Chapter 12 - Encryption and Hashing Concepts Flashcards
Which of the following is the proper order of functions for asymmetric keys?
A. Decrypt, validate, and code and verify
B. Sign, encrypt, decrypt, and verify
C. Encrypt, sign, decrypt, and verify
D. Decrypt, decipher, and code and encrypt
C. The proper order of functions for asymmetric keys is as follows: encrypt, sign, decrypt, and verify. This is the case when a digital signature is used to authenticate an asymmetrically encrypted document.
Which type of encryption technology is used with the BitLocker application? A. Symmetric B. Asymmetric C. Hashing D. WPA2
A. BitLocker uses symmetric encryption technology based on AES. Hashing is the process of summarizing a file for integrity purposes. WPA2 is a wireless encryption protocol.
Which of the following will provide an integrity check? A. Public key B. Private key C. WEP D. Hash
D. A hash provides integrity checks, for example, MD5 hash algorithms. Public and private keys are the element of a cipher that allows for output of encrypted information. WEP (Wired Equivalent Privacy) is a deprecated wireless encryption protocol.
Why would a hacker use steganography? A. To hide information B. For data integrity C. To encrypt information D. For wireless access
A. Steganography is the act of writing hidden messages so that only the intended recipients know of the existence of the message. This is a form of security through obscurity. Steganographers are not as concerned with data integrity or encryption because the average person shouldn’t even know that a message exists. Although steganography can be accomplished by using compromised wireless networks, it is not used to gain wireless access.
You need to encrypt and send a large amount of data, which of the following would be the best option? A. Symmetric encryption B. Hashing algorithm C. Asymmetric encryption D. PKI
A. Symmetric encryption is the best option for sending large amounts of data. It is superior to asymmetric encryption. PKI is considered an asymmetric encryption
type, and hashing algorithms don’t play into sending large amounts of data.
Imagine that you are a hacker. Which would be most desirable when attempting to compromise encrypted data?
A. A weak key
B. The algorithm used by the encryption protocol
C. Captured traffic
D. A block cipher
A. The easiest way for a hacker to get at encrypted data is if that encrypted data has a weak encryption key. The algorithm isn’t of much use to a hacker unless it has been broken, which is a far more difficult process than trying to crack an individual key. Captured traffic, if encrypted, still needs to be decrypted, and a weak key will aid in this process. The block cipher is a type of algorithm.
An SHA algorithm will have how many bits? A. 64 B. 128 C. 512 D. 1,024
C. SHA-2 algorithm blocks have 512 bits. SHA-1 is 160-bit. MD5 is 128-bit; 1,024-bit keys are common in asymmetric encryption.
What is another term for secret key encryption? A. PKI B. Asymmetrical C. Symmetrical D. Public key
C. Symmetric key encryption uses a secret key. The term symmetric key is also referred to as the following: private key, single key, and shared key (and sometimes as session key). PKI and public keys at their core are asymmetrical.
Your boss wants you to set up an authentication scheme in which employees will use smart cards to log in to the company network. What kind of key should be used to accomplish this? A. Private key B. Public key C. Cipher key D. Shared key
A. A private key should be used by users when logging in to the network with their smart card. The key should certainly not be public. A key actually determines the function of a cipher. Shared key is another term for symmetric-key
encryption but does not imply privacy.
The IT director wants you to use a cryptographic algorithm that cannot be decoded by being reversed. Which of the following would be the best option? A. Asymmetric B. Symmetric C. PKI D. One way function
D. In cryptography, the one-way function is one option of an algorithm that cannot be reversed, or is difficult to reverse, in an attempt to decode data. An example of this would be a hash such as SHA-2, which creates only a small hashing number from a portion of the file or message. There are ways to crack asymmetric and symmetric encryptions, which enable complete decryption (decoding) of the file.
Which of the following concepts does the Diffie-Hellman algorithm rely on? A. Usernames and passwords B. VPN tunneling C. Biometrics D. Key exchange
D. The Diffie-Hellman algorithm relies on key exchange before data can be sent. Usernames and passwords are considered a type of authentication. VPN tunneling is done to connect a remote client to a network. Biometrics is the science of identifying people by one of their physical attributes.
What does steganography replace in graphic files?
A. The least significant bit of each byte
B. The most significant bit of each byte
C. The least significant byte of each bit
D. The most significant byte of each bit
A. Steganography replaces the least significant bit of each byte. It would be impossible to replace a byte of each bit, because a byte is larger than a bit; a byte is eight bits.
What does it mean if a hashing algorithm creates the same hash for two different downloads? A. A hash is not encrypted. B. A hashing chain has occurred. C. A one-way hash has occurred. D. A collision has occurred.
D. If a hashing algorithm generates the same hash for two different messages within two different downloads, a collision has occurred and the implementation of the hashing algorithm should be investigated.
Which of the following methods will best verify that a download from the Internet has not been modified since the manufacturer released it?
A. Compare the final LANMAN hash with the original.
B. Download the patch file over an AES encrypted VPN connection.
C. Download the patch file through an SSL connection.
D. Compare the final MD5 hash with the original.
D. The purpose of the MD5 hash is to verify the integrity of a download. SHA is another example of a hash that will verify the integrity of downloads. LANMAN hashes are older deprecated hashes used by Microsoft LAN Manager for passwords. Encrypted AES and SSL connections are great for encrypting the
data transfer but do not verify integrity.
Which of the following encryption methods deals with two distinct, large prime numbers and the inability to factor those prime numbers? A. SHA-1 B. RSA C. WPA D. Symmetric
B. The RSA encryption algorithm uses two prime numbers. If used properly they will be large prime numbers that are difficult or impossible to factor. SHA-1 is an example of a Secure Hash Algorithm. WPA is the Wi-Fi Protected Access protocol, and RSA is an example of an asymmetric method of encryption.