7.2 - Cryptography Implementations
Cryptographic systems provide which of the following security services? (Select two.)
Confidentiality, Non-repudiation
Which of the following functions are performed by a TPM?
Create a hash of system components
Hardware security module(HSM)
a piece of hardware and associated software/firmware that is connected to a computer system to provide cryptographic functions.
Which of the following is a direct integrity protection?
Digital signature
What is the most obvious means of providing non-repudiation in a cryptography system?
Digital signatures
What is the main function of a TPM hardware chip?
Generate and store cryptographic keys
You have downloaded a file from the internet. You generate a hash and check it against the original file's hash to ensure the file has not been changed. Which information security goal is this an example of?
Integrity
Which of the following are true of Triple DES (3DES)?
Key length is 168 bits
When a sender encrypts a message using their own private key, which security service is being provided to the recipient?
Non-repudiation
Your computer system is a participant in an asymmetric cryptography system. You've crafted a message to be sent to another user. Before transmission, you hash the message and then encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. Which protection does the private key-signing activity of this process provide?
Non-repudiation
Which form of cryptography is best suited for bulk encryption because it is so fast?
Symmetric key cryptography
Hashing
The process of using an algorithm to convert data to a fixed-length key called a hash
Trusted Platform Module (TPM) chip
a hardware chip on the motherboard that can generate and store cryptographic keys.
Applying a digital signature proves that the file is ____ and comes from the correct person.
authentic
digital signature
combination of asymmetric encryption and hashing values
Hybrid cryptosystem
combines the efficiency of symmetric encryption with the convenience of asymmetric encryption.
Encrypting data or obfuscating data provides data ____
confidentiality
In addition to digital signatures, data can be protected by using secure ____
data transmission.
Creating a hash of a file can be used to validate that the file has not been altered. This validates the ____ of the file.
integrity
Applying a digital signature provides ____. This means that the sender cannot later deny having sent the file.
non-repudiation
Speed
one of the biggest limitations of encryption