Lesson 5: Summarizing Basic Cryptographic Concepts Flashcards
A hospital must balance the need to keep patient privacy information secure and the desire to analyze the contents of patient records for a scientific study. What cryptographic technology can best support the hospital’s needs?
A. Blockchain
B. Quantum computing
C. Perfect forward security (PFS)
D. Homomorphic encryption
D
Homomorphic encryption is used to share privacy-sensitive data sets. It allows a recipient to perform statistical calculations on data fields, while keeping the data set as a whole encrypted, thus preserving patient privacy.
A system administrator downloads and installs software from a vendor website. Soon after installing the software, the administrator’s computer is taken over remotely. After closer investigation, the software package was modified, probably while it was downloading. What action could have prevented this incident from occurring?
A. Validate the software using a checksum
B. Validate the software using a private certificate
C. Validate the software using a key signing key
D. Validate the software using Kerberos
A
The administrator should have validated the software with a checksum, which uses a cryptographic algorithm to generate a unique hash value based on the file contents. If the file is changed, the checksum of the modified file will not match the original.
Which of the following utilizes both symmetric and asymmetric encryption?
A. Digital envelope
B. Digital certificate
C. Digital evidence
D. Digital signature
A
A digital envelope is a type of key exchange system that utilizes symmetric encryption for speed and asymmetric encryption for convenience and security.
A digital certificate is an electronic document that associates credentials with a public key. This only involves asymmetric encryption.
Digital evidence or Electronically Stored Information (ESI) is evidence that cannot be seen with the naked eye; rather, it must be interpreted using a machine or process. There is no encryption involved.
A digital signature is a message digest encrypted with a user’s private key. It uses only asymmetric encryption to prove the identity of the sender of a message and to show a message has not been tampered with.
During a penetration test, an adversary operator sends an encrypted message embedded in an attached image. Analyze the scenario to determine what security principles the operator is relying on to hide the message.
(Select all that apply.)
A. Security by obscurity
B. Integrity
C. Prepending
D. Confidentiality
A, D
When used to conceal information, steganography amounts to “security by obscurity,” which is usually deprecated.
A message can be encrypted by some mechanism before embedding it in a covertext, providing confidentiality.
Examine each statement and determine which most accurately describes a major limitation of quantum computing technology.
A. Presently, quantum computers do not have the capacity to run useful applications.
B. Quantum computing is not yet sufficiently secure to run current cryptographic ciphers.
C. Quantum computing is not sufficiently agile to update the range of security products it most frequently uses.
D. Attackers may exploit a crucial vulnerability in quantum computing to covertly exfiltrate data.
A
Presently, the most powerful quantum computers have about 50 qubits. A quantum computer will need about a million qubits to run useful applications.
A security technician needs to transfer a large file to another user in a data center. Which statement best illustrates what type of encryption the technician should use to perform the task?
A. The technician should use symmetric encryption for authentication and data transfer.
B. The technician should use asymmetric encryption to verify the data center user’s identity and agree on a symmetric encryption algorithm for the data transfer.
C. The technician should use asymmetric encryption for authentication and data transfer.
D. The technician should use symmetric encryption to verify the data center user’s identity and agree on an asymmetric encryption algorithm for the data transfer.
B
Asymmetric encryption is used for authentication, non-repudiation, and key agreement and exchange. Symmetric encryption is more efficient for bulk encryption of large amounts of data for transfer.
Symmetric encryption is very fast and used for bulk encryption of large amounts of data. Symmetric encryption cannot be used for authentication or integrity, because both parties know the same key.
An employee works on a small team that shares critical information about the company’s network. When sending emails that have this information, what would be used to provide the identity of the sender and prove that the information has not been tampered with?
A. Private key
B. Digital signature
C. Public key
D. RSA algorithm
B
A digital signature proves the identity of the sender of a message and to show that a message has not been tampered with since the sender posted it. This provides authentication, integrity, and non-repudiation.
Which of the following is NOT a use of cryptography?
A. Non-repudiation
B. Obfuscation
C. Security through obscurity
D. Resiliency
C
Security through obscurity involves keeping something a secret by hiding it. With cryptography, messages do not need to be hidden since they are not understandable unless decrypted.
Which two cryptographic functions can be combined to authenticate a sender and prove the integrity of a message?
A. Hashing and symmetric encryption
B. Public key cryptography and digital enveloping
C. Hashing and digital enveloping
D. Public key cryptography and hashing
D
Public key cryptography (public and private keys) can be used to authenticate a sender. Combine this with a hash output of the message and a secret (or private) key to create a message authentication code (MAC) to validate the integrity of the message.
A client contacts a server for a data transfer. Instead of requesting TLS1.3 authentication, the client claims legacy systems require the use of SSL. What type of attack might a data transfer using this protocol facilitate?
A. Credential harvesting
B. Key stretching
C. Phishing
D. Man-in-the-middle
D
A downgrade attack can be used to facilitate a man-in-the-middle attack by requesting that the server use a lower specification protocol with weaker ciphers and key lengths, making it easier for a malicious actor to forge the trusted certificate authority’s signature.
Evaluate the differences between stream and block ciphers and select the true statement.
A. A block cipher is suitable for communication applications.
B. A stream cipher is subjected to complex transposition and substitution operations, based on the value of the key used.
C. A block cipher is padded to the correct size if there is not enough data in the plaintext.
D. A stream cipher’s plaintext is divided into equal-sized blocks.
C
In a block cipher, if there is not enough data in the plaintext, it’s padded to the correct size. Padding is not an issue with streaming, where each byte or bit of data in the plaintext is encrypted one at a time, but it is problematic in dealing with block size.
Which of the following statements best describes the trade-off when considering which type of encryption cipher to use?
A. Asymmetric encryption is the strongest hashing algorithm, which produces longer and more secure digests than symmetric encryption.
B. Asymmetric encryption requires substantially more overhead computing power than symmetric encryption. Asymmetric encryption is inefficient when transferring or encrypting large amounts of data.
C. Symmetric encryption requires substantially more overhead computing power than asymmetric encryption. Symmetric encryption is inefficient when transferring or encrypting large amounts of data.
D. Symmetric encryption is not considered as safe as asymmetric encryption, but it might be required for compatibility between security products.
B
Asymmetric encryption involves substantially more computing overhead than symmetric encryption. Asymmetric encryption is inefficient when encrypting a large amount of data on a disk or transporting it over a network.
Which statement describes the mechanism by which encryption algorithms help protect against birthday attacks?
A. Encryption algorithms utilize key stretching.
B. Encryption algorithms use secure authentication of public keys.
C. Encryption algorithms add salt when computing password hashes.
D. Encryption algorithms must utilize a blockchain.
C
A salt is an additional value stored with the hashed data field. The purpose of salt is to frustrate attempts to crack the hashes of passwords in this case. This will protect against birthday attacks.
An attacker uses a cryptographic technology to create a covert message channel in transmission control protocol (TCP) packet data fields. What cryptographic technique does this attack strategy employ?
A. Homomorphic encryption
B. Blockchain
C. Steganography
D. Key stretching
C
Steganography obscures the presence of a message and can be used to encode messages within TCP packet data fields to create a covert message channel for data exfiltration.
Which statement best illustrates the importance of a strong true random number generator (TRNG) or pseudo-random number generator (PRNG) in a cryptographic implementation?
A. A weak number generator leads to many published keys sharing a common factor.
B. A weak number generator creates numbers that are never reused.
C. A strong number generator creates numbers that are never reused.
D. A strong number generator adds salt to encryption values.
A
A cryptanalyst can test for the presence of common factors and derive the whole key much more easily. The TRNG or PRNG module in the cryptographic implementation is critical to its strength.
Predictability is a weakness in either the cipher operation or within particular key values that make a ciphertext more vulnerable to cryptanalysis. Reuse of the same key within the same session can cause this weakness.
