Matt Walker Chapter 11 Flashcards
- 1.Which of the following attacks acts as a man in the middle, exploiting fallback mechanisms in TLS clients?
A. POODLE
B. Heartbleed
C. FREAK
D. DROWN
1.A. POODLE
In a POODLE attack, the man in the middle interrupts all handshake attempts by TLS clients, forcing a degradation to a vulnerable SSL version.
- 2.RC4 is a simple, fast encryption cipher. Which of the following is not true regarding RC4?
A. RC4 can be used for web encryption.
B. RC4 uses block encryption.
C. RC4 is a symmetric encryption cipher.
D. RC4 can be used for file encryption.
2.B. RC4 uses block encryption.
RC4 is a simple, fast, symmetric stream cipher. It can be used for almost everything you can imagine an encryption cipher could be used for (you can even find it in WEP).
- 3.An organization has decided upon AES with a 256-bit key to secure data exchange. What is the primary consideration for this?
A. AES is slow.
B.The key size makes data exchange bulky and complex.
C. It uses a shared key for encryption.
D. AES is a weak cypher.
3.C. It uses a shared key for encryption.
AES is a symmetric algorithm, which means that the same key is used for encryption and decryption. The organization will have to find a secured means to transmit the key to both parties before any data exchange.
- 4.Joe and Bob are both ethical hackers and have gained access to a folder. Joe has several encrypted files from the folder, and Bob has found one of them unencrypted. Which of the following is the best attack vector for them to follow?
A. Cipher text only
B. Known plain text
C. Chosen cipher text
D. Replay
4.B. Known plain text
In a known plain-text attack, the hacker has both plain-text and cipher-text messages; the plain-text copies are scanned for repeatable sequences, which are then compared to the cipher-text versions. Over time, and with effort, this can be used to decipher the key.
- 5.You are reviewing security plans and policies, and you wish to provide protection to organization laptops. Which effort listed protects system folders, files, and MBR until valid credentials are provided at pre-boot?
A. Cloud computing
B. SSL/TLS
C. Full disk encryption
D. AES
5.C. Full disk encryption
FDE is the appropriate control for data-at-rest protection. Pre-boot Authentication provides protection against loss or theft.
- 6.Which of the following is used to distribute a public key within the PKI system, verifying the user’s identity to the recipient?
A. Digital signature
B. Hash value
C. Private key
D. Digital certificate
6.D. Digital certificate
A digital certificate contains, among other things, the sender’s public key, and it can be used to identify the sender.
- 7.A hacker feeds plain-text files into a hash, eventually finding two or more that create the same fixed-value hash result. This anomaly is known as what?
A. Collision
B. Chosen plain text
C. Hash value compromise
D. Known plain text
7.A. Collision
When two or more plain-text entries create the same fixed-value hash result, a collision has occurred.
- 8.An attacker uses a Metasploit auxiliary exploit to send a series of small messages to a server at regular intervals. The server responds with 64Kb of data from its memory. Which of the following best describes the attack being used?
A. POODLE
B. Heartbleed
C. FREAK
D. DROWN
8.B. Heartbleed
Heartbleed takes advantage of the data-echoing acknowledgement heartbeat in SSL. OpenSSL version 1.0.1 through version 1.0.1f are vulnerable to this attack.
- 9.Which of the following statements is true regarding encryption algorithms?
A.Symmetric algorithms are slower, are good for bulk encryption, and have no scalability problems.
B.Symmetric algorithms are faster, are good for bulk encryption, and have no scalability problems.
C.Symmetric algorithms are faster, are good for bulk encryption, but have scalability problems.
D.Symmetric algorithms are faster but have scalability problems and are not suited for bulk encryption.
9.C. Symmetric algorithms
Symmetric algorithms are fast, are good for bulk encryption, but have scalability problems.
- 10.Within a PKI system, Julia encrypts a message for Heidi and sends it. Heidi receives the message and decrypts the message using what?
A. Julia’s public key
B. Julia’s private key
C. Heidi’s public key
D. Heidi’s private key
10.D. Heidi’s private key
Heidi’s public key is used to encrypt the message. Her private key is used to decrypt it.
- 11.Which of the following is a symmetric encryption method that transforms a fixed-length amount of plain text into an encrypted version of the same length?
A. Stream
B. Block
C. Bit
D. Hash
11.B. Block
Block encryption takes a fixed-length block of plain text and converts it to an encrypted block of the same length.
- 12.Which symmetric algorithm uses variable block sizes (from 32 to 128 bits)?
A. DES
B. 3DES
C. RC
D. MD5
12.C. RC
Rivest Cipher (RC) uses variable block sizes (from 32 to 128 bits).
- 13.Which hash algorithm produces a 160-bit output value?
A. SHA-1
B. SHA-2
C. Diffie-Hellmann
D. MD5
- A. SHA-1
SHA-1 produces a 160-bit output value.
- 14.Two different organizations have their own public key infrastructure up and running. When the two companies merged, security personnel wanted both PKIs to validate certificates from each other. What must the CAs for both companies establish to accomplish this?
A. Key exchange portal
B. Key revocation portal
C. Cross-site exchange
D. Cross-certification
14.D. Cross-certification
When PKIs need to talk to one another and trust certificates from either side, the CAs need to set up a mutual trust known as cross-certification.
- 15.Within a PKI, which of the following verifies the applicant?
A. Registration authority
B. User authority
C. Revocation authority
D. Primary authority
15.A. Registration Authority
A registration authority (RA) validates an applicant into the system, making sure they are real, valid, and allowed to use the system.
