Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
94 Cards in this Set
- Front
- Back
A one-way hash provides what?
|
Integrity
|
|
Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?
|
Collision / Birthday Attack
|
|
Which cipher is a subset on which the Vigenere polyalphabetic cipher was based?
|
Caesar Cipher
|
|
Why does a digital signature CONTAIN a message digest?
|
to detect any alteration of the message
|
|
What uses a key of the same length as the message?
|
One-time pad
|
|
What type of cryptographic attack describes when the attacker has a copy of the plaintext corresponding to the cipher text?
|
Known-plaintext Attack
|
|
What protocol offers security to wireless communications?
|
WTLS
|
|
What mail standard relies on a "web of trust"?
|
PGP
|
|
What kind of certificate is used to validate a user identity?
|
Public key certificate
|
|
What standard defines digital certificates?
|
X.509
|
|
What can be defined as a value computed with a cryptographic algorithm and appended to a data object in such a way that any recipient of the data can use the signature to verify the data's origin and integrity?
|
Digital Envelope
|
|
What well-known algorithms provide hashing?
|
MD5 / SHA
|
|
What is the maximum key size of the Rijndael block cipher algorithm?
|
128, 192, 256
|
|
The DES algorithm is an example of what type of cryptography?
|
Public Key / Symmetric
|
|
What should be used as a replacement for Telnet for secure remote login over an unsecured network?
|
SSH
|
|
The Secure Hash Algorithm (SHA-1) creates:
|
a fixed length message digest from a variable length input message
|
|
The RSA algorithm is an example of which type of cryptography?
|
Asymmetric key
|
|
List at least six symmetric algorithms:
|
DES, 3DES, Blowfish, Twofish, IDEA, RC4, RC5, RC6, AES, SAFER, Serpent
|
|
List at least three hashing algorithms:
|
MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-512, Tiger
|
|
List at least six asymmetric algorithms:
|
RSA, ECC, DH, El Gamal, DSA, LUC, Knapsack
|
|
In what way does RSA differ from DES?
|
RSA uses a public key for encryption
RSA = Asymmetric DES = Symmetric |
|
What asymmetric encryption algorithm is based on the difficulty of factoring large numbers?
|
RSA
|
|
What is a public key algorithm that performs both encryption and digital signature is?
|
RSA
|
|
What are suitable methods for distributing certificate revocation information?
|
Publicly posted
Distribution point CRL, Delta CRL, OCSP |
|
Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use a hybrid encryption method. What does this mean?
|
Use of public key encryption to secure a secret key, and message encryption using the secret key
|
|
What can be defined as secret communications where the very existence of the message is hidden?
|
Steganography
|
|
What is the length of an MD5 message digest?
|
128 bit
|
|
What is defined as cheaper to build and maintain in-house than using 3rd-party certificates?
|
PKI
|
|
What is the name of a one-way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed.
|
One-way hash
|
|
What is the most secure form of 3DES encryption?
|
DES-EDE3
|
|
What is the maximum number of different keys that can be used when encrypting with 3DES?
|
3 keys
|
|
In a PKI, how are public keys published?
|
through digital certificates
|
|
Which security function is best provided by symmetric cryptography?
|
Confidentiality
|
|
What is the primary role of cross certification?
|
creating trust between different PKIs
|
|
In a known plaintext attack, the cryptanalyst has knowledge of what?
|
both the Plaintext and Ciphertext of several messages
|
|
The DEA performs how many rounds of substitution and permutation?
|
16 Rounds / DES
|
|
What size is an MD5 message digest?
|
128-bit
|
|
Name two types of cipher methods:
|
substitution and transposition
|
|
What are the four modes of DES?
|
ECB, CBC, OFB, CFB
Bonus: CTR |
|
What is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet?
|
SET
|
|
How many bits is the effective length of the key of the DES algorithm?
|
56-bit
|
|
What are the characteristics of the DES encryption algorithm?
|
64-bit
56-bit effective 16 rounds 64 bit blocks with a 64 bit total key lenght 64 in - 64 out |
|
What key has the shortest lifespan?
|
session
|
|
What is the result of a hash algorithm being applied to a message?
|
a message digest / integrity
|
|
The DH algorithm is used for what?
|
key exchange
|
|
Electronic signatures can prevent messages from being?
|
repudiated
|
|
What does the directive of the EU on electronic signatures deal with?
|
non-repudiation / digital signatures
|
|
What are the three most important functions that digital signatures provide?
|
non-repudiation, authentication, integrity
|
|
Which algorithm has been selected as the AES algorithm, replacing DES?
|
Rijndael
|
|
What is the effective key size of DES?
|
56-bit
|
|
Strong encryption means what?
|
128-bit or higher
|
|
What technique is used in the encryption of data between a web browser and server?
|
SSL
|
|
Which protocol that provides integrity and authentication for IPSEC can also provide non-repudiation?
|
AH
|
|
The DH algorithm is primarily used for what?
|
Key exchange
|
|
What is the main problem with the renewal of a root CA certificate?
|
it requires the authentic distribution of the new root CA certificate to all PKI participants
|
|
What is the encryption algorithm selected by NIST for the new AES?
|
Rijndael
|
|
What is used to bind a document to its creation at a particular time?
|
digital timestamp
|
|
Identify a weakness of symmetric cryptography:
|
Scalability
Limited security Key distribution or key management |
|
Which type of symmetric encryption is more suitable for a hardware implementation?
|
Stream cipher
|
|
What best provides email message authenticity?
|
signing the message using the sender's private key and encrypting the message using the receiver's public key
|
|
What can best be defined as a cryptanalysis technique in which the analyst tries to determine the key from knowledge of some plaintext ciptertext pairs?
|
Known plaintext attack
|
|
What protects Kerberos against replay attacks?
|
Timestamp
|
|
What is an Internet IPSEC protocol used to negotiate, establish, modify, and delete security association, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key establishment protocol, encryption algorithm, or authentication mechanism?
|
ISAKMP
|
|
What algorithm is used today for encryption in PGP?
|
IDEA
|
|
How many rounds does DES use?
|
16 rounds
|
|
What is a characteristic of using the electronic code book mode of DES encryption?
|
a given block of plain text and a given key will always produce the same cipher text
|
|
What is the primary role of smartcards in PKI?
|
tamperproof, mobile storage and application of private keys of the users
|
|
What encryption method is considered unbreakable?
|
one-time pad
|
|
What kind of encryption technology does VeriSign's SSL utilize?
|
Hybrid model
|
|
The Clipper Chip uses what concept in public key cryptography?
|
Key escrow
|
|
What key size does the Clipper Chip use?
|
80-bit
|
|
What security services are provided by digital signatures?
|
Non-repudiation, integrity, authentication
|
|
What security services are not provided by digital signatures?
|
Confidentiality
|
|
What are the 4 major components of PKI?
|
CA, RA, CRL, X.509
|
|
Which algorithm was DES derived from?
|
Lucifer
Bonus: IBM Project |
|
Which protocol makes use of an electronic wallet on a customer's PC and sends encrypted credit card information to a merchant's web server, which digitally signs it and sends it on to its processing bank?
|
SET
|
|
SSL provides security services at which layer of the OSI model?
|
Layer 4, Transport
|
|
What enables users to validate each other's certificate when they are certified under different certification hierarchies?
|
Cross Certification
|
|
What is the key size of the IDEA algorithm?
|
128-bit
|
|
Name the substitution cipher that shifts the alphabet by 13 places.
|
ROT13
|
|
True or False
Two files should not have the same message digest, message digests are usually of a fixed size, and the original file cannot be created from a message digest. |
True
|
|
Describe certificate path validation:
|
verification of the validity of all certificates of the certificate chain to the root certificate
|
|
What is the role of IKE within the IPSEC protocol?
|
peer authentication and key exchange
|
|
SSL uses MAC for what purpose?
|
message integrity
|
|
What is an authentication method within IKE and IPSEC?
|
public key authentication
pre-shared key certificate based authentication |
|
Compared to RSA, what is the primary benefit of ECC?
|
requires shorter keys for equivalent security / more efficient
|
|
Cryptography does not concern itself with which element of the primary roles of security?
|
Availability
This question is in reference to the CIA triad. |
|
Kerberos depends upon which encryption method?
|
secret key cryptography
|
|
What issues do digital signatures address?
|
Integrity, non-repudiation, and authentication
|
|
Which principle involves encryption keys being separated into two components, each of which does not reveal the other?
|
Split key knowledge
|
|
What is the primary purpose for using one-way hashing of user passwords within a password file?
|
it prevents an unauthorized person from reading or modifying the password / integrity
|
|
Who vouches for the binding between the data items in a digital certificate?
|
CA
|
|
What is the standard format that was established to set up and manage security associations on the Internet in IPSEC?
|
ISAKMP
|
|
Which mail standard relies on a "web of trust"?
|
PGP
|