Chapter 1 - 10 Flashcards
Derek, a security professional, wants to embed hidden data within a carrier file like an image or video which can later be extracted. What will he use?
Steganography
Which of the following statements are true of Online Certificate Status Protocol and certificate revocation list?
OSCP Checks certificate status in realt ime
CRL allows the authenticity of a certificate to be immediately verified
The main limitation of CRL is the fact that updates must be frequently downloaded to keep the list current
What are the cryptographic goals?
Confidentiality
Integrity
Availability
A junior administrator at a sister company called to report a possible exposed key that is used for PKI transactions. The administrator would like to know easiest way to check whether the lost key has been flagged by the system. What are you going to recommend to the administrator?
OCSP
Online Certificate Status Protocol
You’ve discovered that an expired certificate is being used to repeatedly to gain login privileges. To what list should the certificate have been added?
CRL
Certificate Revocation List
Which of the following is a digitized, decentralized, publicly used ledger of all cryptocurrency transtions?
Blockchain
What is used for legal purposes and identifies ownership or copyright of material?
Watermarking
A junior administrator comes to you in a panic after seeing the cost of certificates. Should would like to know if there is a way to get one certificate to cover all domains and subdomains for the organization. What solution can you offer?
Wildcard Certificate
Juan, a security engineer, increased the security of an organization’s VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions . What can be configured to meet this requirement?
PRNG
Pseudorandom number generator
Your team member has asked you to name a common form of digital certificate. What will you advise?
X.509
Which of the following is a determinisitic algorithm to generate a sequence of number with little or no discernible pattern in the numbers, apart from broad statistical properties?
PRNG
Pseudorandom number generator
What is the correct term for when two different files are hashed and result in the same output?
Collision
Marie is concerned about outside parties attempting to access her company’s network viz the wireless connection. Where should she place the WAP?
Centrally in the building
Juan has requested some specific files stored on the organization storage network containing data which is not protected by the patent law, but is classified as trade secret encrypted with a block cipher. What algorithm satisfies the request?
Blowfish
What ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the (long-term) private key is compromised in the future?
PFS
Perfect Forward Secrecy
You have just completed a port scan of devices in the DMZ and have discovered that port 5800/5801 is open on one of the devices. Which service typically uses these ports?
VNC
Which of the following would properly describe a system that uses a symmetric key distributed by an asymmetric process?
Hybrid Encryption
A co-worker is concerned about the veracity of a claim because the sender of an email denies sending it. The co-worker wants a way to prove the authenticity of an email. What would you recommend?
Digital Signature
Which of the following is based on the concept that the exposure of a single key will permit attacker access to only data protected by a single key?
PFS
Perfect Forward Secrecy
Which algorithm was developed by Ron Rivest and offers a 128-bit output?
MD5
Your organization has asked you to use two keys separately for encryption and decryption. What algorithm will you use?
RSA
Allen is using a security feature which ensures that if hackers want to compromise a private key, they’ll only be able to access data in transit protected by that key and not nay future data because future data will not be associated with that compromised key. What security feature is he using?
PFS
SSL and TLS can be best categorized as which system?
Hybrid Encryption
Most authentication make use of a one-way encryption process which of the following best offers an example of one-way encryption?
Hashing
Which of the following manages security credentials in a network and issues certificates to confirm the identity and other attributes of a certificate in relation to other entities?
CA
Certificate Authority
Which of the following describes authentication tokens used to validate a claimed identity?
Credential
A mobile user informs you that he has been asked to travel to China on business. He wants suggestions for securing his hard drive. What do you want to recommend him to use?
Bitlocker
In the study of cryptography, what is used to prove the identity of an individual?
Authenticity
Which of the following can be used to describe a physical security component that is used for cryptoprocessing and can be used to store digital keys securely?
HSM
DES ECB is an example of which of the following encryption?
Block
Which of the following is a method of providing an acknowledgment to the sender of the data and assurance of the sender’s identity to the receiver, so that neither the sender nor the receiver can later deny the data having processed by them?
Non-repudiation
Using SSL, Allen wishes to secure public facing server farms in three domains. What is the number of wildcard SSL certificates that should be purchased?
Three
What is not an advantage of symmetric encryption?
Key exchange is easy
Which of the following Data Encryption Standard (DES) modes of operation are implemented as a stream cipher?
Output feedback
Cipher feedback
You have been ask to suggest a simple trust system for distribution of encryption keys. Your client is a three-person company and wants a low-cost or free solution. What would you suggest?
Web-of-trust
What is not a hashing algorithm?
IDEA
Susan is trying to find a solution tat will verify emails coming from the source claimed. What solution will she use to accomplish this?
Digital signature
Joseph, an ethical hacker, notices that an organizational network is vulnerable to the MitM attack since the key exchange process of the cryptographic algorithm does not authenticate participants. What cryptographic algorithm is being used by the organization?
Diffie-Hellman
What is derived from a hash process known only by the originator, requires the receiver to use a key provided by the sender, and proves the message hasn’t been tampered with?
Digital Signature
What is not a symmetric encryption?
RSA
You have been asked by a member of the senior management to explain the important of encryption and define what symmetric encryption offers. What is the best explanation?
Privacy and authentication
Ellie, a forensic analyst, suspects that a breach has occurred. Security logs show that the company’s IS patch system is compromised, and it is serving patches that contain a zero-day exploit and backdoor. she extracts an executable tile from a packet capture of communication between a client computer and the patch server. What should she use to confirm this suspicion?
Digital Signature
You were given a disk full of application by a friend, but you are unsure about installing a couple of application on your company laptop. Is there an easy way to verify the programs are original or if they have been tampered with?
Verify with a hashing algorithm
Which of the following is an early form of encryption, also known as ROT3?
Cesar Cipher
How many keys are required if 15 people need to communicate using symmetric key encryption?
105
Which type of encryption best offers easy key exchange and key management?
Asymmetric
In cryptography, what is known as the process of converting clear text into something that is unreadable?
Encryption
What is a process of digitally signing executable and scripts to confirm the software author and grantee that the program has not been altered or corrupted since it was authorized by the use of the cryptographic hash?
Code signing
Which method of encryption makes use of a single key?
DES
Mark works as a security manger at XYZ Inc. He has created a policy to allow employees to use their personally owned device. He is getting reports of company’s data appearing on unapproved forums and an increase in the theft of personal electronic devices. What security control would be implement to reduce the risk of exposure?
Disk encryption on the local drive
