7 - Cryptography and the Public Key Infrastructure

Question 1

Mike is sending David an encrypted message using a symmetric encryption algorithm. What key should he use to encrypt his message? His own? David’s? A shared key? Public or private?

Answer 1

Shared Secret Key

Question 2

Alan’s team needs to commute using PII data packets, but he doesn’t need access to the underlying data. What tech can the team use to perform these calculations without accessing the data itself?

Answer 2

Homomorphic Encryption

Question 3

Norm is using full-disk encryption tech to protect the contents of laptops against theft. What goal of cryptography is he attempting to achieve?

Answer 3

Confidentiality

Question 4

Brian discovers that a user suspected of stealing info is posting many image files to a message board. What technique might the individual be using to hide the info in those images?

Answer 4

Steganography

Question 5

True or False: ALL types of cryptographic keys should be kept secret.

Answer 5

False: Public keys used in asymmetric cryptography can be freely shared (and should be utilized to their fullest extent).

Question 6

What type of cipher operates on one character of text at a time?

Answer 6

Stream Cypher

Question 7

Vince is choosing a symmetric encryption algorithm for use in his org. He would like to choose the strongest algorithm on the market today. What algorithm will he choose?

Answer 7

Advanced Encryption Standard or AES

[it’s the latest and greatest]

Question 8

Kevin is configuring a web server to use digital certificates. What tech can he use to allow clients to quickly verify the status of that digital certificate without contacting a remote server?

Answer 8

The Online Certificate Status Protocol (OCSP) can be accessed to verify info

Question 9

What type of digital certificate provides the greatest level of assurance that the certificate owner is who they claim to be?

Answer 9

Extended Validation (EV)

Question 10

Which server is almost always offline in a large PKI deployment?

Answer 10

Root Certificate Authorities (CA)

Question 11

What certificate format is closely associated with Windows binary certificate files?

Answer 11

Personal Exchange Format (PFX) Files

Question 12

What type of security solution provides a hardware platform for the storage and management of encryption keys?

Answer 12

Hardware Security Modules (HSM)

Question 13

what type of cryptographic attack attempts to force a user to reduce the level of encryption that they use to communicate with a remote server?

Answer 13

Downgrade Attack

Question 14

David would like to send Mike a message using an asymmetric encryption algorithm. What key should he use to encrypt the message?

Answer 14

Mike’s Public Key

Question 15

When Mike receives a message that David encrypted for him, what key should he use to decrypt the message?

Answer 15

Mike’s Private Key