Module 12: Cyptography
What type of attack is being performed when the attacker has access to plaintext and ciphertext, and can choose which messages to encrypt?
chosen-plaintext.
What type of attack is being conducted when the attacker has messages in both encrypted form and decrypted forms?
known-plaintext.
A user reports to their IT Department that there seems to be suspicious activity in one of the web applications. The user states that someone seems to be accessing their account. Nothing malicious was on their computer and the user had changed their password. What kind of attack might be in play with this user's issue?
replay
A security professional needs to set up an encrypted database to store sensitive information. The requirements given to the professional were that the asymmetric encryption algorithm needs to use complex algebra and calculations on curves while using few resources. Which algorithm would best suit the professional's needs?
ECC.
Which of the following is a mathematical function or program that works with a key?
Encryption algorithm
A certificate contains a unique serial number and must follow which standard that describes the creation of a certificate?
X.509
A user at a company keeps repeatedly getting locked out. After further investigation, the security engineer determines that the user had RDP set up, with external access direct to the computer, allowing malicious actors to attempt to access the account. What kind of attack is the malicious actor most likely using against the user?
brute force.
In what type of attack does the attacker need access to the cryptosystem, and the ciphertext to be decrypted to yield the desired plaintext results?
chosen-ciphertext.
Which type of algorithm uses two keys that are mathematically related?
Asymmetric.
Which type of algorithms are more scalable?
Asymmetric.
What kind of Certificate Authority may hold their signing private keys offline?
Root CA's
What cryptographic function can be added to plaintext to help randomize encrypted hashes?
Salt
What is the RC5 algorithm?
The algorithm is a block cipher that can operate on different block sizes.
What is Triple Data Encryption Standard (3DES)?
The algorithm serves as a quick fix for the vulnerabilities of a predecessor's weakness.
What best describes what a digital signature is?
The hash calculated from the message content is encrypted with a private key to ensure authentication and nonrepudiation.
