Ethical Hacker Ch15
Which of the follow is a characteristic of Elliptic Curve Cryptography (ECC)?
Is suitable for small amounts of data and small devices, such as smartphones.
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which of the following cryptographic keys would Mary use to create the digital signature?
Mary's private key
Which of the following is an entity that accepts and validates information contained within a request for a certificate?
Registration authority
Which of the following is the most frequently used symmetric key stream cipher?
Ron's Cipher v4 (RC4)
Bob encrypts a message using a key and sends it to Alice. Alice decrypts the message using the same key. Which of the following types of encryption keys is being used?
Symmetric
Which of the following forms of cryptography is best suited for bulk encryption because of its speed?
Symmetric cryptography
Which of the following best explains why brute force attacks are always successful?
They test every possible valid combination.
Which of the following is the number of keys used in asymmetric (public key) encryption?
Two
Which of the following is a characteristic of Triple DES (3DES)?
Uses a 168-bit key
Which of the following uses on-the-fly encryption, meaning the data is automatically encrypted immediately before it is saved and decrypted immediately after it is loaded?
VeraCrypt
Which of the following terms is the encrypted form of a message that is unreadable except to its intended recipient?
ciphertext
Which of the following describes a PKI?
A security architecture that ensures data connections between entities are validated and secure.
Which of the following cryptography attacks is characterized by the attacker making a series of interactive queries and choosing subsequent plain texts based on the information from the previous encryption?
Adaptive chosen plain text
Which of the following is considered an out-of-band distribution method for private key encryption?
Copying the key to a USB drive.
Kathy doesn't want to purchase a digital certificate from a public certificate authority, but needs to establish a PKI in her local network. Which of the follow actions should she take?
Create a local CA and generate a self-signed certificate.
Which of the following cryptographic algorithms is used in asymmetric encryption?
Diffie-Hellman
Which of the following encryption tools would prevent a user from reading a file that they did not create and does not require you to encrypt an entire drive?
EFS
Robert, an IT administrator, is working for a newly formed company. He needs a digital certificate to send and receive data securely in a Public Key Infrastructure (PKI). Which of the following requests should he submit?
He must send identifying data with his certificate request to a registration authority (RA).
Which type of cryptanalysis method is based on substitution-permutation networks?
Integral
Which of the following best describes a certificate authority (CA)?
An entity that issues digital certificates.
Which of the following is the number of keys used in symmetric encryption?
One
Mary is using asymmetric cryptography to send a message to Sam so that only Sam can read it. Which of the following keys should she use to encrypt the message?
Sam's public key
Donna is configuring the encryption settings on her email server. She is given a choice of encryption protocols and has been instructed to use the protocol that has the most improvements. Which of the following cryptographic protocols should she choose?
TLS
Alan wants to implement a security tool that protects the entire contents of a hard drive and prevents access even if the drive is moved to another system. Which of the following tools should he choose?
BitLocker
You work for a company that is implementing symmetric cryptography to process payment applications such as card transactions where personally identifiable information (PII) needs to be protected to prevent identity theft or fraudulent charges. Which of the following algorithm types would be best for transmitting large amounts of data?
Block
Which of the following cryptography attacks is characterized by the attacker having access to both the plain text and the resulting ciphertext, but does not allow the attacker to choose the plain text?
Known plain text
Which of the following is an open-source cryptography toolkit that implements SSL and TLS network protocols and the related cryptography standards required by them?
OpenSSL
Which of the following best describes a feature of symmetric encryption?
Uses only one key to encrypt and decrypt data.
Which of the following is a characteristic of the Advanced Encryption Standard (AES) symmetric block cipher?
Uses the Rijndael block cipher.
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plain text to see the resulting ciphertext. Which of the following cryptographic attacks is being used?
Chosen plain text
Above all else, which of the following must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Private keys
