Security MCQ: April 2020

a. Public-Key infrastructure X.509 (PKIX)
b. Public-Key Cryptography Standards (PKCS)
c. Public-Key and Private Key (PPK)
d. Public -Key Infrastructure and Systems (PKIS)

Answer: a. Public-Key infrastructure X.509 (PKIX)

What algorithm was designed to ensure the integrity of a message and is a one-way hash that provides a has value that can be used with an encryption protocol. This algorithm produces a 160-bit hash value.

a. SHA
b. SHA2
c. MDA
d. MD

Answer: a. SHA

What is/are the characteristics of the hash function?

a. It must be one-way
b. Variable-length input produces fixed length output
c. The algorithm must have few or no collisions
d. All of the above

Answer: d. All of the above

When adding an ephemeral key to Elliptic Curve Diffie-Hellman is know as?

a. Hashing
b. DHE
c. ECDHE

Answer: c. ECDHE

When adding an ephemeral key to Diffie-Hellman is known as?

a. DHE
b. ECDHE
c. Hashing

Answer: a. DHE

Which algorithm uses an ephemeral key. Essentially the algorithm creates a key to use for the single communication session and it is not used again.

a. RSA
b. Diffie-Hellman
c. Elliptic Curve Cryptography
d. ElGamal

Which algorithm is similar functionality to RSA but uses smaller key sizes to obtain the same level of security, It uses points on a curve combined with a point at infinity and the difficulty of solving discrete logarithm problems.

a. RSA
b. Diffie-Hellman
c. Elliptic Curve Cryptography
d. ElGamal

Answer: c. Elliptic Curve Cryptography

What algorithm is used for exchanging keys over an insecure medium. Used primarily to send keys across public networks. The process isn't used to encrypt or decrypt messages but merely used for the creation of a symmetric key between two parties.

a. RSA
b. Diffie-Hellman
c. Elliptic Curve Cryptography
d. ElGamal

Answer: b. Diffie-Hellman

What algorithm is an early public-key encryption system that uses large integers as the basis for the process. It works with both encryption and digital signatures.

a. RSA
b. Diffie-Hellman
c. Elliptic Curve Cryptography
d. ElGamal

Answer: a. RSA

Public key and Private key together are referred to as Public Key Cryptography (PKC).

a. True
b. False

Answer: a. True

The sender uses the _ key to encrypt a message and the receiver uses the key to decrypt the message.

a. Private and Public
b. Public and Private

Answer: b. Public and Key

What are the Asymmetric keys referred ?

a. Public key and Private key
b. PKI and PII
c. TCP and SSL

Answer: a. Public key and Private key

Asymmetric Algorithms uses how many keys to encrypt and decrypt?

a. 2
b. 4
c. 6
d. 8

Answer: a. 2

Which secrecy occurs when the process is unbreakable?

a. Perfect forward secrecy
b. Forward secrecy

Answer: a. Perfect forward secrecy

Which property of any key exchange system ensures that if one key is compromised a subsequent keys will not also be compromised?

a. Perfect forward secrecy
b. Forward secrecy

Answer: b. Forward secrecy

Which key exchange means that some other channel, other than the one that is going to be secured, is used to exchange the key?

a. In-band
b. Out-of-band

Answer: b. Out-of-band

IPSec use which type of key exchange?

a. In-band
b. Out-of-band

Answer: a. In-band

Which key exchange is exchanged within the same communications channel that going to be encrypted?

a. In-band
b. Out-of-band

Answer: a. In-band

Which algorithm uses a key that is as long as a plaintext message and the keys are used only once.

a. IDEA
b. Blowfish
c. One-Time Pads
d. Twofish

Answer: c. One-Time Pads

What algorithm is known as a truly completely secure cryptographic implantation?

a. IDEA
b. Blowfish
c. One-Time Pads
d. Twofish

Answer: c. One-Time Pads

Which algorithm use 128-bit key and is similar in speed and capability to DES but is more secure. It is used in Pretty Good Privacy (PGP) a public domain encryption system.

a. IDEA
b. Blowfish
c. One-Time Pads
d. Twofish

Answer: a. IDEA (International Data Encryption Algorithm)

Which encryption system is similar to Blowfish and work on 128-bit blocks and it has a complex key schedule?

a. IDEA
b. Blowfish
c. One-Time Pads
d. Twofish

Answer: d. Twofish

Which encryption system performs a 64-bit block cipher at very fast speeds. It is a symmetric block cipher that can use variable-length keys (32 bits - 448 bits)

a. IDEA
b. Blowfish
c. One-Time Pads
d. Twofish

Answer: b. Blowfish

Which Rivest Cipher is used with SSL and TLS?

a. RC1
b. RC3
c. RC3
d. RC4

Answer: d. RC4

Which Rivest Cipher is popular with wireless and WEP/WPA encryption and its steaming cipher that work with key sizes between 40 and 2048 bits.

a. RC2
b. RC3
c. RC4
d. RC5

Answer: c. RC4

Which Rivest Cipher uses a key size up to 2048 bits and is considered to be a strong system?

a. RC2
b. RC3
c. RC4
d. RC5

Answer: d. RC5

What are the current levels of Rivest Cipher ?

a. RC1, RC2, RC3,
b. RC4, RC5, RC6
c. RC7, RC8, RC9

Answer: b. RC4, RC5, RC6

Which algorithm is used in some products offered by Microsoft and IBM. It uses a 40-bit to 128 bit-bit key, and it's very fast and efficient.

a. AES256
b. CAST
c. Ron's Cipher
d. Blowfish

Answer: b. CAST

AES-256 uses 256 bits instead of 128. This qualifies for U.S. government classification as Top Secret.

a. True
b. Flase

Answer: a. True

Which encryption standard use the Rijndael algorithm and supports key sizes of 128, 192, and 256 bits, with 128 bits being the default.

a. AES (Advanced Encryption Standard)
b. BES (Bit Encryption Standard)
c. 3DES (Triple-Data Encryption Standard)
d. DES (Data Encryption Standard)

Answer: a. AES (Advanced Encryption Standard)

Which encryption standard is based on 168-bit key and is more secure than DES?

a. AES (Advanced Encryption Standard)
b. BES (Bit Encryption Standard)
c. 3DES (Triple-Data Encryption Standard)
d. Key Exchange

Answer: c. 3DES (Triple-Data Encryption Standard)

Which encryption standard is based on 56-bit key and was replace by Advance Encryption Standard?

a. DES (Data Encryption Standard)
b. BES (Bit Encryption Standard)
c. 3DES (Triple-Data Encryption Standard)
d. Key Exchange

Answer: a. DES (Data Encryption Standard)

Which cipher encrypts one bit or byte at a time?

a. Stream cipher
b. Block cipher

Answer: a. Stream cipher

Which cipher works on chunks of data-encrypting one and then moving to the next?

a. Stream cipher
b. Block cipher

Answer: b. Block cipher

Symmetric methods use either a block or stream cipher.

a. True
b. False

Answer: a. True

A symmetric key (secret key or private key) is a key that isn't disclosed to people who aren't authorized to use the encryption system.

a. True
b. Flase

Answer: a. True

Which algorithm require both ends of an encrypted message to have the same key and processing algorithms?

a. Symmetric Cryptography
b. Asymmertic Cryptography
c. Bsymmertic Cryptography
d. Hashing Algorithms

Answer: a. Symmetric Cryptography

What are the three areas modern cryptography is divided into?

a. Symmetric Cryptography
b. Asymmertic Cryptography
c. Bsymmertic Cryptography
d. Hashing Algorithms

Answer:

a. Symmetric Cryptography
b. Asymmetric Cryptography
d. Hashing Algorithms

What is the most common way of Steganography?

a. Multi-Alphabet Substitution
b. Transportation Ciphers
c. Substitution Ciphers
d. Least significant bit (Isb)

Answer: d. Least significant bit (Isb)

What is the process of hiding a message in a medium such as a digital image, audio file, or other file?

a. Multi-Alphabet Substitution
b. Transportation Ciphers
c. Substitution Ciphers
d. Steganography

Answer: d. Steganography

The enigma machine was essentially a typewriter that implemented a multi-alphabet substitution cipher?

a. True
b. False

Answer: a. True

Which cipher involves transporting or scrambling the letters in a certain manner. Typically, a message is broken into blocks of equal size, and each block is then scrambled.

a. Multi-Alphabet Substitution
b. Transportation Ciphers
c. Substitution Ciphers
d. Steganography

Answer: b. Transportation Ciphers

Which type of coding or ciphering system shifts all letters a certain number of spaces in the alphabet?

a. Multi-Alphabet Substitution
b. Transportation Ciphers
c. Substitution Ciphers
d. Steganography

Answer: c. Substitution Ciphers

Which type of coding or ciphering system was famous for use of the Multi-Alphabet Substitution?

a. Vigenère Cipher
b. Caesar Cipher
c. Enigma Machine
d. Steganography

Answer: a. Vigenère Cipher

One of the problems with substitution ciphers is that they did not change the underlying letter and word frequency of the text.

a. True
b. False

Answer: a. True

Which type of coding or ciphering system used many substitutions?

a. Multi-Alphabet Substitution
b. Transportation Ciphers
c. Substitution Ciphers
d. Stenography

Answer: a. Multi-Alphabet Substitution

Which type of coding or ciphering system changes one character or symbol into another?

a. Multi-Alphabet Substitution
b. Transportation Ciphers
c. Substitution Ciphers
d. Steganography

Answer: c. Substitution Ciphers

Which asymmetric algorithm algorithm involves four steps: key generation, key distribution, encryption and decryption.

a. RSA
b. AES
c. 3DES
d. SHA

Answer: a. RSA (Ron Rivest, Adi Shamir, and Leonard Adleman (R.S.A.))

Pretty Good Privacy is an excellent e-mail encryption tool that is either free or low cost.

a. True
b. False

Answer: a. True

Which of the following would be the best choice for e-mail encryption?

a. MID5
b. IPSEC
c. TLS
d. PGP

Answer: d. PGP

Message Authentication Code (MAC) is derived from what to elements?

a. Message and Key
b. Username and Password
c. NAT and NIC
d. Host and Labels

Answer: a. Message and Key

Which process allows all users and interested parties to comment on proposed standards for the internet. The editor manages the process and is responsible for cataloging, updating, and tracking?

a. NSA
b. NIST
c. IEEE
d. RFC

Answer: d. RFC

Hashing algorithms must be one-way/non reversible, have variable-length input and fixed-length output, and be collision resistant.

a. True
b. False

Answer: True

Which of the following is similar to Blowfish but works on 128-bit blocks?

a. Twofish
b. IDEA
c. CCITT
d. AES

Answer: a. Twofish

Which set of specification is designed to allow XML-based programs access to PKI services?

a. XKMS
b. XMLS
c. PKXMS
d. PKIXMLS

Answer: a. XKMS

Which protocol allows a certificate's authenticity to be immediately verified?

a. CA
b. CP
c. CRC
d. OCSP

Answer: d. OCSP

What is the process of storing keys for use by law enforcement called?

a. Key escrow
b. Key archival
Key renewal
Certificate rollover

Answer: a. Key escrow

What document describes how a CA issues certificates and for what they are used?

a. Certificate policies
b. Certificate practices
c. Revocation authority
d. CRL

Answer: a. Certificate policies

You've been instructed to suspend a key. Which of the following statements is true?

a. In order to be used, suspended keys must be revoked.
b. Suspended keys don't expire.
c. Suspended keys can be reactivated.
d. Suspending keys is a bad practice.

Answer: c. Suspended keys can be reactivated.

Which organization can be used to identify and individual for certificate issues in a PKI environment?

a. RA
b. LRA
c. PKE
d. SHA

Answer: b. LRA

What is often used to revoke a certificate?

a. CRA
b. CYA
c. CRL
d. PKI

Answer: c. CRL

What is the primary organization for maintaining certificates called?

a. CA
b. RA
c. LRA
d. CRL

Answer: a. CA

Which of the following is not a consideration in key storage?

a. Environmental controls
b. Physical security controls
c. Hardened servers
d. Administrative controls

Answer: a. Environmental controls

You need to encrypt your hard drive. Which of the following is the best choice?

a. DES
b. RSA
c. AES
d. SHA

Answer: c. AES

What problem is created by using a centralized key-generating process?

a. Network security
b. Key transmission
c. Certificate revocation
d. Private key security

Answer: b. Key transmission

MAC is an acronym for what as it relates to cryptography?

a. Media access control
b. Mandatory access control
c. Message authentication code
d. Multiple advisory committees

Answer: c. Message authentication code

Which of the following protocols is similar to SSL but offers the ability to use additional security protocols?

a. TLS
b. SSH
c. RSH
d. X.509

Answer: a. TLS

Mary claims that she didn't make a phone call from her office to a competitor and tell them about developments at her company. Telephone logs, however, show that such a call was placed from her phone, and time clock records show that she was the only person working at the time. What do these records provide?

a. Integrity
b. Confidentiality
c. Authentication
d. Nonrepudiation

Answer: d. Nonrepudiation

The process of proposing a new standard or method on the Internet is referred to by which acronym?

a. WBS
b. X.509
c. RFC
d. IEEE

Answer: c. RFC (Request for Comments)

Which of the following is the most widely used asymmetric algorithm today?

a. RSA
b. AES
c. 3DES
d. SHA

Answer: a. RSA

Which government agency should you mention is primarily responsible for establishing government standards involving cryptography for general-purpose government use?

a. NSA
b. NIST
c. IEEE
d. ITY

Answer: b. NIST (National Institute of Standards and Technology )

Which of the following does not apply to a hashing algorithm?

a. One-way
b. Long key size
c. Variable-length input with fixed-length output
d. Collision resistance

Answer: b. Long key size

Which of the following encryption algorithms are supported by the IEEE 802.11i standard? (Select the two best answers)

You selected a cipher that will encrypt 128 bits at a time before sending the data across the network. Which of the following have you chosen?

You are tasked with selecting an asymmetric encryption method that allows for the same level of encryption strength, but with a lesser key length than is typically necessary. Which encryption method fulfills your requirements?

Which of the following are asymmetric encryption algorithms? (Select the three best answers)

Which of the following are symmetric encryption algorithms? (Select the four best answers)

Which of the following is the weakest encryption type?

A user decrypt an encrypted signature that was encrypted using asymmetric cryptography. What does this sender need to decrypt the message?

A user sends an encrypted signature that was encrypted using asymmetric cryptography. What does this sender need to send the message?

A user sends an encrypted message that was encrypted using asymmetric cryptography. What does this recipient need to receive the message?

A user receives an encrypted message that was encrypted using asymmetric cryptography. What does this recipient need to decrypt the message?

Which type of encryption technology is used with the bitlocker application?

Which of the following technologies uses a PSK (Preshared Key)?

Which of the following encryption methods deals with two distinct large prime numbers and the inability to factor those prime numbers?

Which of following algorithms is used by the protocol TLS to establish a session key?

How many bit keys are common in 3DES?

How many bit keys are common in AES-256?

How many bit keys are common in AES?

How many bit keys are common in DES?

How many bit keys are common in Asymmetric encryption?

MD5 algorithm will have how many bits?

SHA1 algorithm will have how many bits?

SHA2 algorithm will have how many bits?

Which Algorithm has Typical Key Size of 128/192/256-Bit?

Which Algorithm has Typical Key Size of 256-Bit?

Which Algorithm has Typical Key Size of 64-Bit?

Which Algorithm has Typical Key Size of 128-Bit?

Which Algorithm has Maximum Key Size of 256-Bit?

Which Algorithm has Maximum Key Size of 168-Bit?

Which Algorithm has Maximum key Size of 56-Bit?

SHA-2 has many sizes (224, 256, 334, 512 bit) and is the most widely used.

An organization that is responsible for issuing, revoking, and distributing certificates is know as Certificate Authority (CA).

What version of X.509 our used for CRL certificates?

What version of X.509 our used for End Entity and CA certificates?

What is the working group formed by the IETF to develop standards and models for the PKI environment?

What algorithm was designed to ensure the integrity of a message and is a one-way hash that provides a has value that can be used with an encryption protocol. This algorithm produces a 160-bit hash value.

What is/are the characteristics of the hash function?

When adding an ephemeral key to Elliptic Curve Diffie-Hellman is know as?

When adding an ephemeral key to Diffie-Hellman is known as?

Which algorithm uses an ephemeral key. Essentially the algorithm creates a key to use for the single communication session and it is not used again.

Which algorithm is similar functionality to RSA but uses smaller key sizes to obtain the same level of security, It uses points on a curve combined with a point at infinity and the difficulty of solving discrete logarithm problems.

What algorithm is used for exchanging keys over an insecure medium. Used primarily to send keys across public networks. The process isn't used to encrypt or decrypt messages but merely used for the creation of a symmetric key between two parties.

What algorithm is an early public-key encryption system that uses large integers as the basis for the process. It works with both encryption and digital signatures.

Public key and Private key together are referred to as Public Key Cryptography (PKC).

The sender uses the _______ key to encrypt a message and the receiver uses the ______ key to decrypt the message.

What are the Asymmetric keys referred ?

Asymmetric Algorithms uses how many keys to encrypt and decrypt?

Which secrecy occurs when the process is unbreakable?

Which property of any key exchange system ensures that if one key is compromised a subsequent keys will not also be compromised?

Which key exchange means that some other channel, other than the one that is going to be secured, is used to exchange the key?

IPSec use which type of key exchange?

Which key exchange is exchanged within the same communications channel that going to be encrypted?

Which algorithm uses a key that is as long as a plaintext message and the keys are used only once.

What algorithm is known as a truly completely secure cryptographic implantation?

Which algorithm use 128-bit key and is similar in speed and capability to DES but is more secure. It is used in Pretty Good Privacy (PGP) a public domain encryption system.

Which encryption system is similar to Blowfish and work on 128-bit blocks and it has a complex key schedule?

Which encryption system performs a 64-bit block cipher at very fast speeds. It is a symmetric block cipher that can use variable-length keys (32 bits - 448 bits)

Which Rivest Cipher is used with SSL and TLS?

Which Rivest Cipher is popular with wireless and WEP/WPA encryption and its steaming cipher that work with key sizes between 40 and 2048 bits.

Which Rivest Cipher uses a key size up to 2048 bits and is considered to be a strong system?

What are the current levels of Rivest Cipher ?

Which algorithm is used in some products offered by Microsoft and IBM. It uses a 40-bit to 128 bit-bit key, and it's very fast and efficient.

AES-256 uses 256 bits instead of 128. This qualifies for U.S. government classification as Top Secret.

Which encryption standard use the Rijndael algorithm and supports key sizes of 128, 192, and 256 bits, with 128 bits being the default.

Which encryption standard is based on 168-bit key and is more secure than DES?

Which encryption standard is based on 56-bit key and was replace by Advance Encryption Standard?

Which cipher encrypts one bit or byte at a time?

Which cipher works on chunks of data-encrypting one and then moving to the next?

Symmetric methods use either a block or stream cipher.

A symmetric key (secret key or private key) is a key that isn't disclosed to people who aren't authorized to use the encryption system.

Which algorithm require both ends of an encrypted message to have the same key and processing algorithms?

What are the three areas modern cryptography is divided into?

What is the most common way of Steganography?

What is the process of hiding a message in a medium such as a digital image, audio file, or other file?

The enigma machine was essentially a typewriter that implemented a multi-alphabet substitution cipher?

The sender uses the _ key to encrypt a message and the receiver uses the key to decrypt the message.