Cryptography Quiz

Ace your homework & exams now with Quizwiz!

What are the examples of weak/deprecated cryptographic solutions?

Wired Equivalent Privacy (WEP) Secure Sockets Layer (SSL) Data Encryption Standard (DES)

Diffie-Hellman (DH)

A secret key exchange over an insecure medium without any prior secrets

SHA-2

A family of Secure Hash Algorithms that has variations, known as SHA-224, SHA-256, SHA-384, and SHA-512.

Which of the algorithms listed below does not fall into the category of asymmetric encryption?

AES

Which of the cryptographic algorithms listed below is the least vulnerable to attacks

AES

Perfect Forward Secrecy (PFS)

An encryption method that ensures that a session key derived from a set of long-term keys cannot be compromised if one of the long-term keys is compromised in the future. To work properly, PFS requires two conditions: Keys must not be reused, and new keys must not be derived from previously used keys.

A type of encryption scheme that uses a paired public and private key is known as

Asymmetric encryption Public-key encryption

What are the characteristic features of Elliptic Curve Cryptography (ECC)?

Asymmetric encryption, Low processing power requirements, Suitable for small wireless devices

What are the examples of key stretching algorithms?

Bcrypt PBKDF2

Which of the following terms illustrate(s) the security through obscurity concept?

Code obfuscation. Steganography. SSID broadcast suppression . Substitution ciphers.

Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input?

Confusion

Examples of means that provide randomization during the encryption process include

Cryptographic nonce, Salting, Initialization Vector (IV)

A cryptographic standard for digital signatures is known as:

Data Encryption Standard (DES)

Which of the three states of digital data requires data to be processed in an unencrypted form?

Data-in-use

Which of the following answers refers to a commonly used asymmetric algorithm for secure exchange of symmetric keys?

Diffie-Hellman

Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version?

Diffusion

Which of the block cipher modes listed below provides both data integrity and confidentiality

Galois / counter mode ( GCM)

Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use

Electronic code block (ECB)

HMAC

Hash-based Message Authentication Code. An HMAC is a fixed length string of bits similar to other hashing algorithms such as MD5 and SHA-1, but it also uses a secret key to add some randomness to the result.

What are some security controls that provides integrity?

Hashing. Digital signatures. Non-repudiation.

Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as

Initialization Vectors (IV)

Digital signatures provide?

Integrity. Authentication. Non-repudiation.

ISAKMP

Internet Security Association and Key Management Protocol

What authentication protocols offer(s) countermeasures against replay attacks?

Kerberos CHAP IPsec

Which of the following are hashing algorithms?

MD5. RIPEMD. HMAC. SHA.

MD5

Message Digest 5. A hashing function used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained.

Which of the answers listed below refers to a solution designed to strengthen the security of session keys?

Perfect Forward Secrecy(PFS)

The process by which malicious software changes its underlying code to avoid detection is called:

Polymorphism

What is the purpose of non-repudiation?

Preventing someone from denying that they have taken specific action

SHA-1

Produces a 160-bit hash value and is used in DSS

Which of the algorithms listed below does not belong to the category of symmetric ciphers

RES

Which of the following cryptographic hash functions is the least vulnerable to attacks?

SHA-512

Pseudo-random data added to a password before hashing is called:

Salt

Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks?

Salt

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as

Session-key encryption, Symmetric encryption, Secret-key encryption

Which of the answers listed below refer to obfuscation methods?

Steganography XOR cipher ROT13

Which of the answers listed below refer to the Advanced Encryption Standard (AES)

Symmetric-key algorithm 128-, 192-, and 256-bit keys Block cipher algorithm

In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key.

True

In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key size determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security.

True

In cryptography, the term "Key stretching" refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks.

True

In cryptography, the term "Secret algorithm" refers to an algorithm designed in a way that prevents the examination of its inner workings.

True

The term "Ephemeral key" refers to an asymmetric encryption key designed to be used only for the duration of a single session or transaction.

True

Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately.

True

What are the characteristic features of a session key?

Used during a single session. Symmetric key.


Related study sets

Chapter 9: Legal Issues with a New Business

View Set

Database Fundamentals (aioTestKing)

View Set