5) Cryptography

Question 1

The act of scrambling plain text into cyphertext.

Answer 1

Encryption

Question 2

(T/F) A strong hash function is designed so that a message cannot be forged that will result in the same hash as a legitimate message.

Answer 2

True

Question 3

An encryption cipher that uses the same key to encrypt and decrypt.

Answer 3

Symmetric key

Question 4

(T/F) Hashes provide confidentiality and integrity.

Answer 4

False

Hashes only provide integrity.

Question 5

An algorithm used for cryptographic purposes.

Answer 5

Cipher

Question 6

___ corroborates the identity of an entity, whether it is the sender, the sender’s computer, some device, or some information.

Answer 6

Authentication

Question 7

The science of keeping information secure.

Answer 7

Cryptography

Question 8

The science of breaking through the encryption used to create the cyphertext.

Answer 8

Cryptanalysis

Question 9

The overarching field of study that covers cryptography and cryptanalysis.

Answer 9

Cryptology

Question 10

The specifics of the process used to encrypt the plaintext or decrypt the ciphertext.

Answer 10

Cryptographic algorithm

Question 11

Another name for unencrypted data.

Answer 11

Plaintext (cleartext)

Question 12

Another name for encrypted data.

Answer 12

Ciphertext

Question 13

An example of ancient cryptography based on transposition and involving the shifting of each letter of the plaintext message by a certain number of letters, historically three.

Answer 13

Caesar cipher

Question 14

This more recent cipher uses the same mechanism as the Caesar cipher but moves each letter 13 places forward.

Answer 14

ROT13 cipher

Question 15

Also known as private key cryptography, this uses a single key for both encryption of the plaintext and decryption of the ciphertext.

Answer 15

Symmetric key cryptography

Question 16

A type of cipher that takes a predetermined number of bits in the plaintext message (commonly 64 bits) and encrypts that block.

Answer 16

Block cipher

Question 17

A type of cipher that encrypts each bit in the plaintext message, 1 bit at a time.

Answer 17

Stream cipher

Question 18

A set of symmetric block ciphers endorsed by the US government through NIST. Shares the same block modes that DES uses and also includes other modes such as XEX-based TCB mode.

Answer 18

AES

Question 19

AES shares the same block modes that DES uses and also includes other modes such as XEX-based TCB mode. What does TCB stand for?

Answer 19

Tweaked CodeBook

Question 20

Also known as public key cryptography, this method uses two keys: a public key and a private key.

Answer 20

Asymmetric key cryptography

Question 21

Uses the RSA algorithm, an asymmetric algorithm, to secure web and email traffic.

Answer 21

SSL protocol

Question 22

SSL protocol uses the RSA algorithm to secure web and email traffic. What does SSL stand for?

Answer 22

Secure Sockets Layer

Question 23

Also referred to as message digests, these functions do not use a key.

Answer 23

Hash functions

Question 24

These provide integrity (but not confidentiality) and are used to determine whether the message has changed.

Answer 24

Hashes

Question 25

A method of securing a message that involves generating a hash and encrypting it using a private key.

Answer 25

Digital signature

Question 26

Created to link a public key to a particular individual; used as a form of electronic identification for that person.

Answer 26

Certificate

Question 27

A trusted entity that handles digital certificates.

Answer 27

CA

Question 28

A CA is a trusted entity that handles digital certificates. What does CA stand for?

Answer 28

Certificate authority

Question 29

Infrastructure that includes the CAs that issue and verify certificates and the RAs that verify the identity of the individuals associated with the certificates.

Answer 29

PKI

Question 30

PKI includes the CAs that issue and verify certificates and the RAs that verify the identity of the individuals associated with the certificates. What does PKI stand for?

Answer 30

Public key infrastucture

Question 31

PKI includes the CAs that issue and verify certificates and the RAs that verify the identity of the individuals associated with the certificates. What does RA stand for?

Answer 31

Registration authorities

Question 32

A public list that holds all the revoked certificates for a certain period of time.

Answer 32

CRL

Question 33

A CRL is a public list that holds all the revoked certificates for a certain period of time. What does CRL stand for?

Answer 33

Certificate revocation list

Question 34

Data that is on a storage device of some kind and is not moving.

Answer 34

Data at rest

Question 35

Data that is moving over a WAN, LAN, wireless network, over the internet, or in other ways.

Answer 35

Data in motion

Question 36

This type of data is protected using data security (encryption) and physical security.

Answer 36

Data at rest

Question 37

This type of data is best protected by protecting the data itself (using SSL/TLS) and protecting the connection (using IPsec/SSL VPN).

Answer 37

Data in motion

Question 38

This type of data is the hardest to protect.

Answer 38

Data in use

Question 39

A subset of cryptography that refers specifically to the transformation of unencrypted data into its encrypted form.

Answer 39

Encryption

Question 40

The process of recovering the plaintext message from the cipher text.

Answer 40

Decryption

Question 41

The science of breaking through encryption.

Answer 41

Cryptanalysis

Question 42

Hashes provide ___, but not ___.

Answer 42

integrity & confidentiality

Question 43

Shovels and Shingles is a small construction company consisting of 12 computers that have Internet access. The company is concerned that a wily, computer-savvy competitor will send e-mail messages pretending to be from Shovels and Shingles to its customers, in an attempt to gather customer information. What encryption solution best prevents a competitor from successfully impersonating the company?

Answer 43

Digital signatures

Question 44

Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly Web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implement a solution that secures all browser connections to the Web servers. What encryption solution best meets this company's needs?

Answer 44

ECC

Question 45

Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly Web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implements a solution that secures all browser connections to the Web servers. ECC best meets this company's needs. What does ECC stand for?

Answer 45

Elliptic Curve Cryptography

Question 46

We are somewhat limited in out ability to protect which type of data?

Answer 46

Data in use