CISSP ch 6

Question 1

Symmetric modes of operation that propagate errors

Answer 1

CBC and CFB (stream version of CBC)

Question 2

Symmetric modes of operation that provide authentication

Answer 2

GCM and CCM

Question 3

HSM

Answer 3

Hardware security module

Manages cryptographic keys

Question 4

Fair cryptosystems

Answer 4

Pieces of secret key are given to an independent third party who will share pieces with government pursuant to a court order

Question 5

PKI

Answer 5

Public Key Infrastructure

Question 6

Math of RSA

Answer 6

Factoring large prime numbers

Question 7

Math of Elgamal

Answer 7

Modular arithmetic (extension of Diffie Helman), doubles size of message

Question 8

Math of ECC

Answer 8

Elliptic curve cryptography, elliptic curve discrete logarithm problem

Question 9

DHE / EDH

Answer 9

Diffie Helman key exchange, relies on factoring of prime numbers and modular arithmetic

Question 10

ECDHE

Answer 10

Elliptic curve Diffie Helman exchange

Question 11

SHA-256 message size

Answer 11

256 bits

Question 12

SHA 256 block processing size

Answer 12

512 bits

Question 13

SHA 224 processing block size

Answer 13

512 bits

Question 14

SHA 512 message size

Answer 14

512 bits

Question 15

SHA 512 processing block size

Answer 15

1024 bits

Question 16

SHA 384 processing block size

Answer 16

1024 bits

Question 17

MD5 processing block size

Answer 17

512 bits

Question 18

MD5 message size

Answer 18

64 bits less than a multiple of 512

Question 19

RIPEMD

Answer 19

RIPE message digest, hashing used in Bitcoin, only RIPEMD 160 and 320 are secure

Question 20

HMAC

Answer 20

hashed message authentication code = implements a partial digital signature, guarantees integrity of message, but does not provide nonrepudiation = uses symmetric encryption / shared secret key that encrypts a hash value

Question 21

DSS

Answer 21

Digital signature standard = specified by NIST in FIPS 186-5, all federally approved digital signature algorithms must use SHA-3 hashing functions, specifies encryption algorithms (only three that are approved):
RSA, specified in ANSI X9.31
ECDSA = Elliptic Curve digital signature algorithm, specified in ANSI X9.62
EdDSA = Edwards-Curve Digital Signature Algorithm

Question 22

ECDSA

Answer 22

Elliptic Curve digital signature algorithm

Question 23

EdDSA

Answer 23

Edwards-Curve Digital Signature Algorithm

Question 24

DSA

Answer 24

Digital signature algorithm, no longer approved in current version of FIPS 186-5

Question 25

Digital certificates

Answer 25

endorsed copies of an individual’s public key, use x.509 standard

Question 26

CN and DN on a digital certificate

Answer 26

Common name and distinguished name of a subject

Question 27

CA

Answer 27

Certificate Authority

Question 28

RA

Answer 28

Registration authority = assist certificate authority with verifying users’ identities

Question 29

CSR

Answer 29

Subject provides their public key in the form of a certificate signing request

Question 30

DV certificate

Answer 30

Domain validation certificates, simples and most common, verifies that subject has control of the domain name

Question 31

EV certificate

Answer 31

Extended validation certificates, higher level of assurance, certificate authority takes steps to verify that the certificate owner is a legitimate business

Question 32

CRL

Answer 32

a certificate revocation list (CRL)
maintained by the various certificate authorities, contain serial numbers of certificates issued and revoked by a given certificate authority, along with date and time of revocation
must be downloaded and cross-referenced periodically, introducing a period of latency between the time a certificate is revoked and the time end users are notified of the revocation

Question 33

OCSP

Answer 33

the Online Certification Status Protocol (OCSP)
eliminates latency by providing a means for real-time certificate verification
when a client receives a certificate, it sends an OCSP request to the CA’s OCSP server, who then responds with a status of valid, invalid or unknown
places significant burden on OCSP server

Question 34

Certificate Stapling

Answer 34

An extension of OCSP that relieves some of the burden placed on certificate authorities
Web server contacts the OCSP server itself and receives a signed and timestamped response from the OCSP server, which it then attaches, or staples, to the digital certificate provided to the client/user
When the next user visits the website, stapled certificate can be reused as long as the timestamp is recent enough (usually have a validity period of 24 hours)

Question 35

DER certificate format

Answer 35

Distinguished Encoding Rules = most common binary format = .der, .crt or .cer extensions

Question 36

PEM certificate format

Answer 36

Privacy Enhanced Mail = ASCII text version of the DER format = .pem or .crt

Question 37

PFX certificate format

Answer 37

Personal Information Exchange = format commonly used by Windows systems, may be stored in binary form = .pfx or .p12

Question 38

P7B certificate format

Answer 38

used by Windows systems, stored in ASCII text format = .p7b

Question 39

TPM

Answer 39

Trusted Platform Module = chip that resides on the motherboard to store and manage keys used for full-disk encryption (FDE) solutions, prevents someone from removing and accessing the drive on another device

Question 40

PGP

Answer 40

Pretty Good Privacy = secure email system developed by Phil Zimmerman in 1991, combines certificate authority hierarchy with the ‘web of trust’ concept (must become trusted by one or more PGP users to being using the system) = commercial product sold by Symantec and open source variant called OpenPGP, commercial providers also offer PGP-based email services
ProtonMail
StartMail
Mailvelope
SafeGmail
Hushmail

Question 41

Minimum TLS security

Answer 41

TLS 1.2 (2008) now considered minimum secure option, anything older (SSL 3.0, TLS 1.0, TLS 1.1) is insecure
TLS 1.3 (2018) is also secure and adds performance improvements. Note: Must ensure that security algorithms being used by TLS are secure as well

Question 42

POODLE

Answer 42

Padding On Downgraded Legacy Encryption = attack in 2014 on SSL 3.0 fallback mechanism of TLS, caused TLS v1.2 to drop this backward compatibility

Question 43

Link encryption

Answer 43

protects entire communications circuits by creating a secure tunnel between two points using either a hardware solution or a software solution
all the data (header, trailer, address and routing data) is encrypted, each packet has to be decrypted and re-encrypted at each hop to be properly routed, which slows the routing
done at lower OSI layers

Question 44

SSH minimum security

Answer 44

SSH2 drops support for DES and IDEA, but adds support for Diffie-Hellman key exchange and the ability to run multiple sessions over a single SSH connection, provides added protection against man-in-the-middle (on-path) attacks, eavesdropping and IP/DNS spoofing

Question 45

IPsec transport mode vs tunnel mode

Answer 45

transport mode
for end-to-end encryption and peer-to-peer communication
only the packet payload is encrypted

tunnel mode
for link encryption
the entire packet, including the header is encrypted

Question 46

IPsec SA

Answer 46

At runtime, you set up an IPsec session by creating a security association (SA)
SA represents the communication session and records any configuration and status information about the connection
Represents a simplex connection, if you want a two-way channel, you need two SAs, one for each direction. If you want a bidirectional channel using both AH and ESP, you will need to set up four SAs
IPsec can filter and manage communications on a per-SA basis
Without a valid SA defined, pairs of users or gateways cannot establish IPsec links

Question 47

PBKDF2, bcrypt and scrypt

Answer 47

Specialized password hashing functions PBKDF2, bcrypt and scrypt allows for the creation of hashes using salts and incorporate a technique known as key stretching (adding values until input is a fixed length) that makes it more computationally difficult to perform a single password guess

Question 48

Analytic Attack

Answer 48

Algebraic manipulation that attempts to reduce the complexity of the algorithm
Focuses on the logic of the algorithm itself

Question 49

Implementation attack

Answer 49

Exploits weaknesses in the implementation of a cryptography system
Focuses on exploiting the software code

Question 50

Statistical attack

Answer 50

Exploits statistical weaknesses in a cryptosystem (e.g., floating-point errors or the inability to produce truly random numbers)
Focuses on hardware or operating system hosting the cryptography application