Sec 701 - Encryption

Question 1

RA

Answer 1

Registration Authority - Accepts registration requests & authenticates the entity that makes a request.

Question 2

PBKDF2

Answer 2

Password-Based Key Derivation Function 2 - Key stretching algorithm used for protecting passwords

Question 3

HMAC

Answer 3

Hash Message Authentication Code - Combines cryptographic hash function with a secret key.

Question 4

IaC

Answer 4

Infrastructure as Code - Manages infrastructure resources through scripts & templates

Question 5

CRC

Answer 5

Cyclic Redundancy Checks - Hash function used for error checking

Question 6

DSA

Answer 6

Digital Signature Algorithm - Creates & verifies digital signatures, not suited for encryption.

Question 7

RSA

Answer 7

One of the oldest & widely used public key encryption

Question 8

VLSM

Answer 8

Variable Length Subnet Mask - Networking technique that divides an IP range into subnets with different subnet masks.

Question 9

ECDSA

Answer 9

Used for IoT, no native encryption and used for digital signatures. Derived from Elliptical Curve Cryptography

Question 10

TACACS

Answer 10

Networking protocol Uses TCP for reliable communication & encrypts ENTIRE payload. Is AAA compliant.

Terminal Access Controller Access Control System

Question 11

SAE

Answer 11

802.11 network standard compliant, used with WPA3 personal. Hash of a generated key unique to each authentication to the network.

Question 12

PKCS

Answer 12

Public-key Cryptography Standards - Standards for cryptography that provide guidelines and APIs for cryptography.

Question 13

IaM

Answer 13

Identity Access Management - User access control to specific network segments & resources based on roles & permissions

Question 14

Symmetric Ciphers

Answer 14

AES, DES, IDEA, RC4

Question 15

Asymmetric Ciphers

Answer 15

DHE, ECC, RSA

Question 16

KEK

Answer 16

Key-Encryption-Key - Used in key management systems to add an extra layer of security when encrypting and decrypting

Question 17

PFS

Answer 17

Perfect Forward Secrecy - Strengthen security of session keys & encrypt/decrypt automatically

Question 18

IKE

Answer 18

Internet Key Exchange - Set up secure connections & exchange cryptographic keys in IPsec VPNs

Question 19

PSK

Answer 19

Pre-Shared Key - A secret key that has been established between the parties who are authorized to use it by means of some secure method

Question 20

RC4

Answer 20

Legacy stream cipher used in WEP

Question 21

Stream Cipher

Answer 21

Each plaintext digit is encrypted one at a time

Question 22

DES

Answer 22

Data Encryption Standard - Legacy symmetric-key block cipher. Influential but no longer used.

Question 23

TGT

Answer 23

Ticket Granting Ticket (Kerberos) - Secure token granted to a user after initial login, do not need to re-enter credentials every time they use a service.

Question 24

GCM

Answer 24

Combines Cyber Threat Monitoring (CTM) for encryption with an authentication mechanism to ensure both data confidentiality and integrity

Question 25

IDEA

Answer 25

Form of symmetric key block cipher, REPLACED by AES

Question 26

AES

Answer 26

Advanced Encryption Standard - Symmetric block cipher chosen by the US Govt. Replaces DES & IDEA

Question 27

CFB

Answer 27

Cipher Feedback - Transforms a block cipher into a stream cipher, enables encryption of individual bits or bytes

Question 28

CBC

Answer 28

Cipher Block Chaining - Chains cipher blocks together, each cipher text block depends on the previous block.

Question 29

ECB

Answer 29

Simple mode of operation with a block cipher, used with symmetric key encryption