the full keyspace, the key should be extremely random.
How many bits is the effective length of the key of the Data Encryption Standard algorithm? A. 168 B. 128 C. 56 D. 64
C. 56 key size of 64 bits (with 8 bits used for parity, resulting in an effective key length of 56 bits)
The Data Encryption Standard (DES) encryption algorithm has which of the following characteristics? A. 64 bits of data input results in 56 bits of encrypted output B. 128 bit key with 8 bits used for parity C. 64 bit blocks with a 64 bit total key length D. 56 bits of data input results in 56 bits of encrypted output
C. 64 bit blocks with a 64 bit total key length
What can be defined as a data structure that enumerates digital certificates that were issued to CAs but have been invalidated by their issuer prior to when they were scheduled to expire? A. Certificate revocation list B. Certificate revocation tree C. Authority revocation list D. Untrusted certificate list
C. Authority revocation list
Which one of the following is a key agreement protocol used to enable two entities to agree and generate a session key (secret key used for one session) over an insecure medium without any prior secrets or communications between the entities? The negotiated key will subsequently be used for message encryption using Symmetric Cryptography. A. RSA B. PKI C. Diffie_Hellmann D. 3DES
C. Diffie_Hellmann
Which type of algorithm is considered to have the highest strength per bit of key length of any of the asymmetric algorithms? A. Rivest, Shamir, Adleman (RSA) B. El Gamal C. Elliptic Curve Cryptography (ECC) D. Advanced Encryption Standard (AES)
C. Elliptic Curve Cryptography (ECC)
Which of the following is not a DES mode of operation? A. Cipher block chaining B. Electronic code book C. Input feedback D. Cipher feedback
C. Input feedback
The Diffie-Hellman algorithm is used for: A. Encryption B. Digital signature C. Key agreement D. Non-repudiation
C. Key agreement
Which of the following encryption methods is known to be unbreakable? A. Symmetric ciphers. B. DES codebooks. C. One-time pads. D. Elliptic Curve Cryptography.
C. One-time pads.
Which of the following choices is a valid Public Key Cryptography Standard (PKCS) addressing RSA? A. PKCS #17799 B. PKCS-RSA C. PKCS#1 D. PKCS#11
C. PKCS#1
Which of the following statements pertaining to block ciphers is NOT true? A. It operates on fixed-size blocks of plaintext. B. It is more suitable for software than hardware implementations. C. Plain text is encrypted with a public key and decrypted with a private key. D. Some Block ciphers can operate internally as a stream.
C. Plain text is encrypted with a public key and decrypted with a private key.
Which of the following algorithms does NOT provide hashing? A. SHA-1 B. MD2 C. RC4 D. MD5
C. RC4
Which of the following is a symmetric encryption algorithm? A. RSA B. Elliptic Curve C. RC5 D. El Gamal
C. RC5
What is the name for a substitution cipher that shifts the alphabet by 13 places? A. Caesar cipher B. Polyalphabetic cipher C. ROT13 cipher D. Transposition cipher
C. ROT13 cipher
Which of the following asymmetric encryption algorithms is based on the difficulty of factoring LARGE numbers? A. El Gamal B. Elliptic Curve Cryptosystems (ECCs) C. RSA D. International Data Encryption Algorithm (IDEA)
C. RSA
Which of the following encryption algorithms does NOT deal with discrete logarithms? A. El Gamal B. Diffie-Hellman C. RSA D. Elliptic Curve
C. RSA
Which of the following keys has the SHORTEST lifespan? A. Secret key B. Public key C. Session key D. Private key
C. Session key
Which of the following is NOT a known type of Message Authentication Code (MAC)? A. Keyed-hash message authentication code (HMAC) B. DES-CBC C. Signature-based MAC (SMAC) D. Universal Hashing Based MAC (UMAC)
C. Signature-based MAC (SMAC)
The Secure Hash Algorithm (SHA-1) creates: A. a fixed length message digest from a fixed length input message. B. a variable length message digest from a variable length input message. C. a fixed length message digest from a variable length input message. D. a variable length message digest from a fixed length input message.
C. a fixed length message digest from a variable length input message.
There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following? A. public keys B. private keys C. public-key certificates D. private-key certificates
C. public-key certificates
What is the maximum key size for the RC5 algorithm? A. 128 bits B. 256 bits C. 1024 bits D. 2040 bits
D. 2040 bits
Which of the following is NOT an asymmetric key algorithm? A. RSA B. Elliptic Curve Cryptosystem (ECC) C. El Gamal D. Data Encryption Standard (DES)
D. Data Encryption Standard (DES)
Compared to RSA, which of the following is true of Elliptic Curve Cryptography (ECC)? A. It has been mathematically proved to be more secure. B. It has been mathematically proved to be less secure. C. It is believed to require longer key for equivalent security. D. It is believed to require shorter keys for equivalent security.
D. It is believed to require shorter keys for equivalent security.
What algorithm was DES derived from? A. Twofish. B. Skipjack. C. Brooks-Aldeman. D. Lucifer.
D. Lucifer.
Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE? A. Diffie-Hellman Key Exchange Protocol B. Internet Security Association and Key Management Protocol (ISAKMP) C. Simple Key-management for Internet Protocols (SKIP) D. OAKLEY
D. OAKLEY
Which of the following is NOT an example of a block cipher? A. Skipjack B. IDEA C. Blowfish D. RC4
D. RC4
Which of the following service is not provided by a public key infrastructure (PKI)? A. Access control B. Integrity C. Authentication D. Reliability
D. Reliability
Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard? A. Twofish B. Serpent C. RC6 D. Rijndael
D. Rijndael
Blowfish is a
symmetric algorithm
DES is a
symmetric algorithm
IDEA is a
symmetric algorithm
RC4 is a
symmetric algorithm