CH 13 - Cryptography

Question 1

With a rotation of 4,
what does erwaiv decrypt to?

A. waive
B. wave
C. answer
D. decrypt

Answer 1

C.
answer

Question 2

What do you call a message before it is encrypted?

A. Text
B. Plain text
C. Bare words
D. Bare text

Answer 2

B.
Plain text

Question 3

What does PGP use to verify identity?

A. Central authority
B. Web of users
C. Web of trust
D. Central trust authority

Answer 3

C.
Web of trust

Question 4

What principle is used to demonstrate that a signed message came from the owner of the key that signed it?

A. Nonrepudiation
B. Nonverifiability
C. Integrity
D. Authority

Answer 4

A.
Nonrepudiation

Question 5

What is Diffie‐Hellman used for?

A. Key management
B. Key isolation
C. Key exchange
D. Key revocation

Answer 5

C.
Key exchange

Question 6

How did 3DES improve on DES?

A. Made the key longer
B. Used two keys
C. Changed algorithms
D. Used three keys

Answer 6

D.
Used three keys

Question 7

What improvement does elliptic curve cryptography make?

A. Smaller keys improve speed
B. Algorithm is more complex
C. Doesn’t use factoring, which is better
D. Longer keys

Answer 7

A.
Smaller keys improve speed

Question 8

What is it called when two different data sets yield the same cryptographic hash?

A. Paradox
B. Collision
C. Crash
D. Unrealistic

Answer 8

B.
Collision

Question 9

Which of the following terms can be used in a description of asymmetric key encryption?

A. Defined key
B. Multifactor
C. Public key
D. Single factor

Answer 9

C.
Public key

Question 10

If Alice were to send an email to Bob, what key would she use to encrypt the message?

A. PGP key
B. Private key
C. Public key
D. Symmetric key

Answer 10

C.
Public key

Question 11

What property allows you to trust someone trusted by a certificate authority you trust?

A. Commutative property
B. Associative property
C. Communicative property
D. Transitive property

Answer 11

D.
Transitive property

Question 12

Why is symmetric key encryption typically used over asymmetric key encryption?

A. It’s faster.
B. It’s more secure.
C. It’s easier to implement.
D. It isn’t encumbered with patents.

Answer 12

A.
It’s faster.

Question 13

What is it called when both symmetric and asymmetric keys are used?

A. Fast cryptosystem
B. Hybrid cryptosystem
C. Super‐symmetric cryptosystem
D. Dual key cryptosystem

Answer 13

B.
Hybrid cryptosystem

Question 14

What is MD5 or SHA‐1 commonly used for in cryptography?

A. Media access control (MAC)
B. Machine authentication code (MAC)
C. Message access code (MAC)
D. Message authentication code (MAC)

Answer 14

D.
Message authentication code (MAC)

Question 15

What type of encryption does PGP use?

A. Null key
B. Asymmetric key
C. Trusted key
D. Web key

Answer 15

B.
Asymmetric key

Question 16

What tool would you use to identify ciphersuites in use on a web server?

A. Hydra
B. sslscan
C. tlsscan
D. cipherscan

Answer 16

B.
sslscan

Question 17

How does AES protect against related‐key attacks?

A. Longer key lengths
B. Better initialization vectors
C. Implementation doesn’t allow related keys
D. Upgrading to AES‐2

Answer 17

C.
Implementation doesn’t allow related keys

Question 18

What is one advantage of using a certificate authority?

A. Trusted third party doing validation
B. A certificate authority is faster
C. Stronger keys are offered
D. They support more cipher suites

Answer 18

A.
Trusted third party doing validation

Question 19

How does a certificate authority keep a list of valid certificates up‐to‐date?

A. Periodic CA update
B. Hashing the list
C. Re‐validating identities
D. Certificate revocation lists

Answer 19

D.
Certificate revocation lists

Question 20

What security property suggests that an email signed by an individual’s key must have come from that person?

A. Confidentiality
B. Integrity
C. Availability
D. Nonrepudiation

Answer 20

D.
Nonrepudiation