CompTIA Security+ Chapter 3
Abram was asked to explain to one of his coworkers the XOR cipher. He showed his coworker an example of adding two bits, 1 and 1. What is the result of this sum? 2 1 0 16
0
A statistical phenomenon that makes finding collisions easier.
Birthday attack
Other algorithms manipulates an entire block of plaintext at one time.
Block cipher
Which of these is NOT a characteristic of a secure hash algorithm? Collisions should be rare. A message cannot be produced from a predefined hash. The results of a hash function should not be reversed. The hash should always be the same fixed size.
Collisions should be rare.
An attempt to find two input strings of a hash function that produce the same hash string.
Collusion attack
A means to thwart statistical analysis so that the key does not relate in a simple way to the ciphertext.
Confusion
Alyosha was explaining to a friend the importance of protecting a cryptographic key from cryptoanalysis. He said that the key should not relate in a simple way to the cipher text. Which protection is Alyosha describing? Diffusion Confusion Integrity Chaos
Confusion
The Practice of transforming information so that it is secure and cannot be accessed by unauthorized parties.
Cyptography
An asymmetric encryption key that does NOT have to be protected
Public Key
An RC stream cipher that will accept keys up to 128 bits in length.
RC4
The most common asymmetric cryptography algorithm.
RSA
The XOR cipher is based on binary operations eXclusive OR that compares two bits. T or F?
TRUE
When two files have the same hash.
collusion
A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.
Advance Encryption Standard (AES)
Which of these is the strongest symmetric cryptographic algorithm? Data Encryption Standard Triple Data Encryption Standard Advanced Encryption Standard RC 1
Advanced Encryption Standard
Procedures based on mathematical formula used to encrypt and decrypt the data. also called a cipher.
Algorithm
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? Alice's private key Bob's public key Alice's public key Bob's private key
Alice's public key
Cryptography that uses two mathematically related keys.
Asymmetric Cryptographic Algorithms
What is the block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits known as?
Blowfish
When Bob needs to send Alice a message with a digital signature, whose private key is used to encrypt the hash?
Bob's private key
One of the first widely popular symmetric cryptography algorithms. no longer considered secure.
Data Encryption Standard(3DES)
Data that is stored on electronic media.
Data-at-Rest
Actions that transmit the data across a network, like an email sent across the internet.
Data-in-Transit
What term describes data actions being performed by endpoint devices , such as printing a report from a desktop computer?
Data-in-Use
Data actions being performed by "endpoint devices" such as printing as printing a report from a desktop computer.
Data-in-use
A cryptographic algorithm that is still available but should not be used because of known vulnerabilities.
Deprecated Algorithms
Which key exchange requires Alice and Bob to each agree upon a large prime number and related integer?
Diffie-Hellman (DH)
Which of the following key exchanges uses the same keys each time? Diffie-Hellman-RSA (DHRSA) Diffie-Hellman Ephemeral (DHE) Diffie-Hellman (DH) Elliptic Curve Diffie-Hellman (ECDH)
Diffie-Hellman (DH)
A Diffie-Hellman key exchange that uses different keys
Diffie-Hellman Ephemeral(DHE)
A key exchange that requires all parties to agree upon a large prime number and related integer so that the same key can be separately created.
Diffie-Hellman(DH)
If a single character of plaintext is changed then it should result in multiple characters of the ciphertext changing.
Diffusion
A(n) is not decrypted but is only used for comparison purposes. Key Stream Digest Algorithm
Digest
Electronic verification of the sender.
Digital Signature
A U.S. federal government standard for digital signatures.
Digital Signature Algorithm(DSA)
An algorithm that uses elliptic curves instead of prime numbers to compute keys.
Elliptic Curve Cryptography(ECC)
This uses elliptic curve cryptography instead of prime numbers in its computation.
Elliptic Curve Diffie-Hellman (ECDH)
What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers?
Elliptic curve cryptography (ECC)
Which of the following is considered to be common asymmetric cryptographic algorithms?
Elliptic curve cryptography (ECC)and Digital Signature Algorithm (DSA)
When using cryptography, the process of changing the original text into a scrambled message.
Encryption
Keys that are used only once and then discarded
Ephemeral key
GNU Privacy Guard (GPG) a propriety software that runs on different operating systems. T or F?
False
Encryption that protects all the data on a hard drive.
Full Disk Encryption (FDE)
Free and open source software that is commonly used to encrypt and decrypt data.
GNU Privacy Guard (GNuPG)
Which of these has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form? Trusted Platform Module (TPM) Hardware Security Module (HSM) Self-encrypting hard disk drives (SED) Encrypted hardware-based USB devices
Hardware Security Module (HSM)
A dedicated cryptographic processor that provides protection for cryptographic keys.
Hardware Security Module(HSM)
Algorithm creates a unique "digital fingerprint" of a set of data called a "digest".
Hash
A hash function used to authenticate the sender.
Hashed Message Authentication Code(HMAC)
the ability to quickly recover from these resource vs. security constraints.
High Resiliency
Which areas of a file cannot be used by steganography to hide data? In areas that contain the content data itself In the file header fields that describe the file In data that is used to describe the content or structure of the actual data In the directory structure of the file system
In the directory structure of the file system
What is a characteristic of the Trusted Platform Module (TPM)? It provides cryptographic services in hardware instead of software. It allows the user to boot a corrupted disk and repair it. It is available only on Windows computers running BitLocker. It includes a pseudorandom number generator (PRNG).
It provides cryptographic services in hardware instead of software.
At a staff meeting one of the technicians suggested that the enterprise protect its new web server by hiding it and not telling anyone where it is located. Iosif raised his hand and said that security through obscurity was a poor idea. Why did he say that? It is an unproven approach and has never been tested. It would be too costly to have one isolated server by itself. It would be essentially impossible to keep its location a secret from everyone. It depends too heavily upon non-repudiation in order for it to succeed.
It would be essentially impossible to keep its location a secret from everyone.
The process of sending and receiving secure cryptographic keys. Also the specific handshake setup between web browser and web server.
Key Exchange
Using statistical tools to attempt to discover a pattern in ciphertexts; also called Ciphertext only attack.
Known cipher attack
A small amount of time that occurs between when a byte is input into a crypographic algorithm and the time the output is obtained.
Low Latency
Small electronic devices that consume very small amounts of power.
Low-Power Devices
A revision of MD4 that was designed to address MD4's weaknesses.
Message Digest 5 (MD5)
Breaches of cryptography that are the result of incorrect configuration or uses of the cryptography.
Misconfiguration Implementation
The process of proving that a user performed an action such as sending an email message.
Non-Repudiation
Proving that a user sent an email message is known as . Non-repudiation Repudiation Integrity Availability
Non-repudiation
Public key systems that generate random public keys that are different for each session.
Perfect Forward Secrecy
What is data called that is to be encrypted by inputting it into a cryptographic algorithm? Opentext Plaintext Cleartext Ciphertext
Plaintext
A commercial product that is commonly used to encrypt files and messages.
Pretty Good Privacy (PGP)
What widely used commercial asymmetric cryptography software can be used for encrypting files and email messages?
Pretty Good Privacy (PGP)
An asymmetric encryption key that DOES have to be protected.
Private Key
An algorithm for creating a sequence of numbers whose properties approximate those of a random number.
Pseudorandom Number Generator (PRNG)
A hash algorithm that uses two different and independent parallel chains of computation and then combines the result at the end of the process.
RACE Integrity Primitives Evaluation Message Digest (RIPEMD)
Alexei was given a key to a substitution cipher. The key showed that the entire alphabet was rotated 13 steps. What type of cipher is this? AES XAND13 ROT13 Alphabetic
ROT13
One type of substitution cipher, which the entire alphabet is rotated 13 steps: A=N, B=O, etc.
ROT13
Illya was asked to recommend the most secure asymmetric cryptographic algorithm to his supervisor. Which of the following did he choose? SHA-2 ME-312 BTC-2 RSA
RSA
Which of the following asymmetric cryptographic algorithm is most commonly used?
RSA
A limitation in providing strong cryptography due to the tug of war between the available resources( time and energy) and the security provided by cryptography.
Resource vs Security constriant
Which of these is NOT a basic security protection for information that cryptography can provide? Authenticity Risk loss Integrity Confidentiality
Risk Loss
What is the latest version of the Secure Hash Algorithm? SHA-2 SHA-3 SHA-4 SHA-5
SHA-3
A secure hash algorithm that creates more secure hash values then message digest(MD) algorithms.
Secure Hash Algorithm (SHA)
The notion that virtually any system can be made secure so long as outsiders are unaware of it or how it functions.
Security through Obscurity
Drives that can automatically encrypt any data stored on it
Self-Encrypting Drives
Which type of cryptographic algorithm takes an input string of any length, and returns a string of any requested variable length?
Sponge
Takes as input a string of any length and returns a string of any requested variable length.
Sponge Function
Hides the existence of the data.
Steganography
The same single key to encrypt and decrypt a document.
Symmetric Cryptographic Algorithms
A symmetric cipher that was designed to replace DES. No longer considered the most secure symmetric cipher.
Triple Data Encryption Standard (3DES)
T or F? Ciphertext is scrambled and unreadable output of encryption
True
A chip on the motherboard of the computer that provides cryptographic services.
Trusted Platform Module (TPM)
What technology uses a chip on the motherboard of the computer to provide cryptographic services?
Trusted Platform Module (TPM)
A derivation of the Blowfish algorithm that is considered to be strong.
Twofish
Egor wanted to use a digital signature. Which of the following benefits will the digital signature not provide? Verify the sender Prove the integrity of the message Verify the receiver Enforce nonrepudiation
Verify the receiver
Another common algorithm that is based on the binary operation eXclusive OR that compares two bits: if the bits are different a 1 is returned, but if they are identical then a 0 is returned.
XOR Cipher
A block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits.
blowfish
An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.
downgrade attack
The Hashed Message Authentication Code (HMAC) . encrypts only the message encrypts only the key encrypts the key and the message encrypts the DHE key only
encrypts the key and the message
What type of cryptographic creates a unique digital footprint of set of data?
hash
Making something obscure or unclear.
obfuscation
Public key systems that generate random public keys that are different for each session are called . Public Key Exchange (PKE) perfect forward secrecy Elliptic Curve Diffie-Hellman (ECDH) Diffie-Hellman (DH)
perfect forward secrecy
Numbers for which there is no identifiable pattern or sequence.
random numbers
Some algorithms take one character and replaces it with one character.
stream cipher
An category that substitutes one character for another by substituting 1 for the letter A, 2 for the letter B etc.
substitution cipher
In which type of encryption is the same key used to encrypt and decrypt data?
symmetric encryption