Encryption

Question 1

HMAC

Answer 1

Creates a Message Authentication Code used for auth and integrity checking

Question 2

HOTP

Answer 2

HMAC-based OTP

Question 3

TOTP

Answer 3

Type of HOTP

Question 4

PAP

Answer 4

For logging into network resources, clear text.

Question 5

CHAP

Answer 5

Hash handshake-based authentication for network resources.

Question 6

In-band

Answer 6

Key exchange as part of a communication session

Question 7

Out-of-band

Answer 7

Key exchange outside of the main data communication channel, like phone, internet or physically.

Question 8

PSK

Answer 8

Preshared key. Symmetrical encryption key that is shared beforehand, out-of-band.

Question 9

Session key

Answer 9

Random private key generated in-band.

Question 10

Stream cipher

Answer 10

Encryption is done per-bit.

Question 11

Block cipher

Answer 11

Encryption is done on blocks of data at a time.

Question 12

Perfect forward secrecy

Answer 12

Creation of a random public key that is session ephemeral, preventing future decryption by compromised keys.

Question 13

RIPEMD

Answer 13

Hashing function based on RACE.

Question 14

NTLMv2

Answer 14

NT LAN Manager, hashing process for storing password in the windows registry. Uses HMAC-MD5

Question 15

Key stretching

Answer 15

Algorithm for increasing the complexity of a key.

Question 16

Key stretching algorithms

Answer 16

PBKDF2 and bcrypt

Question 17

DES

Answer 17

old DoD block cipher

Question 18

3DES

Answer 18

old, but slightly better DoD block cipher

Question 19

RC

Answer 19

Rivest Cipher, family of cryptographic methods

Question 20

RC examples

Answer 20

RC4 (stream cipher, used in SSL and WEP) and RC5 (block cipher)

Question 21

Blowfish

Answer 21

Symmetrical encryption made as a replacement for DES. Succeeded by Twofish.

Question 22

AES

Answer 22

Symmetric encryption standard made by NIST. Block cipher with variable key length.

Question 23

Examples of asymmetrical ciphers

Answer 23

RSA and Elliptic-curve

Question 24

RSA

Answer 24

Asymmetrical encryption, Rivest-Shamir-Adleman.

Question 25

DH

Answer 25

Diffie Hellman key exchange method

Question 26

DHE

Answer 26

Diffie Hellman Ephemeral Key

Question 27

ECDHE

Answer 27

Elliptic Curve Diffie-Hellman Ephemeral Key

Question 28

DH and related methods allow

Answer 28

perfect forward-secrecy

Question 29

CA

Answer 29

Certificate Authority

Question 30

CSR

Answer 30

Certificate Signing Request

Question 31

CRL

Answer 31

Certificate Revocation List

Question 32

OCSP

Answer 32

Online Certificate Status Protocol

Question 33

OCSP vs CRL

Answer 33

OCSP is a CRL that works automatically over HTTP

Question 34

Cryptographic hash functions

Answer 34

Based on a block cipher

Question 35

RA

Answer 35

Registration Authority, for requesting certificates

Question 36

The set of all possible permutations of a key is the

Answer 36

keyspace

Question 37

Transposition cipher

Answer 37

Characters are rearranged, can be extremely complex

Question 38

The only type of stream cipher covered in the exam is

Answer 38

RC4, used in WEP and used to be used in SSL/TLS

Question 39

ECC

Answer 39

Elliptic curve cryptography

Question 40

IVs vs Nonces

Answer 40

Nonces need not be random