Review Questions

 < Free Open Study > 



1. 

Which of the following algorithms provides hashing?

  1. Rijndael.

  2. MD5.

  3. GOST.

  4. DES.

correct answer = b the md5 algorithm provides hashing. rijndael, gost, and des are all symmetric encryption algorithms.

2. 

What size message digest does the MD5 hash algorithm create?

  1. 256-bit.

  2. 512-bit.

  3. 128-bit.

  4. 56-bit.

correct answer = c md5 creates a 128-bit message digest. answers a, b, and d are invalid.

3. 

What size key does the DES algorithm use?

  1. 56-bit.

  2. 128-bit.

  3. 168-bit.

  4. 2-bit.

correct answer = a des uses a 56-bit key, making it inappropriate for the encryption of very sensitive data. answers b, c, and d are invalid.

4. 

Which of the following algorithms is symmetric?

  1. IDEA.

  2. SHA-1.

  3. RSA.

  4. MD4.

correct answer = a idea is a symmetric algorithm. sha-1 is a hash algorithm. rsa is an asymmetric algorithm. md4 hash algorithm is an earlier version of the md5 hash algorithm.

5. 

Which of the following is a weakness of symmetric encryption?

  1. Key distribution.

  2. Speed.

  3. Hashing.

  4. Key scheduling.

correct answer = a the problem with symmetric encryption techniques lies within distributing the private keys. speed is actually a strong point of symmetric encryption. hashing produces message digests. key scheduling is the process an algorithm uses to generate subkeys.

6. 

Which of the following algorithms was selected as the Advanced Encryption Standard (AES)?

  1. RSA.

  2. Skipjack.

  3. Serpent.

  4. Rijndael.

correct answer = d rijndael was the final selection for the aes. rsa was a finalist in the aes competition. skipjack is a secret algorithm developed by the nsa. serpent was a finalist in the aes competition.

7. 

The cryptographic strength of RSA is based on which mathematical problem?

  1. Discrete logarithm.

  2. Factoring.

  3. Long division.

  4. Fuzzy math.

correct answer = b rsa s strength is based on the difficulty of factoring large numbers. the diffie-hellman algorithm uses the discrete logarithm problem. answers c and d are invalid.

8. 

Which element of a Digital Signature (DS) provides integrity verification?

  1. Time stamp.

  2. Middle initial.

  3. Message digest.

  4. Password hash.

correct answer = c comparison of the message digest in a ds (digital signature) provides integrity verification. time stamps make a note of the time that a document was signed and provide a form of non-repudiation. middle initial is a fictitious answer. a password hash is a secure method of storing passwords.

9. 

Which of the following issues digital certificates?

  1. CA.

  2. DS.

  3. DNSSEC.

  4. CRL.

correct answer = a a certification authority (ca) issues digital certificates. ds is a digital signature and is part of a digital certificate. dnssec provides an extension to dns that enables secure dns transfers. a certificate revocation list (crl) is an online database of revoked certificates.

10. 

Which trust model does the X.509 certificate standard support?

  1. Web-of-Trust.

  2. Gradational.

  3. Fragmentary.

  4. Hierarchical.

correct answer = d the x.509 certificate standard supports the hierarchical trust model, which places an authority (a ca) in charge of trust decisions. web-of-trust lets users decide whom to trust and is not supported by x.509 certificates. answers b and c are invalid.

11. 

Which of the following is commonly used to secure HTTP transmissions?

  1. OCSP.

  2. Zeroization.

  3. DSL.

  4. SSL.

correct answer = d with the assistance of digital certificates, ssl is commonly used to secure http transmissions. ocsp is a protocol used to determine certificate status. zeroization is a process used to destroy keys. dsl is a high-speed internet solution.

12. 

What technique lets law enforcement agencies access private keys?

  1. Escrow.

  2. Revocation.

  3. Expiration.

  4. Cryptanalysis.

correct answer = a key escrow provides a way for authorities to access private keys. revocation is the process of revoking a key before it expires. expiration happens when a key reaches the predetermined time that it s set to expire. cryptanalysis is the art of determining the plain text version of an encrypted block by studying the ciphertext.

13. 

The message digest in a digital signature (DS) is encrypted with the _________.

  1. Sender’s public key.

  2. Recipient’s private key.

  3. Sender’s private key.

  4. Recipient’s public key.

correct answer = c when a ds is created, it s the sender s private key that s used for encryption. answers a, b, and d are invalid.

14. 

Where would you find the rules outlining how and when a CA destroys certificates?

  1. CRL.

  2. CPS.

  3. Certificate Policies extension.

  4. OCSP.

correct answer = b a certification practice statement (cps) contains documentation detailing a ca s rules and regulations. in a cps, you would find (among other things) policies regarding certificate destruction. a certificate revocation list (crl) is an online database of revoked certificates. the certificate policies extension is a field within a certificate that supports a certificate policy. ocsp is a protocol used to determine certificate status.

15. 

Which process rearranges the bit order in a block of data?

  1. Permutation.

  2. Incantation.

  3. Multiplication.

  4. Pontification.

correct answer = a permutation refers to the process of bit order rearrangement. incantation is a magic spell. multiplication is an unrelated mathematical term. pontification is merely the expression of an opinion.

16. 

What does m of n control provide?

  1. Authentication of the key-sharing process.

  2. Confidentiality of the key-signing process.

  3. Integrity of the key-destruction process.

  4. Restriction of the key-recovery process.

correct answer = d m of n control provides a means of restriction in the key recovery process. in a total group of n people, m of them must agree that the key recovery should proceed. the numbers of people in each group, m and n, can be customized to fit the organization. this method prevents one person from having control over the process and thus restricts a disgruntled individual who wishes to steal keys. answers a, b, and c are invalid.

17. 

PGP uses which type of algorithm?

  1. Symmetric.

  2. Asymmetric.

  3. Both symmetric and asymmetric.

  4. Neither symmetric nor asymmetric.

correct answer = c pgp enlists the use of symmetric algorithms for data transfers and asymmetric algorithms such as diffie-hellman for the creation and exchange of keys. answers a, b, and d are invalid.

18. 

What type of temporary key does a Web browser create during SSL communications?

  1. Open key.

  2. Session key.

  3. Siesta key.

  4. Weak key.

correct answer = b a browser creates a temporary session key that s discarded after the ssl session is over. answers a and c are fictitious. a weak key is a phenomenon where an algorithm creates keys that cause regularities in its encryption, making the encryption easier to crack.

19. 

Which of the following is a weakness of asymmetric encryption?

  1. Requires exchanging private keys over the Internet.

  2. Recovery of encrypted data is impossible.

  3. Requires larger keys than symmetric.

  4. Requires larger hash values than symmetric.

correct answer = c because the public keys exposed in asymmetric encryption methods provide clues about their private counterparts, asymmetric key lengths must be larger than symmetric key lengths to provide comparable strength. the need to exchange private keys is a weakness of symmetric encryption. recovery of encrypted data is impossible with hash encryption. answer d is invalid.

20. 

Which algorithm is known as a stream cipher?

  1. RC4.

  2. MD5.

  3. MARS.

  4. CAST.

correct answer = a rc4 is a stream cipher, which means that it encrypts on the fly. md5 is a hash algorithm. mars is a block cipher. cast is a feistel cipher.

Answers

1. 

Correct answer = B

The MD5 algorithm provides hashing. Rijndael, GOST, and DES are all symmetric encryption algorithms.

2. 

Correct answer = C

MD5 creates a 128-bit message digest. Answers A, B, and D are invalid.

3. 

Correct answer = A

DES uses a 56-bit key, making it inappropriate for the encryption of very sensitive data. Answers B, C, and D are invalid.

4. 

Correct answer = A

IDEA is a symmetric algorithm. SHA-1 is a hash algorithm. RSA is an asymmetric algorithm. MD4 hash algorithm is an earlier version of the MD5 hash algorithm.

5. 

Correct answer = A

The problem with symmetric encryption techniques lies within distributing the private keys. Speed is actually a strong point of symmetric encryption. Hashing produces message digests. Key scheduling is the process an algorithm uses to generate subkeys.

6. 

Correct answer = D

Rijndael was the final selection for the AES. RSA was a finalist in the AES competition. Skipjack is a secret algorithm developed by the NSA. Serpent was a finalist in the AES competition.

7. 

Correct answer = B

RSA’s strength is based on the difficulty of factoring large numbers. The Diffie-Hellman algorithm uses the discrete logarithm problem. Answers C and D are invalid.

8. 

Correct answer = C

Comparison of the message digest in a DS (Digital Signature) provides integrity verification. Time stamps make a note of the time that a document was signed and provide a form of non-repudiation. Middle initial is a fictitious answer. A password hash is a secure method of storing passwords.

9. 

Correct answer = A

A Certification Authority (CA) issues digital certificates. DS is a digital signature and is part of a digital certificate. DNSSEC provides an extension to DNS that enables secure DNS transfers. A Certificate Revocation List (CRL) is an online database of revoked certificates.

10. 

Correct answer = D

The X.509 certificate standard supports the hierarchical trust model, which places an authority (a CA) in charge of trust decisions. Web-of-Trust lets users decide whom to trust and is not supported by X.509 certificates. Answers B and C are invalid.

11. 

Correct answer = D

With the assistance of digital certificates, SSL is commonly used to secure HTTP transmissions. OCSP is a protocol used to determine certificate status. Zeroization is a process used to destroy keys. DSL is a high-speed Internet solution.

12. 

Correct answer = A

Key escrow provides a way for authorities to access private keys. Revocation is the process of revoking a key before it expires. Expiration happens when a key reaches the predetermined time that it’s set to expire. Cryptanalysis is the art of determining the plain text version of an encrypted block by studying the ciphertext.

13. 

Correct answer = C

When a DS is created, it’s the sender’s private key that’s used for encryption. Answers A, B, and D are invalid.

14. 

Correct answer = B

A certification practice statement (CPS) contains documentation detailing a CA’s rules and regulations. In a CPS, you would find (among other things) policies regarding certificate destruction. A certificate revocation list (CRL) is an online database of revoked certificates. The certificate policies extension is a field within a certificate that supports a certificate policy. OCSP is a protocol used to determine certificate status.

15. 

Correct answer = A

Permutation refers to the process of bit order rearrangement. Incantation is a magic spell. Multiplication is an unrelated mathematical term. Pontification is merely the expression of an opinion.

16. 

Correct answer = D

M of n control provides a means of restriction in the key recovery process. In a total group of “n” people, “m” of them must agree that the key recovery should proceed. The numbers of people in each group, m and n, can be customized to fit the organization. This method prevents one person from having control over the process and thus restricts a disgruntled individual who wishes to steal keys. Answers A, B, and C are invalid.

17. 

Correct answer = C

PGP enlists the use of symmetric algorithms for data transfers and asymmetric algorithms such as Diffie-Hellman for the creation and exchange of keys. Answers A, B, and D are invalid.

18. 

Correct answer = B

A browser creates a temporary session key that’s discarded after the SSL session is over. Answers A and C are fictitious. A weak key is a phenomenon where an algorithm creates keys that cause regularities in its encryption, making the encryption easier to crack.

19. 

Correct answer = C

Because the public keys exposed in asymmetric encryption methods provide clues about their private counterparts, asymmetric key lengths must be larger than symmetric key lengths to provide comparable strength. The need to exchange private keys is a weakness of symmetric encryption. Recovery of encrypted data is impossible with hash encryption. Answer D is invalid.

20. 

Correct answer = A

RC4 is a stream cipher, which means that it encrypts on the fly. MD5 is a hash algorithm. MARS is a block cipher. CAST is a Feistel cipher.



 < Free Open Study > 



The Security+ Exam Guide. TestTaker's Guide Series
Security + Exam Guide (Charles River Media Networking/Security)
ISBN: 1584502517
EAN: 2147483647
Year: 2003
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net