Info Sec Chapter 8 Cryptography

The CA periodically distributes a(n) _________ to all users that identifies all revoked certificates. A) CRL B) RA C) MAC D) RDL

A) CRL [certificate revocation list]

The __________ algorithm, developed in 1977, was the first public key encryption algorithm published for commercial use. A) DES B) RSA C) MAC D) AES

B) RSA

SHA-1 produces a(n) ___________-bit message digest, which can then be used as an input to a digital signature algorithm. A) 48 B) 56 C) 160 D) 256

B)56

A __________ is a key-dependent, one-way hash function that allows only specific recipients (symmetric key holders) to access the message digest. A) signature B) MAC C) fingerprint D) digest

B)MAC

Using a database of precomputed hashes from sequentially calculated passwords called a(n) __________, an attacker can simply look up a hashed password and read out the text version. A) timing matrix B) agile scrum C) rainbow table D) smurf list

C) rainbow table

The __________ is responsible for the fragmentation, compression, encryption, and attachment of an SSL header to the cleartext prior to transmission. A) Standard HTTP B) SFTP C) S-HTTP D) SSL Record Protocol

D) SSL Record Protocol

Steganography is a data hiding method that involves embedding information within other files, such as digital pictures or other images. A) True B) False

a) false

__________ is a protocol that can be used to secure communications across any IP-based network such as LANs, WANs, and the Internet. A) PEM B) SSH C) IPSec D) SET

c)IPSec

More advanced substitution ciphers use two or more alphabets, and are referred to as __________ substitutions. A) multialphabetic B) monoalphabetic C) polyalphabetic D) polynomic

c)polyalphabetic

__________ is the amount of effort (usually in hours) required to perform cryptanalysis to decode an encrypted message when the key or algorithm (or both) are unknown. A) Code B) Algorithm C) Key D) Work factor

d)work factor

The AES algorithm was the first public key encryption algorithm to use a 256 bit key length. A) True B) False

false

Standard-HTTP (S-HTTP) is an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages transmitted via the Internet between a client and server. A) True B) False

false [Secure HTTP]

S-HTTP An extended version of Hypertext Transfer Protocol that provides for the encryption of protected e-mail transmitted via the Internet between a client and server.. _________________________ A) True B) False

false [provides encryption of messages between client and server]

Diffie-Hellman key exchange uses asymmetric encryption to exchange session keys. _________________________ A) True B) False

true

Internet Protocol Security (IPSec) is an open-source protocol framework for security development within the TCP/IP family of protocol. A) True B) False

true

One encryption method made popular by spy movies involves using the text in a book as the key to decrypt a message. A) True B) False

true

Privacy Enhanced Mail was proposed by the Internet Engineering Task Force and is a standard that uses 3DES symmetric key encryption and RSA for key exchanges and digital signatures. _________________________ A) True B) False

true

Secure Electronic Transactions was developed by MasterCard and VISA in 1997 to protect against electronic payment fraud. A) True B) False

true

Secure Multipurpose Internet Mail Extensions builds on the encoding format of the MIME protocol and uses digital signatures based on public key cryptosystems to secure e-mail. _________________________ A) True B) False

true

The most common hybrid system is based on the Diffie-Hellman key exchange, which is a method for exchanging private keys using public key encryption. A) True B) False

true