Chapter 1 - 10

Question 1

Derek, a security professional, wants to embed hidden data within a carrier file like an image or video which can later be extracted. What will he use?

Answer 1

Steganography

Question 2

Which of the following statements are true of Online Certificate Status Protocol and certificate revocation list?

Answer 2

OSCP Checks certificate status in realt ime
CRL allows the authenticity of a certificate to be immediately verified
The main limitation of CRL is the fact that updates must be frequently downloaded to keep the list current

Question 3

What are the cryptographic goals?

Answer 3

Confidentiality
Integrity
Availability

Question 4

A junior administrator at a sister company called to report a possible exposed key that is used for PKI transactions. The administrator would like to know easiest way to check whether the lost key has been flagged by the system. What are you going to recommend to the administrator?

Answer 4

OCSP

Online Certificate Status Protocol

Question 5

You’ve discovered that an expired certificate is being used to repeatedly to gain login privileges. To what list should the certificate have been added?

Answer 5

CRL

Certificate Revocation List

Question 6

Which of the following is a digitized, decentralized, publicly used ledger of all cryptocurrency transtions?

Answer 6

Blockchain

Question 7

What is used for legal purposes and identifies ownership or copyright of material?

Answer 7

Watermarking

Question 8

A junior administrator comes to you in a panic after seeing the cost of certificates. Should would like to know if there is a way to get one certificate to cover all domains and subdomains for the organization. What solution can you offer?

Answer 8

Wildcard Certificate

Question 9

Juan, a security engineer, increased the security of an organization’s VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions . What can be configured to meet this requirement?

Answer 9

PRNG

Pseudorandom number generator

Question 10

Your team member has asked you to name a common form of digital certificate. What will you advise?

Answer 10

X.509

Question 11

Which of the following is a determinisitic algorithm to generate a sequence of number with little or no discernible pattern in the numbers, apart from broad statistical properties?

Answer 11

PRNG

Pseudorandom number generator

Question 12

What is the correct term for when two different files are hashed and result in the same output?

Answer 12

Collision

Question 13

Marie is concerned about outside parties attempting to access her company’s network viz the wireless connection. Where should she place the WAP?

Answer 13

Centrally in the building

Question 14

Juan has requested some specific files stored on the organization storage network containing data which is not protected by the patent law, but is classified as trade secret encrypted with a block cipher. What algorithm satisfies the request?

Answer 14

Blowfish

Question 15

What ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the (long-term) private key is compromised in the future?

Answer 15

PFS

Perfect Forward Secrecy

Question 16

You have just completed a port scan of devices in the DMZ and have discovered that port 5800/5801 is open on one of the devices. Which service typically uses these ports?

Answer 16

VNC

Question 17

Which of the following would properly describe a system that uses a symmetric key distributed by an asymmetric process?

Answer 17

Hybrid Encryption

Question 18

A co-worker is concerned about the veracity of a claim because the sender of an email denies sending it. The co-worker wants a way to prove the authenticity of an email. What would you recommend?

Answer 18

Digital Signature

Question 19

Which of the following is based on the concept that the exposure of a single key will permit attacker access to only data protected by a single key?

Answer 19

PFS

Perfect Forward Secrecy

Question 20

Which algorithm was developed by Ron Rivest and offers a 128-bit output?

Answer 20

MD5

Question 21

Your organization has asked you to use two keys separately for encryption and decryption. What algorithm will you use?

Answer 21

RSA

Question 22

Allen is using a security feature which ensures that if hackers want to compromise a private key, they’ll only be able to access data in transit protected by that key and not nay future data because future data will not be associated with that compromised key. What security feature is he using?

Answer 22

PFS

Question 23

SSL and TLS can be best categorized as which system?

Answer 23

Hybrid Encryption

Question 24

Most authentication make use of a one-way encryption process which of the following best offers an example of one-way encryption?

Answer 24

Hashing

Question 25

Which of the following manages security credentials in a network and issues certificates to confirm the identity and other attributes of a certificate in relation to other entities?

Answer 25

CA

Certificate Authority

Question 26

Which of the following describes authentication tokens used to validate a claimed identity?

Answer 26

Credential

Question 27

A mobile user informs you that he has been asked to travel to China on business. He wants suggestions for securing his hard drive. What do you want to recommend him to use?

Answer 27

Bitlocker

Question 28

In the study of cryptography, what is used to prove the identity of an individual?

Answer 28

Authenticity

Question 29

Which of the following can be used to describe a physical security component that is used for cryptoprocessing and can be used to store digital keys securely?

Answer 29

HSM

Question 30

DES ECB is an example of which of the following encryption?

Answer 30

Block

Question 31

Which of the following is a method of providing an acknowledgment to the sender of the data and assurance of the sender’s identity to the receiver, so that neither the sender nor the receiver can later deny the data having processed by them?

Answer 31

Non-repudiation

Question 32

Using SSL, Allen wishes to secure public facing server farms in three domains. What is the number of wildcard SSL certificates that should be purchased?

Answer 32

Three

Question 33

What is not an advantage of symmetric encryption?

Answer 33

Key exchange is easy

Question 34

Which of the following Data Encryption Standard (DES) modes of operation are implemented as a stream cipher?

Answer 34

Output feedback

Cipher feedback

Question 35

You have been ask to suggest a simple trust system for distribution of encryption keys. Your client is a three-person company and wants a low-cost or free solution. What would you suggest?

Answer 35

Web-of-trust

Question 36

What is not a hashing algorithm?

Answer 36

IDEA

Question 37

Susan is trying to find a solution tat will verify emails coming from the source claimed. What solution will she use to accomplish this?

Answer 37

Digital signature

Question 38

Joseph, an ethical hacker, notices that an organizational network is vulnerable to the MitM attack since the key exchange process of the cryptographic algorithm does not authenticate participants. What cryptographic algorithm is being used by the organization?

Answer 38

Diffie-Hellman

Question 39

What is derived from a hash process known only by the originator, requires the receiver to use a key provided by the sender, and proves the message hasn’t been tampered with?

Answer 39

Digital Signature

Question 40

What is not a symmetric encryption?

Answer 40

RSA

Question 41

You have been asked by a member of the senior management to explain the important of encryption and define what symmetric encryption offers. What is the best explanation?

Answer 41

Privacy and authentication

Question 42

Ellie, a forensic analyst, suspects that a breach has occurred. Security logs show that the company’s IS patch system is compromised, and it is serving patches that contain a zero-day exploit and backdoor. she extracts an executable tile from a packet capture of communication between a client computer and the patch server. What should she use to confirm this suspicion?

Answer 42

Digital Signature

Question 43

You were given a disk full of application by a friend, but you are unsure about installing a couple of application on your company laptop. Is there an easy way to verify the programs are original or if they have been tampered with?

Answer 43

Verify with a hashing algorithm

Question 44

Which of the following is an early form of encryption, also known as ROT3?

Answer 44

Cesar Cipher

Question 45

How many keys are required if 15 people need to communicate using symmetric key encryption?

Answer 45

105

Question 46

Which type of encryption best offers easy key exchange and key management?

Answer 46

Asymmetric

Question 47

In cryptography, what is known as the process of converting clear text into something that is unreadable?

Answer 47

Encryption

Question 48

What is a process of digitally signing executable and scripts to confirm the software author and grantee that the program has not been altered or corrupted since it was authorized by the use of the cryptographic hash?

Answer 48

Code signing

Question 49

Which method of encryption makes use of a single key?

Answer 49

DES

Question 50

Mark works as a security manger at XYZ Inc. He has created a policy to allow employees to use their personally owned device. He is getting reports of company’s data appearing on unapproved forums and an increase in the theft of personal electronic devices. What security control would be implement to reduce the risk of exposure?

Answer 50

Disk encryption on the local drive