Download Introduction to Cryptography - D334 Questions with Solutions and more Exams Cryptography and System Security in PDF only on Docsity!
Introduction to Cryptography - D334 Questions with
Solutions
1. Which cryptanalysis attacks involve examining patterns in the random char- acters
combined with the plaintext message to produce the ciphertext to see how long the key goes before it starts to repeat? A Linear cryptanalysis B Frequency analysis C Algebraic attacks D Keystream analysis: Keystream analysis
2. An intruder is trying to break a cryptographic code by attacking both the plaintext
and the ciphertext at the same time. Which type of attack is the intruder using? A Frequency analysis B Linear cryptanalysis C Differential cryptanalysis D Double DES attack: Double DES attack
3. Which IT security standard provides internationally-recognized criteria for
validating and approving encryption devices for deployment? A FIPS 199 B SP 800- 53 C FISMA
D FIPS 140-2: FIPS 140- 2
4. A company wants to protect the content of employees' laptops to make sure that, in
case of a loss, someone who finds the laptop cannot easily bypass the operating system access controls by placing the hard drive in another computer system. Which encryption method can the company use for this scenario? A Self-encrypting drive B File encryption C Trusted Platform Module D Full disk encryption: Full disk encryption
5. A bank's customer wants to log in to a bank's website at https://www.bankname.com
to do an online banking transaction. How can this customer make sure the bank is authentic and someone else is not pretending to be the bank? A Choosing a symmetric session key B Sending a Client Hello C Receiving a Server Hello D Verifying that the public key belongs to the bank through the bank's digital- : Verifying that the public key belongs to the bank through the bank's digital
6. Online banking transactions are almost identical every time and the data being
transported back and forth is almost always the same. This makes the transaction very susceptible to attacks. How can a bank customer make sure that each banking session
A Gas B Hyperledger C Block mining D Smart contracts: Smart contracts
10. There are different parts involved in Bitcoin transactions. Which part of the
transaction defines the number of bitcoins to be transferred to the receiver with the receiver's public key ID? A The IN part of the transaction B The LOG part of the transaction C The PROOF OF WORK part of the transaction D The OUT part of the transaction: The OUT part of the transaction
11. A crypto miner is competing with other miners to mine a new token that will be
added to the cryptocurrency blockchain. Which technique can the miner use to mine the block? A Chain linking B Record of transaction C Smart contracts D Proof of work: Proof of work
12. How do you measure the amount of computational effort required to perform a
transaction or execute a contract on the Ethereum blockchain? A Proof of work
B Hyperledger C Record of transaction D Gas: Gas
13. A wireless client wants to gain access to a network. Which wireless secu- rity
standards can the network device use to authenticate the client? A WPA- 2 B WEP C WPA D LEAP: LEAP
14. A social media company refuses to hand over the encryption keys involved in
secure communications to the government for an ongoing investigation. Which cryptographic backdoor will allow only the government agents to crack the encryption, but no one else? A RSA cracking B Encryption by default C Key escrow D NOBUS backdoor: NOBUS backdoor
15. A bank's customer opens the log-in page of the bank to do an online banking
transaction. How can the customer verify that the bank's digital certificate is trustworthy and has not been canceled by the issuing certificate authority (CA)? A Submit a request to the certification a uthority
ciphertext to decode the original message. How can the developer make sure that the ciphertext does not give the original plaintext if played back? A Use shift row transformation B Use electronic code book C Use RC5 cipher D Add salt with an initialization vector: Add salt with an initialization vector
19. Which method of encryption uses a polyalphabetic substitution cipher to encrypt a
plaintext message? A Vigenère cipher B BIFID cipher C Pigpen cipher D Caesar cipher: Vigenère cipher
20. Which two pioneers are called the fathers of asymmetric cryptography used in
PKI?
A Sir Francis Bacon and Alan Turin B Will Friedman and Ron Rivest C Whitfield Diffie and Martin Hellman D Thomas Jefferson and Blaise de Vigenère: Whitfield Diffie and Martin Hellman
21. Which cryptographic cipher is stream-based?
A RC
B RC
C RC
D RC4: RC
22. An attacker is trying to break an encrypted message. The attacker is able to access
the crypto device and wants to run plaintexts through the device to see how its encryption process works. What method is the attacker using to break the message? A Known plaintext attack B Man-in-the-middle attack C Ciphertext-only attack D Chosen attack: Chosen attack
23. Which encryption algorithm operates on 64-bit blocks of plaintext using a 128-bit
key and has over 17 rounds with a complicated mangler function? A Blowfish B RC C Skipjack D International Data Encryption Algorithm (IDEA): International Data Encryption Algorithm (IDEA)
24. Which method of brute-force attack uses a list of common words and phrases
in an attempt to break passwords? A Known plaintext attack B Rainbow table attack
D Hash-based message authentication code (HMAC): Hash-based message authentication code (HMAC)
28. A developer wants to install a newly released patch received from a soft- ware
manufacturer. Which cryptographic algorithm can the developer use to trust that the software truly came from the vendor and that the patch has not been altered or manipulated? A Public-key algorithm B Secret-key algorithm C Hashing function D Digital signature algorithms: Digital signature algorithms
29. Which internationally recognized standard is used in public-key infrastruc- ture
(PKI) to define the format of public-key certificates? A FIPS 199 B Digital Signature Standard (DSS) C FIPS 140- 2 D X.509 standard: X.509 standard
30. A developer wants to send a system administrator a message and wants to use a
cipher that reorders the plaintext characters to create the ciphertext. Which cipher meets this requirement? A Playfair cipher B Transposition cipher
C Shift cipher D Substitution cipher: Transposition cipher
31. A developer wants to encrypt a data stream using a symmetric key and wants to
encrypt the data in such a way that the cipher method encrypts the individual bits. Which cipher method can the developer use to meet this requirement? A Key entropy B Cipher block chaining C Block cipher D Stream cipher: Stream cipher
32. A developer wants to send an encrypted message to a system admin- istrator by
generating a hash value for the message. The developer is also afraid that a third party might be able to reverse the derived cipher back to the original message. Which attack method is commonly used to map the hashed values back to the original message? A Man-in-the-middle attack B Dictionary attack C Brute-force attack D Rainbow table attack: Rainbow table attack
33. A developer wants to encrypt a real-time application where speed and simplicity
are both requirements. The developer wants to use a cipher method that can operate on the data stream to encrypt the individual bit of the message one by one. Which encryption method meets these requirements?
password each time based on an initial seed value? A HMAC B One-time passwords (OTP) C Salting D LM hashing: One-time passwords (OTP)
37. A password is typically hashed on Windows and Linux to make it difficult for an
intruder to determine the password. Which method is used in Microsoft Windows to store users' hashed passwords for computers that connect to an Active Directory domain? A Bcrypt B SYSKEY
C NTLMv D LM: NTLMv
38. What are the two main applications of public-key encryption?
A Secret-key protection and identity checking B Secret and public-key protection C Data encryption and identity checking D Data encryption and public-key protection: Secret-key protection and identity checking
39. A developer wants to send a system administrator an encrypted email message
and uses a system administrator's email address to generate the public key. Which encryption method is a developer using in this process? A Elliptic-curve cryptography B Knapsack encryption C Homomorphic encryption D Identity-based encryption: Identity-based encryption
40. How can you make sure that all the session keys used in client-server key
exchange are not compromised even if the server's long-term encryption key is compromised? A Elliptic-curve ciphers B Perfect Forward Secrecy
C Certificate authority D Digital certificate: PKI
44. Which security components are provided by digital signature?
A Integrity, non-repudiation, and proof of origin B Non-repudiation, integrity, and confidentiality C Proof of origin, confidentiality, and non-repudiation D Confidentiality, integrity, and proof of origin: Integrity, non-repudiation, and proof of origin
45. Which combination of cryptographic algorithms is used to create digital
signatures based on the U.S. Digital Signature Standards? A SHA-2 and AES B SHA-1 and AES C AES and RSA D SHA-2 and RSA: SHA-2 and RSA
46. Which key method is used to create the tunnel in SSL/TLS connections?
A Session key method B Symmetric key method C Hashing method D Asymmetric key method: Symmetric key method
47. Who sends the digital certificate and the selected cipher suites to use during
RSA key exchange in HTTPS connections? A Neither the server nor the client B The client C The server and the client D The server: The server
48. Which backdoor cryptography method involves having a copy of the en- cryption
key that law enforcement agents could use if they require access to the data? A Key escrow B Encryption by default C RSA cracking D NOBUS backdoor: Key escrow
49. Which encryption cracking method involves an intruder sending a legiti- mate
message into the network at some future time? A Time attack B Cut-and-paste C Chosen-ciphertext D Replay system: Replay system
50. An intruder wants to break an encrypted message. After successfully accessing
the crypto device, the attacker first runs a plaintext through the device to see how its encryption process works. Then the intruder alters the plaintext to see how the alteration affects the ciphertext that is being generated. What attack method is the
B SIMON
C SPECK
D SPONGENT: PRESENT
54. Which aspect of blockchain involves solving a complex mathematical puzzle with
proof of work when calculating the block address needed to add a block to a blockchain? A Hyperledger B Smart contracts
C Block address D Block mining: Block mining
55. What are the two common options for implementing a blockchain?
A Bitcoin and Ethereum B Hyperledger and smart contracts C Ethereum and cryptocurrency D Block address E Hyperledger and Ethereum: Hyperledger and Ethereum
56. Which combination of ciphers and keys is used in bitcoin mining?
A Chain Block Ciphers (CBC), 512-bit private key, 256-bit public key B Elliptic curve ciphers (ECC), 512-bit private key, 256-bit public key C Chain Block Ciphers (CBC), 256-bit private key, 512-bit public key D Elliptic curve ciphers (ECC), 256-bit private key, 512-bit public key: Elliptic curve ciphers (ECC), 256-bit private key, 512-bit public key
57. There are different parts involved in Bitcoin transactions. Which part of the
transaction involves the Bitcoin receiver sending their public key to the sender, and the sender then uses their private key to create a signature for the transaction, and also adds a public key?
