Cryptography

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

The most common attack against cryptographic algorithms is: a. A ciphertext-only attack b. A brute force attack c. A known plaintext attack d. A chosen plaintext attack

a. A ciphertext-only attack

The elliptic curve system uses which of the following to create digital signatures? a. A hash algorithm b. A prime algorithm c. An inversion algorithm d. A linear algorithm

a. A hash algorithm

The Rijndael algorithm uses which of the following? a. Advanced encryption standard, AES b. Data encryption standard, DES c. Digital signature standard, DSS d. Key exchange algorithm, KEA

a. Advanced encryption standard, AES

Which one of the following provides data integrity? a. Cyclic redundancy checks, CRC b. Digitized signatures c. Passwords and PINs d. Biometrics

a. Cyclic redundancy checks, CRC

Which of the following protect the X.509 public key certificate? a. DSA and SHA-1 b. DES and SHA c. 3DES and MD4 d. IDEA and MD5

a. DSA and SHA-1

The SHA and HMAC provide the basis for which of the following? a. Data integrity b. Confidentiality c. Authentication d. Non-repudiation

a. Data integrity

Which of the following is an example of asymmetric encryption algorithm? a. Diffie-Hellman b. DES c. 3DES d. IDEA

a. Diffie-Hellman

Which of the following is primarily required for continued functioning of a public key infrastructure (PKI)? a. Disaster recovery plans b. Service level plans c. Fraud prevention plans d. Legal liability plans

a. Disaster recovery plans

Which of the following methods provide the highest security to protect access from unauthorized people? a. Encryption b. Call-back or dial-back systems c. Magnetic cards with personal identification number d. User ID and password

a. Encryption

Which of the following is not a valid PKI architecture? a. Gateway architecture b. Hierarchical architecture c. Mesh architecture d. Bridge architecture

a. Gateway architecture

A simpler alternative to a digital signature is a: a. Hash function b. Digital certificate c. Handwritten signature d. Certificate authority

a. Hash function

The freeware product, Tripwire is which of the following? a. It is a file integrity checker b. It is a file confidentiality checker c. It is a file availability checker d. It is a file damage checker

a. It is a file integrity checker

Which of the following is not true about one-time pad? a. It is breakable b. Each key is used only once c. It is unbreakable d. Each key is used for only one message

a. It is breakable

Which of the following is not part of cryptographic key management process? a. Key layering b. Key distribution c. Key storage d. Key generation

a. Key layering

The control technique that achieves confidentiality of data in transfer is: a. Line encryption b. One-time password c. File encryption d. End-to-end encryption

a. Line encryption

A birthday attack is targeted at which of the following? a. MD5 b. SSL c. SLIP d. SET

a. MD5

Which of the following will mitigate threat to integrity when private key cryptography is used? a. Message authentication code b. Message identifier c. Message header d. Message trailer

a. Message authentication code

Digital signature is another type of electronic signature. A digital signature is implemented using which of the following cryptographic techniques? a. Public key cryptography b. Key escrow cryptography c. Secret key cryptography d. Hybrid cryptographic systems

a. Public key cryptography

What keys are used to create digital signatures? a. Public-key cryptography b. Private-key cryptography c. Hybrid-key cryptography d. Primary-key cryptography

a. Public-key cryptography

Zero-knowledge proof is used in which of the following applications? a. Public-key encryption process b. Zeriozation process c. Degaussing operation d. Data remanence operation

a. Public-key encryption process

The two protocol algorithms used in cryptographic applications for compressing data are which of the following? a. SHA and MD5 b. 3DES and IDEA c. DSA and DSS d. RSA and SKIPJACK

a. SHA and MD5

Which of the following key algorithms decrypt data with the same key used for encryption? a. Symmetric key algorithm b. Asymmetric key algorithm c. Symmetric and public key algorithms d. Asymmetric and secret key algorithms

a. Symmetric key algorithm

Cryptographic key management is a difficult problem for which of the following? a. Symmetric-key algorithms b. Asymmetric-key algorithms c. Hybrid-key algorithms d. Hash-key algorithms

a. Symmetric-key algorithms

Public-key cryptographic systems are knows as: a. Two-keys or asymmetric systems b. Two-keys or symmetric systems c. One-key or symmetric systems d. One-key or asymmetric systems

a. Two-keys or asymmetric systems

A physical security measure for cryptographic keys is which of the following? a. Zeroization b. Zero-knowledge proof c. Zero defects proof d. Zero quantum proof

a. Zeroization

Elliptic curve systems are which of the following? 1. Asymmetric algorithms 2. Symmetric algorithms 3. Public-key systems 4. Private-key systems a. 2 and 3 b. 1 and 3 c. 2 and 4 d. 1 and 4

b. 1 and 3

The key length of Message Digest 5 (MD5) is which of the following? a. 112 bits b. 128 bits c. 160 bits d. 256 bits

b. 128 bits

What is the bit size of a DES? a. 40 b. 56 c. 64 d. 112

b. 56

The primary goal of a public key infrastructure (PKI) is to create which of the following? a. A closed environment b. A trusted environment c. An open environment d. A bounded environment

b. A trusted environment

During the design of data communication networks, a functional capability of providing link encryption and end-to-end encryption is addressed by which of the following? a. Administrative control b. Access control c. Cost control d. Technical control

b. Access control

Which one of the following encryption keys is slow? a. Symmetric b. Asymmetric c. Semi-symmetric d. Semi-asymmetric

b. Asymmetric

Digital signatures are not used for which of the following? a. Authentication b. Availability c. Non-repudiation d. Integrity

b. Availability

Asymmetric-key cryptography is not ideally suited for which of the following? a. Authentication b. Confidentiality c. Integrity d. Non-repudiation

b. Confidentiality

Which of the following is an example of symmetric key encryption algorithm? a. MD5 b. DES c. RSA d. MD4

b. DES

Which of the following is not included in the digital signature standard (DSS)? a. Digital signature algorithm, DSA b. Data encryption standard, DES c. Rivest, Shamir, Adelman algorithm, RSA d. Elliptic curve digital signature algorithm, ECDSA

b. Data encryption standard, DES

Which of the following provides both integrity and confidentiality services for data and messages? a. Digital signatures b. Encryption c. Cryptographic checksums d. Granular access control

b. Encryption

Which of the following security services or statements is not true with the U.S. digital signature standard (DSS)? a. It generates a digital signature b. It does not require a third-party certificate c. It assures non-repudiation of a message d. It verifies a digital signature

b. It does not require a third-party certificate

21. Which of the following is the best definition of a public key infrastructure (PKI)? a. It is a policy b. It is an infrastructure c. It is hardware d. It is software

b. It is an infrastructure

Which is not true about the Authentication Header (AH) of the IPSEC protocol? a. It protects against modification b. It provides privacy protection c. It provides connectionless integrity d. It protects against replay attacks

b. It provides privacy protection

What is the best way to encrypt data? a. Bulk encryption b. Link encryption c. Transaction encryption d. End-to-end encryption

b. Link encryption

If "N" keys are required to reconstruct the original key, application of the "Split Knowledge" concept requires how many keys to be documented? a. N keys b. N-1 keys c. N+1 keys d. N+2 keys

b. N-1 keys

Which of the following encryption algorithms or schemes is absolutely unbreakable? a. Data encryption standard (DES) b. One-time pad c. International data encryption algorithm (IDEA) d. RC2 and RC4

b. One-time pad

Pretty good privacy (PGP) is an electronic-mail security program. Which of the following statements is true about PGP? a. PGP is a standard b. PGP is a product c. PGP is interoperable d. PGP is not portable

b. PGP is a product

Countermeasures against replay attacks do not include which of the following? a. Time-stamps b. Protocols c. Nonces d. Kerberos

b. Protocols

26. Which of the following will mitigate threat to integrity when public key cryptography is used? a. Data checksums and secure hashes b. Public key signatures and secure hashes c. Cyclic redundancy checks and secure hashes d. Simple checksums and secure hashes

b. Public key signatures and secure hashes

Which of the following algorithms is used to create a message digest? a. SSL b. SHA c. SLIP d. SKIP

b. SHA

The major components of IPSEC include which of the following? a. SPI, FH, and SPE b. SPI, AH, and ESP c. SPI, RH, and PSE d. SPI, KH, and EPS

b. SPI, AH, and ESP

A fundamental principle for protecting cryptographic keys includes which of the following? a. Zeroization and total knowledge b. Split knowledge and dual control c. Single control and formal proof d. Zero-knowledge proof and triple control

b. Split knowledge and dual control

The least significant bit in a bit string is which of the following? a. The left-most bit of a bit string b. The right-most bit of a bit string c. The top-most bit of a bit string d. The bottom-most bit of a bit string

b. The right-most bit of a bit string

The key length of the Rijndael algorithm is which of the following? a. Fixed b. Variable c. Semi-fixed d. Semi-variable

b. Variable

What is the bit size of a RSA? a. Fixed b. Variable c. Semi-fixed d. Semi-variable

b. Variable

The major advantage of a checksum program is that it: a. Adds more bytes to programs b. Verifies integrity of files c. Increases boot-up time d. Misleads a program recompilation

b. Verifies integrity of files

The key length of Secure Hash Algorithm (SHA-1) is which of the following? a. 112 bits b. 128 bits c. 160 bits d. 256 bits

c. 160 bits

A digital certificate is: a. A password-protected file b. An encrypted file c. A password-protected and encrypted file d. A password-protected and modem-protected file

c. A password-protected and encrypted file

A cryptographic module is undergoing testing. Which of the following provides the highest level of testing? a. At the algorithm level b. At the module level c. At the application level d. At the product level

c. At the application level

Public key technology and digital certificates do not provide which of the following security services? a. Authentication b. Non-repudiation c. Availability d. Data integrity

c. Availability

Public-key cryptographic systems are not suitable for which of the following? a. Link encryption b. End-to-end encryption c. Bulk encryption d. Session encryption

c. Bulk encryption

Which of the following symmetric key block cipher algorithms provide authentication services? a. ECB b. CBC c. CBC-MAC d. CFB

c. CBC-MAC

In order for message digests to be effectively used in digital certificates, they must be: a. Access-resistant b. Authorization-resistant c. Collision-resistant d. Attack-resistant

c. Collision-resistant

In the U.S., the Clipper chip is not designed for: a. Telephones b. Facsimiles c. Computer networks d. Low-speed applications

c. Computer networks

Symmetric key algorithms are ideally suited for which of the following? a. Authentication b. Integrity c. Confidentiality d. Non-repudiation

c. Confidentiality

Most cryptographic attacks focus on which of the following? a. Cryptographic keys b. Cryptographic passwords c. Cryptographic parameters d. Cryptographic PINs

c. Cryptographic parameters

Cryptology is defined as which of the following? a. Crypto-algorithm + crypto-operation b. Crypto-period + crypto-security c. Cryptography + cryptanalysis d. Cryptographic authentication + cryptographic key

c. Cryptography + cryptanalysis

Which of the following is good practice for organizations issuing digital certificates? a. Develop a consulting agreement b. Develop an employment agreement c. Develop a subscriber agreement d. Develop a security agreement

c. Develop a subscriber agreement

Which of the following is the best technique to detect duplicate transactions? a. ECDSA and SHA b. ECDSA and SHA-1 c. ECDSA and MID d. ECDSA and MD5

c. ECDSA and MID

When compared to the Rivest, Shamir, Adelman (RSA) algorithm, the Digital Signature Standard (DSS) does not provide: a. Digital signature b. Authentication c. Encryption d. Data integrity

c. Encryption

Which of the following can be used in conjunction with a traffic padding security mechanism? a. Passwords b. Smart tokens c. Encryption d. Memory tokens

c. Encryption

Which of the following statements about encryption is not true? a. Software encryption degrades system performance b. Hardware encryption is faster c. Encryption is a desirable option in a local-area network (LAN) d. Key management is an administrative burden

c. Encryption is a desirable option in a local-area network (LAN)

Which of the following is not a common method of attacking a computer system? a. Password cracking b. Packet sniffing c. Encryption key breaking d. Sendmail

c. Encryption key breaking

Hash-based message authentication code (HMAC) is heavily used in which of the following? a. PPP operations b. SET operations c. IPSEC operations d. PPTP operations

c. IPSEC operations

IPSEC uses which of the following for negotiation to take place? a. Diffie-Hellman exchange b. IPSEC SA c. ISAKMP SA d. RSA exchange

c. ISAKMP SA

Which of the following provides the level of "trust" required for the digital certificates to reliably complete a transaction? a. Certificate policy, CP b. Certification practices statement, CPS c. Identity proofing d. Outsourcing

c. Identity proofing

Which one of the following certificate authorities (CA) is subordinate to another CA and has a CA subordinate to itself? a. Root CA b. Superior CA c. Intermediate CA d. Subordinate CA

c. Intermediate CA

X.509 Version 3 standard, compared to previous versions, provide which of the following? a. Authentication b. Encryption c. Interoperability d. Digital signature

c. Interoperability

Which of the following statements is not true about Secure Sockets Layer (SSL)? a. It uses both symmetric and asymmetric key cryptography b. It is used to perform authentication c. It is a point-to-point protocol d. It is a session-oriented protocol

c. It is a point-to-point protocol

The major requirement for a public key certification authority is that: a. It must be independent b. It must have a proper contract c. It must be trusted d. It must have a good reputation

c. It must be trusted

In cryptographic key management, key zeroization means which of the following? a. Key recovery b. Key re-generation c. Key destruction d. Key correction

c. Key destruction

Which of the following should not be subject to review during a periodic review of a cryptographic system? a. Parameters b. Operation c. Keys d. Controls

c. Keys

Which of the following digital certificate levels provide a stronger identification and authentication? a. Level 1 b. Level 2 c. Level 3 d. Level 4

c. Level 3

Which of the following digital certificate levels provide a photo identification? a. Level 1 b. Level 2 c. Level 3 d. Level 4

c. Level 3

Which of the following are examples of cryptographic hash functions? a. SHA and 3DES b. DES and CBC c. MD5 and SHA-1 d. DAC and MAC

c. MD5 and SHA-1

A hash function is which of the following? a. One-to-one function b. One-to-many function c. Many-to-one function d. Many-to-many function

c. Many-to-one function

Which of the following binds the identity of a user to his public key? a. Private key technology and digital certificates b. Symmetric key technology and digital signatures c. Public key technology and digital certificates d. Cryptographic key technology and electronic signatures

c. Public key technology and digital certificates

Which of the following is true about the Rivest, Shamir, Adelman (RSA) algorithm? a. RSA produces a 160-bit hash b. RSA produces a 128-bit hash c. RSA uses a 512-1024 bit key d. RSA uses an 80-bit key

c. RSA uses a 512-1024 bit key

The National Institute of Standards and Technology (NIST) selected which of the following as the advanced encryption standard (AES)? a. MARS algorithm b. Serpent algorithm c. Rijndael algorithm d. Twofish algorithm

c. Rijndael algorithm

Which one of the following uses a private-key system? a. RSA algorithm b. Knapsack algorithm c. Rijndael algorithm d. El Gamal algorithm

c. Rijndael algorithm

Hash-based message authentication code (HMAC) is which of the following? a. Public key + hash function b. Primary key + hash function c. Secret key + hash function d. Secondary key + hash function

c. Secret key + hash function

Which of the following should be used to prevent an eavesdropping attack from remote access to firewalls? a. File encryption b. Bulk encryption c. Session encryption d. Stream encryption

c. Session encryption

Which one of the following facilitates data/information hiding in computer systems? a. Polygraph b. Holography c. Steganography d. Cryptography

c. Steganography

Which of the following is required to accept digital certificates from multiple vendor certification authorities? a. The application must be PKI-enabled b. The application must be PKI-aware c. The application must use X.509 Version 3 d. The application must use PKI-vendor "plug-ins"

c. The application must use X.509 Version 3

Who is best qualified to evaluate the security of Public Key Infrastructure (PKI) systems and procedures? a. Certification authorities b. Registration authorities c. Third parties d. Subscribers

c. Third parties

The Advanced Encryption Standard (AES) algorithms are: a. Very slow and very strong b. Very fast and very weak c. Very fast and very strong d. Very slow and very weak

c. Very fast and very strong

What is the correct sequence of keys in a triple data encryption standard (3DES) algorithm operating with three keys? a. encrypt-decrypt-encrypt b. decrypt-encrypt-decrypt c. encrypt-encrypt-encrypt d. decrypt-decrypt-decrypt

c. encrypt-encrypt-encrypt

What is the bit size of IDEA? a. 40 b. 56 c. 64 d. 128

d. 128

What is the bit size of a secure hash algorithm (SHA)? a. 40 b. 56 c. 128 d. 160

d. 160

What is the bit size of triple DES with three keys? a. 40 b. 56 c. 128 d. 168

d. 168

The advanced encryption standard (AES) algorithm is currently not capable of using which of the following? a. 128 bits b. 192 bits c. 256 bits d. 320 bits

d. 320 bits

What is the bit size of SKIPJACK? a. 40 b. 56 c. 64 d. 80

d. 80

The key exchange algorithm (KEA) requires which of the following? a. A 256-bit prime modulus b. A 512-bit prime modulus c. A 768-bit prime modulus d. A 1024-bit prime modulus

d. A 1024-bit prime modulus

Which of the following is not a critical component of cryptographic key management system? a. A point-to-point environment b. A key distribution center environment c. A key translation center environment d. A key disclosure center environment

d. A key disclosure center environment

Effective controls to detect attempts to replay an earlier successful authentication exchange do not include: a. A time-stamp b. A sequence number c. An unpredictable value d. A statistical random value

d. A statistical random value

To achieve effective security over transmission, indicate the area where encryption can be applied: a. At packet level b. At record level c. At file level d. At field level

d. At field level

Data encryption standard (DES) cannot provide which of the following security services? a. Encryption b. Access control c. Integrity d. Authentication

d. Authentication

Cryptography provides all of the following services except: a. Authentication b. Confidentiality c. Integrity d. Availability

d. Availability

Which of the following plays a critical role in ensuring the integrity of public keys in the commercial sector PKI? a. Registration authority, RA b. Access Certification for Electronic Services, ACES c. Federal Technology Services, FTS d. Certification authority, CA

d. Certification authority, CA

Criteria for trusting a digital certificate do not depend on which of the following factors? a. Compliance with a X.509 standard b. The strength of the cryptography used c. The identity validation process used d. Compliance with a X.500 standard

d. Compliance with a X.500 standard

Which of the following threats is not addressed by digital signatures and random number challenges? a. Masquerade b. Replay attacks c. Password compromise d. Denial-of-service

d. Denial-of-service

The best technique to thwart network masquerading is through the use of: a. Dial-back technique b. Dial-forward technique c. File encryption only d. Dial-back combined with data encryption

d. Dial-back combined with data encryption

Which of the following will mitigate threat to non-repudiation? a. Secure hashes b. Message digest 4 c. Message digest 5 d. Digital signatures and certificates

d. Digital signatures and certificates

Effective controls to ensure data integrity of messages does not include: a. Encryption algorithms b. Hashing algorithms c. File seals d. File labels

d. File labels

IDEA is which of the following? a. It is asymmetric and uses a 128-bit key b. It is symmetric and uses a 56-bit key c. It is asymmetric and uses a 160-bit key d. It is symmetric and uses a 128-bit key

d. It is symmetric and uses a 128-bit key

Which of the following is not true about the Encapsulating Security Payload (ESP) of the IPSEC protocol? a. It protects replay attacks b. It protects integrity c. It protects confidentiality d. It protects the IP header

d. It protects the IP header

Which of the following is a hash algorithm? a. DES b. IDEA c. 3DES d. MD5

d. MD5

Which of the following encryption schemes is more secure? a. Encrypting once with the same key b. Encrypting twice with the same key c. Encrypting twice with two keys d. Multiple encryption

d. Multiple encryption

The Secure Sockets Layer (SSL) transport protocol provides all of the following services except: a. Mutual authentication b. Message privacy c. Message integrity d. Mutual handshake

d. Mutual handshake

Which of the following is used to encrypt IP packets? a. PPTP b. HTTP c. IPSEC d. PPP

d. PPP

Which of the following is an example of public-key cryptographic systems? a. MAC and DAC b. DES and 3DES c. RSA and IDEA d. RSA and DSS

d. RSA and DSS

Which of the following features of Secure HyperText Transfer Protocol (SHTTP) achieves higher levels of protection? a. Freshness feature b. Algorithm independence feature c. Syntax compatibility feature d. Recursive feature

d. Recursive feature

Which of the following is implemented in the Version 3 of X.509 protocol? a. SSL b. Regular MIME c. SHA d. S/MIME

d. S/MIME

Message digests use which of the following algorithms? a. SSL and MD4 b. DES and RC4 c. IDEA and RC4 d. SHA-1 and MD5

d. SHA-1 and MD5

Which of the following is not part of PKI data structures? a. Public key certificate b. Certificate revocation lists c. Attribute certificate d. Subject certificate

d. Subject certificate

Which of the following is not usually seen on a digital certificate? a. The owner name b. The public key c. The effective dates for keys d. The insurance company name

d. The insurance company name

What is the major purpose of a digital certificate? a. To achieve availability goal b. To maintain more information on the certificate c. To verify the certificate authority d. To establish user authentication

d. To establish user authentication

IPSEC protocols use which of the following modes? a. Main mode and aggressive mode b. Quick mode and informational mode c. State mode and user mode d. Transport mode and tunnel mode

d. Transport mode and tunnel mode

Which of the following provides a unique user ID for a digital certificate? a. User name b. User organization c. User e-mail d. User message digest

d. User message digest

The least powerful method of protecting confidential data or program files is by: a. Scrambling the data b. Encoding the data before transmission c. Decoding the data after transmission d. Using passwords and other identification codes

d. Using passwords and other identification codes

Digital certificates are defined by which of the following International Telecommunications Union (ITU) standards? a. X.400 b. X.25 c. X.12 d. X.509

d. X.509


Set pelajaran terkait

8 ; An economic analysis of financial structure

View Set

Psychology: Chapter 4 (State of Consciousness) Quiz

View Set

Bellringers: Chapter 1 Intro to Human Anatomy & Physiology

View Set

final exam west virginia life only

View Set

Maternal Child Nursing Rasmussen Module 2 NCLEX Prep

View Set