Additional Practice Flashcards
Which block cipher modes can be used to turn a block cipher into a stream cipher? Select two.
Electronic Code Book (ECB) mode
Propagating Cipher Block Chaining (PCBC) mode
Counter (CTR) mode
Output Feedback (OFB) mode
Counter (CTR) mode Output Feedback (OFB) mode
What are reasons certificates should have an expiration date? Select all that apply
Decreases attacker work factor
Decreases risk of compromise
To facilitate recovery from compromise
Creates forced opportunity for users to update certificate information
Decreases risk of compromise
To facilitate recovery from compromise
Creates forced opportunity for users to update certificate information
What phase of the certificate lifecycle does certificate expiration and certificate renewal reside in? Setup and Initialization Phase Administrative Phase Cancelation and History Phase Update and Patch Vulnerabilities Phase
Cancelation and History Phase
The basic premise of the birthday paradox involves knowing the number of people you would need in a room to have \_\_\_\_\_ of two people being born on the same month and day. a guarantee weak probability strong likelihood least chances
strong likelihood
The birthday paradox concept is employed in the birthday attack on hashes in effort to identify \_\_\_\_\_ of a given hash. the number of bits the number of bytes a collision a coefficient
a collision
In applying the birthday paradox, with a room containing 23 people, what is the likelihood two of those 23 people were born on the same month and day?
Guaranteed (100% likelihood)
Not likely (0% likelihood)
Fifty-fifty (50% likelihood)
Equal to the number of people (23% likelihood)
Fifty-fifty (50% likelihood)
What is the basic path for certificate requests from a user?
User Registration Authority Certificate Authority
User Certificate Authority Registration Authority
User Certificate Authority
User Subordinate Registration Authority
User Registration Authority Certificate Authority
Which National Security Agency (NSA) type is Skipjack classified as? Type 1 Type 2 Type 3 Type 4
Type 2
Which German Federal Office for Information Security (BSI) criteria for random number generators states it should be impossible for any attacker to calculate, or otherwise guess, from any given subsequence, any previous or future values in the sequence? K4 K3 K2 K1
K3
A \_\_\_\_\_\_\_\_\_ adds a key to a hash to improve integrity. Compliment Hash Message Authentication Code (HMAC) Crypto sync Hash Managed Algorithm (HMA)
Hash Message Authentication Code (HMAC)
Of the choices below, which entails an attacker discovering a functionally equivalent algorithm for encryption and decryption, but without learning the key in cryptanalysis? Total break Total Deduction Global Deduction Global break
Global Deduction
Of the choices below, select the ones that are prime numbers. Select Two 71 72 73 74
71
73
Of the choices below, select the ones that are included in an X.509 certificate. Version Certificate holder key pair Serial number Digital Signature of issuer
Version
Serial number
Digital Signature of issuer
Which class of digital certificate is issued to individual subscribers with primary intended use for email? Class 1 Class 2 Class 3 Class 4
Class 1
Which class of digital certificate is issued for online business transactions between companies? Class 1 Class 2 Class 3 Class 4
Class 4
From the list below, select the protocol pairs most closely associated with L2TP. PAP & POP CHAP & POP L2F & PPTP L3F & PAP
L2F & PPTP
Apply the following multi-alphabet substitution cipher to the below letter string to decrypt an important message from your course instructor.
Cipher: (-2-1+5)
Encoded Text: UUVA GJEVNGE
Answer: STAY FOCUSED
Apply the ROT13 cipher to the below letter string to decrypt it
Cipher: ROT13
Encoded text: NAQ LBH JVYY
Answer: AND YOU WILL
Apply the Atbash cipher to the below letter string
Cipher: Atbash
Encoded text: HFXXVVW
Answer: SUCCEED
Which German Federal Office for Information Security (BSI) criteria for random number generators states it should be impossible for an attacker to calculate, or guess from an inner state of the generator, any previous numbers in the sequence or any previous inner generator states? K4 K3 K2 K1
K4
What component within public key infrastructure acts as a proxy between a user and the certificate authority (CA) by performing authentication of a certificate received from the user before forwarding it to the actual CA? Verification Authority Revocation Authority Registration Authority Certification Authority
Registration Authority
Which National Security Agency cryptography suite is publicly available? Suite A Suite B Suite P Suite PA
Suite B
Of the following National Security Agency algorithm types, which is used for the highest security and classification applications? Type 1 Type 2 Type 3 Type 4
Type 1
The Skipjack algorithm is categorized as a Type \_\_\_\_\_\_\_ National Security Agency cryptographic algorithm. Type 1 Type 2 Type 3 Type 4
Type 2
DES and 3DES are both categorized as Type \_\_\_\_\_\_\_ National Security Agency cryptographic algorithms. Type 1 Type 2 Type 3 Type 4
Type 3
What term from the list below best describes a data concealment method for covert communication that makes use of LSB replacement? Cryptanalysis Steganalysis Steganography Whitening
Steganography
Modulus Operator Math. Solve the following: 12 % 5 =
2
Symmetric encryption is expressed mathematically as: C = E(k,p) P = D(k,c) Me % n y2 = x3 + Ax + B
C = E(k,p)
Hash Name
- TIGER
- SHA256
- FORK256
- SHA1
- GOST
- MD5
- RIPEMD-160
Matched Answer \_\_\_\_ \_\_\_\_ \_\_\_\_ \_\_\_\_ \_\_\_\_ \_\_\_\_ \_\_\_\_
Choice A. 16 bit B. 32 bit C. 64 bit D. 128 bit E. 160 bit F. 192 bit G. 256 bit
Hash Name
- TIGER
- SHA256
- FORK256
- SHA1
- GOST
- MD5
- RIPEMD-160
Matched Answer \_\_F\_\_ \_\_G\_\_ \_\_G\_\_ \_\_E\_\_ _ G\_\_ \_\_D\_\_ \_\_E\_\_
Choice A. 16 bit B. 32 bit C. 64 bit D. 128 bit E. 160 bit F. 192 bit G. 256 bit
Cipher Name
- AES ____
- IDEA ____
- DES ____
- Blowfish ____
- Twofish ____
- Skipjack ____
- Serpent ____
Attribute A. 64 bit blocks; 56 bit key B. 64 bit blocks; 32-448 bit key C. 64 bit blocks; 80 bit key D. 64 bit blocks; 128 bit key E. 128 bit blocks; 128, 192 or 256 bit key F. 128 bit blocks; 1-256 bit key G. 26 bit blocks; 64 bit key
Cipher Name
- AES __E__
- IDEA __D__
- DES __A__
- Blowfish __B__
- Twofish __F__
- Skipjack __C__
- Serpent __E__
Attribute A. 64 bit blocks; 56 bit key B. 64 bit blocks; 32-448 bit key C. 64 bit blocks; 80 bit key D. 64 bit blocks; 128 bit key E. 128 bit blocks; 128, 192 or 256 bit key F. 128 bit blocks; 1-256 bit key G. 26 bit blocks; 64 bit key
Identify and select the asymmetric encryption algorithms from the list below. (Select 3).
RSA MD5 ECC RIPEMD-160 IDEA AES DSA OFB
RSA
ECC
DSA
Identify and select the symmetric stream ciphers from the list below. (Select 3).
DES Blowfish FISH RC4 ECC GOST PIKE AES
FISH
RC4
PIKE
Identify and select the hash algorithms from the list below. (Select 4). AES DH FORK256 RC4 MD5 GOST PIKE RIPEMD-160
FORK256
MD5
GOST
RIPEMD-160
Identify and select three viable options for key exchange from the list below.
RSA MD5 ECDH RIPEMD-160 DH AES SHA256 MQV
ECDH
DH
MQV
Identify and select the 32-round symmetric block ciphers from the list below. (Select two.
RSA DSA Skipjack Serpent DH AES Blowfish DES
Skipjack
Serpent
Which asymmetric encryption algorithm leverages characteristics of prime numbers and utilizes variable key lengths (1024-4096)? DSA ECC RSA Serpent
RSA
Which equation below represents the encryption process for RSA? C = E(k,p) P = D(k,c) Me % n y2 = x3 + Ax + B
Me % n
How many rounds are used in AES encryption? 8, 10, or 12 10, 12, or 14 32 16
10, 12, or 14
Of the two processes used in symmetric key cryptography, which involves XORing the plaintext message with the key? Transposition Initialization Clustering Substitution
Substitution
Of the two processes used in symmetric key cryptography, which involves swapping blocks of the text? Transposition Initialization Clustering Substitution
Transposition
An instance where two different pieces of data are hashed separately, but both result in a single identical hash value is described by what term? Collision Clustering Evolution Polybius
Collision
The \_\_\_\_\_ function of RSA allows RSA to be used for both encryption and digital signatures. Initialization vector Trapdoor Block chaining MD5
Trapdoor
Symmetric decryption is expressed mathematically as: C = E(k,p) P = D(k,c) Me % n y2 = x3 + Ax + B
P = D(k,c)
Instances where a change in in one bit in the plaintext would affect all the bits of the ciphertext is best described by what term?
Avalanche
Diffusion
Avalanche
Instances where a change in in one bit in the plaintext would affect multiple characters in the ciphertext is best described by what term?
Confusion
Diffusion
Diffusion
What is the standard for digital certificates? RFC 3526 DSA FIPS 197 X.509
X.509
If timeliness is a priority factor for checking revocation status, which option from the list below would you prefer and why?
CRL, because it facilitates verifying certificates in real time
OCSP, because it facilitates verifying certificates in real time
OCSP, because it facilitates verifying certificates in real time
When looking for an encryption scheme where speed is of utmost importance, which would you prefer from the list below?
Symmetric
Asymmetric
Symmetric
When looking for an encryption solution for the data on your computer where full disk encryption is of utmost importance, which would you select from the list below?
Bitlocker
EFS
Bitlocker
What Federal Information Processing Standard pertains to DSA and described in U.S. Patent 5,231,668? FIPS 197 FIPS 186 FIPS 180-4 FIPS 179
FIPS 186
What Federal Information Processing Standard pertains to AES? FIPS 197 FIPS 196 FIPS 180-4 FIPS 179
FIPS 197
From the list below, which two symmetric block encryption modes turn block ciphers into stream ciphers? OFB CTR ECB RC4
OFB
CTR
With which encryption type would you mostly likely need an accompanying key exchange solution for?
Asymmetric
Symmetric
Symmetric
What term from the list below best represents “one-way” encryption i.e. not reversible? Salt Symmetric DES Hash
Hash
Which equation below is associated with Elliptic Curve? C = E(k,p) P = D(k,c) Me % n y2 = x3 + Ax + B
y2 = x3 + Ax + B
From the terms below, which are associated with encryption using two keys? (Select 3)
Asymmetric Symmetric DES RSA SHA-2 AES DSA Twofish
Asymmetric
RSA
DSA
If you are sending an encrypted message to a colleague using symmetric encryption, of the choices below, (1) which key would you use to encrypt the message, and (2) which key would your colleague use to decrypt the message?
(1) your colleague’s public key, (2) your colleague’s private key
(1) your public key, (2) your private key
(1) your private key, (2) your private key
(1) your colleague’s private key, (2) your public key
(1) your private key, (2) your private key
If you are sending an encrypted message to a colleague using asymmetric encryption, of the choices below, (1) which key would you use to encrypt the message, and (2) which key would your colleague use to decrypt the message?
(1) your colleague’s public key, (2) your colleague’s private key
(1) your public key, (2) your private key
(1) your private key, (2) your private key
(1) your colleague’s private key, (2) your public key
(1) your colleague’s public key, (2) your colleague’s private key
From the list below, what term best describes an arbitrary, random or pseudo-random number used only once in cryptographic communication and is then discarded? Key Algorithm Round Nonce
Nonce
What term below best describes an attack in which the attacker only has access to the ciphertext of a message? Chosen ciphertext Ciphertext only Known plaintext Plaintext only
Ciphertext only
According to Kerchoff’s Principle, a cryptosystem will remain secure so long as which component of it is not publicly known? Key Decryption Algorithm Ciphertext Encryption Algorithm
Key
What technique should be used in conjunction with substitution to break up letter/word frequency and aid in combatting frequency analysis attacks? Decoding Hashing Signing Transposition
Transposition
What trusted entity associated with certificate management is responsible for issuing, revoking, and managing digital certificates? Certification Authority Registration Authority Certificate Authority Key Distribution Center
Certificate Authority
What symmetric cipher was developed for use in the clipper chip? Skipjack Twofish Blowfish DSA
Skipjack
Which term from the list below best describes a number that only shares the number 1 as a common factor with another? Prime Co-Prime Rational Reciprocal
Co-Prime
What is the binary XOR result the following number sets 10011011 & 11111110? 10011010 01100101 11111111 00000000
01100101
The Feistel Network used in symmetric block encryption entails the splitting of a block of plaintext prior to the application of respective encryption round and XOR functions. Which cipher from the list below is an “unbalanced” Feistel cipher (i.e. blocks of plaintext are split into unequal parts)? RC4 Skipjack PIKE TIGER
Skipjack
From the list below, which term is best described as a fixed-size, random stream, that is added to a block cipher to increase randomness? Feistel Initialization Vector Session Key Induction Vector
Initialization Vector
From the list below, which term is best described as random bits added to a password hash to help with safeguarding passwords in storage? Nonce Salt IV Rounds
Salt
The Advanced Encryption Standard is a subset of which algorithm? Lucifer Kasiski Fibonacci Rijndael
Rijndael
Which software-based stream cipher uses a lagged Fibonacci generator? GOST FISH Blowfish Twofish
FISH
Which of the following is true of hash encryption?
Requires a fixed length input and produces a different fixed length output
Requires a fixed length input and produces a variable length output
Accepts a variable length input and produces a fixed length output
Accepts a variable length input and produces a different variable length output
Accepts a variable length input and produces a fixed length output
What are the two types of symmetric encryption? Block Strong Fixed Stream
Block
Stream
Which WiFI encryption standard is based on 802.11i and uses AES with CCMP to provide for enhanced confidentiality, integrity and authentication? WPA WEP WPA-2 Bluetooth
WPA-2
What is the binary OR result the following number sets 10011011 & 11111110? 10011010 01100101 11111111 00000000
11111111
What type of cryptanalysis involves the examination of differences in an input and how that affects the resultant difference in output? Hypothesis cryptanalysis Linear cryptanalysis Pseudo-random cryptanalysis Differential cryptanalysis
Differential cryptanalysis
Identify and select the mono-alphabetic ciphers from the list below. (Select 4)
Vigenere Atbash Ceasar Scytale ENIGMA Disk cipher ROT-13 ADFGVX
Atbash
Ceasar
Scytale
ROT-13
Which cipher entails using a rod of a certain length to create/encrypt a message, and the requiring the message recipient to use an identical sized rod to read/decrypt the message? Scytale Atbash Playfair PIKE
Scytale
Which cipher makes use of a 5x5 table containing a keyword or key phrase and encrypts pairs of letters or digraphs? Scytale Playfair Caesar Atbash
Playfair
Which term from the list below represents the entire cryptographic operation i.e. the algorithm, key, and key management functions? Cryptography Cryptanalysis Cryptology Cryptosystem
Cryptosystem
Which term from the list below represents the total number of possible values of keys in a cryptographic algorithm or other security measure? Key negotiation Key space Cryptovariable Initialization vector
Key space
What term from the list below best describes a number whose factors are 1 and itself? Prime Co-Prime Rational Pseudo-random
Prime
From the list below, what term describes a mechanism used to create number streams with random properties? Examples include Lagged Fibonacci and Mersenne Twister. Modulus Operator Hash Algorithm Crypto randomizer Pseudo-random number generator
Pseudo-random number generator
Term
- Ticket ____
- TGS ____
- KDC ____
- TGT ____
- AS ____
Choices
A. Server that provides the initial ticket
B. Used to authenticate. Contains the identity of the client, the session key, timestamp, and checksum
C. Server that authorizes the principal and connects them to the ticket granting server
D. Issues tickets
E. The ticket that is granted during the authentication process
- Ticket __B__
- TGS __D__
- KDC __A__
- TGT __E__
- AS __C__
Choices
A. Server that provides the initial ticket
B. Used to authenticate. Contains the identity of the client, the session key, timestamp, and checksum
C. Server that authorizes the principal and connects them to the ticket granting server
D. Issues tickets
E. The ticket that is granted during the authentication process
Wifi attribute matching Term 1. WEP \_\_\_\_\_ 2. WPA \_\_\_\_\_ 3. WPA-2 \_\_\_\_\_ 4. WPA-2 Enterprise \_\_\_\_\_
Choices
A. 802.11i, uses AES with CCMP
B. Replaces RC4 with TKIP
C. Uses RC4, employs a 40-bit key with a 24-bit IV
D. WPA-802.1x, requires RADUIS, employs EAP for authentication
Wifi attribute matching Term 1. WEP \_\_C\_\_\_ 2. WPA \_\_B\_\_\_ 3. WPA-2 \_\_A\_\_\_ 4. WPA-2 Enterprise \_\_D\_\_\_
Choices
A. 802.11i, uses AES with CCMP
B. Replaces RC4 with TKIP
C. Uses RC4, employs a 40-bit key with a 24-bit IV
D. WPA-802.1x, requires RADUIS, employs EAP for authentication
What term below best describes an attack in which the attacker obtains ciphertext corresponding to a set of plaintexts to use in an attempt to derive the key used? Chosen plaintext Ciphertext only Known plaintext Plaintext only
Chosen plaintext
What are the four general steps involved with AES? Rounds Initial round Final round Hash session Negotiation Key expansion Reversal Whitening
Rounds
Initial round
Final round
Key expansion
To be suitable for cryptography, what German Federal Office for Information Security (BSI) criteria level (s) should a PRNG meet? K1 K2 K3 K4
K3
K4
Modulus Operator Math. Solve the following: 7 mod 4 = \_\_\_\_ 28 1 3 0.5
3
Which block cipher below uses a block size of 128 bits and key sizes up to 256 bits? DES Blowfish Twofish Tiger
Twofish
\_\_\_\_\_\_ is an algorithm that generates PRNG outputs and employs a reseed mechanism to reseed the key periodically with new entries from one of the two entropy pool employed. Lehmer Yarrow Blum Blum Shub Naor-Reingold
Yarrow
Shawn plans employ asymmetric encryption to send a digitally signed message to Sue. Shawn will encrypt the message with Sue’s public key. Which key will Shawn use to sign the message? Sue’s private key Shawn’s private key Sue’s public key Shawn’s public key
Shawn’s private key
Shawn has employed asymmetric encryption to send a digitally signed message to Sue. Shawn used Sue’s public key to encrypt the message. Which key will Sue use to verify the signature? Sue’s private key Shawn’s private key Sue’s public key Shawn’s public key
Shawn’s public key
Shawn has employed PKI to send a digitally signed message to Sue. Shawn used Sue’s public key to encrypt the message. Which key will Sue use to decrypt the message? Sue’s private key Shawn’s private key Sue’s public key Shawn’s public key
Sue’s private key
Decrypt is to encrypt as verify is to \_\_\_\_\_\_\_\_. Salt Initialize Sign PKI
Sign
An instance where different encryption keys generate the same ciphertext from the same plaintext message is described by what term? Columnar rotation Columnar substitution Collision Clustering
Clustering
Knowledge of the factorization of the trapdoor information in RSA computations, allows you to be able to \_\_\_\_\_ the function. Invert Finalize Lock Sign
Invert
With regard to cryptanalysis efforts, what is uncovering the actual key considered? Information Deduction Global Deduction Total Break Inference Crack
Total Break
Sequence the below basic steps of the Kerberos process in order from first (1) to last (6).
__The authentication server authenticates the user and issues a ticket-granting ticket
__ The user presents the resource ticket to the resource
__ The user sends credentials to the authentication server
__ The user is authorized to access the resource
__ The resource verifies the resource ticket with the ticket granting server
__ The user’s computer presents the ticket granting ticket to the ticket granting server when the user wants to access a network resource. The TGS will use the AS to authenticate that ticket. If it is authentic, then a specific resource ticket and a session key are issued and sent to the user’s computer
Sequence the below basic steps of the Kerberos process in order from first (1) to last (6).
_2_The authentication server authenticates the user and issues a ticket-granting ticket
4 The user presents the resource ticket to the resource
1 The user sends credentials to the authentication server
6 The user is authorized to access the resource
5 The resource verifies the resource ticket with the ticket granting server
3 The user’s computer presents the ticket granting ticket to the ticket granting server when the user wants to access a network resource. The TGS will use the AS to authenticate that ticket. If it is authentic, then a specific resource ticket and a session key are issued and sent to the user’s computer
Variations of an algorithm’s key that are applied in each individual round of encryption are referred to as what? Select Two Round keys Manipulatives Subkeys PRNGs
Round keys
Subkeys
A \_\_\_\_\_\_\_\_\_ is an algorithm, that given the key, calculates the subkeys for individual rounds of encryption. Key schedule PRNG SubByte Byte Schedule
Key schedule
Which FIPS publication specifies personal identity verification? FIPS 200 FIPS 199 FIPS 140 FIPS 201
FIPS 201
Which Kerberos component contains the identity of the client, session key, timestamp, and checksum and is used to authenticate to the server? Ticket Ticket Granting Server Key Distribution Center Authenticator
Ticket
What system is considered to be the only unbreakable encryption? Enigma Caesar One-time Pad MD5
One-time Pad
A major weakness in the\_\_\_\_\_\_\_\_\_ block cipher mode is that a given string of plaintext always equals the same cipher text. Electronic Code Book (ECB) Counter (CTR) Output Feedback (OFB) Public Key Infrastructure (PKI)
Electronic Code Book (ECB)