Module 16

Question 1

Four elements of secure communications

Answer 1

Data Integrity
Origin Authentication
Data Confidentiality
Data Non-Repudiation

Question 2

Data integrity

Answer 2

Guarantees that the message was not altered. Any changes to data in transit will be detected.

Question 3

How is integrity ensured?

Answer 3

By implementing either of the Secure Hash Algorithms (SHA-2 or SHA-3)

Question 4

Why should MD5 be avoided?

Answer 4

It is inherently insecure and creates vulnerabilities in a network

Question 5

Origin Authentication

Answer 5

Guarantees that the message is not a forgery and does actually come from whom it states

Question 6

How do most modern networks ensure authentication?

Answer 6

Hash-based message authentication code (HMAC)

Question 7

Data Confidentiality

Answer 7

Guarantees that only authorized users can read the message. If the message is intercepted, it cannot be deciphered within a reasonable amount of time

Question 8

How is Data confidentiality implemented?

Answer 8

Using symmetric and symmetric encryption algorithms

Question 9

Data Non-Repudiation

Answer 9

Guarantees that the sender cannot repudiate, or refute, the validity of a message sent

Question 10

What does Non-repudiation rely on?

Answer 10

The fact that only the sender has the unique characteristics or signature for how that message is treated

Question 11

Cryptography can be used almost anywhere

Answer 11

True

Question 12

Hashes

Answer 12

Used to verify and ensure data integrity and authentication

Question 13

What is hashing based on?

Answer 13

One-way mathematical function that is relatively easy to compute, but harder to reverse

Question 14

What is a resulting hash sometimes called?

Answer 14

Message digest
Digest
Digital fingerprint

Question 15

What is not possible with hash functions?

Answer 15

Two different sets of data having the same hash output

Question 16

When a message is altered, what happens to the hash?

Answer 16

The hash changes

Question 17

Cryptographic hash values (digital fingerprints) can be used to detect what?

Answer 17

Duplicate data files, file version changes, and similar applications

Question 18

How are cryptographic hash values used?

Answer 18

To guard against an accidental or intentional change to the data, or accidental data corruption

Question 19

What is h= H(x) used for?

Answer 19

To explain how a hash algorithm operates

Question 20

How is HMAC calculated?

Answer 20

Using any cryptographic algorithm that combines a cryptographic hash functions with a secret key

Question 21

MD5 with 128-bit digest

Answer 21

Legacy algorithm and should be avoided and used only when no better alternatives are available

Question 22

SHA-1 (NSA)

Answer 22

Creates a 160-bit hashed message and is slightly slower than MD5.
Has known flaws and is a legacy algorithm

Question 23

SHA-2 (NSA)

Answer 23

SHA-256, SHA-384, and SHA-512 algorithms should be used whenever possible

Question 24

SHA-3 (NIST)

Answer 24

Alternative and eventual replacement for the SHA-2 family of hashing algorithms
Next-gen algorithms and should be used whenever possible

Question 25

Where are most attacks aimed at in cryptosystems?

Answer 25

The key management level

Question 26

Key generation

Answer 26

Usually automated and not left to the end user
Ensures that the attacker cannot predict which keys are more likely to be used

Question 27

Key veification

Answer 27

Weak keys can be identified and regenerated to provide a more secure encryption

Question 28

Key exchange

Answer 28

Provides a secure key exchange mechanism that allows secure agreement on the keying material with the other party over an untrusted medium

Question 29

Key storage

Answer 29

Key can be stored in memory
This presents a possible problem when the memory is swapped to the disk because a Trojan horse program installed on the PC of a user could then have access to the private keys of that user

Question 30

Key lifetime

Answer 30

Using short key lifetimes improves the security of legacy ciphers that are used on high-speed connections

Question 31

Key revocation and destruction

Answer 31

Notifies all interested parties that a certain key has been compromised and should no longer be used. Destruction erases old keys in a manner that prevents malicious attackers from recovering them