xyz8

DES uses a(n) _____-bit block size.

64

A(n) distinguished name uniquely identifies a certificate entity, to a user's public key.

True

A(n) man-in-the-middle attack attempts to intercept a public key or even to insert a known key structure in place of the requested public key.

True

An attacker may obtain duplicate texts, one in ciphertext and one in plaintext, which enable the individual to reverse-engineer the encryption algorithm in a(n) known-plaintext attack scheme.

True

Hash algorithms are publicly known functions that create a value by converting variable-length messages into a single fixed-length value.

True

In 1917, Gilbert S.Vernam, an AT&T employee, invented a polyalphabetic cipher machine that used a non-repeating random key.

True

Internet Protocol Security is designed to protect data integrity, user confidentiality, and authenticity at the IP packet level.

True

Julius Caesar was associated with an early version of the transposition cipher.

True

Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.

True

The encapsulating security payload protocol provides confidentiality services for IP packets across insecure networks.

True

A(n) response attack is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source.

False (Replay Attack)

SSL builds on the encoding format of the Multipurpose Internet Mail Extensions protocol by adding encryption and authentication through the use of digital signatures based on public key cryptosystems.

False (Secure Multipurpose Internet Mail Extensions (S/MIME) does this; Not SSL.)

The Secure ____________________ Standard is a standard issued by the National Institute of Standards and Technology.

Hash

____ functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content.

Hash

Digital ____________________ are public key container files that allow computer programs to validate the key and identify to whom it belongs.

certificates

An X.509 v3 certificate binds a(n) _____, which uniquely identifies a certificate entity, to a user's public key.

distinguished name

The encapsulating security ____________________ protocol provides secrecy for the contents of network communications as well as system to system authentication and data integrity verification.

payload

Substitution ciphers that use two or more alphabets, and are referred to as ____ substitutions.

polyalphabetic

SHA-1 produces a(n) _____-bit message digest, which can then be used as an input to a digital signature algorithm.

160

____ is a Federal Information Processing Standard that specifies a cryptographic algorithm that is used within the U.S. government to protect information at federal agencies that are not a part of the national defense infrastructure.

AES

The ____ protocol provides system to system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.

AH

The successor to 3DES is the ____________________ Encryption Standard.

Advanced

The CA periodically distributes a(n) ____ to all users that identifies all revoked certificates.

CRL

____________________ or cryptosystem is an encryption method or process encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform encryption and decryption.

Cipher

____ attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.

Correlation

____________________ is the process of making and using codes to secure the transmission of information.

Cryptography

Digital signatures should be created using processes and products that are based on the ____.

DSS

Describe digital certificates.

Digital certificates are public-key container files that allow computer programs to validate the key and identify to whom it belongs. The certificate is often issued by a third party that certifies the authenticity of the information it contains. A digital signature attached to the certificate's container file certifies the file's origin and integrity. A certificate authority (CA) issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user name, public key, and other identifying information

____ are encrypted messages that can be mathematically proven to be authentic.

Digital signatures

One of the most widely known cryptographic algorithms is the Data ____________________ Standard, which was developed by IBM and is based on the company's Lucifer algorithm.

Encryption

____ is the process of converting an original message into a form that is unreadable to unauthorized individuals.

Encryption

Dictionary attacks are a collection of brute-force methods that attempt to deduce statistical relationships between the structure of the unknown key and the ciphertext that is the output of the cryptosystem.

False

ESP in transport mode can be used to establish a virtual private network, assuring encryption and authentication between networks communicating across the Internet.

False

Standard-HTTP (S-HTTP) is an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages between a client and server across the Internet.

False ( This is "Secure HTTP (S-HTTP)"; Not "Standard" HTTP).

Symmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message.

False ("Asymmetric" encryption does this; Not "Symmetric" encryption).

The SHTTP security solution provides six services: authentication by digital signatures, message encryption, compression, e-mail compatibility, segmentation, and key management.

False ("PGP" security solution does this; Not "SHTTP" security solution).

Secure HTTP provides the Internet communication services between client and host without consideration for encryption of the data that is communicated over the connection between client and server.

False ("Standard" HTTP does this; Not "Secure" HTTP).

The asymmetric encryption systems are based on using a single key to both encrypt and decrypt a message.

False ("Symmetric" encryption does this; Not "asymmetric" encryption.)

The 3DES implements a block cipher with a variable block length and a key length of 128, 192, or 256 bits.

False (AES implements a block cipher called the Rijndael Block Cipher with a variable block length and a key length of 128, 192, or 256 bits; Not 3DES).

A(n) key is the programmatic steps used to convert an unencrypted message into an encrypted sequence of bits that represent the message.

False (Algorithm)

A(n) registration authority issues, manages, authenticates, signs, and revokes users' digital certificates, which typically contain the user's name, public key, and other identifying information.

False (Certificate Authority) / (CA)

DES uses a 64-bit key.

False (DES uses a 64-bit block size and a 56-bit key; Not 64-bit key)

Encryption is the process of converting the ciphertext into a message that conveys readily understood meaning.

False (Decryption is the process of converting the ciphertext message back into plaintext so that it can be readily understood; Not Encryption.)

Encryption is a process of hiding information and has been in use for a long time.

False (Encryption is the process of converting a message into a form that is unreadable to unauthorized individuals.)

Hashing functions require the use of keys.

False (Hashing functions do not require the use of keys.)

The AES algorithm was the first public key encryption algorithm.

False (It was RSA; Not AES).

The application header protocol provides secrecy for the content of a network communication.

False (Its the "The encapsulating security payload (ESP)" protocol that provides this; Not the "application header" protocol. The application header (AH) protocol provides system-to-system authentication and data integrity verification, but does not provide secrecy for the content of a network communication.

In a(n) "word" attack, the attacker encrypts every word in a dictionary using the same cryptosystem as used by the target.

False (This happens in a "Dictionary" attack . Not a "Word" attack

In transport mode the entire IP packet is encrypted and is then placed as the content portion of another IP packet.

False (This happens in the "Tunnel" mode not "Transport" mode)

The number of horizontal and vertical pixels captured and recorded is known as the image's depth.

False (This is known as the image's "resolution"; not depth).

To encipher means to decrypt or convert ciphertext into the equivalent plaintext.

False (This is the definition of "decipher"; not "encipher").

Sequence encryption is a series of encryptions and decryptions between a number of systems, wherein each system in a network decrypts the message sent to it and then reencrypts it using different keys and sends it to the next neighbor, and this process continues until the message reaches the final destination.

False (This is the definition to "Link" encryption; Not "Sequence" encryption. There is no such thing.)

To perform the Caesar cipher encryption operation, pad values are added to numeric values that represent the plaintext that needs to be encrypted.

False (This is the method used to perform "Vernam" cipher encryption operation; Not Caesar).

You cannot combine the XOR operation with a block cipher operation.

False (You can combine the XOR operation with a block cipher operation to produce a simple but powerful operation.)

As DES became known as being too weak for highly classified communications, Double DES was created to provide a level of security far beyond that of DES.

False (double DES did not provide significantly stronger security than DES)

A method of encryption that requires the same secret key to encipher and decipher the message is known as public key encryption.

False (either private key encryption or symmetric encryption

Common implementations of RA include: systems to issue digital certificates to users and servers; directory enrollment; key issuing systems; tools for managing the key issuance; and verification and return of certificates.

False (it is common implementations of "PKI" that include the following; Not "RA")

In 1953, Giovan Batista Belaso introduced the idea of the passphrase (password) as a key for encryption.

False (it was in 1553 that he did that; Not 1953)

Attackers may conduct an encrypted-plaintext attack by sending potential victims a specific text that they are sure the victims will forward on to others.

False (selected-plaintext attack)

Describe how hash functions work and what they are used for.

Hash functions are mathematical algorithms that generate a message summary or digest to confirm the identity of a specific message and to confirm that there have not been any changes to the content. While they do not create a ciphertext, hash functions confirm message identity and integrity, both of which are critical functions in e-commerce. Hashing functions do not require the use of keys, but it is possible to attach a message authentication code (MAC)—a key-dependent, one-way hash function—that allows only specific recipients (symmetric key holders) to access the message digest.

____ is an open source protocol to secure communications across any IP-based network such as LANs, WANs, and the Internet.

IPSec

____ is the information used in conjunction with an algorithm to create the ciphertext from the plaintext or derive the plaintext from the ciphertext.

Key

____ is the entire range of values that can possibly be used to construct an individual key.

Keyspace

The ____ is essentially a one-way hash value that is encrypted with a symmetric key.

MAC

____ is a hybrid cryptosystem originally designed in 1991 by Phil Zimmermann.

PGP

____ was developed by Phil Zimmermann and uses the IDEA Cipher for message encoding.

PGP

____ is an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.

PKI

The ____ algorithm was the first public key encryption algorithm developed (in 1977) and published for commercial use.

RSA

The ____ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission.

SSL Record Protocol

Netscape developed the ____________________ Layer protocol to use public key encryption to secure a channel over the public Internet, thus enabling secure communications.

Secure Sockets (Abbreviation: SSL: Secure Sockets Layer)

Describe symmetric and asymmetric encryptions.

Symmetric Encryption. Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called private key encryption or symmetric encryption. Symmetric encryption methods use mathematical operations that can be programmed into extremely fast computing algorithms so that the encryption and decryption processes are executed quickly by even small computers. The primary challenge of symmetric key encryption is getting the key to the receiver, a process that must be conducted out of band (meaning through a channel or band other than the one carrying the ciphertext) to avoid interception. Asymmetric Encryption. Another category of encryption techniques is asymmetric encryption. Whereas the symmetric encryption systems are based on using a single key to both encrypt and decrypt a message, asymmetric encryption uses two different but related keys, and either key can be used to encrypt or decrypt the message. Asymmetric encryption can be used to provide elegant solutions to problems of secrecy and verification. This technique has its highest value when one key is used as a private key, which means that it is kept secret (much like the key of symmetric encryption), known only to the owner of the key pair, and the other key serves as a public key, which means that it is stored in a public location where anyone can use it.

Once the attacker has successfully broken an encryption, he or she may launch a replay attack, which is an attempt to resubmit a recording of the deciphered authentication to gain entry into a secure source.

True

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message.

True

PGP uses the freeware ZIP algorithm to compress the message after it has been digitally signed but before it is encrypted.

True

PKI systems are based on public key cryptosystems and include digital certificates and certificate authorities.

True

Plaintext or cleartext is the original unencrypted message that is encrypted; also the name given to the results of a message that has been successfully decrypted.

True

Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.

True

Privacy Enhanced Mail was proposed by the Internet Engineering Task Force as a standard to function with the public key cryptosystems.

True

Secure Electronic Transactions was developed by MasterCard and VISA in 1997 to provide protection from electronic payment fraud.

True

Secure Multipurpose Internet Mail Extensions builds on the encoding format of the Multipurpose Internet Mail Extensions protocol by adding encryption and authentication through the use of digital signatures based on public key cryptosystems.

True

The AES implements a block cipher called the Rijndael Block Cipher.

True

The most common hybrid system is based on the Diffie-Hellman Key Exchange method, which is a method for exchanging private keys using public key encryption.

True

The most popular modern version of steganography involves hiding information within files that appear to contain digital pictures or other images.

True

The permutation cipher simply rearranges the values within a block to create the ciphertext.

True

Two hundred and eighty five computers can crack a 56-bit key in one year, ten times as many would do it in a little over a month.

True

When an asymmetric cryptographic process uses the sender's private key to encrypt a message, the sender's public key must be used to decrypt the message.

True

With Diffie-Hellman, asymmetric encryption is used to exchange session keys.

True

Also known as the one-time pad, the ____________________ cipher, which was developed at AT&T, uses a set of characters only one time for each encryption process.

Vernam

____ is the amount of effort (usually in hours) required to perform cryptanalysis on an encoded message so that it may be decrypted when the key or algorithm (or both) are unknown.

Work factor

Bit stream methods most commonly use functions like the exclusive OR operation (_____).

XOR

Hashing functions do not require the use of keys, but it is possible to attach a message ____________________ code.

authentication

Digital ____________________ are electronic documents that can be part of a process of identification associated with the presentation of a public key.

certificates

The science of encryption is known as ____________________.

cryptology

The message ____________________ is a fingerprint of the author's message that is to be compared with the receiver's locally calculated hash of the same message.

digest

To ____________________ means to encrypt or convert plaintext into the equivalent ciphertext.

encipher

The ____________________ OR operation is a function of Boolean algebra in which two bits are compared, and if the two bits are identical, the result is a binary 0.

exclusive

A(n) ____________________ substitution uses one alphabet.

monoalphabetic

The more common name for asymmetric encryption is ____________________ key encryption.

public

A(n) ____________________ authority operates under the trusted collaboration of the certificate authority and can be delegated day-to-day certification functions, such as verifying registration information about new registrants, generating end-user keys, revoking certificates, and validating that users possess a valid certificate.

registration

Digital ____________________ are encrypted messages that can be mathematically proven to be authentic.

signatures

The process of hiding messages is called ____________________.

steganography

When using a(n) ____________________ cipher, you replace one value with another.

substitution

A method of encryption that requires the same secret key to encipher and decipher the message is known as ____ encryption.

symmetric

In a(n) ____ attack, the attacker eavesdrops during the victim's session and uses statistical analysis of the user's typing patterns and inter-keystroke timings to discern sensitive session information.

timing

In a(n) ____________________ attack, the attacker eavesdrops during the victim's session and uses statistical analysis of the user's typing patterns and inter-keystroke timings to discern sensitive session information.

timing

In IPSEC ____________________ mode, only the IP data is encrypted, not the IP headers.

transport

The ____________________ cipher simply rearranges the values within a block to create the ciphertext.

transposition

A mathematical ____________________ is a "secret mechanism that enables you to easily accomplish the reverse function in a one-way function."

trapdoor