Cryptographic Solutions

Question 1

What is cryptography?

Answer 1

Practice and study of writing and solving codes

Involves encryption to hide information’s true meaning.

Question 2

What does encryption do?

Answer 2

Converts plaintext to ciphertext

Provides data protection at rest, in transit, and in use.

Question 3

Define Data at Rest.

Answer 3

Inactive data on storage devices.

Question 4

Define Data in Transit.

Answer 4

Data moving across networks.

Question 5

Define Data in Use.

Answer 5

Data currently undergoing change.

Question 6

What is an algorithm in the context of cryptography?

Answer 6

A cipher that performs encryption or decryption.

Question 7

What role does a key play in cryptography?

Answer 7

Essential for determining cipher output.

Question 8

How is key strength determined?

Answer 8

By key length, which is proportional to security.

Question 9

What is key rotation?

Answer 9

Best practice for security longevity.

Question 10

What is symmetric encryption?

Answer 10

Uses the same key for encryption and decryption.

Question 11

What is asymmetric encryption?

Answer 11

Uses a pair of keys for encryption and decryption.

Question 12

List examples of symmetric algorithms.

Answer 12

• DES
• Triple DES
• IDEA
• AES
• Blowfish
• Twofish
• Rivest Cipher

Question 13

List examples of asymmetric algorithms.

Answer 13

• Diffie-Hellman
• RSA
• Elliptic Curve Cryptography

Question 14

What does hashing do?

Answer 14

Converts data into a fixed-size string (digest) using hash functions.

Question 15

What are common hashing algorithms?

Answer 15

• MD5
• SHA Family
• RIPEMD
• HMAC

Question 16

What is Public Key Infrastructure (PKI)?

Answer 16

Framework managing digital keys and certificates for secure data transfer.

Question 17

What is a digital certificate?

Answer 17

Electronic credentials verifying entity identity for secure communications.

Question 18

What is blockchain?

Answer 18

Decentralized, immutable ledger ensuring data integrity and transparency.

Question 19

List encryption tools.

Answer 19

• TPM
• HSM
• Key Management Systems
• Secure Enclave

Question 20

What is Obfuscation in cryptography?

Answer 20

Techniques to obscure data, including steganography, tokenization, and data masking.

Question 21

What are common cryptographic attacks?

Answer 21

• Downgrade Attacks
• Collision Attacks
• Quantum Computing Threats

Question 22

True or False: Symmetric encryption uses different keys for encryption and decryption.

Answer 22

False.

Question 23

What is a stream cipher?

Answer 23

Encrypts data bit-by-bit or byte-by-byte in a continuous stream.

Question 24

What is a block cipher?

Answer 24

Breaks input data into fixed-size blocks before encryption.

Question 25

Describe DES.

Answer 25

Uses a 64-bit key, encrypts data in 64-bit blocks through 16 rounds of transposition and substitution.

Question 26

What is Triple DES?

Answer 26

Utilizes three 56-bit keys for encryption and decryption.

Question 27

What is AES?

Answer 27

Replaced DES and 3DES as the US government encryption standard.

Question 28

What is the purpose of public key cryptography?

Answer 28

No shared secret key required; uses a key pair for encryption and decryption.

Question 29

What does a digital signature ensure?

Answer 29

Integrity of the message and non-repudiation.

Question 30

What is the purpose of salting in hashing?

Answer 30

Adds random data to passwords before hashing to ensure distinct hash outputs.

Question 31

What is key escrow?

Answer 31

Storage of cryptographic keys in a secure, third-party location.

Question 32

List types of digital certificates.

Answer 32

* Wildcard Certificate * SAN (Subject Alternate Name) field

Question 33

What is the purpose of key stretching?

Answer 33

Mitigates a weaker key by creating longer, more secure keys.

Question 34

What is a pass the hash attack?

Answer 34

Technique that allows an attacker to authenticate using the underlying hash of a user's password.

Question 35

What is a birthday attack?

Answer 35

Occurs when two different messages result in the same hash digest (collision).

Question 36

What is the X.509 Standard used for?

Answer 36

Commonly used standard for digital certificates within PKI ## Footnote It contains owner's/user's information and certificate authority details.

Question 37

What is a Wildcard Certificate?

Answer 37

Allows multiple subdomains to use the same certificate ## Footnote Easier management, cost-effective for subdomains, but compromise affects all subdomains.

Question 38

What is the purpose of the SAN field in a digital certificate?

Answer 38

Specifies what additional domains and IP addresses will be supported ## Footnote Used when domain names don’t have the same root domain.

Question 39

What is the difference between Single-Sided and Dual-Sided Certificates?

Answer 39

Single-sided requires only the server to be validated; Dual-sided requires both server and user validation ## Footnote Dual-sided offers higher security but requires more processing power.

Question 40

What are Self-Signed Certificates?

Answer 40

Digital certificate signed by the same entity whose identity it certifies ## Footnote Provides encryption but lacks third-party trust; used in testing or closed systems.

Question 41

What are Third-Party Certificates?

Answer 41

Digital certificate issued and signed by trusted certificate authorities (CAs) ## Footnote Trusted by browsers and systems; preferred for public-facing websites.

Question 42

What is the Root of Trust?

Answer 42

Highest level of trust in certificate validation ## Footnote Trusted third-party providers like Verisign, Google, etc.

Question 43

What role does a Certificate Authority (CA) play?

Answer 43

Issues digital certificates and validates/manages them ## Footnote Certificates contain CA's information and digital signature.

Question 44

What is a Registration Authority (RA)?

Answer 44

Requests identifying information from the user and forwards certificate request to the CA ## Footnote Assists in the certificate issuance process.

Question 45

What is a Certificate Signing Request (CSR)?

Answer 45

A block of encoded text with information about the entity requesting the certificate ## Footnote Includes the public key and is submitted to CA for certificate issuance.

Question 46

What does a Certificate Revocation List (CRL) contain?

Answer 46

List of all digital certificates that the CA has revoked ## Footnote Checked before validating a certificate.

Question 47

True or False: Online Certificate Status Protocol (OCSP) is faster but less secure than CRL.

Answer 47

True ## Footnote OCSP determines certificate revocation status using the certificate's serial number.

Question 48

What is OCSP Stapling?

Answer 48

Alternative to OCSP that allows the certificate holder to get the OCSP record from the server at regular intervals ## Footnote Speeds up the secure tunnel creation by including the OCSP record in the SSL/TLS handshake.

Question 49

What is Public Key Pinning?

Answer 49

Allows an HTTPS website to resist impersonation attacks by presenting trusted public keys to browsers ## Footnote Alerts users if a fraudulent certificate is detected.

Question 50

What do Key Escrow Agents do?

Answer 50

Securely store copies of private keys ## Footnote Ensures key recovery in case of loss and requires strong access controls.

Question 51

What is the function of Key Recovery Agents?

Answer 51

Allows the restoration of a lost or corrupted key ## Footnote Acts as a backup for certificate authority keys.

Question 52

What is blockchain?

Answer 52

Shared immutable ledger for transactions and asset tracking ## Footnote Builds trust and transparency and is widely associated with cryptocurrencies.

Question 53

What is the structure of a block in blockchain?

Answer 53

Contains previous block's hash, timestamp, and root transactions ## Footnote Blocks are linked together in a chronological order.

Question 54

What are Smart Contracts?

Answer 54

Self-executing contracts with code-defined terms ## Footnote Execute actions automatically when conditions are met.

Question 55

How does blockchain enhance Supply Chain Management?

Answer 55

Provides transparency and traceability in the supply chain ## Footnote Ensures compliance and quality control with immutable records.

Question 56

What does decentralization in blockchain refer to?

Answer 56

Eliminates the need for central authorities ## Footnote Empowers peer-to-peer networks.

Question 57

What is a TPM (Trusted Platform Module)?

Answer 57

Dedicated microcontroller for hardware-level security ## Footnote Protects digital secrets through integrated cryptographic keys.

Question 58

What is the purpose of an HSM (Hardware Security Module)?

Answer 58

Safeguards and manages digital keys in a tamper-proof environment ## Footnote Ideal for mission-critical scenarios like financial transactions.

Question 59

What is Tokenization?

Answer 59

Substitutes sensitive data with non-sensitive tokens ## Footnote Reduces exposure of sensitive data during transactions.

Question 60

What are the techniques used in cryptographic attacks?

Answer 60

Downgrade attacks, collision attacks, and quantum computing threats ## Footnote Each technique exploits vulnerabilities in cryptographic systems.

Question 61

What is a Downgrade Attack?

Answer 61

Forces systems to use weaker or older cryptographic standards ## Footnote Exploits known vulnerabilities in outdated versions.

Question 62

What is a Collision Attack?

Answer 62

Finds two different inputs producing the same hash output ## Footnote Undermines data integrity verification relying on hash functions.

Question 63

What is Quantum Computing?

Answer 63

Uses quantum mechanics to generate and manipulate quantum bits ## Footnote Provides enormous processing power and poses a threat to traditional encryption.

Question 64

What is Post-Quantum Cryptography?

Answer 64

Cryptographic algorithm resistant to attacks from future quantum computers ## Footnote Aims to create algorithms that maintain security against quantum threats.

Question 65

What is DES?

Answer 65

Data Encryption Standard - used 64-bit key - widely used from 1970s to 2000s

Question 66

What is Diffie-Hellman?

Answer 66

Assymetric cryptographic technique - securely exchange cryptographic keys over public channels - 2 parties can generate a shared secret without having previously met

Question 67

What is RSA?

Answer 67

Stands for Ron RIvest, Adi Shamir, Leonard Adeleman -assymetric cryptographic solution -relies on mathematical difficult of factoring large prime numbers - wiely used in organizations and Multi-Factor Authentication

Question 68

What is ECC?

Answer 68

Elliptic Curve Cryptography - used algebraic structure of elliptical curve - used in modile devices - 6 times more efficient than RSA

Question 69

What is MD5?

Answer 69

Message Digest Algorithm -creates a 128-bit Hash value -has limited unique values which can lead to collisions - not recommended for security

Question 70

What is HMAC?

Answer 70

Hash-based Message Authentication Code - checks message integrity and authenticity - used other hashing algorithims as well

Question 71

What is RIPEMD?

Answer 71

RACE Integrity Primitive Evaluation Message Digest - open source competitor to SHA but Less Popular

Question 72

What is SHA-256?

Answer 72

Secure Hash Algorithm 256-bit - one of the most secure hashing algorithms -resistant against collisin attacks

Question 73

What is Tokenization?

Answer 73

Substitutes sensitive data with Non-Sensitive Tokens - original data is stored elsewhere -reduces exposre during transactin -Commonly used for Payment Systems

Question 74

What is Data Masking?

Answer 74

Data Obfuscation - disguised original data to protect sensitive information

Question 75

What is Stenography? Stealth (hint)

Answer 75

Conceals a message within another to hide its very existence