Network security 3.1 and 3.2 quiz
Combining encryption with steganography involves several steps. From the list on the left, drag a description of a step or result in this process to the correct order on the right.
1. Encrypt plaintext with a private key to generate ciphertext. 2. The ciphertext is hidden inside of a media file, such as an image, using steganography. 3.The recipient extracts the ciphertext and decrypts it using the matching public key. 4. Because the ciphertext is hidden in the image file, someone intercepting the message would have to know its there before being able to decrypt it.
Blockchain is a unique and increasingly popular implementation of cryptography. A blockchain is a decentralized and distributed ledger that records and verifies transactions between two parties. The list on the left describes each step a block goes through as part of the blockchain cryptographic process. From the list on the left, drag a description to its proper step order on the right.
1. User1 requests a transaction with User2. The request is made 2.using User1's personal secret key and User2's public key. 3.The transaction is represented online as a block. 4.The block is distributed to everyone on a peer-to-peer network. 5.The network users verify the transaction is valid. 6.The block is added to the chain. his provides a indisputable and transparent record of the transaction. 7.The contents of the transaction move to User2.
As a cybersecurity expert, you are tasked with implementing a secure enclave in your company's new mobile banking application. Which of the following statements best describes the primary function and benefit of a secure enclave in this context?
A secure enclave is a separate, isolated environment within the device's processor where sensitive data can be securely stored and processed.
Which of the following algorithms are used in symmetric encryption? (Select two.)
Blowfish and DES
There are several block cipher modes of operation that can be utilized depending on the application or use. Which of the following block cipher modes of operation uses a nonce combined with a counter that is encrypted?
Counter Mode (CTR)
Which of the following functions are performed by a TPM?
Create a hash of system components
Which of the following encryption mechanisms offers the least security because of weak keys?
DES
Which of the following algorithms are used in asymmetric encryption? (Select two.)
Diffie-Hellman and RSA
Which of the following cryptographic attacks uses SSL exploitation as a common implementation of this attack?
Downgrade attack
What is the main function of a TPM hardware chip?
Generate and store cryptographic keys
A cyber technician reduces a computer's attack surface by installing a cryptoprocessor that a plug-in PCIe adaptor card can remove. What type of cryptoprocessor can support this requirement?
HSM
Which of the following types of encryption is specifically designed to allow data to be worked on without decrypting it first?
Homomorphic encryption
Above all else, what must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Private keys
Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message?
Sam's public key
Which of the following terms means a cryptography mechanism that hides secret communications within various forms of data?
Steganography
Which form of cryptography is BEST suited for bulk encryption because it is so fast?
Symmetric key cryptography
A cyber security analyst wants to reduce the attack surface for a computer that contains top secret data. The analyst installs a cryptoprocessor as a module within the central processing unit (CPU) on the designated computer to accomplish this. What type of cryptoprocessor is the analyst installing?
TPM
You are a cybersecurity manager at a financial institution. Your team is responsible for managing the cryptographic keys used for secure transactions. Recently, there has been an increase in attempted cyber attacks on your institution. Which of the following key management strategies would be MOST effective in maintaining the security of your cryptographic keys under these circumstances?
You decide to set an expiration date for all current keys and inform users that they will need to renew their keys after this date.
You are a cybersecurity architect at a tech company that is developing a new mobile payment application. The application will handle sensitive user data including credit card information and personal identification numbers (PINs). Which of the following strategies would best leverage the concept of secure enclaves to protect this sensitive data?
You decide to store all sensitive data in a secure enclave on each user's device, accessible only with the user's unique PIN.
You are a cybersecurity analyst at a large corporation. Your team has been tasked with securing sensitive data within the company's database. One of the strategies you are considering is obfuscation. Which of the following scenarios would be the most appropriate application of obfuscation?
You use obfuscation to hide employee personal data within a database field by substituting character strings with x.
