Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

EC CISSP > Domain 5 > Flashcards

Domain 5 Flashcards

1
Q

Which of the following is a cipher that uses one particular letter to replace another?

a) Polyalphabetic cipher
b) Monoalphabetic cipher
c) Caesar cipher
d) Polymorphic cipher

A

Monoalphabetic cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following plays the MOST important part in protecting a cryptosystem?

a) A sufficiently large key length
b) Using a newer cipher such as Rijndael or Blowfish, versus an older cipher like 3DES
c) Protecting the secret key for a symmetric cryptosystem and the private key for a public-key cryptosystem
d) Ensuring the cipher used has been publicly studied and scrutinized for errors

A

Protecting the secret key for a symmetric cryptosystem and the private key for a public-key cryptosystem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following BEST describes non-repudiation as it relates to a cryptosystem?

a) The cryptosystem should be able to prove that the message has not been tampered with.
b) The cryptosystem should allow a person to know for sure that the message given to him by another person is really from that person.
c) The cryptosystem should hide the contents of the message from all other persons except the sender and the intended recipient.
d) The cryptosystem should be able to prove that a specific person, and only that person, sent the message and that it has not been altered or falsified.

A

The cryptosystem should be able to prove that a specific person, and only that person, sent the message and that it has not been altered or falsified

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following BEST describes the ROT-13 cipher?

a) It rotates each letter in the message thirteen places through the alphabet.
b) It runs the message through the Rijndael cipher thirteen successive times.
c) It runs the message through the ROT-3 cipher thirteen successive times.
d) It applies the Caesar cipher thirteen times to the message.

A

It rotates each letter in the message thirteen places through the alphabet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

With respect to block cipher algorithms, CBC stands for which of the following?

a) Cipher Block Chaining
b) Code Book Cipher
c) Cipher Block Code
d) Code Block Chain

A

Cipher Block Chaining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is NOT a symmetric-key cryptosystem?

a) RC4
b) RSA
c) IDEA
d) DES

A

RSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is NOT a characteristic of public-key cryptosystems?

a) Public-key cryptosystems are “slower” than symmetric-key cryptosystems when encrypting and decrypting a message.
b) Public-key cryptosystems distribute public-keys within digital signatures.
c) Public-key cryptosystems require a secure key distribution channel.
d) Public-key cryptosystems provide technical non-repudiation via digital signatures.

A

Public-key cryptosystems require a secure key distribution channel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hash functions provide what primary function in a cryptosystem?

a) Confidentiality
b) Non-repudiation
c) Authentication
d) Message integrity

A

Message integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is NOT a hash function algorithm?

a) SHA
b) ECC
c) MD5
d) HMAC

A

ECC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of following does NOT provide for confidentiality?

a) CAST
b) IDEA
c) 3DES
d) MD5

A

MD5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Kerberos’ main application is which of the following?

a) A public-key cryptosystem used in Microsoft products
b) A single sign-on system for client-server authentication schemes
c) A hash function used for integrity in modern cryptosystems
d) An authentication scheme used with TLS (Transaction Layer Security)

A

A single sign-on system for client-server authentication schemes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Double-DES, or 2DES, is not considered much stronger than DES for which of the following reasons?

a) Double-DES is vulnerable to the meet-in-the-middle attack.
b) Double-DES has an effective key length of 47 bits due to the double encryption of the message.
c) Because DES is not a mathematical “group”, successive iterations of message encryption produce weaker and weaker ciphertext with respect to cryptanalysis.
d) Each successive pass of encryption using DES reduces the effective key length by 9 bits.

A

Double-DES is vulnerable to the meet-in-the-middle attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The AES (Advanced Encryption Standard) uses which of the following algorithms?

a) Serpent
b) Twofish
c) Blowfish
d) Rijndael

A

Rijndael

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The RSA algorithm uses what kind of intractable problem as the basis of its cryptosystem?

a) Solving the discrete logarithm problem over finite fields
b) Computing elliptic curves over finite fields
c) Factoring super-polynomials
d) Factoring certain large integers into their two prime factors

A

Factoring certain large integers into their two prime factors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following key issues is based on the fact that the keys are not going to last forever, but if you do not discard it someone else may be able to use it?

a) Key theft
b) Key generation
c) Key change
d) Key retirement

A

Key retirement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Chosen ciphertext attacks are mainly used against which kind of ciphers?

a) Private-key
b) Symmetric-key
c) Public-key
d) Hash functions

A

Public-key

17
Q

Which of the following is one of the main differences between cryptography and steganography?

a) Cryptography provides secrecy but not confidentiality, whereas steganography provides confidentiality but does not provide secrecy (unless combined with cryptography) .
b) Cryptography and steganography both provide secrecy, but only steganography provides confidentiality.
c) Steganography uses cryptography to provide secrecy.
d) Cryptography provides confidentiality but not secrecy, whereas steganography provides secrecy but does not provide confidentiality (unless combined with cryptography) .

A

Cryptography provides confidentiality but not secrecy, whereas steganography provides secrecy but does not provide confidentiality (unless combined with cryptography)

18
Q

Which of the following is NOT a steganography method?

a) Superimposition
b) Injection
c) Substitution
d) Generation of a new file

A

Superimposition

19
Q

Which of the following is also referred to as rotor systems, such as the ‘American sigaba’?

a) Hebern machines
b) Enigma machines
c) Vernam ciphers
d) Jefferson disks

A

Hebern machines

20
Q

What is the ‘weakest link’ in cryptographic systems?

a) The key length of the cipher
b) The particular cipher, such as 3DES or Blowfish
c) The number of rounds of encryption, such as three for 3DES and one for DES
d) Protection and secure storage of public/private and symmetric keys

A

Protection and secure storage of public/private and symmetric keys

21
Q

Which of the following is NOT a method of encryption?

a) Substitution
b) Combination
c) Permutation
d) Hybrid

A

Combination

22
Q

Which type of cryptosystem uses a one-way transformation and does not perform key-based encryption?

a) Symmetric encryption functions
b) Asymmetric cryptographic functions
c) Diffie-Hellman exchange functions
d) Hash functions

A

Hash functions

23
Q

Which algorithms are used for message integrity?

a) MD5 and SHA-1
b) RSAandRC4
c) DESand3DES
d) Diffe-Hellman and DSS

A

MD5 and SHA-1

24
Q

What is an adaptive-chosen plaintext attack?

a) An adaptive-chosen plaintext attack allows the cryptanalyst to choose the initial ciphertext that gets decrypted, and then choose additional blocks of text that get decrypted for further analysis based upon each decryption step.
b) An adaptive-chosen plaintext attack allows the cryptanalyst to choose the initial plaintext that gets encrypted, and then choose additional blocks of text that get decrypted for further analysis based upon each decryption step.
c) An adaptive-chosen plaintext attack allows the cryptanalyst to choose the initial plaintext that gets encrypted, and then choose additional blocks of text that get encrypted for further analysis based upon each encryption step,
d) An adaptive-chosen plaintext attack allows the cryptanalyst to choose the initial ciphertext that gets decrypted, and then choose additional blocks of text that get encrypted for further analysis based upon each encryption step.

A

An adaptive-chosen plaintext attack allows the cryptanalyst to choose the initial plaintext that gets encrypted, and then choose additional blocks of text that get encrypted for further analysis based upon each encryption step

25
Q

Which component of IPSec provides encryption and limited authentication?

a) AH (Authentication Header)
b) ESP (Encapsulation Security Payload)
c) SA (Security Association)
d) VPN (Virtual Private Network)

A

ESP (Encapsulation Security Payload)

26
Q

The U. S. Government’s clipper chip embodied the escrowed encryption standard using which of the following algorithms?

a) Blowfish
b) RC4
c) Skipjack
d) 3DES

A

Skipjack

27
Q

What does AES stand for?

a) Advanced Encryption Sample
b) Advanced Encryption Sanction
c) Advanced Encryption Signal
d) Advanced Encryption Standard

A

Advanced Encryption Standard

28
Q

Which of the following requirements is NOT a goal of cryptography?

a) Confidentiality
b) Availability
c) Non-repudiation
d) Authentication

A

Availability

29
Q

Which of the following choices is NOT one of the four common cryptographic terms?

a) Ciphertext
b) Plaintext
c) Decryption
d) Authentication

A

Authentication

30
Q

Given the following plaintext and cipher text, which choice would be the encryption for the word CAB? 1. Plaintext: A B C D E F 2. Ciphertext: W K M P D O

a) MDK
b) MKW
c) MWK
d) WKM

A

MWK

31
Q

Using the ROT-3 scheme, which of the following choices would be the correct encryption for the word CAB?

a) ABC
b) EFG
c) BAC
d) FDE

A

FDE

32
Q

Which of the following choices describes the basic encryption technique of shuffling the order in which the characters appear?

a) Permutation
b) Rotation
c) Hybrid
d) Substituting

A

Permutation

33
Q

Block ciphers can operate in several modes. Which of the following modes is the simplest, most obvious application?

a) Electronic Codebook (ECB)
b) Output Feedback (OFB)
c) Cipher Feedback (CFB)
d) Cipher Block Chaining (CBC)

A

Electronic Codebook (ECB)

34
Q

Block ciphers can operate in several modes. Which of the following modes is susceptible to a variety of brute-force attacks?

a) Output Feedback (OFB)
b) Electronic Codebook (ECB)
c) Cipher Feedback (CFB)
d) Cipher Block Chaining (CBC)

A

Electronic Codebook (ECB)

35
Q

There are three general types of crypto algorithms. Which of the following algorithms offers no key encryption?

a) Symmetric
b) Asymmetric
c) Secret key
d) Hash

A

Hash

36
Q

Which of the following crypto attacks requires only encrypted messages (no plaintext is available) ?

a) Chosen-key attack
b) Chosen-ciphertext attack
c) Ciphertext-only attack

A

Ciphertext-only attack

EC CISSP (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions