IT Cryptography Questions and Answers

Question 1: In a key distribution center, which items must have special arrangements to be securely distributed to other key distribution centers?  Answer: Session Keys

Question 2: A manager must choose the fastest hash algorithm for a particular business application. Which hash algorithm is the fastest of the supported ciphers?  Answer: SHA-1

Question 3: A network administrator for a large company has decided to set up a PKI to distribute public keys among users. What should the administrator do to increase the security of his PKI? Answer: Secure the private keys

Question 4: One party receives a message digitally signed by the other. The sender claims that the message was never sent. What is the only valid reason for this claim? Answer: The sender’s private key was compromised

Question 5: Which form of user authentication costs the least in terms of administrative overhead? Answer: Something the individual knows

Question 6: A secure stock trading system specifies that each server has a master key known to itself and each of its peers. Which key management system does this scenario exemplify? Answer: Key Distribution Center (KDC)

Question 7: Which element in a X.509 certificate is encrypted? Answer: The certificate authority’s information

Question 8: A user is worried that accessing a web server will allow other people to snoop inside the user's sent and received data on the network. Which action ensures the data’s security? Answer: Verifying that the connection is secured with SSL/TLS

Question 9: A software designer needs to specify a hashing algorithm to use for an application. The only constraints are that the algorithm be in wide use and generally considered secure. Which algorithm should the software designer choose? Answer: SHA-2

Question 10: One party receives a message digitally signed by the other. The sender claims that the message was never sent. What is the only valid reason for this claim? Answer: The sender’s private key was compromised

Question 11: An information security analyst is enabling Media Access Control filtering on a wireless network. Which concern does the analyst’s action address? Answer: Confidentiality 

Question 12: Which was announced by the National Institute of Standards and Technology (NIST) as the new standard symmetric block cypher? Answer: Data Encryption Standard (DES)

Question 13: A busy e-commerce website chooses to use elliptic curve cryptography (ECC) over RSA. Which benefit does ECC have over RSA? Answer: It is much more secure

Question 14: How is authentication implemented with WTLS? Answer: With a private key

Question 15: What attribute is demonstrated by a hashing algorithm that can be vulnerable to the birthday party paradox principle? Answer: The algorithm produces many collisions.

Question 16: A software designer specifies a smaller-than-average key size for encrypting because the data is only confidential for a brief period of time. How could the decision be classified? Answer: Computationally Secure

Question 17: What makes WEP less secure than WPA2? Answer: Repetitive use of public one-time keys 

Question 18: Which encryption algorithm is an example of being unconditionally secure? Answer: One-time pad

Question 19: A researcher is testing the security of a new encryption algorithm by trying to uncover the secret key. The researcher has the ciphertext and the original message. What kind of attack is this individual performing? Answer: Known plaintext

Question 20: A cryptanalyst has received an encrypted block of data. All the analyst knows is that the data likely represents an email message. Which kind of attack can the analyst use in an attempt to break the code? Answer: Ciphertext only

Question 21: Which step of Quantum Cryptography follows the creation of the session key and its distribution over the secure channel? Answer: The encrypted message is transmitted over the secure channel.

Question 22: A hash function and an HMAC may be used to meet similar goals. What differentiates a hash function from an HMAC? Answer: The hash function requires a 128-bit key

Question 23: Which action represents an example of using cryptography to ensure non-repudiation? Answer: A receiver calculates a message digest on a packet and compares it with the message digest attached to a received message. 

Question 24: End users at different locations enjoy a message authentication code for their communications. In what way does the shared secret key prevent an intruder from altering their messages? Answer: The sender generates the message digest value

Question 25: Classify each algorithm as either block cipher or stream cipher. Answer options may be used more than once or not at all. Answer: AES is a Block Cipher, RC5 is a block cipher, RC4 is a block cipher, and CAST is a stream cipher. 

Question 26: An employee for a large pharmaceutical company needs to communicate with a vendor securely so trade secrets are not shared. While the speed of encryption is not a concern, the protection of the private key is. Which encryption method should the employee use? Answer: Asymmetric encryption

Question 27: A fugitive on the run wants to encrypt bank account numbers housing millions of dollars. Which symmetric algorithm would the fugitive use for the most security? Answer: Triple Data Encryption Standard

Question 28: A government official is concerned about the authenticity of her digital signature. What should the message be encrypted with to make sure the authenticity of the digital signature is verified? Answer: Her asymmetric private key

Question 29: Which hashing algorithm operates without using a key as part of its execution? Answer: El Gamal

Question 30: Why is a Pretty Good Privacy user’s private key kept hidden? Answer: To make sure the message is secure in transit

Question 31: End users at different locations employ a message authentication code for their communications. In what way does the shared secret key prevent an intruder from altering their messages? Answer: The sender generates the message digest value. 

Question 32: Which action represents an example of using cryptography to ensure non-repudiation? Answer: A receiver calculates a message digest on a packet and compares it with the message digest attached to a received message

Question 33: A hash function and an HMAC may be used to meet similar goals. What differentiates a hash function from an HMAC? Answer: The hash function requires a 128-bit key

Question 34: Which step of quantum cryptography follows the creation of the session key and its distribution over the secure channel? Answer: The encrypted message is transmitted over the secure channel

Question 35: A remote user needs to log into a server at her office. She views the string of numbers on her smart card and enters these into the computer. Which cryptographic goal is she meeting with this action? Answer: Authentication

Question 36: Classify each algorithm as either block or stream cipher. Answer options may be used more than once or not at all. Answer: AES is a Block Cipher, RC5 is a block cipher, RC4 is a block cipher, and CAST is a stream cipher. 

Question 37: A government official is concerned about the authenticity of her digital signature. What should the message be encrypted with to make sure the authenticity of the digital signature is verified? Answer: Her asymmetric private key

Question 38: Which hashing algorithm operates without using a key as part of its execution? Answer: El Gamal

Question 39: Why is a Pretty Good Privacy user’s private key kept hidden? Answer: To make sure the message is secure in transit

Question 40: An employee for a large pharmaceutical company needs to communicate with a vendor securely so trade secrets are not shared. While the speed of encryption is not a concern, the protection of the private key is. Which encryption method should the employee use? Answer: Asymmetric encryption

Question 41: In a common attack against servers, one or more clients repeatedly request the allocation of resources without accepting the offer of a connection. As a result, the server is unable to respond to legitimate requests for a connection. What is the term for this type of attack? Answer: SYN flooding

Question 42: Information traveling over an unsecured medium is at risk of being altered. Which security principle must be applied to prevent information from being altered? Answer: Integrity

Question 43: Information traveling over an unsecured medium is at risk of being altered. Which security principle must be applied to prevent information from being altered? Answer: Integrity

Question 44: Which activity ensures data integrity? Answer: Only authorized users are allowed access to a computer system containing sensitive information

Question 45: A sender and receiver are using a polyalphabetic substitution cypher. What allows them to be certain they agree on the correct alphabet for each character? Answer: Key

Question 46: Which type of cipher applies mathematical functions to each bit individually? Answer: Block-oriented

Question 47: The chief executive officer of a company is sending out an important financial memo to the chief financial officer. Which core principle of security will verify that the memo was sent by the chief executive officer? Answer: Digital signatures

Question 48: Which piece of information is part of an SSL session’s Cipher Spec parameters? Answer: Peer X509.v3 certificate

Question 49: The SSL server and client compute their write keys and initialization vectors from which key? The pre-master secret key

Question 50: Classify each characteristic as an asymmetric or symmetric key algorithm. Answer options may be used more than once or not at all. Answers: 1. Asymmetric. 2. Symmetric. 3. Asymmetric. 4. Symmetric. 5. Symmetric. 

Question 51: What is the term for the method of verifying the source of a message? Answer: Data origin authentication

Question 52: Which type of cipher applies mathematical functions to each bit individually? Answer: Block-Oriented

Question 53: What is the characteristic of the Caesar encryption method? Answer: A fixed-length key determines which substitution alphabet will be applied to each plaintext letter

Question 54: Which activity is likely to be performed by an intruder launching a frequency analysis attack? Answer: Identifying characters or symbols that appear most frequently in the ciphertext