Question 1

Which of the following is a current standard for PKI that specifies a strict hierarchical system for CAs issuing certificates?&#10;A) PKCS #2&#10;B) X.509&#10;C) DES&#10;D) SHA-1

Accepted Answer

X.509 specifies a strict hierarchical system for CAs issuing certificates, as well as standards for the format and content of certificates. PKCS #2 is not a current standard for PKI, and DES and SHA-1 are encryption algorithms that are not directly related to the hierarchical system for CAs.

Question 2

Which type of function is used in cryptography?&#10;A) Not AND&#10;B) permutation&#10;C) NOR&#10;D) X-box

Accepted Answer

Permutation functions are commonly used in cryptography to scramble and re-order input data, making it harder for an attacker to decipher the original message or data. Other types of functions such as NOT AND or NOR are not commonly used in cryptography. X-box is not a recognized term in cryptography.

Question 3

A hash value is a variable-length string of symbols and numbers representing the original input's contents.

Accepted Answer

A hash value is a fixed-length string of numbers and letters generated by a hash function, which uniquely represents the data input, regardless of the original data's size.

Question 4

Which of the following best describes a one-way function?&#10;A) a bit string that prevents generation of the same ciphertext&#10;B) random bits used as input for key derivation functions&#10;C) generates secret keys from a secret value&#10;D) easy to compute but difficult and time consuming to reverse

Accepted Answer

A one-way function is easy to compute but difficult and time consuming to reverse. This means that given an input, it is easy to generate an output, but given an output, it is difficult to determine the original input. This property is important in many cryptographic applications, such as generating digital signatures and hashing passwords. Option A is incorrect as it describes non-repeatability, which is a property of a nonce. Option B describes random numbers, which are used for key derivation, but not necessarily for one-way functions. Option C refers to a key derivation function, which is different from a one-way function.

Question 5

What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation?&#10;A) the use of the sender's private key&#10;B) the hashing algorithm used to generate a message digest&#10;C) the source of the public keys&#10;D) the integrity of the private keys

Accepted Answer

The source of the public keys is often considered the most likely weak link in asymmetric encryption for verifying message integrity and nonrepudiation because if attackers can substitute their own public keys for legitimate ones, they can intercept or alter messages. Ensuring the authenticity and integrity of public keys is crucial, typically managed through trusted Certificate Authorities (CAs) or Public Key Infrastructure (PKI).

Question 6

Which of the following is true about cryptographic primitives?&#10;A) each performs several tasks&#10;B) a single primitive makes up an entire cryptographic protocol&#10;C) primitives are usually not the source of security failures&#10;D) a primitive that provides confidentiality usually also provides authentication

Accepted Answer

Cryptographic primitives are typically individual functions used in conjunction with other primitives to create a complete cryptographic protocol. They are designed to perform a specific task, such as encryption, decryption, or hashing. Cryptographic primitives are usually well-studied and peer-reviewed, making them unlikely to be the source of security failures. However, the way in which they are implemented may introduce vulnerabilities. The statement in option A is incorrect because primitives usually perform a single task. The statement in option B is also incorrect because a single primitive is not typically sufficient for an entire cryptographic protocol. The statement in option D is incorrect because some primitives provide confidentiality without authentication.

Question 7

In a passive attack,cryptanalysts eavesdrop on transmissions but don't interact with parties exchanging information.

Accepted Answer

That is correct, in a passive attack, the cryptanalysts only listen in on the communication but do not actively participate or interact with the parties exchanging information.

Question 8

Which of the following is true about Message Authentication Code.&#10;A) it uses asymmetric encryption&#10;B) the key is sent to the receiver securely&#10;C) is uses PKI and certificates&#10;D) it uses a private and public key

Accepted Answer

Message Authentication Code (MAC) uses symmetric encryption, where the same secret key is used by both the sender and the receiver. To maintain the confidentiality of the key, it is sent to the receiver securely using a separate mechanism, such as key exchange protocols or pre-shared keys. MAC does not use PKI, certificates or asymmetric encryption with private and public keys.

Question 9

Which of the following best describes a CRL?&#10;A) a published listing of invalid certificates&#10;B) serve as a front end to users for revoking certificates&#10;C) a file that contains information about the user and public key&#10;D) keeps track of issued credentials and manages revocation of certificates

Accepted Answer

A CRL (Certificate Revocation List) is a published listing of digital certificates that have been revoked or are no longer valid. It is used to verify the validity of a certificate and to ensure that it has not been compromised. The CRL is typically issued by a certification authority (CA) and is made available to users who need to verify the validity of certificates issued by that CA.

Question 10

Which of the following is true about PRNGs?&#10;A) they are not completely random&#10;B) their state is measured in bytes&#10;C) the shorter the state, the longer the period&#10;D) they can never produce the same value

Accepted Answer

PRNGs (Pseudo-Random Number Generators) are algorithms that generate a sequence of numbers that appear to be random but are actually deterministic and not truly random. Therefore, they are not completely random.

Answer: B 
 PRNGs have an internal state which is used to generate the next number in the sequence. The state is typically measured in bytes, and the larger the state, the better the quality of the generated numbers.

Answer: C 
 The period of a PRNG is the number of values that the generator can produce before repeating itself. The shorter the state of the PRNG, the faster it will repeat itself, resulting in a shorter period.

Answer: None of the above 
 Option D which states that PRNGs can never produce the same value is incorrect. PRNGs can sometimes produce the same value due to a phenomenon called collision.

Question 11

Which of the following is true about encryption algorithms?&#10;A) their strength is tied to their key length&#10;B) not vulnerable to brute force attacks&#10;C) block ciphers encrypt one bit at a time&#10;D) asymmetric algorithms use a single key

Accepted Answer

The answer of Which of the following is true about...

Question 12

Which of the following is the first step in the digital signature process where Mike sends a message to Sophie?&#10;A) a message digest of Mike's message is calculated using a hashing algorithm&#10;B) Sophie compares the message digest she calculated to Mikes's message&#10;C) Sophie encrypts Mike's message with Mike's public key&#10;D) the message digest is encrypted by Mike's private key

Accepted Answer

The answer of Which of the following is the first...

Question 13

Encrypted files can be transmitted in both electronic form and as written messages.

Accepted Answer

The answer of Encrypted files can be transmitted in both...

Question 14

Because IPsec Security Associations are bidirectional,only one need be established between two parties.

Accepted Answer

The answer of Because IPsec Security Associations are bidirectional,only one...

Question 15

Which of the following is commonly used for verifying message integrity?&#10;A) registration authority&#10;B) CRL&#10;C) pseudorandom number generator&#10;D) hashing function

Accepted Answer

The answer of Which of the following is commonly used...

Question 16

Which of the following is true about asymmetric cryptography?&#10;A) the private key can be used to encrypt and decrypt a message&#10;B) a shared key is used to encrypt all messages and the private key decrypts them&#10;C) a single key is used and is transferred using a key management system&#10;D) the public key is used to encrypt a message sent to the private key owner

Accepted Answer

The answer of Which of the following is true about...

Question 17

The standardization of cryptographic protocols discourages attackers from trying to break them.

Accepted Answer

The answer of The standardization of cryptographic protocols discourages attackers...

Question 18

Which of the following is NOT a critical goal of information security?&#10;A) confidentiality&#10;B) scalability&#10;C) authentication&#10;D) nonrepudiation

Accepted Answer

The answer of Which of the following is NOT a...

Question 19

Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-character hexadecimal number and is used in VPNs?&#10;A) RSA&#10;B) Message Digest 5&#10;C) RC4&#10;D) Twofish

Accepted Answer

The answer of Which of the following makes a single...

Question 20

Which of the following is described as a 64-bit block cipher composed of a 16-round Feistel network and key-dependent S-box functions?&#10;A) Twofish&#10;B) RC4&#10;C) Blowfish&#10;D) Rijndael

Accepted Answer

The answer of Which of the following is described as...

Question 21

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;unreadable text,programs that do not execute,and graphics you cannot view

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;unreadable text,programs that...

Question 22

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;A set of standard procedures that the Internet Engineering Task Force (IETF)developed for enabling secure communication on the Internet

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;A set of...

Question 23

At which layer of the OSI model does IPsec work?&#10;A) Two&#10;B) Three&#10;C) Four&#10;D) Six

Accepted Answer

The answer of At which layer of the OSI model...

Question 24

Which of the following was developed as a way of enabling Web servers and browsers to exchange encrypted information and uses a hashed message authentication code to increase security?&#10;A) SSH&#10;B) SSL&#10;C) TLS&#10;D) IPsec

Accepted Answer

The answer of Which of the following was developed as...

Question 25

Which component of IPsec enables computers to exchange keys to make an SA?&#10;A) IKE&#10;B) ISAKMP&#10;C) Oakley&#10;D) IPsec driver

Accepted Answer

The answer of Which component of IPsec enables computers to...

Question 26

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;readable text,programs that execute,and graphics you can view

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;readable text,programs that...

Question 27

______________ cryptanalysis is applicable to block ciphers that use a substitution-permutation network including Rijndael,Twofish,and IDEA.

Accepted Answer

The answer of ______________ cryptanalysis is applicable to block ciphers...

Question 28

A ______________ value is a fixed-size string representing the original input's contents.

Accepted Answer

The answer of A ______________ value is a fixed-size string...

Question 29

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a type of encryption algorithm that encrypts one bit at a time

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a type of...

Question 30

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a type of encryption algorithm that encrypts groups of cleartext characters

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a type of...

Question 31

Which of the following is a type of cryptanalysis that applies primarily to block ciphers but can also be used against stream ciphers and hashing functions and works by examining how differences in input affect the output?

A) integral
B) differential
C) related key
D) XSL

Accepted Answer

The answer of Which of the following is a type...

Question 32

What is a downside to using Triple DES?&#10;A) uses only a 56-bit key&#10;B) goes through three rounds of encryption&#10;C) using three keys decreases security&#10;D) requires more processing time

Accepted Answer

The answer of What is a downside to using Triple...

Question 33

A ________________ occurs when computing the MD5 algorithm with two different initialization vectors produces the same hash value.

Accepted Answer

The answer of A ________________ occurs when computing the MD5...

Question 34

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;the current U.S.government standard for cryptographic protocols

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;the current U.S.government...

Question 35

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;an older protocol composed of a 16-round Feistel network with XOR functions,permutation functions,64 S-box functions,and fixed key schedules

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;an older protocol...

Question 36

______________________ is achieved when neither party can plausibly deny its participation in message exchanges.

Accepted Answer

The answer of ______________________ is achieved when neither party can...

Question 37

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;the study of breaking encryption methods

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;the study of...

Question 38

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a way to prevent keys from being discovered and used to decipher encrypted messages

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a way to...

Question 39

MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a cryptographic primitive based on binary bit logic and used as a linear mixing function,combining values for use in further computations

Accepted Answer

The answer of MATCHING&#10;a.AES&#10;b.block cipher&#10;c.ciphertext&#10;d.cryptanalysis&#10;e.DES&#10;f.XOR function&#10;g.IPsec&#10;h.key management&#10;i.plaintext&#10;j.stream cipher&#10;a cryptographic primitive...

Question 40

Digital ____________________ security vulnerabilities are mostly associated with the IT infrastructure required to support interoperability.

Accepted Answer

The answer of Digital ____________________ security vulnerabilities are mostly associated...

Question 41

What is a hash value and how does it verify message integrity?

Accepted Answer

The answer of What is a hash value and how...

Question 42

How does the key size affect the strength of an encryption algorithm?

Accepted Answer

The answer of How does the key size affect the...

Question 43

What is a digital signature and for what purpose is one used?

Accepted Answer

The answer of What is a digital signature and for...

Question 44

What does a key derivation do?

Accepted Answer

The answer of What does a key derivation do?...

Question 45

Describe the exclusive OR function.

Accepted Answer

The answer of Describe the exclusive OR function....

Question 46

What is a MAC tag and how does it work?

Accepted Answer

The answer of What is a MAC tag and how...

Question 47

What three conditions must be true to make a hashing algorithm secure?

Accepted Answer

The answer of What three conditions must be true to...

Question 48

Compare and contrast block cipher with stream cipher.

Accepted Answer

The answer of Compare and contrast block cipher with stream...

Question 49

How does an asymmetric algorithm differ from a symmetric algorithm?

Accepted Answer

The answer of How does an asymmetric algorithm differ from...

Question 50

What is a Feistel network and what is its purpose?

Accepted Answer

The answer of What is a Feistel network and what...

Deck 5: Cryptography