Chapter 10 Test Review 401
Download
Report
Transcript Chapter 10 Test Review 401
CHAPTER 10 TEST
REVIEW
Dr. Melanie Wiscount
McKinley Technology HS
OF THE FOLLOWING
CHOICES, WHAT CAN YOU
USE TO VERIFY DATA
INTEGRITY?
• AES
• DES
• RC4
• SHA
A SECURITY TECHNICIAN RUNS AN
AUTOMATED SCRIPT EVERY NIGHT
DESIGNED TO DETECT CHANGES IN
FILES. OF THE FOLLOWING CHOICES,
WHAT ARE THE MOST LIKELY
PROTOCOLS USED IN THIS SCRIPT?
• PGP and MD5
• ECC and HMAC
• AES and Twofish
• MD5 and HMAC
SOME ENCRYPTION ALGORITHMS
USE STREAM CIPHERS AND SOME
USE BLOCK CIPHERS. WHICH OF THE
FOLLOWING ARE EXAMPLES OF
BLOCK CIPHERS? (SELECT 3)
• AES
• DES
• MD5
• SHA
• RC4
• Blowfish
WHICH OF THE FOLLOWING
ALGORITHMS ENCRYPTS DATA IN
64-BIT BLOCKS?
• AES
• DES
• Twofish
• RC4
AN APPLICATION DEVELOPER NEEDS
TO USE AN ENCRYPTION PROTOCOL
TO ENCRYPT CREDIT CARD DATA
WITHIN A DATABASE USED BY THE
APPLICATION. WHICH OF THE
FOLLOWING WOULD BE THE
FASTEST, WHILE ALSO PROVIDING
STRONG CONFIDENTIALITY?
• AES-256
• DES
• Blowfish
• SHA-2
YOUR ORGANIZATION USES
SEVERAL DIFFERENT TYPES OF
CRYPTOGRAPHIC TECHNIQUES.
WHICH OF THE FOLLOWING
TECHNIQUES USES A PRIVATE
KEY AND A PUBLIC KEY?
• AES
• RSA
• Blowfish
• MD5
YOUR NETWORK REQUIRES A
SECURE METHOD OF SHARING
ENCRYPTION KEYS OVER A
PUBLIC NETWORK. WHICH OF THE
FOLLOWING IS THE BEST
CHOICE?
• Symmetric encryption
• Bcrypt
• Diffie-Hellman
• Steganography
ISSUE EMPLOYEES MOBILE
DEVICES SUCH AS SMART
PHONES AND TABLETS. THESE
DEVICES DON’T HAVE A LOT OF
PROCESSING POWER. WHICH OF
THE FOLLOWING
CRYPTOGRAPHIC METHODS HAS
THE LEAST OVERHEAD AND
WILL WORK WITH THESE
• ECC
MOBILE
DEVICES?
• 3DES
• Bcrypt
• PBKDF2
SECRETS TO A COMPETITOR. A SECURITY
INVESTIGATOR IS EXAMINING HIS LAPTOP AND
NOTICES A LARGE VOLUME OF VACATION
PICTURES ON THE HARD DRIVE. DATA ON THIS
LAPTOP AUTOMATICALLY UPLOADS TO A
PRIVATE CLOUD OWNED BY THE COMPANY ONCE
A WEEK. THE INVESTIGATOR NOTICES THAT
THE HASHES OF MOST OF THE PICTURES ON
THE HARD DRIVE ARE DIFFERENT FROM THE
HASHES OF THE PICTURES IN THE CLOUD
LOCATION. WHICH OF THE FOLLOWING IS THE
MOST LIKELY EXPLANATION FOR THIS
SCENARIO?
• The manager is leaking data using hashing methods.
• The manager is leaking data using digital signatures.
• The manager is leaking data using steganography methods.
• The manager is not leaking data.
ACCESSES A FINANCIAL DATABASE
ON A SERVER WITHIN YOU
NETWORK. DUE TO RECENT DATA
BREACHES, MANAGEMENT WASN’T
TO ENSURE TRANSPORT
ENCRYPTION PROTECTS THIS DATA.
WHICH OF THE FOLLOWING
ALGORITHMS IS THE BEST CHOICE
• SSL
TO MEET THIS GOAL?
• SHA
• TLS
• CRL
YOU ARE PLANNING TO ENCRYPT
DATA IN TRANSIT. WHICH OF THE
FOLLOWING PROTOCOLS MEETS THIS
NEED AND ENCAPSULATES IP
PACKETS WITHIN AN ADDITIONAL IP
HEADER?
• TLS
• SSL
• HMAC
• IPsec
EMAIL TO MARGE SO HE DECIDES
TO ENCRYPT IT. HOMER WANTS TO
ENSURE THAT MARGE CAN VERIFY
THAT HE SENT IT. WHICH OF THE
FOLLOWING DOES MARGE NEED TO
VERIFY THE CERTIFICATE THAT
HOMER USED IN THIS PROCESS IS
VALID?
• The CA’s private key
• The CA’s public key
• Marge’s public key
• Marge’s private key
BART WANTS TO SEND A SECURE
EMAIL TO LISA SO HE DECIDES TO
ENCRYPT IT.. WHICH OF THE
FOLLOWING DOES LISA NEED TO
MEET THIS REQUIREMENT?
• Bart’s public key
• Bart’s private key
• Lisa’s public key
• Lisa’s private key
USERS IN YOUR ORGANIZATION SIGN
THEIR EMAILS WITH DIGITAL
SIGNATURES. WHAT PROVIDES
INTEGRITY FOR THESE
CERTIFICATES?
• Hashing
• Encryption
• Non-repudiation
• Private key
TO LOG ON WITH PASSWORDS. THE
APPLICATION DEVELOPERS WANT
TO STORE THE PASSWORDS IN
SUCH A WAY THAT IT WILL THWART
RAINBOW TABLE ATTACKS. WHICH
OF THE FOLLOWING IS THE BEST
SOLUTION?
• SHA
• Blowfish
• ECC
• Bcrypt
HOMER WANTS TO USE DIGITAL
SIGNATURES FOR HIS EMAILS AND
REALIZES HE NEEDS A CERTIFICATE.
WHICH OF THE FOLLOWING WILL
ISSUE HOMER A CERTIFICATE?
• CRL
• CA
• OCSP
• Recovery agent
YOU NEED TO SUBMIT A CSR TO A
CA. WHICH OF THE FOLLOWING
WOULD YOU DO FIRST?
• Generate a new RSA-based session key.
• Generate a new RSA-based private key.
• Generate the CRL.
• Implement OCSP.
YOUR ORGANIZATION IS
PLANNING TO IMPLEMENT AN
INTERNAL PKI. WHAT IS
REQUIRED TO ENSURE USERS
CAN VALIDATE CERTIFICATES?
• An intermediate CA
• CSR
• Wildcard certificates
• CRL
YOUR ORGANIZATION REQUIRES
THE USE OF A PKI AND IT WANTS TO
IMPLEMENT A PROTOCOL TO
VALIDATE TRUST WITH MINIMAL
TRAFFIC. WHICH OF THE
FOLLOWING PROTOCOLS VALIDATES
TRUST BY RETURNING SHORT
RESPONSES,
SUCH
AS
“GOOD”
OR
• OCSP
“REVOKED”?
• CRL
• CA
• CSR
•
PROBLEM AND CAN NO LONGER
BOOT. HELP-DESK PERSONNEL
TRIED TO RECOVER THE DATA ON
THE DISK, BUT THE DISK IS
ENCRYPTED. WHICH OF THE
FOLLOWING CAN BE USED TO
RETRIEVE DATA FROM THE HARD
A trust relationship
DRIVE?
• Public key
• Recovery agent
• CRL
A NETWORK TECHNICIAN NOTICES
TCP PORT 80 TRAFFIC WHEN USERS
AUTHENTICATE TO THEIR MAIL
SERVER. WHAT SHOULD THE
TECHNICIAN CONFIGURE TO
PROTECT THE CONFIDENTIALITY OF
THESE TRANSMISSIONS?
• MD5
• SHA-256
• SHA-512
• HTTPS
WHICH OF THE FOLLOWING
ALLOWS SECURED REMOTE
ACCESS TO UNIX HOST?
• SSH
• SSL
• SSO
• SHA
AN IT MANAGER ASKES YOU TO
RECOMMEND A LAN ENCRYPTION
SOLUTION. THE SOLUTION MUST
SUPPORT CURRENT AND FUTURE
SOFTWARE THAT DOES NOT HAVE
ENCRYPTION OF ITS OWN. WHAT
SHOULD YOU RECOMMEND?
• SSL
• SSH
• IPSec
• VPN
WHICH PROTOCOL SUPERSEDES
SSL?
• TLS
• SSO
• TKIP
• VPN
WHICH TCP PORT WOULD A
FIREWALL ADMINISTRATOR ALLOW
SO THAT USERS CAN ACCESS SSLENABLED WEB SITES?
• 443
• 80
• 3389
• 69
DATA INTEGRITY IS PROVIDED
BY WHICH OF THE FOLLOWING?
• 3DES
• RC
• AES
• MD5
YOU ARE CONFIGURING A NETWORK
ENCRYPTION DEVICE AND MUST
ACCOUNT FOR OTHER DEVICES
THAT MAY NOT SUPPORT NEWER
AND STRONGER ALGORITHMS.
WHICH OF THE FOLLOWING LISTS
ENCRYPTION STANDARDS FRO
WEAKEST
TO STRONGEST?
• DES, 3DES,
RSA
• 3DES, DES, AES
• RSA, DES, Blowfish
• RSA, 3DES, DES
WHICH OF THE FOLLOWING USES
TWO MATHEMATICAL RELATED
KEYS TO SECURE DATA
TRANSMISSIONS?
• AES
• RSA
• 3DES
• Blowfish
IMPLEMENTED A PKI. YOU
WOULD LIKE TO ENCRYPT
EMAIL MESSAGES YOU SEND TO
ANOTHER EMPLOYEE, AMY.
WHAT DO YOU REQUIRE TO
ENCRYPT
MESSAGES
TO
AMY?
• Amy’s private key
• Amy’s public key
• Your private key
• Your public key
•
YOU DECIDE THAT YOUR LAN COMPUTERS
WILL USE ASYMMETRIC ENCRYPTION WITH
IPSEC TO SECURE LAN TRAFFIC. WHILE
EVALUATING CHOICES. SELECT THE
Asymmetric CORRECT CLASSIFICATION OF
RSA
CRYPTOGRAPHY• STANDARDS.
Symmetric
AES
Symmetric
DES
3DES
• Symmetric
3DES
DES
Asymmetric
Blowfish
RSA
3DES
DES
Asymmetric
RC4
RSA
• Symmetric
AES
3DES
Asymmetric
RSA
DATA IS PROVIDED
CONFIDENTIALLY BY WHICH OF
THE FOLLOWING?
• MD5
• Disk encryption
• Email digital signatures
• SHA
WHICH SYMMETRIC BLOCK CIPHER
SUPERSEDES BLOWFISH?
• Twofish
• Fourfish
• RSA
• PKI
A USER CONNECTS TO A SECURED
ONLINE BANKING WEBSITE.
WHICH OF THE FOLLOWING
STATEMENTS IS INCORRECT?
• The workstation public key is used to encrypt data
transmitted to the web server. The webserver private
key performs the decryption.
• The workstation session key is encrypted with the
server public key and transmitted to the web server.
The webserver private key performs the decryption.
• The workstation-generated session key is used to
encrypt data sent to the web server.
• The workstation-generated session key is used to
decrypt data sent by the web server.
WHICH TERM DESCRIBES THE
PROCESS OF CONCEALING
MESSAGES WITHIN A FILE?
• Trojan
• Streganograhy
• Encryption
• Digital signature
WHICH TERM BEST DESCRIBES THE
ASSURANCE THAT A MESSAGE IS
AUTHENTIC AND NEITHER PARTY
CAN DISPUTE ITS TRANSMISSION OR
RECEIPT?
• Digital signature
• Encryption
• PKI
• Nonrepudiation
SOFTWARE DEVELOPMENT FIRM.
YOUR LATEST SOFTWARE BUILD
MUST BE MADE AVAILABLE ON THE
CORPORATE WEB SITE. INTERNET
USERS REQUIRE A METHOD OF
ENSURING THEY HAVE
DOWNLOADED AN AUTHENTIC
VERSION OF THE SOFTWARE. WHAT
• Generate SHOULD
a file hash YOU
for the
download file
DO?
and make it available on the web site.
• Make sure Internet users have antivirus
software installed.
• Configure the web site to use TLS.
• Make sure the web server has antivirus
WHICH CRYPTOGRAPHIC
APPROACH USES POINTS ON A
CURVE TO DEFINE PUBLIC AND
PRIVATE KEY PAIRS?
• RSA
• DES
• ECC
• PKI
YOUR COMPANY CURRENTLY USES
AN FTP SERVER, AND YOU HAVE
BEEN ASKED TO MAKE FTP TRAFFIC
SECURE USING SSL. WHAT SHOULD
YOU CONFIGURE?
• FTPS
• SFTP
• IPSec
• TLS
ON WHICH PROTOCOL IS SCP
BUILT?
• FTP
• SSL
• SSH
• ICMP
WHICH OF THE FOLLOWING ARE
TRUE REGARDING CIPHERS?
(CHOOSE TWO.)
• Block ciphers analyze data patterns and block malicious data
from being encrypted.
• Stream ciphers encrypt data one byte at a time.
• Block ciphers encrypt chunks of data.
• Stream ciphers encrypt streaming media traffic.
WHICH OF THE FOLLOWING ARE
BLOCK CIPHERS? (CHOOSE TWO.)
• DES
• RSA
• RC4
• AES
WHICH OF THE FOLLOWING ARE
MESSAGE DIGEST ALGORITHMS?
• 3DES
• RIPEMD
• Blowfish
• HMAC
A MILITARY INSTITUTION REQUIRES
THE UTMOST INSECURITY FOR
TRANSMITTING MESSAGES DURING
WARTIME. WHAT PROVIDES THE
BEST SECURITY?
• AES
• 3DES
• One-time pad
• RSA
WHEN HARDENING A VPN, WHAT
SHOULD YOU CONSIDER? (CHOOSE
TWO.)
• Enabling PAP
• Disabling PAP
• Disabling EPS-TLS
• Enabling EPS-TLS
ENCRYPTING AND DIGITALLY
SIGNING EMAIL WITH PUBLIC AND
PRIVATE KEYS CAN BE DONE WITH
WHICH TECHNOLOGY?
• 3DES
• DES
• Blowfish
• PGP
WHICH OF THE FOLLOWING IS
CONSIDERED THE LEAST SECURE?
• MS-CHAP v2
• NTLM v2
• EAP-TLS
• PAP
A USER DIGITALLY SIGNS A SENT
EMAIL MESSAGE. WHAT SECURITY
PRINCIPLE DOES THIS APPLY TO?
• Least privilege
• Integrity
• Confidentiality
• Authorization
WHICH OF THE FOLLOWING ARE
TRUE REGARDING USER PRIVATE
KEYS?
(CHOOSE TWO.)
• It is used to encrypt sent messages.
• It is used to decrypt received messages.
• It is used to create digital signatures.
• It is used to verify digital signatures.
WHAT IS ANOTHER NAME FOR
AN EPHEMERAL KEY?
• PKI private key
• SHA
• Session key
• PKI public key
WHICH OF THE FOLLOWING BEST
DESCRIBES THE DIFFIE-HELLMAN
PROTOCOL?
• It is a key exchange protocol for asymmetric encryption.
• It is a symmetric encryption algorithm.
• It is a key exchange protocol for symmetric encryption.
• It is a hashing algorithm.
WHICH OF THE FOLLOWING ARE
TWO COMMON NEGOTIATION
PROTOCOLS USED BY TLS
(CHOOSE TWO.)
• Quantum cryptography
• DHE
• RSA
• ECDHE