| Question 1 | What type of algorithm does the MD series of encryption algorithms use? |
| A1: | Answer C is correct. Although the Message Digest series of algorithms is classified globally as a symmetric key encryption algorithm, the correct answer is hashing algorithm, which is the method that the algorithm uses to encrypt data. Answer A is incorrect because this is an algorithm that uses a public and private key pair and is not associated with the MD series of encryption. Answer B is incorrect because a digital signature is not an encryption algorithm. Answer D is an incorrect choice because there's only one correct answer. |
| Question 2 | In encryption, when data is broken into single units of varying sizes (dependant on algorithm) and the encryption is applied to those chunks of data, what type of algorithm is that called? |
| A2: | Answer C is correct. When data that is going to be encrypted is broken into chunks of data and then encrypted, the type of encryption is called a block cipher . Although many symmetric algorithms use a block cipher, answer A is incorrect because a block cipher is a more precise and accurate term for the given question. Answer B is incorrect because an elliptic curve is an asymmetric algorithm, and block ciphers aren't even used. Answer D is incorrect because there is only one correct answer. |
| Question 3 | The National Institute of Standards and Technology (NIST) put out a call to have a new algorithm replace the aging DES as the standard encryption algorithm. Which algorithm was eventually selected as the Advanced Encryption Standard? -
A. Rijndael -
B. 3DES -
C. RC6 -
D. Twofish -
E. CAST |
| A3: | Answer A is correct. Rijndael was the winner of the new AES standard. Although RC6 and Twofish competed for selection, they were not chosen ; therefore, answers C and D are incorrect. 3DES and CAST did not participate; therefore, answers B and E are incorrect. |
| Question 4 | Which type of algorithm generates a key pair of a public key and a private key that is then used to encrypt and decrypt data and messages sent and received? |
| A4: | Answer C is correct. Although many different types of algorithms use public and private keys to apply their encryption algorithms in varying methods , the type of algorithms that perform this way are called asymmetric encryption algorithms (or public key encryption ). Answer A is incorrect because this is only a type of asymmetric encryption algorithm. Answer B is incorrect because symmetric algorithms use a single key. Paired algorithm is not a type of algorithm; therefore, answer D is incorrect. |
| Question 5 | Which of the following algorithms are examples of a symmetric encryption algorithm? [Check all correct answers.] -
A. Rijndael -
B. Diffie-Hellman -
C. RC6 -
D. AES |
| A5: | Answers A, C, and D are correct. Because Rijndael and AES are now one in the same, they both can be called symmetric encryption algorithms. RC6 is symmetric as well. Answer B is incorrect because Diffie-Hellman uses public and private keys, so it is considered an asymmetric encryption algorithm. |
| Question 6 | Which of the following algorithms are examples of an asymmetric encryption algorithm? [Check all correct answers.] -
A. Elliptic curve -
B. 3DES -
C. CAST -
D. RSA -
E. AES |
| A6: | Answers A and D are correct. In this case, both elliptic curve and RSA are types of asymmetric encryption algorithms. Although the elliptic curve algorithm is typically incorporated into other algorithms, it falls into the asymmetric family of algorithms because of its use of public and private keys, just like the RSA algorithm. Answers B, C, and E are all incorrect because 3DES, CAST, and AES are symmetric encryption algorithms. |
| Question 7 | When encrypting and decrypting data using an asymmetric encryption algorithm, you ___________________________________________________. -
A. use only the private key to encrypt and only the public key to decrypt -
B. use only the public key to encrypt and only the private key to decrypt -
C. can use the public key to either encrypt or decrypt -
D. use only the private key to decrypt data encrypted with the public key |
| A7: | Answer D is correct. Answer D provides the only valid statement to complete the sentence . Answers A and B are both incorrect because in public key encryption, if one key is used to encrypt, you can use the other to decrypt the data. Answer C is incorrect because the public key cannot decrypt the same data it encrypted. |
| Question 8 | Which one of the following best identifies the system of digital certificates and Certificate Authorities used in public key technology? -
A. Certificate Practice System (CPS) -
B. Public Key Exchange (PKE) -
C. Certificate Practice Statement (CPS) -
D. Public Key Infrastructure (PKI) |
| A8: | Answer D is correct. PKI represents the system of digital certificates and Certificate Authorities. Certificate Practice System (CPS) and Public Key Exchange (PKE) are both fictitious terms. Therefore, answers A and B are incorrect. A CPS is a document created and published by a CA that provides for the general practices followed by the CA. Therefore, answer C is incorrect. |
| Question 9 | Which of the following is not an architectural model for the arranging of Certificate Authorities? -
A. Bridge CA architecture -
B. Sub-CA architecture -
C. Single-CA architecture -
D. Hierarchical CA architecture |
| A9: | Answer B is correct. Answer B is correct because it does not represent a valid trust model. Answers A, C, and D, however, all represent legitimate trust models. Another common model also exists, called cross-certification. However, it usually makes more sense to implement a bridge architecture over this type of model. |
| Question 10 | When a Certificate Authority revokes a certificate, notice of the revocation is distributed via a ______________________________. |
| A10: | Answer A is correct. Certificate Revocation Lists are used to identify revoked certificates. However, they are being replaced by the Online Certificate Status Protocol (OCSP), which provides certificate status in real time. Answers B and D are both incorrect because these terms relate to the polices and practices of certificates and the issuing authorities. Answer C is incorrect because a digital signature is an electronic signature used for identity authentication. |
