Introduction to Cryptography Flashcards
A network technician notices TCP port 80 traffic when users authenticate to their mail server. What should the technician configure to protect the confidentiality of these transmissions?
MD5
SHA-512
HTTPS
HTTPS
TCP port 80 is Hypertext Transfer Protocol (HTTP) network traffic. Web browsers use HTTP to connect to web servers. In this case, users are using web-based e-mail that is not encrypted. Hypertext Transfer Protocol Secure (HTTPS) uses either Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to encrypt HTTP traffic. This requires the installation of a digital certificate on the server. Remember that digital certificates have an expiration date. If time is not properly synchronized on device, the certificate chain of trust could be broken
Which of the following allows secured remote access to a UNIX host?
SSH
SSL
SSO
SSH
Secure Shell (SSH) listens on TCP port 22 and is used commonly on UNIX and Linux hosts to allow secure remote administration. An SSH daemon must be running on the server, and an SSH client (such as PuTTY) is required to make the connection. Unlike its predecessor, Telnet, SSH encrypts network traffic
An IT manager asks you to recommend a LAN encryption solution. The solution must support current and future software that does not have encryption of its own. What should you recommend?
SSL
SSH
IPSec
IPSec
IP Security (IPSec) is not specific to an application; all network traffic is encrypted and authenticated. Both sides of the secured connection must be configured to use IPSec
Which protocol supersedes SSL?
TLS
SSO
TKIP
TLS
Transport Layer Security (TLS) replaces Secure Sockets Layer (SSL). For example, TLS offers more secure data authentication to ensure data has not been tampered with while in transit
Which TCP port would a firewall administrator configure to enable users to access SSL-enabled web sites?
443
80
3389
443
Secure Sockets Layer (SSL) users TCP port 443
Data integrity is provided by which of the following?
RC4
AES
MD5
MD5
Message Digest 5 (MD5) is a hashing algorithm that computes a digest from provided data. Any change in the data will invalidate the digest; thus, data integrity is attained
You are configuring a network encryption device and must account for other devices that may not support newer and stronger algorithms. Which of the following lists encryption standards from weakest to strongest?
DES, 3DES, RSA
3DES, DES, AES
RSA, DES, Blowfish
DES, 3DES, RSA
Digital Encryption Standard (DES) is a 56-bit cipher, and 3DES is a 168-bit cipher; both are symmetric encryption algorithms. RSA (named after its creators, Rivest, Shamir, and Adleman) is a public and private key (asymmetric) encryption and digital signing standard whose bit strength varies. The bit length of a cipher is not the only factor influencing its strength; the specific implementation of the cryptographic functions also plays a role
Which of the following uses two mathematically related keys to secure data transmissions?
AES
RSA
3DES
RSA
RSA is an asymmetric cryptographic algorithm that uses mathematically related public and private key pairs to digitally sign and encrypt data
Your company has implemented a PKI. You would like to encrypt e-mail messages you send to another employee, Amy. What do you require to encrypt messages to Amy?
Amy’s private key
Amy’s public key
Your private key
Amy’s public key
A public key infrastructure (PKI) implies the use of public and private key pairs. To encrypt messages for Amy, you must have her public key. This can be installed locally on a computer or published centrally on a directory server that should be secured using protocols such as Lightweight Directory Access Protocol Secure (LDAPS). The related private key, which only Amy should have access to, is used to decrypt the message
You decide that your LAN computers will use asymmetric encryption with IPSec to secure LAN traffic. While evaluating how this can be done, you are presented with an array of encryption choices. Choose the correct classification of cryptography standards.
Symmetric: 3DES, DES
Asymmetric: Blowfish, RSA
Symmetric: 3DES, DES
Asymmetric: RC4, RSA
Symmetric: AES, 3DES
Asymmetric: RSA
Symmetric: AES, 3DES
Asymmetric: RSA
Advanced Encryption Standard (AES) and Triple Digital Encryption Standard (3DES) are cryptographic standards using symmetric algorithms. This means a single key is used both to encrypt and decrypt. RSA (named after its creators, Rivest, Shamir, and Adleman) is an asymmetric encryption algorithm. This means two mathematically related keys (public and private) are used to secure data; normally, a public key encrypts data and a private key decrypts it
Data is provided confidentially by which of the following?
MD5
Disk encryption
E-mail digital signatures
Disk encryption
Encryption provides data confidentiality. Only authorized parties have the ability to decrypt disk contents. Encrypting stored data is referred to the encryption of data-at-rest, encrypting data being transmitted is called encryption of data-in-transit, and the encryption of data being used is called encryption of data-in-use
Which symmetric block cipher supersedes Blowfish?
Twofish
Fourfish
RSA
Twofish
Twofish is a symmetric block cipher that replaces Blowfish
A user connects to a secured online banking web site. Which of the following statements is incorrect?
The workstation public key is used to encrypt data transmitted to the web server. The web server private key performs the decryption.
The workstation session key is encrypted with the server public key and transmitted to the web server. The web server private key performs the decryption.
The workstation-generated session key is used to encrypt data sent to the web server.
The workstation public key is used to encrypt data transmitted to the web server. The web server private key performs the decryption.
It is not the workstation public key that is used; it is the server’s. The workstation-generated session key is encrypted with the server public key and transmitted to the web server where a related private key decrypts the message to reveal the session key
Which term describes the process of concealing messages within a file?
Trojan
Steganography
Encryption
Steganography
Steganography can be used to hides messages within files. For example, a message could be hidden within an inconspicuous JPEG picture file
Which term best describes the assurance that a message is authentic and neither party can dispute its transmission or receipt?
Digital signature
Encryption
Nonrepudiation
Nonrepudiation
Nonrepudiation means neither the sending nor receiving party can dispute the fact that a transmission occurred. The recipient is assured of data authenticity and integrity via a digital signature applied with the sender’s private key