IS Quiz 14
What type of attack sends two different messages using the same hash function, which end up causing a collision? A) Birthday Attack B) Bluesnarfing C) Man-in-the middle attack D) Logic bomb
A) Birthday Attack
You are attempting to move data to a USB flash drive. Which of the following enables a rapid and secure connection? A) SHA-2 B) 3DES C) AES-256 D) MD5
C) AES-256
You are tasked with ensuring that messages being sent and received between two systems are both encrypted and authenticated. Which of the following protocols accomplishes this? A) Diffie-Hellman B) BitLocker C) RSA D) SHA-1
C) RSA RSA can both encrypt and authenticate messages
What is another term for secret key encryption? A) PKI B) Asymmetrical C) Symmetrical D) Public key
C) Symmetrical Symmetric key encryption uses a secret key.
Of the following, which statement correctly describes the difference between a secure cipher, and a secure hash? A) A hash produces a variable output for any input size; a cipher does not. B) A cipher produces the same size output for any input size; a hash does not. C) A hash can be revised; a cipher cannot D) A cipher can be reversed; a hash cannot
D) A cipher can be reversed; a hash cannot
What does it mean if a hashing algorithm creates the same hash for two different Downloads? A) A hash is not encrypted. B) A hashing chain has occurred C) A one-way hash has occurred D) A collision has occurred
D) A collision has occurred
Which of the following methods will best verify that a download from the Internet has not been modified since the manufacturer released it? A) Compare the final LANMAN hash with the original B) Download the patch file over an AES encrypted VPN connection C) Download the patch file through an SSL connection D) Compare the final MD5 hash with the original
D) Compare the final MD5 hash with the original
Which of the following will provide an integrity check? A) Public key B) Private key C) WEP D) Hash
D) Hash
A hash algorithm has the capability to avoid the same output from two guessed inputs. What is this known as? A) Collision resistance B) Collision strength C) Collision cipher D) Collision metric
A) Collision resistance
Which of the following is the weakest encryption type? A) DES B) RSA C) AES D) SHA
A) DES DES (Data Encryption Standard) was developed in the 1970s; its 56-bit key has been superseded by 3DES (max 168-bit key) and AES (max 256-bit key).
Which of the following is not a valid cryptographic hash function? A) RC4 B) SHA-512 C) MD5 D) RIPEMD
A) RC4 RC4 is a symmetric encryption algorithm that uses a stream cipher
Which of the following encryption algorithms is used to encrypt and decrypt data? A) SHA-1 B) RC5 C) MD5 D) NTLM
B) RC5 (Rivest Cipher version 5) can encrypt and decrypt data
WEP improperly uses an encryption protocol and because of this is considered to be insecure. What encryption protocol does it use? A) AES B) RSA C) RC6 D) RC4
D) RC4 RC4 has several vulnerabilities when used incorrectly by protocols such as WEP
Which of the following is used by PGP to encrypt the session key before it is sent? A) Asymmetric key distribution system B) Asymmetric scheme C) Symmetric key distribution system D) Symmetric scheme
D) Symmetric scheme
Imagine that you are an attacker. Which would be most desirable when attempting to compromise encrypted data? A) A weak key B) The algorithm used by the encryption protocol C) Captured traffic D) A block cipher
A) A weak key
When encrypting credit card data, which would be the most secure algorithm with the least CPU utilization? A) AES B) 3DES C) SHA-1 D) MD5
A) AES AES (Advanced Encryption Standard) is fast and secure, more so than 3DES
Which of the following combines the keystream with the plaintext message using the bitwise XOR operator to produce the ciphertext? A) One-time pad B) Obfuscation C) PBKDF2 D) ECDH
A) One-time pad A one-time pad is a stream cipher that encrypts plaintext with a secret random key that is the same length as the plaintext
Your boss wants you to set up an authentication scheme in which employees will use smart cards to log in to the company network. What kind of key should be used to accomplish this? A) Private key B) Public key C) Cipher key D) Shared key
A) Private key
Give two examples of hardware devices that can store keys. (Select the two best answers.) A) Smart card B) Network adapter C) PCI Express card D) USB flash drive
A) Smart card and D) USB flash drive
Which type of encryption technology is used with the bitLocker application? A) Symmetric B) Asymmetric C) Hashing D) WPA2
A) Symmetric BitLocker uses symmetric encryption technology based on AES
You need to encrypt and send a large amount of data. Which of the following would be the best option? A) Symmetric encryption B) Hashing algorithm C) Asymmetric encryption D) PKI
A) Symmetric encryption Symmetric encryption is the best option for sending large amounts of data
Last week, one of the users in your organization encrypted a file with a private key. This week the user left the organization, and unfortunately the systems administrator deleted the user's account. What are the most probable outcomes of this situation? (Select the two best answers.) A) The data is not recoverable B) The former user's account can be re-created to access the file C) The file can be decrypted with a PKI D) The data can be decrypted using the recovery agent E) The data can be decrypted using the root user account
A) The data is not recoverable and D) The data can be decrypted using the recovery agent
What does steganography replace in graphic files? A) The least significant bit of each byte B) The most significant bit of each byte C) The least significant byte of each bit D) The most significant byte of each bit
A) The least significant bit of each byte
Which of the following might a public key be used to accomplish? A) To decrypt the hash of a digital signature B) To encrypt web browser traffic C) To digitally sign a message D) To decrypt wireless messages
A) To decrypt the hash of a digital signature
Why would an attacker use steganography? A) To hide information B) For data integrity C) To encrypt information D) For wireless access
A) To hide information
The fundamental difference between symmetric key systems and asymmetric key systems is that symmetric key systems do which of the following? A) Use the same key on each end B) Use different keys on each end C) Use multiple keys for non-repudiation purposes D) Use public key cryptography
A) Use the same key on each end
A network stream of data needs to be encrypted. Jason, a security administrator, selects a cipher that will encrypt 128 bits at a time before sending the data across the network. Which of the following has Jason chosen? A) Stream cipher B) Block cipher C) Hashing algorithm D) RC4
B) Block cipher
Which of the following is not a symmetric key algorithm? A) RC4 B) ECC C) 3DES D) Rijndael
B) ECC (elliptic curve cryptography) is an example of public key cryptography that uses an asymmetric key algorithm
You are tasked with selecting an asymmetric encryption method that allows for the same level of encryption strength, but with a lesser key length than is typically necessary. Which encryption method fulfills your requirement? A) RSA B) ECC C) DHE D) Twofish
B) ECC The ECC (elliptic curve cryptography) method allows for lesser key lengths but at the same level of strength as other asymmetric methods
Which of the following encryption methods deals with two distinct, large prime numbers and the inability to factor those prime numbers? A) SHA-1 B) RSA C) WPA D) Symmetric
B) RSA The RSA encryption algorithm uses two prime numbers. If used properly they will be large prime numbers that are difficult or impossible to factor
Which of the following concepts does the Diffie-Hellman algorithm rely on? A) Username, and password B) VPN tunneling C) Biometrics D) Key exchange
D) Key exchange
The IT director wants you to use a cryptographic algorithm that cannot be decoded by being reversed. Which of the following would be the best option? A) Asymmetric B) Symmetric C) PKI D) One-way function
D) One-way function In cryptography, the one-way function is one option of an algorithm that cannot be reversed, or is difficult to reverse, in an attempt to decode data