Question

Chapter 06 Applied Cryptography

1. How is integrity provided?

A. Using two-way hash functions and digital signatures

B. Using one-way hash functions and digital signatures

C. By applying a digital certificate

D. By using asymmetric encryption

2. Which term refers to the matching of a user to an account through previously shared credentials?

A. Nonrepudiation

B. Digital signing

C. Authentication

D. Obfuscation

3. Which term refers to an arranged group of algorithms?

A. Crypto modules

B. Cryptographic service providers (CSPs)

C. Cipher suite

D. IP Security (IPsec)

4. A session key is a(n) __________ key used for encrypting messages during a communication session.

A. asymmetric

B. symmetric

C. Ephemeral

D. Bcrypt

5. Which key-stretching mechanism uses the Blowfish cipher and salting, and adds an adaptive function to increase the number of iterations?

A. Password-Based Key Derivation Function 2 (PBKDF2)

B. Bcrypt

C. YubiKey

D. Obfuscation

6. Transport encryption is used to protect data that is __________.

A. in use

B. at rest

C. in motion

D. in modification

7. Which term refers a software library that implements cryptographic functions?

A. Crypto modules

B. Cryptographic service providers (CSPs)

C. Cipher suite

D. IP Security (IPsec)

8. Which term refers to protecting data from casual observation?

A. Obfuscation

B. Nonrepudiation

C. Authentication

D. Confidentiality

9. What is one of the most common ways to encode into an image file?

A. Use a message authentication code (HMAC)

B. Use hash-algorithm SHA-256 instead of MD5

C. Use LSB encoding

D. Employ a cipher suite

10. HTTPS uses TCP port __________ and is the most widely used method to secure HTTP traffic

A. 80

B. 443

C. 993

D. 995

11. What is the best way to thwart a known plaintext/ciphertext attack?

A. Lock the account after a few failed login attempts

B. Use salted hashes

C. Use a large keyspace

D. Encrypt the password file with asymmetric encryption

12. What is the best way to thwart a brute force attack on a system where the attacker is attempting to guess the password at a login prompt?

A. Store passwords in a key escrow file

B. Lock the account after a few failed login attempts

C. Use salted hashes

D. Disallow remote login access

13. Which type of attack occurs when two different inputs yield the same output of a hash function?

A. Dictionary

B. Birthday

C. Collision

D. Replay

TRUE / FALSE

14. A digital signature by itself can protect the contents of the message from interception.

15. Over time, ciphers can become vulnerable to attacks.

16. Key stretching is a mechanism that takes what would be weak keys and “stretches” them to make the system more secure against man-in-the-middle attacks.

17. Authentication is a property that deals with the ability to verify that a message has been sent and received so that the sender (or receiver) cannot refute sending (or receiving) the information.

18. By default, LDAP traffic is transmitted insecurely.

19. The most common form of authentication is the user ID and password combination.

Answer 1

1) A (Integrity is provided using two way hash functions and digital signatures)

2)C (Authentication)

3)C (Cipher Suite)

4)B (symmetric)

5)B (Bcrypt)

6)B (at rest)

7)B (Cryptographic service provider)

8)D (Confidentiality)

9)B ( Use hash-algorithm SHA-256 instead of MD5 )

10)B (443)

11) D (Encrypt the password file with asymmetric encryption)

12) B (Lock the account after a few failed login attempts )

13) B (Birthday Attack)

TRUE OR FALSE

14. False

15.True

16.True

17.False

18.False

19.True