CHAPTER 7 Questions

Question 1

Brian computes the digest of a single sentence of text using a SHA-2 hash function. He then changes a single character of the sentence and computes the hash value again. Which one of the following statements is true about the new hash value?

A. The new hash value will be one character different from the old hash value.
B. The new hash value will share at least 50 percent of the characters of the old hash value.
C. The new hash value will be unchanged.
D. The new hash value will be completely different from the old hash value.

Answer 1

D. The new hash value will be completely different from the old hash value.

Any change, no matter how minor, to a message will result in a completely different hash value. There is no relationship between the significance of the change in the message and the significance of the change in the hash value.

Question 2

Alan believes that an attacker is collecting information about the electricity consumption of a sensitive cryptographic device and using that information to compromise encrypted data. What type of attack does he suspect is taking place?

A. Brute force
B. Side channel
C. Known plaintext
D. Frequency analysis

Answer 2

B. Side channel

Side-channel attacks use information gathered about a system’s use of resources, timing, or other characteristics to contribute to breaking the security of encryption. Brute-force attacks seek to exhaust all possible encryption keys. Known plaintext attacks require access to both plaintext and its corresponding ciphertext. Frequency analysis attacks require access to ciphertext.

Question 3

If Richard wants to send a confidential encrypted message to Sue using a public key cryptosystem, which key does he use to encrypt the message?

A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key

Answer 3

C. Sue’s public key

Richard must encrypt the message using Sue’s public key so that Sue can decrypt it using her private key. If he encrypted the message with his own public key, the recipient would need to know Richard’s private key to decrypt the message. If he encrypted it with his own private key, any user could decrypt the message using Richard’s freely available public key. Richard could not encrypt the message using Sue’s private key because he does not have access to it. If he did, any user could decrypt it using Sue’s freely available public key.

Question 4

If a 2,048-bit plaintext message were encrypted with the ElGamal public key cryptosystem, how long would the resulting ciphertext message be?

A. 1,024 bits
B. 2,048 bits
C. 4,096 bits
D. 8,192 bits

Answer 4

C. 4,096 bits

The major disadvantage of the ElGamal cryptosystem is that it doubles the length of any message it encrypts. Therefore, a 2,048-bit plaintext message would yield a 4,096-bit ciphertext message when ElGamal is used for the encryption process.

Question 5

Acme Widgets currently uses a 3,072-bit RSA encryption standard companywide. The company plans to convert from RSA to an elliptic curve cryptosystem. If the company wants to maintain the same cryptographic strength, what ECC key length should it use?

A. 256 bits
B. 512 bits
C. 1,024 bits
D. 2,048 bits

Answer 5

A. 256 bits

The elliptic curve cryptosystem requires significantly shorter keys to achieve encryption that would be the same strength as encryption achieved with the RSA encryption algorithm. A 3,072-bit RSA key is cryptographically equivalent to a 256-bit elliptic curve cryptosystem key.

Question 6

John wants to produce a message digest of a 2,048-byte message he plans to send to Mary. If he uses the SHA-2 hashing algorithm, what is a possible size for the message digest generated?

A. 160 bits
B. 512 bits
C. 1,024 bits
D. 2,048 bits

Answer 6

B. 512 bits

The SHA-2 hashing algorithm comes in four variants. SHA-224 produces 224-bit digests. SHA-256 produces 256-bit digests. SHA-384 produces 384-bit digests, and SHA-512 produces 512-bit digests. Of the options presented here, only 512 bits is a valid SHA-2 hash length.

Question 7

After conducting a survey of encryption technologies used in her organization, Melissa suspects that some may be out of date and pose security risks. Which one of the following technologies is considered flawed and should no longer be used?

A. SHA-3
B. TLS 1.2
C. IPsec
D. SSL 3.0

Answer 7

D. SSL 3.0

The Secure Sockets Layer (SSL) protocol is deprecated and no longer considered secure. It should never be used. The Secure Hash Algorithm 3 (SHA-3), Transport Layer Security (TLS) 1.2, and IPsec are all modern, secure protocols and standards.

Question 8

You are developing an application that compares passwords to those stored in a Unix password file. The hash values you compute are not correctly matching those in the file. What might have been added to the stored password hashes?

A. Salt
B. Double hash
C. Added encryption
D. One-time pad

Answer 8

A. Salt

Cryptographic salt values are added to the passwords in password files before hashing to defeat rainbow table and dictionary attacks. Double hashing does not provide any added security. Adding encryption to the passwords is challenging, because then the operating system must possess the decryption key. A one-time pad is only appropriate for use in human-to-human communications and would not be practical here.

Question 9

Richard received an encrypted message sent to him from Sue. Sue encrypted the message using the RSA encryption algorithm. Which key should Richard use to decrypt the message?
A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key

Answer 9

B. Richard’s private key

Sue would have encrypted the message using Richard’s public key. Therefore, Richard needs to use the complementary key in the key pair, his private key, to decrypt the message.

Question 10

Richard wants to digitally sign a message he’s sending to Sue so that Sue can be sure the message came from him without modification while in transit. Which key should he use to encrypt the message digest?

A. Richard’s public key
B. Richard’s private key
C. Sue’s public key
D. Sue’s private key

Answer 10

B. Richard’s private key

Richard should encrypt the message digest with his own private key. When Sue receives the message, she will decrypt the digest with Richard’s public key and then compute the digest herself. If the two digests match, she can be assured that the message truly originated from Richard.

Question 11

Which one of the following algorithms is not supported by the Digital Signature Standard under FIPS 186-4?

A. Digital Signature Algorithm
B. RSA
C. ElGamal DSA
D. Elliptic Curve DSA

Answer 11

C. ElGamal DSA

The Digital Signature Standard allows federal government use of the Digital Signature Algorithm, RSA, or the Elliptic Curve DSA in conjunction with the SHA-1 hashing function to produce secure digital signatures.

Question 12

Which International Telecommunications Union (ITU) standard governs the creation and endorsement of digital certificates for secure electronic communication?

A. X.500
B. X.509
C. X.900
D. X.905

Answer 12

B. X.509

X.509 governs digital certificates and the public key infrastructure (PKI). It defines the appropriate content for a digital certificate and the processes used by certificate authorities to generate and revoke certificates.

Question 13

Ron believes that an attacker accessed a highly secure system in his data center and applied high-voltage electricity to it in an effort to compromise the cryptographic keys that it uses. What type of attack does he suspect?

A. Implementation attack
B. Fault injection
C. Timing
D. Chosen ciphertext

Answer 13

B. Fault injection

Fault injection attacks compromise the integrity of a cryptographic device by causing some type of external fault, such as the application of high-voltage electricity. Implementation attacks rely on flaws in the cryptographic algorithm. Timing attacks measure the length of time consumed by encryption operations. Chosen ciphertext attacks require access to the algorithm and work by having the attacker perform encryption that results in an expected ciphertext.

Question 14

Brandon is analyzing network traffic and is searching for user attempts to access websites over secure TLS connections. What TCP port should Brandon add to his search filter because it would normally be used by this traffic?

A. 22
B. 80
C. 443
D. 1443

Answer 14

C. 443

HTTPS uses TCP port 443 for encrypted client/server communications over TLS. Port 22 is used by the secure shell (SSH) protocol. Port 80 is used by the unencrypted HTTP protocol. Port 1433 is used for Microsoft SQL Server database connections.

Question 15

Beth is assessing the vulnerability of a cryptographic system to attack. She believes that the cryptographic keys are properly secured and that the system is using a modern, secure algorithm. Which one of the following attacks would most likely still be possible against the system by an external attacker who did not participate in the system and did not have physical access to the facility?

A. Ciphertext only
B. Known plaintext
C. Chosen plaintext
D. Fault injection

Answer 15

A. Ciphertext only

An attacker without any special access to the system would only be able to perform ciphertext-only attacks. Known plaintext and chosen plaintext attacks require the ability to encrypt data. Fault injection attacks require physical access to the facility.

Question 16

Which of the following tools can be used to improve the effectiveness of a brute-force password cracking attack?

A. Rainbow tables
B. Hierarchical screening
C. TKIP
D. Random enhancement

Answer 16

A. Rainbow tables

Rainbow tables contain precomputed hash values for commonly used passwords and may be used to increase the efficiency of password-cracking attacks.

Question 17

Chris is searching a Windows system for binary key files and wishes to narrow his search using file extensions. Which one of the following certificate formats is closely associated with Windows binary certificate files?

A. CCM
B. PEM
C. PFX
D. P7B

Answer 17

C. PFX

The PFX format is most closely associated with Windows systems that store certificates in binary format, whereas the P7B format is used for Windows systems storing files in text format. The PEM format is another text format, and the CCM format does not exist.

Question 18

What is the major disadvantage of using certificate revocation lists?

A. Key management
B. Latency
C. Record keeping
D. Vulnerability to brute-force attacks

Answer 18

B. Latency

Certificate revocation lists (CRLs) introduce an inherent latency to the certificate expiration process due to the time lag between CRL distributions.

Question 19

Which one of the following encryption algorithms is now considered insecure?

A. ElGamal
B. RSA
C. Elliptic Curve Cryptography
D. Merkle–Hellman Knapsack

Answer 19

D. Merkle–Hellman Knapsack

The Merkle–Hellman Knapsack algorithm, which relies on the difficulty of factoring super-increasing sets, has been broken by cryptanalysts.

Question 20

Brian is upgrading a system to support SSH2 rather than SSH1. Which one of the following advantages will he achieve?

A. Support for multifactor authentication.
B. Support for simultaneous sessions
C. Support for 3DES encryption
D. Support for IDEA encryption

Answer 20

B. Support for simultaneous sessions

SSH2 adds support for simultaneous shell sessions over a single SSH connection. Both SSH1 and SSH2 are capable of supporting multifactor authentication. SSH2 actually drops support for the IDEA algorithm, whereas both SSH1 and SSH2 support 3DES.