IS 477
Abram was asked to explain to one of his coworkers the XOR cipher. He showed his coworker an example of adding two bits, 1 and 1. What is the result of this sum?
0
Which of these is the strongest symmetric cryptographic algorithm?
Advanced Encryption Standard
Which digital certificate displays the name of the entity behind the website?
Extended Validation (EV) Certificate
Which of these has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?
Hardware Security Module (HSM)
Which statement is NOT true regarding hierarchical trust models?
It is designed for use on a large scale.
_____ performs a real-time lookup of a digital certificate's status.
Online Certificate Status Protocol (OCSP)
Alexei was given a key to a substitution cipher. The key showed that the entire alphabet was rotated 13 steps. What type of cipher is this?
ROT13
What is the latest version of the Secure Hash Algorithm?
SHA-3
Which of the following is NOT a method for strengthening a key?
Variability
Which of these is NOT part of the certificate life cycle?
authorization
A(n) _____ is a published set of rules that govern the operation of a PKI.
certificate policy (CP)
Alyosha was explaining to a friend the importance of protecting a cryptographic key from cryptoanalysis. He said that the key should not relate in a simple way to the cipher text. Which protection is Alyosha describing?
confusion
A(n) _____ is not decrypted but is only used for comparison purposes.
digest
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
digital certificate
The Hashed Message Authentication Code (HMAC) _____.
encrypts the key and the message
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message?
Alice's public key
Which trust model has multiple CAs, one of which acts as a facilitator?
Bridge
An entity that issues digital certificates is a _____.
Certificate Authority (CA)
A centralized directory of digital certificates is called a(n) _____.
Certificate Repository (CR)
Which of the following block ciphers XORs each block of plaintext with the previous block of ciphertext before being encrypted?
Cipher Block Chaining (CBC)
Which of these is NOT a characteristic of a secure hash algorithm?
Collisions should be rare.
What entity calls in crypto modules to perform cryptographic tasks?
Crypto service provider
Which of the following key exchanges uses the same keys each time?
Diffie-Hellman (DH)
At a staff meeting one of the technicians suggested that the enterprise protect its new web server by hiding it and not telling anyone where it is located. Iosif raised his hand and said that security through obscurity was a poor idea. Why did he say that?
It depends too heavily upon non-repudiation in order for it to succeed.
What is a characteristic of the Trusted Platform Module (TPM)?
It provides cryptographic services in hardware instead of software
_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.
Key escrow
Illya was asked to recommend the most secure asymmetric cryptographic algorithm to his supervisor. Which of the following did he choose?
RSA
_____ is a protocol for securely accessing a remote computer.
Secure Shell (SSH)
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
Session keys
Which of these is considered the strongest cryptographic transport protocol?
TLS v1.2
Which areas of a file cannot be used by steganography to hide data?
in the directory structure of the file system
Public key infrastructure (PKI) _____.
is the management of digital certificates
Proving that a user sent an email message is known as _____.
non-repudiation
Public key systems that generate random public keys that are different for each session are called _____.
perfect forward secrecy
What is data called that is to be encrypted by inputting it into a cryptographic algorithm?
plaintext
Which of these is NOT a basic security protection for information that cryptography can provide?
risk loss
What is a value that can be used to ensure that hashed plaintext will not consistently result in the same digest?
salt
A digital certificate associates _____.
the user's identity with his public key
Digital certificates can be used for each of these EXCEPT _____.
to verify the authenticity of the Registration Authorizer
Egor wanted to use a digital signature. Which of the following benefits will the digital signature not provide?
verify the receiver
