Cryptography and Encryption Basics

Question 1

You have encrypted an e-mail message that is only meant to be seen by the recipient. A hacker has intercepted the message. When he views the message, what does he see?

The plain text of the e-mail

One-way hash of the message

Ciphertext

Answer 1

Ciphertext

Clear text is transformed into ciphertext after being put through some type of cipher or encryption algorithm system. The ciphertext is unreadable unless it is decrypted back into clear-text form

Question 2

You have been tasked with implementing information assurance principles within your organization’s security and encryption functions. Which of the following isn’t a function of information assurance within encryption systems?

Efficiency

Confidentiality

Integrity

Answer 2

Efficiency

Efficiency is not a function of information assurance within encryption systems. The four basic functions pertaining to information assurance are confidentiality, integrity, authentication, and nonrepudiation

Question 3

You have sent your friend a secret, encrypted message. The key you used to encrypt the message is the same key with which your friend will decrypt the message. What type of encryption scheme is used?

Asymmetric

Symmetric

RSA

Answer 3

Symmetric

In a symmetric encryption scheme, both parties use the same key for encryption and decryption purposes. Both users must possess the same key to send encrypted messages to each other

Question 4

Which of the following encryption schemes would you use if your company wants to create an invisible watermark hidden within the images on its website to identify the images in case they are used by another company?

Elliptical curve

One-way hash

Steganography

Answer 4

Steganography

Steganography hides data in another type of media that effectively conceals the existence of the data

Question 5

Your organization wants you to implement an encryption system that ensures the sender and receiver of the encrypted message use different keys for encryption and decryption. Which type of encryption scheme would you use?

Elliptical curve

Quantum

Asymmetric

Answer 5

Asymmetric

An asymmetric encryption scheme relies on the sender and receiver of a message to use different keys for encryption and decryption. The keys are mathematically related, but they can’t be derived from each other

Question 6

Which of the following protocols would you use for message authentication and integrity in your encryption systems?

Steganography

Elliptical curve

HMAC

Answer 6

HMAC

HMAC (Hash-based Message Authentication Code) is used to authenticate a message and provide data integrity. The Message Authentication Code (MAC) is sent along with the message itself so that the receiver can authenticate the sender of the message and verify the integrity of the message contents

Question 7

You have been asked to implement hashing protocols that have a low possibility of a hashing collision. Which of the following describes a hashing collision?

The greater probability that two or more people in a group of 23 share the same birthday

That the hash values of two different messages are identical

An invalid digital signature

Answer 7

That the hash values of two different messages are identical

A collision occurs within a hashing algorithm when the hashed values of two different messages are the same value. Collisions can be used to aid in cracking a hacking algorithm

Question 8

When you connect to a secure website, you are asked to accept the server certificate. What is the function of the digital certificate?

It securely validates the identity of the server and its public key.

It identifies you to a certificate authority.

It provides your ID required by the government to request a public key.

Answer 8

It securely validates the identity of the server and its public key.

A digital certificate is a credential required by PKI systems that can securely identify an organization’s server, as well as create an association between the server’s authenticated identity and its public keys

Question 9

You want to start a secure web session to your banking website to prevent your credentials and financial information from passing as clear text. Which of the following protocols do you use?

DES

SSH

HTTPS

Answer 9

HTTPS

HTTP communications send all data in clear-text form. For secure web communications, HTTPS is a secure means of communicating HTTP data between a web browser and a web server. HTTPS protects the communication channel by using SSL to provide encrypted and protected communications

Question 10

The following are some of the steps for making a connection to an online banking site in order to conduct a transaction. Put them in the correct order.

A digital certificate establishes the website identity to the browser.

b. SSL is activated between the client and the server.
c. The browser accepts the certificate from the web server.
d. Banking transactions are accepted.

Answer 10

a, c, b, d

When a client connects to the secure HTTPS site, the web server sends a certificate to the web browser to establish its identity. If the browser accepts the certificate and finds no validation issues with it, SSL is activated between the server and client. No other communication can occur between the server and client until the certificate is validated and accepted