Practice Exam 11 Flashcards
PE11.1 An attacker employs a Metasploit auxiliary module that exploits a built-in feature of OpenSSL. In the effort, the attacker’s system sends a single byte of data representing it has received 64KB. The target responds by sending back 64KB of data from its memory. Which of the following attacks is being described?
A. POODLE
B. FREAK
C. Heartbleed
D. DROWN
C
C. Back when it was discovered in March of 2014, Heartbleed was described as the worst vulnerability found (at least in terms of its potential impact) since commercial traffic began to flow on the Internet. Heartbleed exploits a small feature in OpenSSL that turned out to present a very big problem. OpenSSL uses a heartbeat during an open session to verify that data was received correctly, and it does this by “echoing” data back to the other system. Basically one system tells the other, “I received what you sent and it’s all good. Go ahead and send more.” In Heartbleed, an attacker sends a single byte of data while telling the server it sent 64KB of data. The server will then send back 64KB of random data from its memory. Items such as usernames and passwords, private keys (which is exceptionally troubling, since future communication could be decrypted), cookies, and a host of other nifty bits of information could be easily stolen.
A is incorrect because this does not describe POODLE. POODLE (Padding Oracle On Downgraded Legacy Encryption) is a vulnerability in the backward-compatibility steps taken by TLS clients.
B is incorrect because this does not describe FREAK. Factoring Attack on RSA-EPORT Keys (FREAK) is a man-in-the-middle attack that forces a downgrade of an RSA key to a weaker length. The attacker forces the use of a weaker encryption key length, enabling successful brute-force attacks.
D is incorrect because this does not describe DROWN. DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS (in particular, SSLv2 connections).
PE11.2 Which of the following statements is true regarding digital signatures?
A.Digital signatures are issued once per user, to be used on all documents until they expire.
B.A digital signature is a plain hash of the document contents.
C.Digitals signatures are issued per file type, allowing each to be used on multiple files until they expire.
D.A digital signature cannot be moved from one document to another.
D
D. If you know how a digital signature is created, this one is easy. The signature is nothing more than a hash of the document contents—making sure the contents don’t change between sender and receiver—encrypted with the sender’s private key. By using the private key, anyone holding the sender’s public key (sent from the CA) can decrypt said hash of document contents, ensuring the sender’s identity and comparing the hash to ensure document authenticity.
A and C are both incorrect for the same reason—digital signatures aren’t used across documents; they are explicitly created once per document.
B is incorrect because a hash of the document is but one portion of the digital signature.
PE11.3 Which of the following statements are true regarding a PKI system? (Choose two.)
A. The CA encrypts all messages.
B.The CA is the trusted root that issues certificates.
C.The CA is the recovery agent for lost certificates.
D.The RA verifies an applicant to the system.
E. The RA issues all certificates.
F. The RA encrypt all messages.
B, D. A PKI system consists of a bunch of parts, but the certificate authority is right at the top. The CA issues, maintains, and protects all the certificates for the system and maintains the certificate revocation list (CRL). It is the one place everything in the system can go to for protected data. The registration authority (RA) does several functions to take the load off the CA, and verifying the identity of an applicant wanting to use the system is one of the major tasks.
A, C, E, and F are all incorrect because they do not correctly describe a PKI environment. The CA does not encrypt messages and is not a recovery agent for lost ones. The RA does not issue certificates or encrypt messages.
PE11.4 A person approaches a network administrator and wants advice on how to send encrypted e-mail from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following offers a method for sending encrypted e-mail without having to pay for license fees or manage a server?
A. IP Security (IPSec)
B. Multipurpose Internet Mail Extensions (MIME)
C. Pretty Good Privacy (PGP)
D.Hypertext Transfer Protocol with Secure Socket Layer (HTTPS)
C. I’m pretty sure you understand this comment already, but I’ll say it again here to reinforce it: sometimes things on your CEH exam simply don’t match up with reality. This question is a prime example. EC-Council, and their documentation up through version 8, defines Pretty Good Privacy (PGP) as a free, open source, e-mail encryption method available for all to use. In truth, PGP is now synonymous with a single company’s offering, based on the original PGP. The true open source, free side of it now is known more as OpenPGP (www.openpgp.org/). OpenPGP uses a decentralized system of trusted introducers that act in the same way as a certificate authority. Basically, in this web-of-trust relationship, if User A signs User B’s certificate, then anyone who trusts User A will also trust User B. You can find downloads for software still using the free, open PGP at www.pgpi.org/.
A is incorrect because IPSec is not intended as an e-mail encryption standard; it creates tunnels for the secure exchange of data from one system to another.
B is incorrect because MIME is an Internet standard that allows the text-only protocol SMTP to transport nontext entities, such as pictures and non-ASCII character sets.
D is incorrect because HTTPS is not intended as an e-mail encryption standard. It sets up a secured means of transporting data within a session and is usually associated with web traffic.
PE11.5 Which of the following is best defined as an encryption protocol commonly used for e-mail security?
A. PGP
B. Keyczar
C. RSA
D. MD5
A. Even though it’s probably best known as an e-mail security protocol/application, Pretty Good Privacy (PGP) can be used for a variety of purposes. PGP is used for encryption and decryption of messaging (including e-mail), data compression, digital signing, and even whole disk encryption. It provides authentication and privacy as well as combines conventional and public-key cryptography. Don’t get this confused with S/MIME. Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standards-based protocol that can also encrypt messages; however, it does not provide many of the other features PGP offers (most importantly, whole disk encryption).
B is incorrect because Keyczar is an open source cryptographic toolkit designed to help developers to use cryptography in their applications.
C is incorrect because RSA is an asymmetric encryption algorithm that makes use of two large prime numbers. Factoring these numbers creates key sizes up to 4096 bits. RSA can be used for encryption and digital signatures, and it’s the modern de facto standard for those purposes.
D is incorrect because MD5 is a hash algorithm, and as we all know, hash algorithms don’t encrypt anything. Sure, they’re great at integrity checks, and, yes, you can pass a hash of something in place of the original (sending a hash of a stored password, for instance, instead of the password itself). However, this is not true encryption.
PE11.6 You’re describing a basic PKI system to a new member of the team. He asks how the public key can be distributed within the system in an orderly, controlled fashion so that the users can be sure of the sender’s identity. Which of the following would be your answer? A. Digital signature B. Hash value C. Private key D. Digital certificate E. Nonrepudiation
D
D. This one is actually easy, yet it is confusing to a lot of folks. You have to remember the goal of this little portion of a PKI system—how does one know this public key really belongs to User Joe and not User Mike, and how can it be delivered safely to everyone? A digital certificate is the answer because it contains the sender’s public key and can be used to identify the sender. Because the CA provides the certificate and key (public), the user can be certain the public key actually belongs to the intended recipient. This simplifies distribution of keys as well, because users can go to a central authority—a key store, if you will—instead of directly to each user in the organization. Without central control and digital certificates, it would be a madhouse, with everyone chucking public keys at one another with wild abandon. And PKI is no place for Mardi Gras, my friend.
A is incorrect because although a digital signature does provide a means for verifying an identity (encryption with your private key, which can be decrypted only with your corresponding public key, proves you are indeed you), it doesn’t provide any means of sending keys anywhere. A digital signature is nothing more than an algorithmic output that is designed to ensure the authenticity (and integrity) of the sender. You need it to prove your certificate’s authenticity, but you need the certificate in order to send keys around.
B is incorrect because a hash value has nothing to do with sending public keys around anywhere. Yes, hash values are “signed” to verify authenticity, but that’s it. There is no transport capability in a hash. It’s just a number and, in this case, a distractor answer.
C is incorrect for a number of reasons, but one should be screaming at you from the page right now: you never, never send a private key anywhere. If you did send your private key off, it wouldn’t be private anymore, now would it? The private key is simply the part of the pair used for encryption. It is never shared with anyone.
E is incorrect because nonrepudiation is a definition term and has nothing to do with the transport of keys. Nonrepudiation is the means by which a recipient can ensure the identity of the sender, and neither party can deny having sent or received the message.
PE11.7 7.After TLS had largely replaced SSL for secure communications, many browsers retained backward compatibility to SSL 3.0. Which vulnerability takes advantage of the degradation of service down to SSL 3.0 in the TLS handshake?
A.Heartbleed
B.FREAK
C.DROWN
D.POODLE
D.
D. POODLE (Padding Oracle On Downgraded Legacy Encryption) was discovered by Google’s security team and announced to the public on October 14, 2014.
PE11.8 Which mode of IPSec is most often chosen for internal communications? A. AH B. ESP C. Tunnel D. Transport
D
D. IPSec is a Network layer encryption protocol that can be used in two modes: Tunnel and Transport. In Transport mode, the data payload is encrypted but the rest of the packet (the IP header in particular) is not touched. This works well internally, between end stations, or between an end station and a gateway, if the gateway is being treated as a host. NAT is not supported by Transport mode, although it can be combined with other tunneling protocols.
A is incorrect because the Authentication Header (AH) is a protocol in the IPSec suite, verifying an IP packet’s integrity and determining the validity of its source.
B is incorrect because Encapsulating Security Payload (ESP) is another protocol in the IPSec suite, and it actually encrypts each packet.
C is incorrect because Tunnel mode encrypts the entire packet, including the headers. It’s not that you can’t use Tunnel mode inside the network; it’s just not common or recommended.
PE11.9 9.An organization is concerned about corporate espionage and has evidence suggesting an internal employee has been communicating trade secrets to a competitor. After some investigation, the employee leaking secrets was identified. Monitoring of the employee’s previous communications outside the company revealed nothing out of the ordinary, save for some large unencrypted e-mails containing image files of humorous pictures to external addresses. Which of the following is the most logical conclusion based on these facts?
A.E-mail encryption allowed the user to hide files.
B.The user hid information in the image files using steganography.
C.Logical watermarking of images and e-mails fed the sensitive files piece by piece to the competitor.
D.SMTP transport fuzzing was used.
B
B. In this circumstance, you know the employee has been sending sensitive documents out of the network. IDS obviously hasn’t picked up on anything, and there was nothing overtly done to give away the intent. The only thing out of the ordinary turned out to be large e-mail files holding nothing but images. Given the answers provided, steganography is the most logical choice, and the user simply folded the sensitive data into the latest joke image he found and sent it on its merry way.
A is incorrect because e-mail encryption isn’t in place—it’s specifically called out in the question and wouldn’t necessarily allow external encryption or hide the information from later forensics examinations.
C and D are incorrect because logical watermarking and SMTP transport fuzzing, as far as I know, don’t even exist. They sound cool and may appear legitimate, but they’re definitely not the answer you’re looking for.
PE11.10 A hacker has gained access to several files. Many are encrypted, but one is not, it happens to be an unencrypted version of an encrypted file. Which of the following is the best choice for possibly providing a successful break into the encrypted files?
A. Cipher text only
B. Known plain text
C. Chosen cipher text
D. Replay
B
B.
C is incorrect because chosen cipher text works almost exactly like a cipher-text-only attack. Statistical analysis without a plain-text version for comparison can be performed, but it’s only for portions of gained cipher text. That’s the key word to look for. As an aside, RSA is susceptible to this attack in particular (an attacker can use a user’s public key to encrypt plain text and then decrypt the result to find patterns for exploitation).
D is incorrect because it’s irrelevant to this scenario. Replay attacks catch streams of data and replay them to the intended recipient from another sender.
PE11.11 Which of the following methods should be used to check for the Heartbleed vulnerability?
A.Use the ssl-heartbleed script in nmap.
B.Connect via TLS to each system and examine the response handshake.
C.Use ping -ssl and examine the responses.
D.Use Tripwire.
A
A. An nmap scan can show you a variety of information, and thankfully it also provides a quick means to check for Heartbleed. Using the ssl-heartbleed script will return “NOT VULNERABLE” on systems without the vulnerability. Syntax for the script use is nmap -d -script ssl-hearbleed -script-args vulns.showall -sV IPADDRESS (where IPADDRESS is the host, or range, you are testing).
B is incorrect because Heartbleed has nothing to do with TLS.
C is incorrect because there is no such thing as the ping -ssl command.
D is incorrect because Tripwire is a conglomeration of tool actions that perform the overall IT security efforts for an enterprise. Tripwire provides for integrity checks, regulatory compliance, configuration management, among other things, but not Heartbleed scans.
PE11.12 What is the XOR output of 01010101 and 11001100? A.01100110 B.10101010 C.10011001 D.0011001
C
C. XOR operations are used a lot in various encryption efforts (in addition to many other uses). In an XOR operation, two bits are compared. If the bits match, the output is a zero. If they don’t, the output is a 1. In this example, put 01010101 on top of 11001100 and compare each bit, one by one.
A, B, and D are incorrect because these do not represent the output of an XOR on these two inputs.
PE11.13 Amy and Claire work in an organization that has a PKI system in place for securing messaging. Amy encrypts a message for Claire and sends it on. Claire receives the message and decrypts it. Within a PKI system, which of the following statements is true?
A.Amy encrypts with her private key. Claire decrypts with her private key.
B.Amy encrypts with her public key. Claire decrypts with her public key.
C.Amy encrypts with Claire’s private key. Claire decrypts with her public key.
D.Amy encrypts with Claire’s public key. Claire decrypts with her private key.
D. When it comes to PKI encryption questions, remember the golden rule: encrypt with public, decrypt with private. In this instance, Amy wants to send a message to Claire. She will use Claire’s public key—which everyone can get—to encrypt the message, knowing that only Claire, with her corresponding private key, can decrypt it.
A is incorrect because you do not encrypt with a private key in a PKI system. Yes, you can encrypt with it, but what would be the point? Anyone with your public key—which everyone has—could decrypt it! Remember, private = decrypt, public = encrypt.
B is incorrect because, in this case, Amy has gotten her end of the bargain correct, but Claire doesn’t seem to know what she’s doing. PKI encryption is done in key pairs—what one key encrypts, the other decrypts. So, her use of her own public key to decrypt something encrypted with Amy’s key—a key from a completely different pair—is baffling.
C is incorrect because there is no way Amy should have anyone’s private key, other than her own. That’s kind of the point of a private key—you keep it to yourself and don’t share it with anyone. As a note here, the stated steps would actually work—that is, one key encrypts, so the other decrypts—but it’s completely backward for how the system is supposed to work. It’s an abomination to security, if you will.
PE11.14 Hope works on a security team, and her laptop contains many confidential files. Which of the following is the best choice for protection of those files from loss or theft of the laptop?
A.Set a BIOS password
B.Create hidden folders to store the files in
C.Password protect the files
D.Install Full Disk Encryption
D. Full disk encryption (FDE), otherwise known as data-at-rest protection, is designed explicitly for this purpose. In an enterprise-level system, each laptop (or other portable system) disk is encrypted and assigned a password (PIN) only the owner knows and a means to generate and use a recovery key. At boot, the owner enters the key and the disk is unlocked for use. If the password is forgotten, the recovery key can be generated and used to unlock the drive. This protects the data from loss or theft of the system itself.
A is incorrect because while setting a BIOS password isn’t necessarily a bad idea, it’s not a foolproof way to protect the data. The drive itself can simply be pulled out of the drive and forensically examined for data extraction.
B is incorrect because “hidden” folders won’t provide any protection at all.
C is incorrect because, although password protecting the files isn’t necessarily a bad idea, it doesn’t provide for protection of the data. As we’ve discussed on multiple occasions in this and the companion book, passwords can be broken, and usually fairly easily—especially with physical access to the drive.
PE11.15 Which of the following statements is not true regarding steganography?
A.Steganography can use least significant bit insertion, masking, and filtering as techniques to hide messaging.
B.Steganography only works on color images.
C.Image files embedded with steganography may be larger in size and display strange color palettes.
D.Character positioning, text patterns, unusual blank spaces, and language anomalies can all be symptoms of a text file embedded with steganography.
B. Steganography is the practice of concealing a message inside another medium (such as another file or an image) in such a way that only the sender and recipient even know of its existence, let alone the manner in which to decipher it. It can be as simple as hiding the message in the text of a written correspondence or as complex as changing bits within a huge media file to carry a message. Steganography can be embedded in color or grayscale images, text files, audio files, and even in video.