Cryptography
What type of cryptography does public cryptography use? A. Asymmetric encryption B. Symmetric encryption C. Steganography D. One-way functions
A. Public key cryptography uses asymmetric encryption with two matched keys (a public key and a private key) to encrypt and decrypt information. Symmetric encryption uses a single key (often called a session key) to encrypt and decrypt data. Steganography hides data within data. Hashes are also known as one-way functions and they provide integrity.
How are public keys shared with other entities? A. Published in a certificate B. Encrypted by a private key C. Encrypted by a session key D. Public keys are not shared
A. Public keys are published in certificates. They are never encrypted. They are shared so that other entities can use them for asymmetric encryption.
Which of the following uses a single key to encrypt and decrypt data? A. Symmetric B. Asymmetric C. Public key cryptography D. SHA-1
A. Symmetric encryption uses a single key to encrypt and decrypt data. Asymmetric encryption uses two keys (a public key and a private key) to encrypt and decrypt information and is often referred to as public key cryptography. Secure Hashing Algorithm 1 (SHA-1) is a hashing algorithm and it doesn't use a key.
Of the following choices, what is used to determine whether a certificate has been revoked? A. OCSP B. Digital signature C. CARL D. Trust chain
A. The Online Certificate Status Protocol (OCSP) is used to verify the health of a certificate. An OCSP responder will indicate whether a certificate has been revoked when queried with the certificate's serial number. A digital signature uses certificates but doesn't determine whether a certificate is revoked. CAs issue a certificate revocation list (CRL), but CARL isn't a valid acronym in the context of checking certificates. A trust chain determines if the CA that issued the certificate is trusted, but doesn't indicate if a certificate is revoked.
What is used to create a digital signature used with e-mail? A. The public key of the sender B. The private key of the sender C. The public key of the recipient D. The private key of the recipient
B. A digital signature is created by hashing a message and encrypting the hash with the sender's private key. The recipient can then decrypt the hash with the sender's public key. The recipient's keys are not used for a digital signature, but they are used to encrypt and decrypt e-mail.
Researchers are attempting to discover weaknesses in an encryption algorithm using a known-plaintext attack. What is this called? A. Cryptography B. Cryptanalysis C. Criminal behavior D. Hashing
B. Cryptanalysis is the process of deciphering codes through analysis, and a known-plaintext attack is one method of cryptanalysis. Cryptography is the science of using different methods and techniques to encrypt data. It is not criminal to search for weaknesses, but the action taken after these weaknesses are discovered can be criminal. Hashing is the process of creating a hash from a file or a message with a hashing algorithm, and it is used to prevent the loss of integrity.
How are public keys distributed to clients from Internet websites? A. As e-mail attachments B. Embedded in certificates C. As cookies D. Embedded in the HTML code for the page
B. Public keys are embedded in certificates and distributed to clients in the certificate. Although users can send certificates to each other as e-mail attachments, a website does not use this method. Public keys are not included in cookies or in HTML code.
Which of the following choices allows you to verify that a file has not been modified? A. AES B. SHA C. PKI D. IDEA
B. Secure Hashing Algorithm (SHA) is a hashing algorithm, and hashing is a key method of ensuring integrity (or verifying a file has not been modified). The hash is calculated at two different times, and if the hash is the same, the file has not been modified. Advanced Encryption Standard (AES) is a strong symmetric encryption protocol. A public key infrastructure (PKI) is used to support the creation, management, and distribution of certificates. International Data Encryption Algorithm (IDEA) is an older symmetric encryption protocol.
What is a common standard used to encrypt and digitally sign e-mail? A. Symmetric encryption B. S/MIME C. TLS D. Steganography
B. Secure/Multipurpose Internet Mail Extensions (S/MIME) is the standard used to encrypt and digitally sign e-mail. Symmetric encryption uses a single key to encrypt and decrypt data, but cannot digitally sign e-mail. Transport Layer Security (TLS) encrypts data sent over a network and is used with HTTPS. Steganography is the practice of hiding data within data or in plain sight.
Of the following choices, what is NOT provided with a digital signature used for e-mail? A. Authentication B. Integrity C. Confidentiality D. Nonrepudiation
C. A digital signature does not provide confidentiality because the digital signature does not encrypt the data. A digital signature does provide authentication, integrity, and nonrepudiation. It's possible to digitally sign an e-mail without encrypting it.
Which of the following is a symmetric 128-bit block cipher? A. Data Encryption Standard (DES) B. Triple Data Encryption Standard (3DES) C. Advanced Encryption Standard (AES) D. Blowfish
C. AES is a 128-bit block cipher. All of the other answers are 64-bit block ciphers.
Which of the following is an accurate statement related to asymmetric encryption? A. It is used to privately share a private key. B. It is used to privately share a public key. C. It is used to privately share a secret key. D. It is faster than symmetric encryption.
C. Asymmetric encryption is used to privately share a secret key (or session key). Asymmetric encryption uses a matched pair of keys known as a private key and a public key. The private key is never shared, and the public key is publicly shared in a certificate. Symmetric encryption is faster than asymmetric encryption.
Which of the following would most likely be used to encrypt data in an e-mail message before it is sent? A. The public key of the sender B. The private key of the sender C. The public key of the recipient D. The private key of the recipient
C. E-mail is encrypted using the recipient's public key. The recipient's public key actually encrypts a symmetric key and uses the symmetric key to encrypt the e-mail. The recipient uses the recipient's private key to decrypt the symmetric key and then decrypts the message with the symmetric key. The sender's keys are not used to encrypt or decrypt e-mail.
What basic security function does asymmetric encryption provide? A. Integrity B. Authentication C. Confidentiality D. Availability
C. Encryption (any type of encryption, including both asymmetric and symmetric encryption) provides confidentiality for data. Hashing methods provide integrity. Authentication proves the identity of a user or system. Availability ensures that systems and data are available when needed.
A website sent a user a certificate to initiate a secure web session over the Internet. What information would NOT be in the certificate? A. Name of the website B. Name of the issuing CA C. Private key D. Expiration date
C. The private key is not included in the certificate but instead is kept private on the server. The public key is included in the certificate along with the name of the website, the name of the CA that issued the certificate, the expiration date of the certificate, and more.
Which of the following keys is changed the most often? A. Public key B. Private key C. Symmetric key D. Session key
D. A session key is only used for a session (such as a web browsing session) and is changed more often than the other keys. Public and private keys typically last for a year or longer. Symmetric encryption uses a symmetric key (also called a secret key), which can stay the same for a specific piece of data as long as the data remains encrypted.
Which of the following choices provides one-way encryption of data? A. Symmetric B. Asymmetric C. Transport Layer Security D. Hashing
D. Hashing algorithms use a one-way encryption method to create a hash from the data. They are also known as one-way functions. The hashing algorithm creates a fixed-length hash from a file, but the hash cannot be used to re-create the file. Symmetric encryption and asymmetric encryption are both two-way, because data can be encrypted and decrypted. Transport Layer Security (TLS) is widely used to encrypt Internet traffic and uses both symmetric and asymmetric encryption.
Which of the following is NOT a symmetric encryption standard? A. AES B. Blowfish C. RC4 D. RSA
D. RSA is an asymmetric encryption standard using public and private keys and is widely used with Transport Layer Security (TLS). The other choices are all symmetric encryption standards using a single key to encrypt and decrypt the data.
Someone has embedded a secret code within a picture used on a web page. What is the best description of this? A. Symmetric encryption B. Asymmetric encryption C. Hashing D. Steganography
D. Steganography is the practice of hiding data within data, such as embedding a secret code within a picture. Symmetric encryption uses a single key for encryption and decryption of data, while asymmetric encryption uses two keys (a public key and a private key) for encryption and decryption. Hashing creates a hash that can be used for integrity.
Of the following choices, which one is considered a strong, efficient symmetric encryption algorithm? A. TLS B. DES C. 3DES D. AES
D. The Advanced Encryption Standard (AES) is considered a strong, efficient symmetric encryption algorithm and it is widely used. DES is an older algorithm that has been cracked. 3DES is strong, but takes more processing power and is less efficient than AES. Transport Layer Security (TLS) uses both symmetric and asymmetric encryption, and calling it a symmetric encryption algorithm is inaccurate.