Fundamental Information Security Chapter 9: Cryptography

Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature? Answers: Alice's public key Alice's private key Bob's public key Bob's private key

Alice's public key

Which information security objective allows trusted entities to endorse information? Answers: Validation Authorization Certification Witnessing

Certification

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message? Answers: Encryption Hashing Decryption Validation

Decryption

What mathematical problem forms the basis of most modern cryptographic algorithms? answers: Factoring large primes Traveling salesman problem Quantum mechanics Birthday problem

Factoring large primes

Gary is sending a message to Patricia. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Gary attempting to achieve? answers: Confidentiality Integrity Authentication Nonrepudiation

Integrity

What is NOT a symmetric encryption algorithm? Rivest-Shamir-Adelman (RSA) Data Encryption Standard (DES) International Data Encryption Algorithm (IDEA) Carlisle Adams Stafford Tavares (CAST)

Rivest-Shamir-Adelman (RSA)

What is NOT an effective key distribution method for plaintext encryption keys? Answers: Paper Unencrypted email CD Smart card

Unencrypted email

What standard is NOT secure and should never be used on modern wireless networks? Answers: Wired Equivalent Privacy (WEP) Wi-Fi Protected Access (WPA) Wi-Fi Protected Access version 2 (WPA2) 802.11ac

Wired Equivalent Privacy (WEP)

A keyword mixed alphabet cipher uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet true or false

true

A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is. Answers: true or false

true

A salt value is a set of random characters you can combine with an actual input key to create the encryption key. Answers: true or false

true

Digital signatures require asymmetric key cryptography. Answers: true or false

true

Digital signatures require asymmetric key cryptography. true or false

true

The Diffie-Hellman (DHE) algorithm is the basis for several common key exchange protocols, including Diffie-Hellman in Ephemeral mode (DHE) and Elliptic Curve DHE (ECDHE). Answers: true or false

true

The hash message authentication code (HMAC) is a hash function that uses a key to create a hash, or message digest. true or false

true

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system. true or false?

true

A private key cipher is also called an asymmetric key cipher. true or false

false

Cryptographic key distribution is typically done by phone. Answers: true or false

false

Product cipher is an encryption algorithm that has no corresponding decryption algorithm. Answers: true or false

false

The term certificate authority (CA) refers to a trusted repository of all public keys. Answers: true or false

false

Which cryptographic attack offers cryptanalysts the most information about how an encryption algorithm works? Answers: Chosen plaintext Ciphertext only Known plaintext Chosen ciphertext

Chosen plaintext

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve? Answers: Confidentiality Integrity Authentication Nonrepudiation

Nonrepudiation

Which of the following allows a certificate authority (CA) to revoke a compromised digital certificate in real time? Answers: Certificate revocation list (CRL)International Data Encryption Algorithm (IDEA) Transport Layer Security (TLS) Online Certificate Status Protocol (OCSP)

Online Certificate Status Protocol (OCSP)

The financial industry created the ANSI X9.17 standard to define key management procedures. true or false

true

Which set of characteristics describes the Caesar cipher accurately? answers: Asymmetric, block, substitution Asymmetric, stream, transposition Symmetric, stream, substitution Symmetric, block, transposition

Symmetric, stream, substitution

Message authentication confirms the identity of the person who started a correspondence. Answers: true or false

true

Alice would like to send a message to Bob securely and wishes to encrypt the contents of the message. What key does she use to encrypt this message? Answers: Alice's public key Alice's private key Bob's public key Bob's private key

Bob's public key

Which approach to cryptography provides the strongest theoretical protection? Answers: Quantum cryptography Asymmetric cryptography Elliptic curve cryptography Classic cryptography

Quantum cryptography

You must always use the same algorithm to encrypt information and decrypt the same information. Answers: true or false

false

A digitized signature is a combination of a strong hash of a message and a secret key. Answers: true or false

false