Ch. 15 - Cryptography
A. Private keys
Above all else, which of the following must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates? A. Private keys B. Public keys C. Cryptographic algorithm D. Hash values
C. Uses only one key to encrypt and decrypt data.
Which of the following best describes a feature of symmetric encryption? A. Uses only one algorithm type. B. Does not require the exchange of the shared secret key. C. Uses only one key to encrypt and decrypt data. D. Does not work well for bulk encryption of less sensitive data.
D. Chosen plain text
Your company produces an encryption device that lets you enter text and receive encrypted text in response. An attacker obtains one of these devices and starts inputting random plain text to see the resulting ciphertext. Which of the following cryptographic attacks is being used? A. Chosen ciphertext B. Brute force C. Known plain text D. Chosen plain text
D. Diffie-Hellman
Which of the following cryptographic algorithms is used in asymmetric encryption? A. Twofish B. AES C. Blowfish D. Diffie-Hellman
B. Two
Which of the following is the number of keys used in asymmetric (public key) encryption? A. One B. Two C. Three D. Four
B. VeraCrypt
Which of the following uses on-the-fly encryption, meaning the data is automatically encrypted immediately before it is saved and decrypted immediately after it is loaded? A. Transport Layer Security (TSL) B. VeraCrypt C. BitLocker D. Secure Sockets Layer (SSL)
D. Block
You work for a company that is implementing symmetric cryptography to process payment applications such as card transactions where personally identifiable information (PII) needs to be protected to prevent identity theft or fraudulent charges. Which of the following algorithm types would be best for transmitting large amounts of data? A. Stream B. Cryptanalysis C. Steganography D. Block
B. BitLocker
Alan wants to implement a security tool that protects the entire contents of a hard drive and prevents access even if the drive is moved to another system. Which of the following tools should he choose? A. IPsec B. BitLocker C. EFS D. VPN
C. Create a local CA and generate a self-signed certificate.
Kathy doesn't want to purchase a digital certificate from a public certificate authority, but needs to establish a PKI in her local network. Which of the follow actions should she take? A. Enable synchronous encryption in her network. B. Ensure all HTTP traffic uses port 443. C. Create a local CA and generate a self-signed certificate. D. Request a certificate from GoDaddy.
D. Mary's private key
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which of the following cryptographic keys would Mary use to create the digital signature? A. Mary's public key B. Sam's public key C. Sam's private key D. Mary's private key
B. An entity that issues digital certificates.
Which of the following best describes a certificate authority (CA)? A. An entity in a PKI that verifies user requests for a digital certificate. B. An entity that issues digital certificates. C. An electronic password that allows a person or organization to exchange data securely over the Internet D. An entity that provides a service used to verify the validity of a digital certificate.
D. EFS
Which of the following encryption tools would prevent a user from reading a file that they did not create and does not require you to encrypt an entire drive? A. IPsec B. SSL C. VPN D. EFS
B. Is suitable for small amounts of data and small devices, such as smartphones.
Which of the follow is a characteristic of Elliptic Curve Cryptography (ECC)? A. Is used to sign a certificate using a private key and to verify a certificate using a public key. B. Is suitable for small amounts of data and small devices, such as smartphones. C. Uses multiplication of large prime numbers. D. Uses symmetric encryption.
B. Uses a 168-bit key
Which of the following is a characteristic of Triple DES (3DES)? A. Uses 64-bit blocks with 128-bit keys B. Uses a 168-bit key C. Uses the Rijndael block cipher D. Is easy to break
A. They test every possible valid combination.
Which of the following best explains why brute force attacks are always successful? A. They test every possible valid combination. B. They are fast. C. They are platform-independent. D. They can be performed in a distributed parallel processing environment.
A. Known plain text
Which of the following cryptography attacks is characterized by the attacker having access to both the plain text and the resulting ciphertext, but does not allow the attacker to choose the plain text? A. Known plain text B. Brute force C. Chosen ciphertext D. Chosen plain text
B. Uses the Rijndael block cipher.
Which of the following is a characteristic of the Advanced Encryption Standard (AES) symmetric block cipher? A. Is easy to break. B. Uses the Rijndael block cipher. C. Is used by Pretty Good Privacy (PGP) email encryption. D. Uses up to 16 rounds of substitution and transposition.
D. Registration authority
Which of the following is an entity that accepts and validates information contained within a request for a certificate? A. Certificate management system B. Validation authority C. Certificate authority D. Registration authority
C. Symmetric cryptography
Which of the following forms of cryptography is best suited for bulk encryption because of its speed? A. Hashing cryptography B. Asymmetric cryptography C. Symmetric cryptography D. Public key cryptography
C. OpenSSL
Which of the following is an open-source cryptography toolkit that implements SSL and TLS network protocols and the related cryptography standards required by them? A. BitLocker B. EFS C. OpenSSL D. Symantec Drive Encryption
C. Symmetric
Bob encrypts a message using a key and sends it to Alice. Alice decrypts the message using the same key. Which of the following types of encryption keys is being used? A. Asymmetric B. Digital signature C. Symmetric D. Block cipher
C. TLS
Donna is configuring the encryption settings on her email server. She is given a choice of encryption protocols and has been instructed to use the protocol that has the most improvements. Which of the following cryptographic protocols should she choose? A. OpenSSL B. SSL C. TLS D. VeraCrypt
B. Copying the key to a USB drive.
Which of the following is considered an out-of-band distribution method for private key encryption? A. Using a private fiber network. B. Copying the key to a USB drive. C. Using a key distribution algorithm. D. Sending a secured email.
B. Ron's Cipher v4 (RC4)
Which of the following is the most frequently used symmetric key stream cipher? A. Blowfish B. Ron's Cipher v4 (RC4) C. Advanced Encryption Standard (AES) D. Ron's Cipher v5 (RC5)
A. One
Which of the following is the number of keys used in symmetric encryption? A. One B. Two C. Four D. Five
A. ciphertext
Which of the following terms is the encrypted form of a message that is unreadable except to its intended recipient? A. ciphertext B. encryption algorithm C. plain text D. steganography
D. Adaptive chosen plain text
Which of the following cryptography attacks is characterized by the attacker making a series of interactive queries and choosing subsequent plain texts based on the information from the previous encryption? A. Known plain text B. Chosen ciphertext C. Chosen plain text D. Adaptive chosen plain text
D. A security architecture that ensures data connections between entities are validated and secure.
Which of the following describes a PKI? A. An algorithm for encrypting and decrypting data. B. A protocol that defines secure key exchange. C. Software that manages an organization's certificates. D. A security architecture that ensures data connections between entities are validated and secure.
D. He must send identifying data with his certificate request to a registration authority (RA).
Robert, an IT administrator, is working for a newly formed company. He needs a digital certificate to send and receive data securely in a Public Key Infrastructure (PKI). Which of the following requests should he submit? A. He must send identifying data and the encryption algorithm he will use with his certificate request to a certificate authority (CA). B. He must send the MAC and IP addresses with his certificate to a root certificate authority (CA). C. He must send identifying data and a private key request to a validation authority (VA). D. He must send identifying data with his certificate request to a registration authority (RA).
A. Sam's public key
Mary is using asymmetric cryptography to send a message to Sam so that only Sam can read it. Which of the following keys should she use to encrypt the message? A. Sam's public key B. Mary's public key C. Mary's private key D. Sam's private key
