Security Ch9
Could cause personal hardship or embarrassment. *Medium* Could cause personal embarrassment or inconvenience. *Low* Could cause loss of life or social hardship. *High* Could cause operational harm such as loss of control or loss of public trust. *High* Could cause operational harm such as loss of confidence or damage to reputation. *Medium*
Many organizations use the Information Security Classification Framework, which uses the following classification -High -Medium -Low Drag the sensitivity classification on the left to the appropriate description on the right. (Classifications may be used once, more than once, or not at all.)
Sam's public key
Mary wants to send a message to Sam so that only Sam can read it. Which key would be used to encrypt the message?
Mary's private key
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature?
Implements the Diffie-Hellman key exchange protocol using elliptic curve cryptography *ECDH* Exist only for the lifetime of a specific communication session *Ephemeral keys* Uses no deterministic algorithm when generating public keys *Perfect forward secrecy* Can be reused by multiple communication sessions *Static keys*
Match each public key cryptography key management mechanism on the left with the corresponding description on the right. Each mechanism may be used once, more than once, or not at all.
The sender's key is sent to a recipient using a Diffie-Hellman key exchange. *In-band distribution* The sender's key is copied to a USB drive and handed to the recipient. *Out-of-band distribution* The sender's key is sent to the recipient using public key cryptography. *In-band distribution* The sender's key is burned to a CD and handed to the recipient. *Out-of-band distribution*
Match the symmetric key distribution mechanism on the left with the appropriate description on the right. Each distribution mechanism may be used once, more than once, or not at all.
Only 160-bit
SHA-1 uses which of the following bit length hashing algorithms?
The certificate owner has held the certificate beyond the established lifetime timer
Certificate revocation should occur under all but which of the following conditions?
Generates two different yet mathematically related keys. *Asymmetric* Only the private key can be used to decrypt information. *Asymmetric* Generates a single key that is used for both encryption and decryption. *Symmetric* Algorithm used for signature verification and data integrity checking. *Hashing* The public key can only be used to encrypt information. *Asymmetric*
Drag the cryptographic algorithm on the left to the appropriate explanation on the right. (Each algorithm may be used once, more than once, or not at all.)
Create a message digest
Hashing algorithms are used to perform what activity?
Two
How many keys are used with Public Key cryptography?
Two
How many keys are used with asymmetric (public key) cryptography?
One
How many keys are used with symmetric key cryptography?
AH ESP
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)
The discovered password will allow the attacker to log in as the user, even if the discovered password is not the same as the user's password. A collision was discovered.
If a birthday attack is successful, meaning the attacker discovers a password that generates the same hash as that captured from a user's login credentials, which of the following is true? (Select two.)
Symmetric
If a message sender encrypts a message with a key and a message receiver decrypts it using the same key, which type of key exchange is taking place?
Birthday attack
If two different messages or files produce the same hashing digest, then a collision has occurred. Which form of cryptographic attack exploits this condition?
Personally identifiable information
If you lose your wallet or purse and it ends up in the wrong hands, several pieces of information could be used to do personal harm to you. These pieces of information include the following: Name and address Driver license number Credit card numbers Date of birth Which of the following classifications does this information fall into?
Known plaintext
In which type of attack does the attacker have access to both the plaintext and the resulting cipher text, but does not have the ability to encrypt the plain text?
The lowest level of classified information used by the military. Release of this information could cause damage to military efforts. *Confidential* If this information is released, it poses grave consequences to national security. *Top secret* This information can be accessed by the public and poses no security threat. *Unclassified* If this information is disclosed, it could cause some harm, but not a national disaster. *Sensitive but unclassified* If this information is disclosed, it could cause severe and permanent damage to military actions. *Secret*
The government and military use the following information classification system: -Unclassified -Sensitive but unclassified -Confidential -Secret -Top secret Drag the classification on the left to the appropriate description on the right.
The secrecy of the key
The success of asymmetric encryption is dependent upon which of the following?
Identifying data and a certification request to the registration authority (RA)
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where?
Symmetric key cryptography
What form of cryptography is best suited for bulk encryption because it is so fast?
A hierarchy of computers for issuing certificates.
What is a PKI?
Generate and store cryptographic keys
What is the main function of a TPM hardware chip?
Digital signatures
What is the most obvious means of providing non-repudiation in a cryptography system?
Create a security association between communicating partners.
What is the primary function of the IKE protocol used with IPsec?
A shared private key
What type of key or keys are used in symmetric cryptography?
Non-repudiation
When a sender encrypts a message using their own private key, what security service is being provided to the recipient?
Key clustering
When an attacker decrypts an encoded message using a different key than was used during encryption, what type of attack has occurred?
Near the end of the certificate's valid lifetime
When is the best time to apply for a certificate renewal?
Collision
When two different messages produce the same hash value, what has occurred?
Damage the hard disks so badly that all data remanence is gone.
When you dispose of a computer or sell used hardware and it is crucial that none of the data on the hard disks can be recovered. Which of the following actions can you take to ensure that no data is recoverable?
The certificate is revoked and added to the Certificate Revocation List.
Which action is taken when the private key associated with a digital certificate becomes compromised?
It is a trusted third-party.
Which aspect of a certificate makes it a reliable and useful mechanism for proving the identity of a person, system, or service on the internet?
Diffie-Hellman
Which cryptography system generates encryption keys that could be used with DES, AES, IDEA, RC5, or any other symmetric cryptography solution?
El Gamal
Which form of asymmetric cryptography is based upon Diffie-Hellman?
Implementation attack
Which form of cryptanalysis focuses on weaknesses in software, the protocol, or the encryption algorithm?
Asymmetric encryption Uses a finite set of values within an algebraic field
Which of the follow are characteristics of ECC? (Select two.)
Diffie-Hellman RSA
Which of the following algorithms are used in asymmetric encryption? (Select two.)
Is used in IPsec Uses a 168-bit key
Which of the following are true of Triple DES (3 DES)? (Select two.)
Brute force attack
Which of the following attacks typically takes the longest amount of time to complete?
The attack is based on information gained from the physical implementation of a cryptosystem.
Which of the following best describes a side-channel attack?
A small change in the message results in a big change in the hash value.
Which of the following best describes high amplification when applied to hashing algorithms?
RC4
Which of the following can be classified as a stream cipher?
Certificate expiration
Which of the following conditions does not result in a certificate being added to the certificate revocation list?
Pulverizing
Which of the following data destruction techniques uses a punch press or hammer system to crush a hard disk?
SHA-1
Which of the following does not or cannot produce a hash value of 128 bits?
DES
Which of the following encryption mechanisms offers the least security because of weak keys?
Symmetric stream
Which of the following forms of cryptography is best implemented in hardware?
Create a hash of system components
Which of the following functions are performed by the TPM?
HIPAA
Which of the following government acts protects medical records and personal health information?
Digital signature
Which of the following is a direct protection of integrity?
Analytic attack
Which of the following is a mathematical attack that targets the complexity of a cryptosystem's algorithm?
FTPS
Which of the following is a secure alternative to FTP that uses SSL for encryption?
Registration authority
Which of the following is an entity that accepts and validates information contained within a request for a certificate?
Exploiting a computer's inability to produce random numbers
Which of the following is an example of a statistical attack against a cryptosystem?
Copying the key to a USB drive
Which of the following is considered an out-of-band distribution method for private key encryption?
Using short passwords
Which of the following is not a countermeasure against dictionary attacks?
Ron's Cipher v4 (RC4)
Which of the following is the most frequently used symmetric key stream cipher?
SHA-1
Which of the following is the strongest hashing algorithm?
MD5
Which of the following is the weakest hashing algorithm?
DES
Which of the following is the weakest symmetric encryption method?
CSP
Which of the following is used in conjunction with a local security authority to generate the private and public key pair used in asymmetric cryptography?
Hash
Which of the following is used to verify that a downloaded file has not been altered?
Public key Validity period
Which of the following items are contained in a digital certificate? (Select two.)
IPsec
Which of the following network layer protocols provides authentication and encryption services for IP-based network traffic?
Hybrid
Which of the following password attacks adds appendages to known dictionary words?
SSL TLS
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
Diffie-Hellman RSA
Which of the following protocols can TLS use for key exchange? (Select two.)
HTTPS
Which of the following protocols uses port 443?
DriveLock
Which of the following security measures encrypts the entire contents of a hard drive?
EFS
Which of the following security solutions would prevent a user from reading a file that she did not create?
Asymmetric key cryptography is used to distribute symmetric keys.
Which of the following statements is true when comparing symmetric and asymmetric cryptography?
International Data Encryption Algorithm (IDEA)
Which of the following symmetric block ciphers does not use a variable block length?
IDEA
Which of the following symmetric cryptography systems does not support a variable block size?
SSH Telnet
Which of the following tools allow for remote management of servers? (Select two.)
X.509
Which standard is most widely used for certificates?
Online Certificate Status Protocol
Which technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large, complex environments?
Dictionary
Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt or a local copy of a security accounts database?
RC5
Which version of the Rivest cipher is a block cipher that supports variable bit length keys and variable bit block sizes?
They test every possible valid combination.
Why are brute force attacks always successful?
SSL
You are purchasing a hard disk from an online retailer over the internet. What does your browser use to ensure that others cannot see your credit card number on the internet?
Confidentiality
You create a new document and save it to a hard drive on a file server on your company's network. Then you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing which security goal?
Your copy is the same as the copy posted on the website.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?
Recovery agent
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact?
BitLocker
You want a security solution that protects the entire hard drive and prevents access even if the drive is moved to another system. Which solution should you choose?
A cryptographic service provider
You want email sent from users in your organization to be encrypted to make messages more secure. Which of the following is an option you can use to enhance the encryption of email messages?
AES
You want to encrypt data on a removable storage device. Which encryption method would you choose to use the strongest method possible?
Implement BitLocker with a TPM
You want to protect data on hard drives for users with laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do?
Enable the TPM in the BIOS
You would like to implement BitLocker to encrypt data on a hard disk, even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do?
C: volume Master boot record
You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. Which system components are encrypted in this scenario? (Select two.)
If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, it will be saved in an unencrypted state. By default, only the user who encrypted the C:\Secrets\confidential.docx file will be able to open it.
You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. You use EFS to encrypt the C: Secrets folder and its contents. Which of the following is true in this scenario? (Select two.)
Chosen plaintext
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plaintext to see the resulting ciphertext. Which type of attack is this?
Asymmetric
A PKI is an implementation for managing which type of encryption?
Hashing algorithms
A birthday attack focuses on what?
Sender's public key
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. Which of the following must the receiver use to access the hashing value and verify the integrity of the transmission?
Private keys
Above all else, what must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Each cipher text block is fed back into the encryption and then encrypts the next plaintext block. *Cipher Feedback Mode* Each plaintext block is added to the previous cipher text block and then the result is encrypted with the key. *Cipher Block Chaining Mode* This mode can encrypt or decrypt one fixed-length block. *Block Cipher Mode* Sender and recipient access a reliable counter that computes a new shared value each time a cipher text block is exchanged. *Counter Mode* Feeds the output blocks back to the block cipher. *Output Feedback Mode*
Advanced cryptography includes various modes of operation. Drag the mode of operation on the left to the appropriate definition on the right.
The CA's public key must validate the CA's digital signature on the server certificate
An SSL client has determined that the Certificate Authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity?
Diffusion
At the end of the cryptographic process, output is generated. With one type of output, simple character changes in the plaintext will cause several characters to change in the cipher text. What type of output is this?
