1100

Question 1

A symmetric cipher that was designed to replace DES.

Answer 1

Triple Data Encryption Standard (3DES)

Question 2

A chip on the motherboard of the computer that provides cryptographic services.

Answer 2

Trusted Platform Module (TPM)

Question 3

A later derivation of the Blowfish algorithm that is considered to be strong.

Answer 3

Twofish

Question 4

Cryptography that can be applied to entire disks.

Answer 4

Whole Disk Encryption

Question 5

What is data called that is to be encrypted by inputting into an encryption algorithm? 
A. Plaintext
B. Cleartext
C. Opentext
D. Ciphertext

Answer 5

A. Plaintext

Question 6

Which of the following is not a basic security protection over information that cryptography can provide? 
A. confidentiality
B. Stop loss
C. Integrity
D. Authenticity

Answer 6

B. Stop loss

Question 7

The areas of a file in which steganography can hide include all of the following except __________.
A. in data that is used to describe the content or structure of the actual data
B. in the directory structure of the file system
C. in the file header fields that describe the file
D. in areas that contain the content data itself

Answer 7

B. in the directory structure of the file system

Question 8

Proving that a user sent an e-mail message is known as ______. A. repudiation B. integrity C. nonrepudiation D. availability

Answer 8

C. nonrepudiation

Question 9

Symmetric cryptographic algorithms are also called _________. A. private key cryptographyB. cipherkey cryptographyC. public/private key cryptographyD. public key cryptography

Answer 9

A. private key cryptography

Question 10

A(n) __________ is not decrypted - but is only used for comparison purposes. A. stream B. hash C. algorithm D. key

Answer 10

B. hash

Question 11

Each of the following is a characteristic of a secure hash algorithm except ____________. A. collisions should be rareB. the results of a hash function should not be reversedC. the hash should always be the same fixed sizeD. a message cannot be produced from a predefined has A. collisions should be rare B. the results of a hash function should not be reversed C. the hash should always be the same fixed size D. a message cannot be produced from a predefined has

Answer 11

A. collisions should be rare

Question 12

A(n) __________ is not decrypted - but is only used for comparison purposes. A. stream B. hash C. algorithm D. key

Answer 12

B. encrypting and decrypting e-mail attachments

Question 13

___________ encrypts a hash with a shared secret key. A. Key_hashB. WEPC. MDRIPED. Hashed Message Authentication Code (HMAC) A. Key_hash B. WEP C. MDRIPE D. Hashed Message Authentication Code (HMAC)

Answer 13

D. Hashed Message Authentication Code (HMAC)

Question 14

Which of the following is a protection provided by hashing? A. AuthenticityB. ConfidentialityC. IntegrityD. Availability A. Authenticity B. Confidentiality C. Integrity D. Availability

Answer 14

C. Integrity

Question 15

__________ is a hash that uses two different and independent parallel chains of computation - the results of which are then combined at the end of the process. A. DESB. AESC. RC4D. RIPEMD A. DES B. AES C. RC4 D. RIPEMD

Answer 15

D. RIPEMD

Question 16

Which of the following is the strongest symmetric cryptographic algorithm? A. Advanced Encryption StandardB. Data Encryption StandardC. Triple Data Encryption StandardD. Rivest Cipher (RC) 1 A. Advanced Encryption Standard B. Data Encryption Standard C. Triple Data Encryption Standard D. Rivest Cipher (RC) 1

Answer 16

A. Advanced Encryption Standard

Question 17

If Bob want to send a secure message to Alice using an asymmetric cryptographic algorithm - the key he uses to encrypt the message is __________. A. Alice’s private keyB. Alice’s public keyC. Bob’s public keyD. Bob’s private key A. Alice’s private key B. Alice’s public key C. Bob’s public key D. Bob’s private key

Answer 17

B. Alice’s public key

Question 18

A digital signature can provide each of the following benefits except __________. A. prove the integrity of the messageB. verify the receiverC. verify the senderD. enforce nonrepudiation A. prove the integrity of the message B. verify the receiver C. verify the sender D. enforce nonrepudiation

Answer 18

B. verify the receiver

Question 19

Which of the following asymmetric cryptographic algorithms is the most secure? A. MEC-2B. RSAC. MD-17D. SHA-2 A. MEC-2 B. RSA C. MD-17 D. SHA-2

Answer 19

B. RSA

Question 20

Which of the following asymmetric encryption algorithms uses prime numbers? A. EFSB. Quantum computingC. ECCD. RSA A. EFS B. Quantum computing C. ECC D. RSA

Answer 20

D. RSA

Question 21

__________ uses lattice-based cryptography and may be more resistant to quantum computing attacks. A. NTRUEncryptB. ECCC. RC4D. SHA-512 A. NTRUEncrypt B. ECC C. RC4 D. SHA-512

Answer 21

A. NTRUEncrypt

Question 22

The Trusted Platform Module (TPM) __________. A. allows the user to boot a corrupted disk and repair it B. is only available on Windows computers running BitLocker C. includes a pseudorandom number generator (PRNG) D. provides cryptographic services in hardware instead of software

Answer 22

D. provides cryptographic services in hardware instead of software

Question 23

Which of the following has an onboard key generator and key storage facility - accelerated symmetric and asymmetric encryption - and can back up sensitive material in encrypted form? A. Trusted Platform Module (TPM) B. Self-encrypting hard disk drives (HDDs) C. Encrypted hardware-based USB devices D. Hardware Security Module (HSM)

Answer 23

D. Hardware Security Module (HSM)

Question 24

The Microsoft Windows LAN Manager hash ___________. A. is weaker than NTLMv2 B. is part of BitLocker C. is required to be present when using TPM D. is identical to MD-4

Answer 24

A. is weaker than NTLMv2

Question 25

A trust model with one CA that acts as a facilitator to interconnect all other CA’s.

Answer 25

Bridge Trust Model

Question 26

A trusted third-party agency that is responsible for issuing the digital certificates.

Answer 26

Certificate Authority (CA)

Question 27

A publicly accessible centralized directory that contains digital certificates that can be used to view the status of a digital certificate.

Answer 27

Certificate Repository (CR)

Question 28

A repository that lists revoked digital certificates.

Answer 28

Certificate Revocation List (CRL)

Question 29

A technology used to associate a user’s identity to a public key - in which the user’s public key is “digitally signed” by a trusted third-party.

Answer 29

Digital Certificate

Question 30

A type of trust model in which a relationship exists between two individuals because one person knows the other person.

Answer 30

Direct Trust

Question 31

A trust model that has multiple CA’s that sign digital certificates.

Answer 31

Distributed Trust Model

Question 32

A trust model that has a single hierarchy with one master CA.

Answer 32

Hierarchical Trust Model

Question 33

A secure version of HTTP sent over SSL/TLS.

Answer 33

Hypertext Transport Protocol Over Secure Sockets Layer (HTTPS)

Question 34

A set of protocols developed to support the secure exchange of packets.

Answer 34

IP Security (IPsec)

Question 35

A process in which keys are managed by a third party - such as a trusted CA called the root.

Answer 35

Key Escrow

Question 36

A highly trusted person responsible for recovering lost or damaged digital certificates.

Answer 36

Key Recovery Agent (KRA)

Question 37

A technique to recover a private key by distributing parts to different individuals.

Answer 37

M-of-N Control

Question 38

A framework for all of the entities involved in digital certificates for digital certificate management.

Answer 38

Public Key Infrastructure (PKI)

Question 39

A subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.

Answer 39

Registration Authority (RA)

Question 40

A UNIX-based command interface and protocol for securely accessing a remote computer.

Answer 40

Secure Shell (SSH)

Question 41

A protocol developed by Netscape for securely transmitting documents over the Internet that uses a private key to encrypt data.

Answer 41

Secure Sockets Layer (SSL)

Question 42

A trust model in which two individuals trust each other because each individually trusts a third-party.

Answer 42

Third-Party Trust

Question 43

A protocol that is an extension of SSL and guarantees privacy and data integrity between applications.

Answer 43

Transport Layer Security (TLS)

Question 44

The type of trusting relationship that can exists between individuals or entities.

Answer 44

Trust Model

Question 45

The most widely accepted format for digital certificates as defined by the International Telecommunication Union (ITU).

Answer 45

X.509

Question 46

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) ___________. A. digital signature B. encrypted signature C. hash D. digital certificate

Answer 46

D. digital certificate

Question 47

A digital certificate associates __________. A. a private key with a digital signature B. the user’s identity with their public key C. a user’s private key with the public key D. a user’s public key with their private key

Answer 47

B. the user’s identity with their public key

Question 48

Digital certificates can be used for each of the following except __________. A. to verify the authenticity of the Registration Authorizer B. to verify the identity of clients and servers on the Web C. to encrypt messages for secure e-mail communications D. to encrypt channels to provide secure communication between clients and servers

Answer 48

A. to verify the authenticity of the Registration Authorizer

Question 49

An entity that issues digital certificates is a ______________. A. Certificate Signatory (CS) B. Signature Authority (SA) C. Digital Signer (DS) D. Certificate Authority (CA)

Answer 49

D. Certificate Authority (CA)

Question 50

A centralized directory of digital certificates is called a(n) __________. A. Digital Signature Approval List (DSAP) B. Digital Signature Permitted Authorization (DSPA) C. Authorized Digital Signature (ADS) D. Certificate Repository (CR)

Answer 50

D. Certificate Repository (CR)

Question 51

Each of the following is a field of an X.509 certificate except __________. A. validity period B. CA expiration code C. serial number D. Signature

Answer 51

B. CA expiration code

Question 52

In order to ensure a secure cryptographic connection between a Web browser and a Web server - a(n) _________ would be used. A. e-mail Web certificate B. server digital certificate C. personal digital certificate D. Web digital certificate

Answer 52

B. server digital certificate

Question 53

A digital certificate that turns the address bar green is a(n) __________. A. X.509 certificate B. Advanced Web Server Certificate (AWSC) C. Extended Validation SSL Certificate D. Personal Web-Client Certificate

Answer 53

C. Extended Validation SSL Certificate

Question 54

The __________-party trust model supports CA. A. first B. second C. third D. fourth

Answer 54

C. third

Question 55

Public-key Cryptography Standards (PKCS) __________. A. are used to create public keys only B. define how hashing algorithms are created C. have been replaced by PKI D. are widely accepted in the industry

Answer 55

D. are widely accepted in the industry

Question 56

Each of the following is true regarding a hierarchical trust model except __________. A. it assigns a signal hierarchy with one master CA B. it is designed for use on a large scale C. the master CA is called the root D. the root signs all digital certificate authorities with a single key

Answer 56

B. it is designed for use on a large scale.

Question 57

Dual-sided digital certificates __________. A. are used in military and financial settings when it is necessary for the client to authenticate back to the server B. are the same as dual-key digital certificates C. are required under PKCS #1 D. require a special browser

Answer 57

A. are used in military and financial settings when it is necessary for the client to authenticate back to the server

Question 58

Which of the following is not where keys can be stored? A. in hashes B. on the user’s local system C. embedded in digital certificates D. in tokens

Answer 58

A. in hashes

Question 59

Public Key Infrastructure (PKI) __________. A. creates private key cryptography B. requires the use of an RA instead of a CA C. generates public/private keys automatically D. is the management of digital certificate

Answer 59

D. is the management of digital certificate

Question 60

A(n) __________ is a published set of rules that govern the operation of a PKI. A. certificate policy (CP) B. certificate practice statement (CPS) C. signature resource guide (SRG) D. enforcement certificate (EF)

Answer 60

A. certificate policy (CP)

Question 61

Which of the following is not part of the certificate life cycle? A. Authorization B. Creation C. Expiration D. Revocation

Answer 61

A. Authorization

Question 62

__________ refers to a situation in which keys are managed by a third party - such as a trusted CA. A. Remote key administration B. Trusted key authority C. Key authorization D. Key escrow

Answer 62

D. Key escrow

Question 63

__________ is a protocol for securely accessing a remote computer. A. Secure Shell (SSH) B. Secure Sockets Layer (SSL) C. Secure Hypertext Transport Protocol (SHTTP) D. Transport Layer Security (TLS)

Answer 63

A. Secure Shell (SSH)

Question 64

What is the cryptographic transport protocol that is used most often to secure Web transactions? A. SHTTP B. PPPTPoE C. HTTPS D. MD-17

Answer 64

C. HTTPS

Question 65

Which transport encryption algorithm is integrated as part of IPv6? A. IPsec B. SSH C. SSL/TLS D. RSA

Answer 65

A. IPsec

Question 66

The ability that provides tracking of events.

Answer 66

Accounting

Question 67

An item that has value.

Answer 67

Asset

Question 68

The act of ensuring that an individual or element is genuine.

Answer 68

Authorization

Question 69

The steps that ensure that the individual is who they claim to be.

Answer 69

Authentication

Question 70

Security actions that ensure that data is accessible to authorized users.

Answer 70

Availability

Question 71

The first state law that covers any state agency - person - or company that does business in California.

Answer 71

California’s Database Security Breach Notification Act (2003)

Question 72

Security actions that ensure only authorized parties can view the information.

Answer 72

Confidentiality

Question 73

Targeted attacks against financial networks - unauthorized access to information - and the theft of personal information.

Answer 73

Cybercrime

Question 74

A network of attackers - identity thieves - spammers - and financial fraudsters.

Answer 74

Cybercriminals

Question 75

A premeditated - politically motivated attack against information - computer systems - computer programs - and data that results in violence.

Answer 75

Cyberterrorism

Question 76

Attackers whose motivation may be defined as ideology - or attaching for the sake of their principles or beliefs.

Answer 76

Cyberterrorists

Question 77

The act of taking advantage of a vulnerability.

Answer 77

Exploiting

Question 78

A law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

Answer 78

Gramm-Leach-Bliley Act (GLBA)

Question 79

A term used to refer to a person who used advanced computer skills to attack computers.

Answer 79

Hacker

Question 80

A law designed to guard protected health information and implement policies and procedures to safeguard it.

Answer 80

Health Insurance Portability and Accountability Act (HIPAA)

Question 81

Stealing another person’s personal information - such as a Social Security number - and then using the information to impersonate the victim - generally for financial gain.

Answer 81

Identity Theft

Question 82

The tasks of securing information that is in a digital format.

Answer 82

Information Security

Question 83

Security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data.

Answer 83

Integrity

Question 84

The likelihood that a threat agent will exploit the vulnerability.

Answer 84

Risk

Question 85

A law designed to fight corporate corruption.

Answer 85

Sarbanes-Oxley Act (Sarbox)

Question 86

Individuals who want to break into computers to create damage - yet lack the knowledge of computers and networks needed to do so.

Answer 86

Script Kiddies

Question 87

A person who has been hired to break into a computer and steal information.

Answer 87

Spy

Question 88

A type of action that has the potential to cause harm.

Answer 88

Threat

Question 89

A person or element that has the power to carry out a threat.

Answer 89

Threat Agent

Question 90

A flaw or weakness that allows a threat agent to bypass security.

Answer 90

Vulnerability

Question 91

Each of the following is a reason it is difficult to defend against today’s attackers except __________. A. complexity of attack tools B. weak patch distribution C. greater sophistication of attacks D. delays in patching software products

Answer 91

A. complexity of attack tools

Question 92

In a general sense - “security” is __________. A. protection from only direct actions B. using reverse attack vectors (RAV) for protection C. only available on hardened computers and systems D. the necessary steps to protect a person or property from harm

Answer 92

D. the necessary steps to protect a person or property from harm

Question 93

__________ ensures that only authorized parties can view the information. A. confidentiality B. availability C. integrity D. authorization

Answer 93

A. confidentiality

Question 94

Each of the following is a successive layer in which information security is achieved except __________. A. products B. purposes C. procedures D. people

Answer 94

B. purposes

Question 95

By definition - a(n) __________ is a person or thing that has the power to carry out a threat. A. vulnerability B. exploit C. threat agent D. risk

Answer 95

C. threat agent

Question 96

__________ ensures that the individual is who they claim to be. A. authentication B. accounting C. access control D. certification

Answer 96

A. authentication

Question 97

Each of the following is a goal of information security except __________. A foil cyberterrosim B. avoid legal consequences C. decreases user productivity D. prevent data theft

Answer 97

C. decreases user productivity

Question 98

The __________ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it. A. Hospital Protection and Insurance Association Agreement (HPIAA) B. Sarbanes-Oxley Act (Sarbox) C. Gramm-Leach-Bliley Act (GLBA) D. Health Insurance Portability and Accountability Act (HIPAA)

Answer 98

D. Health Insurance Portability and Accountability Act (HIPAA)

Question 99

Utility companies - telecommunications - and financial services are considered prime targets of __________ because attackers can significantly disrupt business and personal activities by destroying a few targets. A. white hat hackers B. script kiddies C. computer spies D. cyberterrorists

Answer 99

D. cyberterrorists

Question 100

After an attacker has probed a network for information - the next step is to __________. A. penetrate any defenses B. paralyze networks and devices C. circulate to other systems D. modify security settings

Answer 100

A. penetrate any defenses