Chapter 2 Missed Questions

Question 1

What is Asymmetric encryption?

Answer 1

Encryption and decryption use different keys from the same pair

Question 2

What is Symmetric encryption?

Answer 2

Encryption and decryption use the same secret keys

Question 3

What are ephemeral keys?

Answer 3

Keys that can only be used once

Question 4

What are stream ciphers?

Answer 4

Ciphers that operate on one character or bit of a message at a time

Question 5

What are block ciphers?

Answer 5

Ciphers that operate on large segments of the message at the same time

Question 6

What is a transposition chipher?

Answer 6

Ciphers that rearrange the characters in a message

Question 7

What are some popular Symmetric cryptography encryption algorithms?

Answer 7

DES, 3DES, AES, Blowfish, Twofish an RC4

Question 8

What are some popular Asymmetric cryptography encryption algorithms?

Answer 8

RSA, PGP, and GnuPG

Question 9

What Symmetric cryptography encryption algorithms are no longer used today?

Answer 9

DES, 3DES, Blowfish, and RC4

Question 10

What are the approved DSS (Digital Signature Standards) Encryption Algorithms?

Answer 10

DSA, RSA and ECDSA

Question 11

What standard governs the structure and content of digital certificates?

Answer 11

X.509

Question 12

What is the most effective method of revoking digital certificates?

Answer 12

OCSP (Online Certificate Status Protocol)

Question 13

What is certificate stapling?

Answer 13

A technology that allows web servers to attach an OCSP validation to the certificate they send to users

Question 14

What is another name for a session key?

Answer 14

Ephemeral Key

Question 15

Is SSL or TLS the more secure transport encryption technology?

Answer 15

TLS, SSL is no longer used because it is considered insecure, as well as TLS 1.1 and TLS 1.2. TLS 1.3 is the current transport encryption technology.

Question 16

What is the metric used to provide the best measure of effectiveness in a biometric system?

Answer 16

CER (Crossover Error Rate)

Question 17

What are the acronyms FRR, FAR, and CER used for in measuring effectiveness? How are they calculated?

Answer 17

FRR is the False Rejection Rate, FAR is the False Acceptance Rate and CER is the Crossover Error Rate.
FRR = Times an Authorized User is Rejected.
FAR = Times an Unauthorized User is Accepted.
CER = Rate at which the FRR and FAR are equal.

Question 18

What is Zigbee?

Answer 18

A short-range wireless networking technology designed specifically for use in home automation technologies.

Question 19

What software development methodology uses four stages in an iterative process?

Answer 19

Spiral

Question 20

What phase of the capability maturity model introduces the reuse of code across projects?

Answer 20

Repeatable

Question 21

What component of a change management programs includes final testing that the software functions properly?

Answer 21

Release Management

Question 22

What is federation?

Answer 22

The term for policies, protocols, and practices to manage identities across systems and organizations

Question 23

What is composed of two doors closely spaced that require the user to use a card to get through one and then the other sequentially?

Answer 23

An access control vestibule

Question 24

What are common constraints for specialized and embedded systems?

Answer 24

Limitations on power, compute capacity, network throughput and bandwidth, cryptography, and cost. Additional issues with authentication and trust can also be driving factors.

Question 25

What are the 4 phases of a condensed penetration testing process, in order from start to finish?

Answer 25

Planning, Discovery, Attack, and Reporting

Question 26

What is “Services Integration”?

Answer 26

The connection of infrastructure and software elements to provide specific services to a business entity. More detailed is the processing, storage, databases, web, communications, and other functions into an integrated comprehensive solution.