knowledge check
The Counter (CTR) block cipher mode converts the block cipher into a stream cipher. True False
True
The standard hash function works by taking a _______ input and producing a ______output. fixed, variable variable, variable variable, fixed fixed, fixed
variable, fixed The hash function works by taking an input of any length and and producing a fixed length output. The size of the output will be in line with the specific hash algorithm's characteristics.
LDAP is based on what standard? x.500 FIPS 180 RFC1321 x.509
x.500
Given the two sets (Set A and Set B) of objects below, select the true statement from the list below that represents: A — {ball, frisbee, kite} B — {kite, racket, rope} {kite} {ball, frisbee, kite, racket, rope } {ball, frisbee, racket, rope} {C}
{kite} In set theory, the ∩ represents intersection, or objects that belong to both sets being compared. kite is the only object that intersects both sets.
AES is capable of operating with keys of varying sizes. Which key sizes from the list below is AES capable of using? Select 3. 64 128 256 192
128 256 192 AES (128, 192 or 256-bit key size, 128-bit block size).
SHA-1 produces a ____-bit hash value. 256 128 160 64
160
Which symmetric block cipher uses a 112-bit key and 64-bit blocks? RC2 3DES RC4 AES
3DES Key attributes of 3DES include 64-bit blocks, 112-bit key size, and 48 rounds,
Modulus Operator Math. Solve the following: 12 (mod 5) =
2 The mod operator provides the remainder of an integer divide. For example for 31 divided by 8 gives the result of 3 remainder 7. Thus 31 (mod 8) equals 7
RC5 is capable of operating with blocks of varying sizes. Which block sizes from the list below can RC5 use? Select 3. 32 128 64 192
32 128 64
Asymmetric key encryption makes use of two keys and symmetric key encryption makes use of a single key. True False
True
Which of the choices below represent hash values SHA-2 is capable of producing? Select all that apply. 384-bit 256-bit 128-bit 512-bit
384-bit 256-bit 512-bit
In the Cisco environment, passwords hashed with the Type 5 method have a hash value of how many bits? None 128 512 256
128
MD4 produces a _____-bit hash value. 40 128 64 256
128
If you are sending an encrypted message to a colleague using secret-key (symmetric) cryptography, of the choices below, (1) which key would you use to encrypt the message, and (2) which key would your colleague use to decrypt the message? (1) your colleague's public key, (2) your colleague's private key (1) your public key, (2) your private key (1) your public key, (2) your colleague's public key (1) your secret key, (2) your secret key
(1) your secret key, (2) your secret key Secret-key or Symmetric-key cryptography involves use of a single secret key to both encrypt and decrypt. SO the same key used to encrypt the data must be also be used to decrypt it.
Apply binary XOR to find the output string for the following: 10011011 11111110 11111111 00000000 01100101 10011010
01100101 With XOR, one but not both of the numbers you are XORing must be 1 for your answer to be 1.
How many rounds does AES use? 16 10, 12, or 14 8, 10, or 12 2
10, 12, or 14
Steve is shopping for a symmetric encryption solution with a minimum 128-bit key size. Of the choices below, which would meet his criteria? Select two. DES AES IDEA Skipjack
AES IDEA Both IDEA and AES would meet Steve's needs. IDEA has a 128-bit key size, and AES has a variable key size of 128, 192, or 256 bits. DES has a key size of only 56 bits and Skipjack has a key size of 80 bits.
Modulo-2 multiplication operations is equivalent to logical ____ operations. AND XOR OR
AND
From the list below, which choices are most in line with the the purpose of hashing. Select two. Allows you to check whether a file has been changed Protect confidentiality Allows you to check whether a file has been viewed Protect integrity
Allows you to check whether a file has been changed Protect integrity
Which cipher makes use of a grid which maps letters into numeric values as part of the encryption process? Caesar Playfair BIFID ADFGVX
BIFID The BIFID cipher uses a grid and was invented by Felix Delastelle in 1901. In its simplest form it creates a grid and which maps the letters into numeric values.
______ is a hash generator option for passwords that uses salt to create a non-recurrent hash. Arcsight Ha$her Noesis Bcrypt
Bcrypt Bcrypt is a more powerful hash generator for passwords and uses salt to create a non-recurrent hash. It was designed by Niels Provos and David Mazieres, and is based on the Blowfish cipher.
Which computing architecture type stores the most significant byte in the lowest memory address? Big Endian Little Endian Fixed Architecture MSB
Big Endian Memories store data in bytes, and where each byte has a unique memory location. The order that the byte values are stored depends on the computer architecture type. With Big Endian, the most significant byte is stored in the lowest memory address.
An improvement over the ECB block cipher mode is to use ____ which entails incorporating an initialization vector for the first block, and then using the results from the previous block to encrypt the current block. DSA SHA CTR CBC
CBC Cipher Block Chaining (CBC) uses the IV for the first block, and then the results from the previous block is used to encrypt the current block. The IV value is used in the first block, and must be passed from the sender to the receiver or it will not be possible to decrypt the first and, thus, the subsequent blocks.
From the list below, select the block cipher mode that converts the block cipher into a self-synchronizing stream cipher? ECC CFB ECB RSA
CFB
Which block cipher mode is depicted below? CTR CFB ECB OFB
CFB CFB takes output of the XOR process vs from the cipher stage of the previous block (difference between CFB and OFB).
Shawn plans to employ the symmetric block cipher AES for his encryption needs, but is interested in having the speed of operation that stream-based ciphers offer. In selecting the block cipher mode for his AES implementation, which of the below options should he consider? Select all that apply. CFB CTR OFB ECB
CFB OFB Cipher feedback (CFB), Output feedback (OFB), and Counter (CTR) are the block cipher modes from the list that have capability to operate similar to how synchronous stream ciphers operate.
From the list of symmetric block cipher modes below, which would facilitate parallel processing of blocks? Select all that apply. CTR CFB OFB CBC
CTR The advantage of CTR operation is that each block is processed independent of the others, facilitating ability to conduct parallel processing of blocks. i.e. feedback from other stages to feed into the current one is not required. CBC, OFB, and CFB all require input from previous block stages to process the current block.
Select the stream ciphers from the list below. Select all that apply. RC2 ChaCha RC4 IDEA
ChaCha RC4
From the choices below, select the mechanisms that can be used to provide error detection in binary data to support the integrity pillar of the CIA triad. Select all that apply. Checksum Padding Cyclic Redundancy Check (CRC) Initialization vector
Checksum Cyclic Redundancy Check (CRC) Along with keeping things secret, and in proving the identity of an entity, we also need to integrate integrity, where we can prove that something has not been changed. A simple method of doing this is to add a checksum, in order to detect errors in the binary digits. CRC (Cyclic Redundancy Check) is one of the most reliable error detection schemes and can detect up to 95.5% of all errors.
An instance where two different pieces of data are hashed separately, but both result in a single identical hash value is described by what term? Null Value Avalanche Digest Collision
Collision
Of the choices below, which employs 64-bit block sizes and a 56-bit key size? DES AES Twofish Skipjack
DES Characteristics of DES include 64-bit block size and 64-bit key (but where only 56-bits were actually used for the key, as the other eight bits are used as parity bits), and 16 rounds.
Within ASCII encoding, characters are mapped to what type of values? Select all that apply. UTF-8 Decimal Hex Binary
Decimal Hex Binary Within ASCII coding, we map printable characters, such as 'a', and 'b', to decimal, binary and hexadecimal values:
What method was developed to facilitate key exchange using a one-way function? PRNG Method Clipper Chip Method Escrow method Diffie-Hellman method
Diffie-Hellman method Diffie, Hellman and Merkle then created a method for key exchange using a one-way function, and which was named the Diffie-Hellman method.
A major disadvantage associated with symmetric encryption centers around the need to do what? Manage the public key Manage the key pair Exchange the public key Exchange the secret key
Exchange the secret key Symmetric encryption uses a single secret key for both encryption and decryption. So one obstacle that exists is determining how to pass the key to between parties.
______ is the standard for SHA-3, Permutation-Based Hash and Extendable-Output Functions, and provides revision to the Applicability Clause of the Secure Hash Standard. FIPS 180-4 FIPS 140-2 FIPS 202 RFC1321
FIPS 202 FIPS 202 is the standard for SHA-3, Permutation-Based Hash and Extendable-Output Functions and provides revision to the Applicability Clause of FIPS 180-4, Secure Hash Standard.
FIPS 140-4 is the Secure Hash Standard. True False
False FIPS 180-4 is the Secure Hash Standard.
The major improvement NTLM provides over LM is the incorporation of salt to increase security of hashes. True False
False NT LAN Manager (NTLM) is used in more modern Microsoft Windows systems (Windows XP, Windows Visa, Windows 7 and Windows NT). Rather than using DES it relies on the MD4 hashing algorithm with a series of mathematical calculations. MD4 supports both upper and lower case letters, and does not split the passwords in chunks. Unfortunately, as with LM Hash, it does not use salt.
ASCII utilizes 8-bit values and supports up to 65,536 characters. True False
False On a computer system, code and data are represented as binary, but humans find it difficult to deal with binary formats, so other formats are used to represent binary values. Two typical formats used to represent characters are ASCII and UTF-16. With ASCII we have 8-bit values and it can thus supports up to 256 different characters. UTF-16 extends the characters to 16-bit values, and thus gives a total of 65,536 characters.
RC4 is an a symmetric block cipher commonly used with SSL and WEP. True False
False RC4 is commonly used with SSL and WEP, but it is a symmetric stream cipher.
From the list below, which is used for performing full disk encryption? Flip FileVault aescrypt BitBlockerX
FileVault FileVault is the name apple uses for their full disk encryption technology.
The ____ cipher adds complexity to employing grids for enciphering text by using four 5 by 5 matrices arranged in a square where each matrix contains 25 letters. ADFGVX Five-by-Five Cipher Four-square cipher BIFID
Four-square cipher We can make the grids more complex, such as with the four-square cipher. This method uses four 5 5 matrices arranged in a square, are where each matrix contains 25 letters. The upper-left and lower-right matrices are the "plaintext squares" and each contains a standard alphabet. The upper-right and lower-left squares are the "ciphertext squares" and have a mixture of characters.
What cipher uses a 26-character key mapping and converts a plaintext input to fixed length chunks of Morse Code used to derive ciphertext letters? Morse Code Cipher Suite Hashed Morse Code Fractioned Morse Cipher Block Morse Cipher
Fractioned Morse Cipher Fractionated Morse Cipher uses a 26 character key mapping and converts a plaintext input to Morse code. It then converts this into fixed-length chunks of Morse code, which are then converted into ciphertext letters. In converting the plaintext to Morse code, it uses 'x's between characters and 'xx' between words.
_____ is the largest positive integer that divides into two numbers without a remainder. AND GCD MOD OTP
GCD GCD is known as the greatest common divisor, or greatest common factor (gcf), and is the largest positive integer that divides into two numbers without a remainder.
What type of code aims to overcome the ease at which letter and symbol probability in ciphertext can be analyzed, by varying the number of codes mapped to each character? Pseudo code Homophonic substitution code Differential substitution code Source Code
Homophonic substitution code Cipher codes can often be analyzed using the probability of the letters/ symbols in the ciphertext. A homophonic substitution code aims to overcomes this problem, as it varies the number of codes assigned to each character, and relates this to the probability of the characters. For example the character 'e' might have 12 codes assigned to it, but 'z' would only have one.
Select the block ciphers from the list below. Select all that apply. IDEA RC5 Blowfish ChaCha
IDEA RC5 Blowfish
Output Feedback (OFB) creates a synchronous stream output. True False
True
When setting up the table for use with the Playfair cipher, you should ensure no letters are repeated and also be sure to omit which letter from the matrix? J A None, all 26 letters must be included Z
J The Playfair cipher was created by Charles Wheatstone, but was made famous by Lord Playfair. Initally a grid is created with a secret phrase. Next we write out the 5 5 matrix, but do not repeat characters (and get rid of 'J')
________ published the first successful attack against the Vigenère cipher in 1863. Bellaso Kerckhoff Kramer Kasiski
Kasiski The Vigenère method though, was cracked by Major Friedrich Wilhelm Kasiski, a German infantry officer. He was the first to propose a method of attacking polyalphabetic substitution ciphers, and, in 1863, published a 95-page book on cryptography: Die Geheimschriften und die Dechiffrir-Kunst "Secret writing and the Art of Deciphering".
_____ won the NIST hash function competition, and is proposed as the SHA-3 standard. MD-7 SHA-MAX Skein Keccak
Keccak Keccak won the NIST hash function competition, and is proposed as the SHA-3 standard.
Scrambled alphabet cipher schemes are easy to implement, but also easy to break mainly via observation of what? Key size Easily identifiable symbols Letter and word frequency Common images
Letter and word frequency Letter or word frequency and patterns make cracking these types of schemes relatively simple by using frequency analysis.
Which computing architecture type stores the least significant byte in the lowest memory address? Fixed Architecture MSB Little Endian Most Significant Bit
Little Endian Memories store data in bytes, and where each byte has a unique memory location. The order that the byte values are stored depends on the computer architecture type. With Little Endian, the least significant byte is stored in the lowest memory address.
______ is an encoding method that works by translating characters into sequences of dots and dashes. Cryptanalysis Dot encryption Cryptography Morse Code
Morse Code Morse code is an encoding method, rather than a cipher, that works by translating characters into sequences of dots (.) and dashes (-). When transmitted as a sound pattern the dash lasts around three times longer than a dot, and with a longer delay between words as there is between letters. The code was designed so that each of the characters varies in length approximately with the occurrence of the letter in common English.
With ___ block cipher mode operation, first the data blocks are XOR'd with the encrypted version of the initialization vector. Following that, the output of the first stage encryption is fed into the next stage, and encrypted, with the output being XOR'ed with the second block. ECB CTR OFB
OFB In the Output Feedback (OFB) method, the first stage takes the data blocks and X-OR's with the encrypted version of the IV value. The output of the first stage encryption is then feed into the next stage, and encrypted, with the output being X-OR'ed with the second block.
Which block cipher mode is depicted below? OFB ECB CTR CFB
OFB Takes output from the cipher stage vs the output of the XOR process of the previous block (difference between CFB and OFB). The first stage takes the data blocks and X-OR's with the encrypted version of the IV value. The output of the first stage encryption is then feed into the next stage, and encrypted, with the output being X-OR'ed with the second block.
What is the difference between OFB and CFB with regard to the output from a previous block fed into the cipher stage of the current block? CFB current block takes the plaintext of the previous block as an input while OFB current block takes the output of the XOR process of the previous block. OFB current block takes the output from the cipher stage of the previous block while CFB current block takes the output of the XOR process of the previous block. OFB current block takes the plaintext of the previous block as an input while CFB current block takes the output of the XOR process of the previous block. CFB current block takes the output from the cipher stage of the previous block while OFB current block takes the output of the XOR process of the previous block.
OFB current block takes the output from the cipher stage of the previous block while CFB current block takes the output of the XOR process of the previous block.
What describes a cipher code mapping used only once and then discarded essentially making it uncrackable? Secret key Private key One-time pad Initialization vector
One-time pad If we want an uncrackable cipher, we must use a one-time pad, and which is a cipher code mapping that is used only once.
TrueCrypt is a software program that creates an encrypted file on your computer and lets you access the encrypted file using a drive letter. What is used to generate the salted key used with TrueCrypt? Bcrypt Bitlocker veracrypt PBKDF2
PBKDF2 In TrueCrypt, which encrypts file systems, we use PBKDF2 to generate the key (with salt) and which will decrypt the header, and reveal the keys which have been used to encrypt the disk (using AES, 3DES or Twofish).
____ is a Key Derivation Function defined in RFC 2898 that generates a salted hash. It is often used to create an encryption key from a defined password, and where it is not possible to reverse the password from the hashed value. PBKDF2 ccCrypt2 ECC Scrypt
PBKDF2 PBKDF2 (Password-Based Key Derivation Function 2) is defined in RFC 2898 and generates a salted hash. Often this is used to create an encryption key from a defined password, and where it is not possible to reverse the password from the hashed value. It is used in TrueCrypt to generate the key required to read the header information of an encrypted drive, and which stores the encryption keys.
Since block ciphers operate using fixed sized blocks, instances where data involved does not fit perfectly in a given block occurs. This opens the door for attackers to analyze blocks for patterns which can ultimately lead to a compromise. What is a common method used with block ciphers to counter this? Salting Hashing Padding Whitening
Padding One of the simplest methods is to just pad it with NULL characters (ASCII zero values) so that it fills the last block.
Which cipher from the list below uses graphical characters such as symbols of some sort for mapping vs mapping to alphabetic characters? Caesar ROT-13 Atbash Pigpen Cipher
Pigpen Cipher Using a graphical method can make things easy to remember as the human eye often finds it easier to map letters of one alphabet to graphical characters than to map letters of an alphabet to alphabetic ones. The Pigpen cipher is a good example of this and uses a mono-alphabet substitution method.
A ___ attack on a hash can take advantage of similar content, or instances where part of the message has some significance to the original, and generates the same hash signature. Dictionary Pre-image Collision Full context
Pre-image • Similar context. This is where part of the message has some significance to the original, and generates the same hash signature. This is defined as a Pre-image attack. • Full context. This is where an alternative message is created with the same hash signature, and has a direct relation to the original message. This is an extension to a Pre-image attack.
Which type of random number generator would be the best choice if you were looking for fast speed? Pseudo-random number generator (PRNG) Deterministic random number generator (DRNG) Periodic random number generator (PRNG) True random number generator (TRNG)
Pseudo-random number generator (PRNG) Fast speed is a characteristic of PRNGs. TRNGs are known to be comparably slower.
A ____ repeats a random number after a given time (periodic). They are fast and are also deterministic, and are useful in producing a repeatable set of random numbers. True random number generator (TRNG) Periodic random number generator (PRNG) Pseudo-random number generator (PRNG) Deterministic random number generator (DRNG)
Pseudo-random number generator (PRNG) Pseudo-Random Number Generators (PRNGs). This method repeats the random numbers after a given time (periodic). They are fast and are also deterministic, and are useful in producing a repeatable set of random numbers.
Which symmetric block cipher has a variable key size from 1-128 bits and 64-bit blocks? AES RC4 RC2 3DES
RC2 RC2 has a block size of 64 bits and variable key size from 1-128 with 40 bits being being the minimum suggested for use.
The aim of the ______ cipher is to scramble plaintext letters by writing a message in sequence across a number of rails. Rail Fence ROT-Rail ROT-13 Pigpen
Rail Fence A useful method of hiding the cipher method is to scramble the plaintext letters in some way, and where it is not possible for the human eye to spot a pattern. Someone who knows the method will then be able to quickly decode. One method which scrambles in a defined pattern is the rail fence cipher. With this the message is written in a sequence across a number of rails. For example, if we use three rails, with a message of 'WE ARE DISCOVERED. FLEE AT ONCE', we get: W . . . E . . . C . . . R . . . L . . . T . . . E . E . R . D . S . O . E . E . F . E . A . O . C . . . A . . . I . . . V . . . D . . . E . . . N . . and where we then read across the rails to give a cipher code of "WECRL TEERD SOEEF EAOCA IVDEN".
Salting the password protects an LDAP hash from an attack involving what? Rainbow Table Known Plaintext Frequency Anaysis Ciphertext
Rainbow Table Salting the password protects the LDAP hash from a rainbow table attack, but it is still open to brute force attacks. Some of the algorithms hash for a given number of interactions. The greater the number of iterations, the longer the hash will take to crack.
A pre-compiled list of hash values for possible passwords is called a ______ and is used in cracking efforts by attackers. Lookup table Bash compiler Rainbow table Block list
Rainbow table A pre-compiled list of hash values for possible passwords is called a rainbow table. Attackers can bounce such a list off of a target in a brute force attack until a match is made.
An attack on passwords that involves knowing the mapping between hashed values and the original data is called a ________ . Rainbow table attack Frequency Analysis Static Mapping Attack Dictionary Attack
Rainbow table attack The method of knowing the mapping between the hashed values and the original data is a rainbow table attack.
From the list below, which term is best described as random bits added to a password hash to help with safeguarding passwords in storage? CRC Rounds Rainbow Table Salt
Salt Salt added to the hash helps increase the work factor of attackers using brute force attacks with rainbow tables. Adding salt helps create more non-recurrent hashes.
A major problem in encryption is that the ciphertext can be played back where an intruder can copy an encrypted message and play it back, as the same plaintext will always give the same ciphertext. What can be added to the ciphering process help address this problem? Twofish Salt ASCII text Codes
Salt The solution to this is to add salt to the ciphering process, so that it changes its operation from block-to-block (for block encryption) or data frame-to-data frame (for stream encryption).
In comparing symmetric stream encryption to symmetric block encryption, which is faster and would be better suited for real-time applications? Block Stream
Stream The encryption method can either be applied by selecting blocks of a data, and then encrypting them, or it can operate on the data stream, where one bit at a time is encrypted. Overall stream encryption is often much faster, and can typically be applied in real-time applications.
Blowfish and Twofish are examples of what? Asymmetric block ciphers Symmetric block ciphers Exotic aquatic species Symmetric Stream ciphers
Symmetric block ciphers
Jeff wants to implement a password generation solution within a controlled environment at his organization that limits the time the password is valid to 10 minutes for visiting contractors. What can Jeff use as a solution? Crypt TOTP TSP Bcrypt
TOTP TOTP (Timed One Time Password) is a method used to generate single use passwords which are only valid for a certain time period. For example we could have a system which allowed to creation a new account for your mobile phone, but where the password was only valid for a short time.
________ provides a cryptography method to give a verifiable method that a data entity was created at a defined time. TOTP OTP HOTP TSP
TSP TSP (Time-Stamp Protocol) provides a cryptography method to give a verifiable method that a data entity was created at a defined time, and is defined in RFC 3161. It uses a Time Stamping Authority (TSA) that must be trusted for a source of time, and produce a unique time-stamp token, serial number and thumbprint for the data entity
From the list below, select the three elements that directly relate to password strength and their susceptibility to cracking? The cracking speed of a brute force generator The type of system or account created for The range of characters in the password The number of characters in the password
The cracking speed of a brute force generator The range of characters in the password The number of characters in the password The strength of a password relates to three major elements: • The number of characters in the password. The more characters that are in the password the stronger the password is likely to be. • The range of characters in the password. The wider the range of characters in a password is likely to increase its strength, especially in using non-alphabet ones (such as "!", "@", and so on). • The cracking speed of a brute force generator. This relates to the speed of the cracker, such as 1,000,000 tries per second.
Which type of random number generator would be the best choice if you were interested in avoiding repeating to reduce chances of a value being guessed? True random number generator (TRNG) Periodic random number generator (PRNG) Deterministic random number generator (DRNG) Pseudo-random number generator (PRNG)
True random number generator (TRNG) TRNGs are non-deterministic and aperiodic, they do not repeat and as such are less predictable than PRNGs.
A ____ generates a true random number, and uses some form of random process. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. Overall the method is generally slow, especially if it involves human interaction, but is non-deterministic and aperiodic. Deterministic random number generator (DRNG) Periodic random number generator (PRNG) Pseudo-random number generator (PRNG) True random number generator (TRNG)
True random number generator (TRNG) True Random Number Generators (TRNGs). This method generates a true random number, and uses some form of random process. One approach is to monitor the movements of a mouse pointer on a screen or from the pauses between keystrokes. Overall the method is generally slow, especially if it involves human interaction, but is non-deterministic and aperiodic.
What are two hashing or encoding methods used for passwords in Cisco devices? Type 7 Type 5 NTLM Type 6
Type 7 Type 5 Type 5 = hashing with MD5; Type 7 = encoding method
________ is a polyalphabetic cipher that employs an improved code over the scrambled alphabet approach, where a different mapping, based on a keyword, is used for each character of the cipher. Caesar cipher ROT BIFID Vigenère cipher
Vigenère cipher An improved code over the scrambled alphabet approach was developed by Vigen`ere, where a different mapping, based on a keyword, is used for each character of the cipher. This is known as a polyalphabetic cipher as it uses a number of cipher alphabets.
Match the padding methods below with the appropriate descriptions. Bits Cryptographic Message Syntax (CMS) Zero Length Space Null Random 1.This pads with zeros except for the last byte which is equal to the number (length) of padding bytes. 2.This pads with spaces and is only used with ASCII text. 3.This pads will NULL bytes and is only used with ASCII text. 4.Pads with the same value as the number of padding bytes. 5.This pads with random bytes with the last byte defined by the number of padding bytes. 6.This pads with 0x80 (10000000) followed by zero (null) bytes.
Zero Length-- 1.This pads with zeros except for the last byte which is equal to the number (length) of padding bytes. Space--2.This pads with spaces and is only used with ASCII text. Null--3.This pads will NULL bytes and is only used with ASCII text. Cryptographic Message Syntax (CMS)--4.Pads with the same value as the number of padding bytes. Random--5.This pads with random bytes with the last byte defined by the number of padding bytes. Bits--6.This pads with 0x80 (10000000) followed by zero (null) bytes.
HMAC is used to verify the integrity and authentication of a message and involves hashing with ______ as well as with standard hash functions. a non-cryptographic hash a secret key Initialization vector Nonce
a secret key HMAC is a message authentication code (MAC) that can be used to verify the integrity and authentication of the message. It involves hashing the message with a secret key, and thus differs from standard hashing, which is purely a one-way function. As with any MAC, it can be used with a standard hash function, such as MD5 or SHA-1, and which results in methods such as HMAC-MD5 or HMAC-SHA-1.
Shawn and his colleague collaborate on a project and keep the project information secret within a file named "project1" encrypted with AES Crypt. The password is set to "1project". What command would be used to decrypt the file to view its contents? aescrypt -d project1 aescrypt -e project1 aesdecrypt project1 1project aesdecrypt project1
aescrypt -d project1 When using Aescrypt, the command aescrypt -e filename is used for encryption, and the command aescrypt -d filename is used for decryption. AES Crypt is a file encryption software available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files.
In _________ cryptography, two different keys are used, one key is used to encrypt the plaintext, and the other key is used to decrypt it back to plaintext. random-key secret-key symmetric asymmetric
asymmetric For "asymmetric" or "public-key" cryptography, we generate two electronic keys, and of which one is used encrypt the plaintext, and the other is used to decrypt it back to plaintext.
The birthday paradox concept is employed in the birthday attack on hashes in effort to identify a _____ of a given hash. collision change anomaly LSB
collision
Laura wants to increase the randomness and unpredictability of the cryptosystem she has in use at her organization. What is she trying to incorporate? output entropy stream avalanche
entropy Entropy is the foundation upon which all cryptographic functions operate. Entropy, in cyber security, is a measure of the randomness or diversity of a data-generating function. A lack of good entropy can leave a cryptosystem vulnerable and unable to encrypt data securely.
Select the methods from the list below that contribute to improving the performance of brute force analysis. increasing power of computers Sandboxing light-weight cryptography parallel processing
increasing power of computers parallel processing Along with the increasing power of computers, and parallel processing, another method of improving the performance of brute force analysis is to use supercomputers.
Which simple cipher method entails creation of a single mapping from a given alphabet to a cipher alphabet? cipher disk mono-alphabetic Morse Code polyalphabet
mono-alphabetic With cipher methods we can use a mono-alphabetic code, where we create a single mapping from our alphabet to a cipher alphabet. This type of alphabet coding remains constant.
In terms of probability, the events that make up the possible outcome of a coin toss would be considered what? independent inter-dependent Prime mutuality exclusive
mutuality exclusive With a coin toss, the outcome can be either head or tails, but not both. This would be considered mutuality exclusive. For mutuality exclusive events: P(A and B) = 0, or the probability of the outcome being both is none.
Joe is trying to find a hashing solution to use as a simple checker which does not consume much processing power. What would you recommend him look into? Obsolete hashes Quantum Computing Two-way hashing non-cryptographic hashes
non-cryptographic hashes Most of the hashing methods use complex cryptography methods, and which can be time-consuming, and especially focused at microprocessors which have good computing resources. Sometimes we just need a simple checker which does not consume much processing power.
Regarding block cipher mode methodology, with a ____ cipher, if we lose any part of the ciphertext, we could not rebuild the rest of the cipher stream as the current cipher block is based on a previous one, and these build together as a chain, so that subsequent blocks cannot be decrypted. self-synchronizing hash one-way non-synchronizing
non-synchronizing With a non-synchronizing cipher, if we lose any part of the ciphertext, we could not rebuild the rest of the cipher stream as the current cipher block is based on a previous one, and these build together as a chain, so that subsequent blocks cannot be decrypted. Self-synchronizing stream operation remedies this issue and protects against the loss of a single bit or byte.
A______ is a random number that is only used once, and is generated by one party and sent using a secure handshaking process. prime nonce round
nonce
Hashing involves creating a _____ function which cannot be ______. one-way, reversed two-way, verified signing, verified two-way, reversed
one-way, reversed Hashing involves creating a one-way function which cannot be reversed.
Hashed versions of passwords in Unix environments are stored in the _______ . hosts file GSA-certified safe registry passwd file
passwd file
Which simple cipher method attempts to bolster complexity by adding additional alphabets to be used for the substitution rounds and can change its mapping depending on a variable keyword? polyalphabet mono-alphabetic cipher disk Morse Code
polyalphabet A polyalphabetic cipher is any cipher based on substitution, using multiple substitution alphabets. A polyalphabetic cipher can change its mapping depending on a variable keyword.
A ______ is a value which only has factors of 1 and itself, and used in areas such as key exchange and in public key encryption. modulus operator digit binary bit prime number
prime number
A weakness of one-way hashing is that the same piece of plaintext will result in the same ciphertext. This can lead lead to eventual cracking depending the strength of the the algorithm and other factors. What can be applied to help counter the this weakness? salt ether SRAM collisions
salt A weakness of one-way hashing is that the same piece of plaintext will result in the same ciphertext (unless some salt is applied).
Variations of one time passwords are an improved method of generating a passcode by generating a different one each time based on an initial ____ or based on time. clock variable nonce seed value key
seed value Passwords which use a hashed value can be cracked as either with rainbow tables or brute force. An improved method of generating passcode is to generate a different one each time based on an initial seed value, or based on time.
Tianhe-2 and Titan are examples of what? certificate authorities symmetric block ciphers supercomputers symmetric stream ciphers
supercomputers Along with the increasing power of computers, and parallel processing, another method of improving the performance of brute force analysis is to use supercomputers. Three of the most powerful machines in the world are: • Tianhe-2 (MilkyWay-2): National Super Computer Center in Guangzhou, 3,120,000 cores, 1PB memory. Intel Xeon processors. 54,902.4 TFlop/s. Manufacturer: NUDT. • Titan: DOE/SC/Oak Ridge National Laboratory. 560,640 cores, 710,144 GB, 27,112.5 TFlop/s. Opteron 6274 processors. Manufacturer: Cray Inc. • BlueGene/Q: DOE/NNSA/LLNL, IBM Department of Energy's (DOE) National Nuclear Security Administration's (NNSA), 1 PB memory, 20,132.7 TFlop/s, 1,572,864 cores using Power BQC 16C processors. Manufacturer: IBM.
In comparing symmetric encryption to asymmetric encryption, which would be best suited for real-time encryption solutions where fast conversion is needed? asymmetric symmetric
symmetric The major advantage that secret-key encryption has over public-key is that it is typically much faster to decrypt, and can thus be used where a fast conversion is required, such as in real-time encryption.
With _________ encryption, we use a single electronic key to encrypt the plaintext, and the same key is then used to decrypt. public-key symmetric-key random-key asymmetric-key
symmetric-key With secret or symmetric cryptography, a single electronic key is used to encrypt the plaintext, and the same key is then used to decrypt (normally involving a reversing of the encryption process). Note, the key used with symmetric-key encryption can be referred to as "secret" key or a "private" key.
