CS-4451 Quiz 07 - Public key Infrastructure and Cryptographic Protocols Study Questions

Star Technology is working on a project that needs a communication mode specializing in encryption, where only authorized parties should understand the information. The company also requires accuracy, completeness, and reliability of data throughout the project. The company has contacted you for an ideal cipher mode solution without using a counter. Which mode should you suggest?

CBC Reason - Cipher block chaining (CBC) is an encryption process that depends on not only the plaintext and the key but also on the previous ciphertext block, making it difficult to break.

A company has multiple CAs and intermediate CAs issuing digital certificates in different departments, with no one cross-checking their work. Which PKI trust model should the company use?

Distributed trust model Reason - The distributed trust model assigns multiple CAs that sign digital certificates. CAs can delegate authority to other intermediate CAs to issue the digital certificates. No CA is appointed to cross-check the work done by other CAs.

Under which of the following modes does the ciphertext depend only on the plaintext and the key, independent of the previous ciphertext blocks?

ECB Reason - Under electronic code book (ECB) mode, the plaintext is divided into blocks, and each block is encrypted separately. Here, the ciphertext depends only upon the plaintext and the key.

Which of the following protocols are used to secure HTTP?

TLS and SSL Reason - Transport layer security (TLS) and the older secure sockets layer (SSL) are used to secure hypertext transport protocol (HTTP) communications between a browser and a web server.

Which of following is a characteristic of electronic code book (ECB) mode?

Two identical plaintext blocks are encrypted into two identical ciphertext blocks, making them susceptible to attacks. Reason - In electronic code book (ECB) mode, two identical plaintext blocks are encrypted into identical ciphertext blocks, making it susceptible to attacks.

Which of the following provides confidentiality services?

Unauthentication mode Reason - Unauthentication mode provides services such as confidentiality.

Which of the following is a standard format for digital certificates?

X.509 Reason - The X.509 is the standard format for digital certificates introduced more than 20 years ago and was adapted for internet use. The current version is version 3.

Jane, an IT security expert whose services are sought by XYZ Company, has recommended implementing CTR mode in the network. What is one requirement that needs to be fulfilled for computers to communicate when the CTR mode is implemented?

Both sender and receiver should have access to a counter. Reason - Both the message sender and receiver have access to a synchronous counter, which computes a new value each time a ciphertext block is exchanged.

Sigma Technology is a company based in Singapore, with branches in 24 countries. It needs multiple CAs in different locations to verify and sign digital certificates for the company. They are looking for an option where, even in the absence of a CA, other CAs can issue the certificates. Additionally, they are also looking for CAs who will overlook other CAs in different locations. In such a scenario, which PKI trust model should they use?

Bridge trust mode Reason - The bridge trust mode involves multiple CAs who issue digital certificates and has one CA who acts as a facilitator to interconnect all other CAs. Thus, this accurately fits the company's needs.

Which of the following is a combination of encryption, authentication, and MAC algorithms, like a collection of instructions on securing a network?

Cipher suite Reason - Cipher suite is a named combination of the encryption, authentication, and message authentication code (MAC) algorithms.

Malik and Chris are shopping for shoes on an e-commerce website and need to enter their credit card details. Which of the following can assure them that they are using the retailer's authentic website and not an imposter's look-alike site that will steal their credit card details?

Digital certificate Reason - Digital certificates are electronic credentials that bind the certificate owner's identity to a pair of electronic encryption keys, one public and one private, that can be used to encrypt and sign information digitally. This technology can assure them that the site is safe, as it is signed by a trusted third party.

John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message's sender is, in fact, John?

Digital certificate Reason - Digital certificates help in associating a person with their public key. These are signed by a trusted third party like a CA who verifies the certificates' owner's identity.

Which of the following is a process where a private key is split into two halves, encrypted, and stored separately for future use?

Escrow Reason - Escrow is a process in which keys are managed by a trusted third party. The private key is split into two halves, encrypted, and stored in a separate location. A user can retrieve the two halves, combine them, and use this copy of the private key for decryption.

You have been asked to implement a block cipher mode of operation that requires both the sender and receiver of the message to have access to a synchronous counter that adds an AAD to the transmission. Which operating block cipher mode should you use?

GCM Reason - Galois/counter mode (GCM) both encrypts plaintext and computes a message authentication code (MAC) using a synchronous counter. It adds a plaintext string called additional authentication data (AAD) to the transmission, which may contain the addresses and parameters of a network protocol that is being used.

Which of the following protocols is embedded in a computer's operating system or communication hardware to secure internet communications?

IPsec Reason - Internet protocol security (IPsec) is embedded in the operating system or communication hardware of a system. IPsec is more likely to operate faster because it can cooperate closely with other system programs and hardware.

XYZ University wants to set up a VPN network to connect to the internet and ensure that all their data is safe. They have asked you to recommend the correct communication protocol to use. Which of the following protocols should you recommend and why?

IPsec, because it authenticates that the packets received were sent from the source and ensures that no other party can view the contents. It manages the keys to ensure that they are not intercepted or used by unauthorized parties. Reason - IPsec authenticates the packets and ensures that no specific attacks took place to alter the packet's contents. Additionally, it maintains confidentiality and manages the keys.

Which of the following is a process where a key is divided into a specific number of parts and distributed to multiple people, with some of them having the same parts of the key?

M-of-N control Reason - M-of-N control is a recovery process in which the key is divided into a specific number of parts and distributed to multiple people, known as the N group, with some of them having the same parts of the key. While recovering the key, a smaller subset of the group, known as the M group, must meet and agree that the key should be recovered. If a majority of the M group can agree, they can then piece the key together.

Alliance Consulting, a company based in France, is shutting down. Louis, the owner of the company, applied to revoke his digital certificate. He is very busy with the other details of shutting the company down and needs to be able to check the certificate's status quickly and easily. Which of the following will help him get a real-time lookup of the certificate's status?

OCSP Reason - Online certificate status protocol (OCSP), a request-response protocol, performs a real-time lookup of a certificate's status. The revocation status is reflected within almost 10 minutes.

Which of the following is defined as a structure for governing all the elements involved in digital certificate management?

PKI Reason - Public key infrastructure (PKI) is an underlying infrastructure for key management of public keys and digital certificates governing all the elements involved in the digital certificate management-including hardware, software, people, policies, and procedures-to create, store, distribute, and revoke digital certificates. PKI is digital certificate management.

Fatima is responsible for conducting business transactions for XYZ Company, and she only had the stored private key. She is on leave and currently unavailable, and the organization needs to complete an urgent business transaction. Which of the following methods should enable the organization to access Fatima's private key and digital certificate?

Recovery Reason - Recovery is a system that allows a digital certificate with its private key to be recovered in the absence of the user. This is done by a key recovery agent (KRA), a highly trusted person assigned to recovering lost or damaged digital certificates by CA systems.

Which of the following digital certificates are self-signed and do not depend on the higher-level certificate authority (CA) for authentication?

Root digital certificates Reason - Root digital certificates are created and verified by a CA. Since a CA has no higher-level authority, root digital certificates are self-signed and do not depend on higher-level authority for authentication.

Sarah needs to send an email with important documents to her client. Which of the following protocols ensures that the email is secure?

S/MIME Reason - Secure/multipurpose internet mail extensions (S/MIME) is a protocol for securing email messages. It allows users to send encrypted messages that are also digitally signed.

Which of the following is a Linux/UNIX-based command interface and protocol?

SSH Reason - Secure shell (SSH) is a Linux/UNIX-based command interface and protocol for securely accessing a remote computer.

Which of the following protocols can be used as a tool for secure network backups?

SSH Reason - Secure shell (SSH) is a Linux/UNIX-based command interface and protocol for securely accessing a remote computer. It can be used as a tool for secure network backups.

Amtel University decides to keep a record of their student data in a backup server. The administrator contacts you to identify the right command interface protocol to be used in this. Which command interface protocol should you advise?

SSH Reason - Secure shell (SSH) is an encrypted alternative to the Telnet protocol used to access remote computers. SSH is a Linux/UNIX-based command interface and protocol for securely accessing a remote computer. SSH can be used as a tool for secure network backups.

Which of the following is the earliest and most general cryptographic protocol?

SSL Reason - Secure sockets layer (SSL) is the earliest and most widespread cryptographic protocol developed by Netscape in 1994 in response to the growing concern over internet security.

During an investigation, it was found that an attacker did the following: Intercepted the request from the user to the server and established an HTTPS connection between the attacker's computer and the server while having an unsecured HTTP connection with the user. This gave the attacker complete control over the secure webpage. Which protocol helped facilitate this attack?

SSL Reason - Secure sockets layer (SSL) is used to create an encrypted data path between a client and a server, which is vulnerable to attacks. The user's browser sends an unsecured HTTP request to the webserver. The server responds via HTTP and redirects the browser to a secure page, instructing it to use the secure protocol HTTPS. The user's browser then sends a secure HTTPS request, and the secure session begins.

Which of the following terms best describes the process in which a user believes that the browser connection they are using is secure and the data sent is encrypted when in reality, the connection is insecure, and the data is sent in plaintext?

SSL stripping Reason - SSL stripping refers to a process in which a threat actor intercepts a request from the user to the server by establishing an HTTPS connection between themselves and the server. While having an unsecured HTTP connection with the user, the threat actors gain complete control over the secure webpage, and the user's responses are sent to the attacker in plaintext.

Robert has two cryptographic keys, and he needs to determine which of them is less prone to being attacked. The cryptoperiod is limited and equal for both the keys. The first key has a length of 2 and uses 16 characters, while the other key has a length of 3 and uses 15 characters. Which of the following is the best conclusion for Robert to come to?

The second key is more secure than the first key. Reason - The second key is more secure than the first key since its key space is more than the first key's (16^2 < 15^3).

Samira is developing a virtual private chat application for ABC Consulting. The following are requirements provided by the organization while making the application: 1. All the communications should happen within the same network, host-to-host. 2. The information shared through this app should be kept confidential. Hence, the whole IP packet should be encrypted, giving access to only authorized personnel. 3. There should be a private network for host-to-host communication Which of the following modes should Sara consider for encryption in this project?

Tunnel mode Reason - Tunnel mode encrypts the whole IP packet, including the header and the data portion. It also enables host-to-host communication. Hence, this is the best encryption mode to use.