Cryptography

Question 1

If you want confidentiality when sending email message

Answer 1

then Encrypt the message

Question 2

If your message must maintain integrity

Answer 2

you must hash the message.

Question 3

If your message needs authentication, integrity and/or nonrepudiation.

Answer 3

You should digitally sign the message.

Question 4

If your message requires confidentiality, integrity, authentication, and
nonrepudiation

Answer 4

you should encrypt and digitally sign the message.

Question 5

Which Algorithm Operates on 64-bit blocks of text has variable-length keys ranging from a relatively
insecure 32 bits to an extremely strong 448 bits.

Answer 5

Blowfish

Question 6

The AES cipher allows the use of three key strengths

Answer 6

128-bit keys require 10 rounds of encryption.
192-bit keys require 12 rounds of encryption.
256-bit keys require 14 rounds of encryption.

Question 7

How many version PGP is available ?

Answer 7

Two version
commercial version
Freeware

Question 8

The commercial version uses
Key exchange ?
Encryption ?
Hashing ?

Answer 8

The commercial version uses
RSA for key exchange,
IDEA for encryption/decryption,
and MD5 for message digest production

Question 9

The freeware
version (based on the extremely similar OpenPGP standard) uses
Key exchange ?
Encryption ?
Hashing ?

Answer 9

Diffie-Hellman key
exchange, the Carlisle Adams/Stafford Tavares (CAST) 128-bit encryption/decryption
algorithm, and
the SHA-1 hashing function.

Question 10

S/MIME has

already been incorporated in a large number of commercial products, including these:

Answer 10

Microsoft Outlook and Outlook Web Access
Mozilla Thunderbird
Mac OS X Mail

Question 11

The only

public key cryptographic protocol supported by S/MIME.

Answer 11

RSA

The protocol supports the AES
and 3DES symmetric encryption algorithms.

Question 12

Common permissions restricted by document DRM solutions

Answer 12

Reading a file
Modifying the contents of a file
Removing watermarks from a file
Downloading/saving a file
Printing a file
Taking screenshots of file content

Question 13

How many types of Circuit Encryption ?

Answer 13

Security administrators use two types of encryption techniques to protect data traveling
over networks:
Link encryption protects
End-to-end encryption

Question 14

What is Link encryption ?

Answer 14

Protects entire communications circuits by creating a secure tunnel
between two points using either a hardware solution or a software solution that
encrypts all traffic entering one end of the tunnel and decrypts all traffic entering the
other end of the tunnel

Question 15

What is End-to-end encryption ?

Answer 15

End-to-end encryption protects communications between two parties (for example, a
client and a server) and is performed independently of link encryption.

Question 16

Difference between link encryption and End-to-end encryption

Answer 16

Link encryption,
all the data, including the header, trailer, address, and routing data, is also encrypted.
Therefore, each packet has to be decrypted at each hop so it can be properly routed to the
next hop and then re-encrypted before it can be sent along its way, which slows the
routing.
End-to-end encryption does not encrypt the header, trailer, address, and routing
data, so it moves faster from point to point but is more susceptible to sniffers and
eavesdroppers.

Question 17

Examples of Link encryption ?

Answer 17

A company with two offices connected via a
data circuit might use link encryption to protect against attackers monitoring at a
point in between the two offices.

Question 18

Example of End-to-end encryption

Answer 18

Secure Shell (SSH) is a good example of an end-to-end encryption technique.
Use of TLS to protect communications between a user and a web server.

Question 19

Note

Answer 19

When encryption happens at the higher OSI layers, it is usually end-to-end encryption,
and if encryption is done at the lower layers of the OSI model, it is usually link
encryption.

Question 20

IPsec

Answer 20

architecture that supports secure
communications is the Internet Protocol Security (IPsec) standard.

IPsec is a standard
architecture set forth by the Internet Engineering Task Force (IETF) for setting up a
secure channel to exchange information between two entities.

Question 21

Which cryptography IPsec uses to provide encryption, access control, nonrepudiation,
and message authenticatio ?

Answer 21

IPsec uses public key cryptography to provide encryption, access control, nonrepudiation,
and message authentication, all using IP-based protocols. The

Question 22

Use of IPsec ?

Answer 22

The primary use of IPsec is for
virtual private networks (VPNs), so IPsec can operate in either transport or tunnel mode.
IPsec is commonly paired with the Layer 2 Tunneling Protocol (L2TP) as L2TP/IPsec.

Question 23

Wired Equivalent Privacy ?

Answer 23

Wired Equivalent Privacy (WEP) provides 64- and 128-bit
encryption options to protect communications within the wireless LAN. WEP is described
in IEEE 802.11 as an optional component of the wireless networking standard.

Question 24

Note about WEP

Answer 24

In fact, the use of WEP encryption on a store network was the root
cause behind the TJX security breach that was widely publicized in 2007. Again, you
should never use WEP encryption on a wireless network.

Question 25

WiFi Protected Access

Answer 25

WiFi Protected Access (WPA) improves on WEP encryption by
implementing the Temporal Key Integrity Protocol (TKIP), eliminating the cryptographic
weaknesses that undermined WEP. A further improvement to the technique, dubbed
WPA2, adds AES cryptography. WPA2 provides secure algorithms appropriate for use on
modern wireless networks.

Question 26

Note About WAP

Answer 26

Remember that WPA does not provide an end-to-end security solution. It encrypts
traffic only between a mobile computer and the nearest wireless access point. Once
the traffic hits the wired network, it’s in the clear again.

Question 27

Other commonly used Wireless security standard ?

Answer 27

Another commonly used wireless security standard, IEEE 802.1x, provides a flexible
framework for authentication and key management in wired and wireless networks.
use 802.1x, the client runs a piece of software known as the supplicant