CpS 391 Quiz 7
Star Technology is working on a project that needs a communication mode specializing in encryption, where only authorized parties should understand the information. The company also requires accuracy, completeness, and reliability of data throughout the project. The company has contacted you for an ideal cipher mode solution without using a counter. Which mode should you suggest?
CBC
Which of the following is a combination of encryption, authentication, and MAC algorithms, like a collection of instructions on securing a network?
Cipher suite
John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message's sender is, in fact, John?
Digital certificate
Malik and Chris are shopping for shoes on an e-commerce website and need to enter their credit card details. Which of the following can assure them that they are using the retailer's authentic website and not an imposter's look-alike site that will steal their credit card details?
Digital certificate
A company has multiple CAs and intermediate CAs issuing digital certificates in different departments, with no one cross-checking their work. Which PKI trust model should the company use?
Distributed trust model
Which of the following is a process where a private key is split into two halves, encrypted, and stored separately for future use?
Escrow
Which of the following protocols is embedded in a computer's operating system or communication hardware to secure internet communications?
IPsec
Which of the following is a process where a key is divided into a specific number of parts and distributed to multiple people, with some of them having the same parts of the key?
M-of-N control
Alliance Consulting, a company based in France, is shutting down. Louis, the owner of the company, applied to revoke his digital certificate. He is very busy with the other details of shutting the company down and needs to be able to check the certificate's status quickly and easily. Which of the following will help him get a real-time lookup of the certificate's status?
OCSP
Which of the following digital certificates are self-signed and do not depend on the higher-level certificate authority (CA) for authentication?
Root digital certificates
Which of the following is the earliest and most general cryptographic protocol?
SSL
Which of the following provides confidentiality services?
Unauthentication mode
Which of the following is a standard format for digital certificates?
X509
Jane, an IT security expert whose services are sought by XYZ Company, has recommended implementing CTR mode in the network. What is one requirement that needs to be fulfilled for computers to communicate when the CTR mode is implemented?
Both sender and receiver should have access to a counter
Sigma Technology is a company based in Singapore, with branches in 24 countries. It needs multiple CAs in different locations to verify and sign digital certificates for the company. They are looking for an option where, even in the absence of a CA, other CAs can issue the certificates. Additionally, they are also looking for CAs who will overlook other CAs in different locations. In such a scenario, which PKI trust model should they use?
Bridge trust mode
Under which of the following modes does the ciphertext depend only on the plaintext and the key, independent of the previous ciphertext blocks?
ECB
You have been asked to implement a block cipher mode of operation that requires both the sender and receiver of the message to have access to a synchronous counter that adds an AAD to the transmission. Which operating block cipher mode should you use?
GCM
XYZ University wants to set up a VPN network to connect to the internet and ensure that all their data is safe. They have asked you to recommend the correct communication protocol to use. Which of the following protocols should you recommend and why?
IPsec, because it authenticates that the packets received were sent from the source and ensures that no other party can view the contents It manages the keys to ensure that they are not intercepted or used by unauthorized parties
Which of the following is defined as a structure for governing all the elements involved in digital certificate management?
PKI
Fatima is responsible for conducting business transactions for XYZ Company, and she only had the stored private key. She is on leave and currently unavailable, and the organization needs to complete an urgent business transaction. Which of the following methods should enable the organization to access Fatima's private key and digital certificate?
Recovery
Sarah needs to send an email with important documents to her client. Which of the following protocols ensures that the email is secure?
S/MIME
Amtel University decides to keep a record of their student data in a backup server. The administrator contacts you to identify the right command interface protocol to be used in this. Which command interface protocol should you advise?
SSH
Which of the following is a Linux/UNIX-based command interface and protocol?
SSH
Which of the following protocols can be used as a tool for secure network backups?
SSH
During an investigation, it was found that an attacker did the following:Intercepted the request from the user to the server and established an HTTPS connection between the attacker's computer and the server while having an unsecured HTTP connection with the user. This gave the attacker complete control over the secure webpage.Which protocol helped facilitate this attack?
SSL
Which of the following terms best describes the process in which a user believes that the browser connection they are using is secure and the data sent is encrypted when in reality, the connection is insecure, and the data is sent in plaintext?
SSL stripping
Which of the following protocols are used to secure HTTP?
TLS and SSL
Robert has two cryptographic keys, and he needs to determine which of them is less prone to being attacked. The cryptoperiod is limited and equal for both the keys. The first key has a length of 2 and uses 16 characters, while the other key has a length of 3 and uses 15 characters. Which of the following is the best conclusion for Robert to come to?
The second key is more secure than the first key
Samira is developing a virtual private chat application for ABC Consulting. The following are requirements provided by the organization while making the application:1. All the communications should happen within the same network, host-to-host.2. The information shared through this app should be kept confidential. Hence, the whole IP packet should be encrypted, giving access to only authorized personnel. 3. There should be a private network for host-to-host communicationWhich of the following modes should Sara consider for encryption in this project?
Tunnel mode
Which of following is a characteristic of electronic code book (ECB) mode?
Two identical plaintext blocks are encrypted into two identical ciphertext blocks, making them susceptible to attacks