Module 03 - Criptography

Question 1

Definition:
Cryptography

Answer 1

The process of writing or solving messages using a secret code

Question 2

Definition:
Security through obscurity

Answer 2

Protecting by hiding something

Question 3

Definition:
Encryption

Answer 3

A form of cryptography, it’s a process of converting text into unintelligible text, or a ciphertext.

Question 4

Definition:
Ciphertext

Answer 4

Encrypted text

Question 5

What’s Cryptanalysis?

Answer 5

The art of cracking cryptographic systems

Question 7

What are Encryption Keys?

Answer 7

String used to encrypt and decrypt messages, generated by ciphers

Question 8

What kinds of encryption keys are there?

Answer 8

Symmetric and Assymetric

Question 9

Definition:
Symmetrick algorithm

Answer 9

The same key that encrypts also decrypts

Question 10

Definition:
Asymmetric algorithm

Answer 10

Uses a public key to encrypt and a private key to decrypt

Question 11

Definition:
Hashing

Answer 11

The process of converting one value into another, no decrypting, no duplicates

Question 12

Definition:
Salt [Hashing]

Answer 12

It’s the process of fixating a string at the end of a value before hashing it, to generate a completely different hash

Question 13

What’s a Digital Signature?

Answer 13

Verifies that data is legitimate, non-repudiation.

Private key + Hash of data

Question 14

What’s non-repudiation?

Answer 14

The concept of not being able to disassociate the ‘cause’ from the ‘consequence’.
Audit trails

Question 15

Acronym:
ECC

Answer 15

Elliptic Curve Cryptography

Question 16

Definition:
Elliptic Curve Cryptography - ECC

Answer 16

Cryptography method that generates more complex and smaller encryption keys

Question 17

Definition:
Perfect Forward Secrecy

Answer 17

Most used in messaging apps, uses a different encryption key for each message in the same conversation

Question 18

Definition:
Steganography

Answer 18

Technique of hiding files, messages, bytes in other files, messages or bytes

Question 19

Definition:
Cipher or Encryption Algorithm

Answer 19

Cryptographic process that encodes and decrypts data, using encryption keys

Question 20

What are the types of ciphers?

Answer 20

1. Substitution and Transposition algorithm
2. Symmetric Algorithm
3. Asymmetric Algorithm

Question 21

Acronym:
AES

Answer 21

Advances Encryption Standard

Question 22

True or false:
The larger the key’s length the more memory and processing power to encrypt/decrypt

Answer 22

True

Question 23

Definition:
Brute force cryptoanalysis

Answer 23

Attempt to decrypt a ciphertext with every possible key

Question 24

True or false:
Symmetric algorithm is more processing consuming that Asymmetric

Answer 24

False

Question 25

List common asymmetric algorithms

Answer 25

1. RSA
2. ECC
3. DSA
4. Diffie-Hellman

Question 26

Acronym:
RSA

Answer 26

Rivest-Shamir-Adleman

Question 27

Acronym:
DSA

Answer 27

Digital Signature Algorithm

Question 28

What RSA is used in?

Answer 28

Mostly in creating digital signatures

Question 29

What DSA is used in?

Answer 29

Only in creating digital signatures

Question 30

What Diffie-Hellman is used in?

Answer 30

Security protocols such as TLS, SSH, IPSec and others

Question 31

What ECC is used in?

Answer 31

Securing data transmission, mainly in websites

Question 32

What are Hybrid Cryptosystems?

Answer 32

Combine the efficiency of symmetric encryption with the convenience of asymmetric encryption.

Question 33

Describe the process in Hybrid Cryptosystems

Question 34

Definition:
Ephemeral Keys

Answer 34

Encryption keys generated for each new session or message sent, used in PFC

Question 35

Acronym:
PFS

Answer 35

Perfect Forward Secrecy

Question 36

Definition:
Open Public Ledger

Answer 36

Distributed public record of transactions that supports the integrity of blockchains.

Question 37

Definition:
Blockchain

Answer 37

Expanding list of transactions protected by cryptography.

Question 38

Definition:
Blocks, [In blockchain]

Answer 38

It’s a record of a transaction.

Question 39

How are the blocks linked criptographycally?

Answer 39

The hash value of the previous block in the chain is added to the hash calculation of the next block in the chain.

Question 40

What is in a block?

Answer 40

• Time
• Date
• Parties involved
• A unique hash that separates the block from other blocks on the chain

Question 41

What are the applications of blockchain?

Answer 41

Financial transactions
Legal contracts
Copyright and Intelectual property
Online voting systems
Identity Management System

Question 42

Definition:
Mining [In blockchain]

Answer 42

It’s the process of adding block to the chain, by generating the 64-digit hexadecimal based hash

Question 42

What are the most common cryptographic attacks?

Answer 42

1. Dictionary Attack
2. Collision Attack
3. Birthday Attack
4. Downgrade Attack

Question 43

Definition:
Dictionary Attack

Answer 43

The use of a list of words and phrases to try to guess the decryption key.

Question 44

Definition:
Collision Attack

Answer 44

A collision attack tries to find two inputs that produce the same hash value.

Done to fake digital signatures

Question 45

Definition:
Birthday Attack

Answer 45

This attack combines a collision attack and a brute-force attack. The name is taken from the birthday probability math problem.

Question 46

Definition:
Downgrade Attack

Answer 46

Forcing systems to use an older, less secure communication protocol.

Question 47

Definition
Cryptographic primitive

Answer 47

Single hash function, symmetric or asymmetric ciphers

Question 48

Definition:
Key Streching

Answer 48

Salts an encryption key, and converts it to a longer and disordered key

Question 49

What are the most common hash uses?

Answer 49

1. File Integrity
2. Digital Signaturee
3. Secure Logon Credential exchamge

Question 50

Definition:
Hash collision

Answer 50

Hashing is a good file verification method, but it is not perfect. Depending on the algorithm used, there is a potential for hash collisions.

Question 51

Most popular hashing algorithm

Answer 51

SHA
MD5
HMAC
RIPEMD

Question 52

Acronym:
SHA

Answer 52

Secure Hashing Algorithm

Question 53

Acronym:
MD5

Answer 53

Message-Digest Algorithm 5

Question 54

Acronym:
HBMSC

Answer 54

Hash-Based Message Authotication Code

Question 55

What are the 3 states of data?

Answer 55

1. Data in transit
2. Data at rest
   3 . Data in use [RAM, registers]

Question 56

What are the types of disk and file encryption?

Answer 56

1. Full-disk Encryption and partition encryption
2. Volume and file encryption
3. Database encryption
4. Database-level encryption
5. Record-level encryption

Question 57

What are the most common data transport encryption? And where are they used?

Answer 57

1. WPA (Wi-fi)
2. IPSec (VPN)
3. TLS (Internet)

Question 58

Acronym:
WPA

Answer 58

Wi-Fi Protected Access

Question 59

Acronym:
IPSec

Answer 59

Internet Protocol Security

Question 60

Acronym:
TLS

Answer 60

Transport Layer Security

Question 61

Acronym:
EFS

Answer 61

Encrypting File System

Question 62

Definition:
Encrypting File System - EFS

Answer 62

EFS combines the speed of symmetric encryption with the convenience of asymmetric encryption using a process called key encapsulation.

Question 63

Definition:
Pretty Good Privacy (PGP)

Answer 63

PGP is a product by Symantec that encrypts devices

Question 64

Definition:
GNU Privacy Guard (GPG)

Answer 64

GNU Privacy Guard (GPG) is an encryption tool that encrypts emails, digitally signs emails, and encrypts documents

Question 65

Acronym:
GPG

Answer 65

GNU Privacy Guard

Question 66

Acronym:
PGP [Encryption Software]

Answer 66

Pretty Good Privacy

Question 67

Acronym:
PKI

Answer 67

Public Key Infrastructure

Question 68

Definition:
Public Key Infrastructure

Answer 68

Framework that establishes trust in the use of public key cryptography to sign and encrypt messages via digital certificates.

Aims to prove that the owners of public keys are who they say they are

Question 69

Difinition:
Digital certificate

Answer 69

Public assertion of identity validaded by a certificate authority (CA)

Question 70

Acronym:
CA

Answer 70

Certificate Authority

Question 71

Definition:
Certificate Authority

Answer 71

Entity that guarantees a digital certificate’s validity

Comodo, DigiCert, GeoTrust, IdenTrust, and Let’s Encrypt.

Question 72

What standard is used on Digital Certificates?

Answer 72

X.509 standard

Approved by the International Telecommunications Union

Standardized by the Internet Engineering Task Force

Question 73

What are the digital certificate’s attributes? What information does it hold?

Answer 73

1. Version
2. Serial Number
   Signature algorithm [Cryptographic Algorithm]
3. Issuer - CA
4. Valid From and Valid To
5. Subject
6. Public Key [Encryption algorithm]

Question 74

Aside from expiration, what other reasons a certificate might be invalidated?

Answer 74

1. The organization no longer exists.
2. The private key has been compromised.
3. The issued certificate is discovered to be fake.

Question 75

Acronym:
CRL

Answer 75

Certificate Revocation List

Question 76

Definition:
Certificate Revocation List - CRL

Answer 76

Blacklist of expired or untrustworthy certificates maintained by CAs

Question 77

Acronym:
OSCP

Answer 77

Online Certificate Status Protocol

Question 78

Definition:
Online Certificate Status Protocol - OSCP

Answer 78

Internet protocol used to determine the validity or state of a certificate.

Question 79

Why use OSCP rather than CRL?

Answer 79

• Faster validation
• No need to download the entire CRL.
• A grace period for expired certificates.

Question 80

List the certificates types

Answer 80

1. Root certificate
2. Subject Alternative Name (SAN) certificate
3. Wildcard certificate
4. Code-signing certificate
5. Self-signed certificate
6. Email certificate
7. User and computer certificate

Question 81

Definition:
Root certificate

Answer 81

Emitted by a CA, basically a self-signed certificate

Question 82

Definition:
Subject Alternative Name (SAN) certificate

Answer 82

Allows organizations to use the same certificate for different domain names

Question 83

Definition:
Wildcard certificate

Answer 83

Similar to SAN certificate, instead of multiple domain names allows the use for different subdomains

Question 84

Definition:
Code-signing certificate

Answer 84

Used by app developers to prove their application is legitimate.

Question 85

Definition:
Self-signed certificate

Answer 85

Self-signed certificates are certificates that have not been validated or signed by a CA.

Question 86

Definition:
Email certificate

Answer 86

Used to secure email communication.

Question 87

Definition:
User and computer certificate

Answer 87

User and computer certificates are used in a network environment to identify and validate specific users or computers.

Question 88

Acronym:
CSR

Answer 88

Certificate Signing Request

Question 89

Definition:
Certificate Signing Request - CSR

Answer 89

The CSR is a file containing the information the subject wants to use in the certificate, including its public key, sent to the CA to sign.

Question 90

Acronym:
FQDN

Answer 90

Fully Qualified Domain Name

Question 91

What is the field SAN used for?

Answer 91

Structured to represent different types of identifiers, including FQDNs and IP addresses.

Question 92

What is the field CN - Common Name

Answer 92

Previous used to identify the FQDN, it’s now deprecated

Question 93

What are the attributes of a CRL - Certificate Revocation List?

Answer 93

1. Publish Period
2. Distribution Point(s)
3. Validity Period
4. Signature - the CRL is signed by the CA

Question 94

Definition:
Root of Trust Model

Answer 94

Defines how users and different CAs can trust one another. It’s the root certificate

Question 95

Definition:
Single CA Model

Answer 95

In this simple model, a single root CA certificates directly to users and computers.

Question 96

Definition:
Hierarchical model - Third Party CAs

Answer 96

The root CA issues certificates to one or more intermediate CAs.

The intermediate CAs issue certificates to subjects (leaf or end entities).

Question 97

Definition:
Certificate chaining/Chain of trust

Answer 97

Each leaf certificate can be traced to the root CA along the certification path, in the hierarchical model.

Question 98

What are the main methods to keep Private Key Safety

Answer 98

1. Key archival
2. Key escrow

Question 99

Definition:
Key archival Method

Answer 99

The private key is sent securely and backed up by the CA.

Question 100

Definition:
Key escrow

Answer 100

Refers to archiving a key (or keys) with a third party. A key can be split into more parts.

Each part can be held by separate escrow providers, reducing the risk of compromise.

Question 101

Acronym:
KRA

Answer 101

Key Recovery Agent

Question 102

Definition:
Key Recovery Agent - KRA

Answer 102

Account with permission to access a key held in escrow, usually required two or more KRA to authorize the operation.