Chapters 6 & 7
Which of the following statements describe a quantum computer? A quantum computer is a computer that relies on qubits that can be both 0 and 1 at the same time. A quantum computer uses encrypted hardware until the correct password is provided and all data copied to the computer is automatically encrypted. A quantum computer is a computer that uses the structure of physical gadgets with sensors, software, and other technologies to connect and swap data with other devices and systems over the internet. A quantum computer is a computer with a chip on its motherboard that provides cryptographic services, includes a true random number generator, and supports fully asymmetric encryption.
A quantum computer is a computer that relies on qubits that can be both 0 and 1 at the same time.
John needs to add an algorithm for his company communication process, in which encryption uses two keys. One is the public key, and the other one is a private key. Which algorithm will be suitable to achieve this? Asymmetric cryptographic Private key cryptographic Lightweight cryptographic Symmetric cryptographic
Asymmetric cryptographic
Star Technology is working on a project that needs a communication mode specializing in encryption, where only authorized parties should understand the information. The company also requires accuracy, completeness, and reliability of data throughout the project. The company has contacted you for an ideal cipher mode solution . Which mode should you suggest? SSH HTTPS CBC S/MIME
CBC
Which attack sees an attacker attempt to determine the hash function's input strings that produce the same hash result? Known ciphertext attack Downgrade attack Collision attack Birthday attack
Collision attack
Jane, an IT security expert whose services are sought by XYZ Company, has recommended implementing CTR mode in the network. What is one requirement that needs to be fulfilled for computers to communicate when the CTR mode is implemented? Both sender and receiver should have acces to a synchronous counter Sender should have access to a counter. c. Receiver should have access to a counter. d. Neither sender nor receiver need access to a counter. Correct. Both the message sender and receiver have access to a synchronous counter, which computes a new value each time a ciphertext block is exchanged. Incorrect. With CTR mode, it would not be sufficient for only the sender to have a counter. Incorrect. With CTR mode, it would not be sufficient for only the sender to have a counter. Incorrect. CTR mode cannot be implemented if neither the sender nor the receiver has access to a counter.
Correct. Both the message sender and receiver have access to a synchronous counter, which computes a new value each time a ciphertext block is exchanged. Incorrect. With CTR mode, it would not be sufficient for only the sender to have a counter. Incorrect. With CTR mode, it would not be sufficient for only the sender to have a counter. Incorrect. CTR mode cannot be implemented if neither the sender nor the receiver has access to a counter.
John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message's sender is, in fact, John? Digital signature Digital certificate Public key Physical signature
Digital certificate
Malik and Chris are shopping for shoes on an e-commerce website and need to enter their credit card details. Which of the following can assure them that they are using the retailer's authentic website and not an imposter's look-alike site that will steal their credit card details? Digital signature Digital certificate Hash digest SSL
Digital certificate
John receives an encrypted document using asymmetric cryptography from Alex. Which process should Alex use along with asymmetric cryptography so that John can be sure that the received document is real, from Alex, and unaltered? Elliptic curve cryptography Digital signature algorithm Rivest-Shamir-Alderman Symmetric cryptography
Digital signature algorithm
ABC Enterprises plans to upgrade its internal confidential communication channel for the senior management team, which is geographically spread out, to enhance communication speed and security. They have decided to use cryptography to achieve this but can't decide on which model. The CEO has come to you for your suggestion on whether to use RSA or ECC.What should you recommend to the CEO, and why? RSA, as it uses sloping curves to generate keys. This makes it very secure for smaller key sizes, making it secure and the communication exchange extremely fast. RSA, as it uses three rounds of encryption. It employs 48 iterations in its encryptions, using different keys each for each round. This makes the message extremely secure while making the communication exchange extremely fast. ECC, as it uses sloping curves to generate keys. This makes it very secure for smaller key sizes making it secure and the communication exchange extremely fast. ECC, as it uses three rounds of encryption. It employs 48 iterations in its encryptions, using different keys each for each round. This makes the message extremely secure while making the communication exchange extremely fast.
ECC, as it uses sloping curves to generate keys. This makes it very secure for smaller key sizes making it secure and the communication exchange extremely fast.
Spectrum Technologies uses SHA-256 to share confidential information. The enterprise reported a breach of confidential data by a threat actor. You are asked to verify the cause of the attack that occurred despite implementing secure cryptography in communication. Which type of attack should you consider first, and why? Known ciphertext attack; the attacker can create the cryptographic keys from ciphertext because of the SHA-256 algorithm. Downgrade attack; SHA-256 is vulnerable to downgrades in the operating system to earlier versions, allowing threat actors to easily attack. Misconfiguration attack; the company should have configured a higher security hash algorithm rather than using the less-secure SHA-256. Collision attacks; the threat actor has created a malicious file with the same digest using SHA-256.
Misconfiguration attack; the company should have configured a higher security hash algorithm rather than using the less-secure SHA-256.
A manager working in ABC Consulting shared a list of employees from his team who were eligible for an extra week off. Later, he claimed that he has never shared this list. Which principle or functionality of a secured communication can be used to substantiate or verify the manager's claim? Obfuscation Nonrepudiation Steganography Hashing
Nonrepudiation
Which feature of cryptography is used to prove a user's identity and prevent an individual from fraudulently reneging on an action? Confidentiality Nonrepudiation Obfuscation Authentication
Nonrepudiation
Which characteristic of cryptography makes information obscure or unclear, and by which the original information becomes impossible to be determined? Obfuscation Nonrepudiation Authentication Integrity
Obfuscation
Which of the following uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors? Pad Key Opal Qubits
Opal
Which of the following is defined as a structure for governing all the elements involved in digital certificate management? PKI Web of trust model M-of-N control CA
PKI
Sarah needs to send an email with important documents to her client. Which of the following protocols ensures that the email is secure? SSH SSL S/MIME SHTTP
S/MIME
Amtel University decides to keep a record of their student data in a backup server. The administrator contacts you to identify the right command interface protocol to be used in this. Which command interface protocol should you advise? SSL TLS SSH HTTPS
SSH
Which of the following is a Linux/UNIX-based command interface and protocol? SSH HTTPS SSL S/MIME
SSH
During an investigation, it was found that an attacker did the following: Intercepted the request from the user to the server and established an HTTPS connection between the attacker's computer and the server while having an unsecured HTTP connection with the user. This gave the attacker complete control over the secure webpage.Which protocol helped facilitate this attack? S/MIME SSL SSH ECB
SSL
Which of the following is the earliest and most general cryptographic protocol? SSH SSL TLS HTTPS
SSL
Which function in cryptography takes a string of any length as input and returns a string of any requested variable length? Filesystem BitLocker Steganography Sponge
Sponge
Which of the following protocols are used to secure HTTP? TLS and SSH TLS and SSL TLS and SRTP SSH and SSL
TLS and SSL
Samira is developing a virtual private chat application for ABC Consulting. The following are requirements provided by the organization while making the application: 1. All the communications should happen within the same network, network-to-network. 2. The information shared through this app should be kept confidential. Hence, the whole IP packet should be encrypted, giving access to only authorized personnel. 3. There should be a private network for network-to-network communication Which of the following modes should Sara consider for encryption in this project? Transport mode Tunnel mode GCM mode Counter mode
Tunnel mode
Which encryption device you can use that has the following features?1. It should allow administrators to remotely prohibit accessing the data on a device until it can verify the user status.2. It can lock user access completely or even instruct the drive to initiate a self-destruct sequence to destroy all data. USB device encryption HSM TPM AES
USB device encryption
Which of the following provides confidentiality services? Unauthentication mode Authentication mode Stream cipher mode Transport mode
Unauthentication mode