Encryption – Flashcards
Unlock all answers in this set
Unlock answersquestion
Certificate Authorities help prevent man-in-the-middle attacks by creating and distributing signed public and private key pairs. This signature serves to verify that the public key the sender is using for encryption is truly the public key of the intended recipient. Select one: True False
answer
True
question
Two people can verify they are communicating with each other by using a ____________, which verifies each party's identity by being the distributor of public and private keys that both parties use. These keys are digitally signed so both parties can be assured they are communicating with each other. Select one: a. Hash Authority b. Certificate Authority c. Signature Authority d. Digital Signature
answer
b. Certificate Authority
question
What advantages are there to performing encryption in software, rather than hardware? Select one: a. No additional hardware is required b. It can be done faster c. It can be done more efficiently d. None of the above
answer
a. No additional hardware is required
question
What do digital signatures provide? Select one: a. Assurance that the stated author is the actual person that created the information b. Security by ensuring that only the intended recipients will be able to read the data c. Assurance that the data does not contain any viruses or malware d. Assurance that the stated author is the actual person that created the information, as well as assurance that the information has not been modified
answer
d. Assurance that the stated author is the actual person that created the information, as well as assurance that the information has not been modified
question
An encryption function takes cleartext and a key as input and returns ciphertext. Select one: True False
answer
True
question
What happens when verifying a document with a digital signature? Select one: a. A message is decrypted with a corresponding public key to create a message digest, and then another message digest is created and compared to the received message digest to verify the sender b. A message is decrypted with the receiver's private key to create a message digest, and then another message digest is created and compared to the received message digest to verify the sender c. A message is decrypted with a public key and then hashed to determine if it is an authentic message from the proposed sender d. A message is decrypted with a corresponding public key, and then the digital attachment is examined to see if it is in fact a scan of the sender's signature
answer
a. A message is decrypted with a corresponding public key to create a message digest, and then another message digest is created and compared to the received message digest to verify the sender
question
The encryption algorithm used to encrypt or decrypt a piece of data is referred to as a: Select one: a. Cipher b. Hash c. Ciphertext d. Key
answer
a. Cipher
question
Symmetric key encryption gets its name because: Select one: a. Both parties must initiate the ciphering software in order to exchange data b. The involved parties must use two keys derived from the same cipher in order to exchange data c. The involved parties must use different encryption keys at the same time to exchange data d. Both parties must use the same encryption key to exchange data
answer
d. Both parties must use the same encryption key to exchange data
question
The process of converting ciphertext to plaintext is known as: Select one: a. Cryptography b. Encryption c. Decryption d. Cipher processing
answer
c. Decryption
question
A simple Caesar cipher uses a shift to encrypt while the XOR cipher needs a key to encrypt. Select one: True False
answer
True
question
Symmetric key encryption requires keys to be distributed prior to communicating with the other party (i.e. the key is computed ahead of time, before initiating any communications). Select one: True False
answer
False
question
An encryption key that is used by anyone in order to encrypt a file and send it to the owner of the encryption key so that the owner may decode it is referred to as: Select one: a. A hashed key b. A symmetric key c. A public key d. A private key
answer
c. A public key
question
_________ is the process of transforming cleartext into ciphertext. Select one: a. Decryption Incorrect b. Cryptography c. Cipher d. Encryption
answer
d. Encryption
question
How does a valid digital signature assure the recipient that the document has not been tampered with? Select one: a. The digital signature was encrypted using the recipient's public key b. The digital signature is transmitted in a separate message from the document c. A valid digital signature cannot assure the recipient the document has not been tampered with d. The hash contained in the digital signature was encrypted with the sender's private key and could not have been modified without making the signature invalid. If the signature is valid, then the data must not have been tampered with.
answer
d. The hash contained in the digital signature was encrypted with the sender's private key and could not have been modified without making the signature invalid. If the signature is valid, then the data must not have been tampered with.
question
It is best for a private key to be stored on the same server as the data decryption software. Select one: True False
answer
False
question
What is the recommended minimum key length for most applications and ciphers? Select one: a. 256 bits b. 32 bits c. 56 bits d. 128 bits
answer
d. 128 bits
question
A brute force attack works by: Select one: a. Analyzing the encrypted data in an effort to deduce the correct password/key b. Using a list of common words or expressions in an effort to guess the correct password/key c. Using known facts about the person in an effort to guess the correct password/key d. Trying every combination of letters and numbers until the correct password/key is found
answer
d. Trying every combination of letters and numbers until the correct password/key is found
question
Cryptography is: Select one: a. A mathematical function that utilizes the data input to produce a value based on that data b. The process of converting cleartext into ciphertext c. The study of encoding data so that confidentiality of communications can be maintained between two parties d. The encryption algorithm used to encrypt or decrypt a piece of data
answer
c. The study of encoding data so that confidentiality of communications can be maintained between two parties
question
Regarding cryptography, a private key should be kept secure since: Select one: a. It can be used to access sensitive information AND it can be used to encrypt data so that the original authors cannot read it b. It can be used to access sensitive information c. It can change daily, requiring the previous key to unlock it d. It can be used to encrypt data so that the original authors cannot read it
answer
b. It can be used to access sensitive information
question
Why is the length of an encryption key important? Select one: a. Shorter keys are less secure, meaning the data can be decrypted by an attacker b. Key length doesn't matter c. Data encrypted with longer keys can require more network bandwidth to transmit d. Longer keys are less efficient, causing wasted space
answer
a. Shorter keys are less secure, meaning the data can be decrypted by an attacker
question
How is public key cryptography different than symmetric key cryptography? Select one: a. Public key cryptography secures data so that it can travel over public networks like the internet b. Symmetric key cryptography uses the same key for both encryption and decryption c. Symmetric key cryptography always ensures that the data is unchanged after decryption d. None of the above
answer
b. Symmetric key cryptography uses the same key for both encryption and decryption
question
Which of the following are commonly used examples that implement symmetric key encryption? Select one or more: a. Digital signatures b. Secure Socket Layer (SSL) c. Blowfish d. Data Encryption Standard or DES e. Pretty Good Privacy
answer
b. Secure Socket Layer (SSL) c. Blowfish d. Data Encryption Standard or DES
question
Ideally, where should encryption keys be stored? Select one: a. On a physically separate system from the encrypted data b. On the same system as the encrypted data c. On a non-networked, physically secured storage device d. On a seperate CD/DVD, clearly labeled and available for anyone that wants to use it
answer
c. On a non-networked, physically secured storage device
question
What could happen if an attacker were to plant a virus on a system that encrypted data in software? Select one: a. The virus could interfere with the encryption process b. The virus could potentially discover the encryption key c. Both A and B d. None of the above
answer
c. Both A and B
question
Secure Sockets Layer, TLS and Pretty Good Privacy are examples of algorithms that use what type of encryption? Select one: a. Symmetric key encryption b. Public key encryption c. Single key encryption d. Private key encryption
answer
b. Public key encryption
question
The data or text that has been encrypted or encoded is referred to as: Select one: a. Key b. Hash function c. Cleartext d. Ciphertext
answer
d. Ciphertext
question
The encryption of storage devices is desired because: Select one: a. It is cheaper than encryption of a few specific files b. The encryption performed by software is extremely unreliable c. It is important to ensure data will not be exposed to unauthorized parties d. None of the above
answer
c. It is important to ensure data will not be exposed to unauthorized parties
question
A hash function is: Select one: a. A one-way function that uses a cipher to produce a piece of data that helps to encrypt other data b. A two-way function that, used in conjunction with a key, takes cleartext and encrypts it into ciphertext c. A one-way function that creates a random number as a digital signature d. A one-way function that mathematically manipulates the input data to create an output value
answer
d. A one-way function that mathematically manipulates the input data to create an output value
question
Encryption
answer
The encoding of data in such a way so that only the sender and intended recipient can decode and read it.
question
Decryption
answer
The process of returning encrypted data to its original form.
question
Key
answer
A piece of data used for encryption, or decryption, through use of a cipher.
question
Brute force attack
answer
An attack that involves trying every possible key or password until the correct one is found. It is a simple trial and error attempt to break an encryption algorithm.
question
Symmetric key cryptography
answer
A method of encryption where both parties use the same key and cipher to encode and decode the ciphertext.
question
Digital signatures
answer
Provides a way to cryptographically sign a message or piece of information.
question
Public key cryptograhphy
answer
Uses different keys to perform encryption and decryption.
question
Certificate Authorities
answer
A third party that verifies the true identity of a party during encrypted communications.
question
Comprehensive security plan
answer
• encryption algorithms • certifying authorities • key distribution plan
question
Plaintext/cleartext
answer
Text that has not been encoded.
question
Cipher
answer
The algorithim or method used to encode the data.
question
Key
answer
Used along with the cipher to encode/decode data.
question
Ciphertext
answer
Text that has been encoded.
question
Hash function
answer
A function that takes data as input and performs a series of mathematical operations on the data to produce a unique output - a good hash function should rarely produce the same output from different input.
question
Hash
answer
A value produced by a hash function.
question
Encrypt
answer
Converting cleartext to ciphertext.
question
Decrypt
answer
Converting ciphertext to cleartext.
question
Eavesdropping
answer
A type of attack in which the attacker is able to secretly monitor communications between two unsuspecting parties.
question
Man-in-the-middle attack
answer
A type of attack where the attacker has the ability to eavesdrop on, block or manipulate communications between two unsuspecting parties.
question
Cryptographic function
answer
The software or hardware mechanism that transforms cleartext into ciphertext, or vice versa. Most modern cryptographic functions are quite complex and complex mathematical calculations.
question
Symmetric key encryption
answer
Both parties use the same key and cipher to encode and decode the ciphertext.
question
Key
answer
A piece of data used for encryption, or decryption, through use of a ciphert. This has the advantage of being relatively simple to implement. Unfortunately security is often sacrificed, since the key must be distributed.
question
Exclusive OR (XOR)
answer
A common computer operation frequently used to check the value of a bit. XOR is particularly useful because it is easy to construct specialized digital circuits to perform this operation. When presented with two values to inspect, XOR ensures that exactly one of the values is true ("1"). If any other combination of values is encountered, XOR produces a result of false ("0"). Consider the following: •1 XOR 0 = True (1) •0 XOR 0 = False (0) •0 XOR 1 = True (1) •1 XOR 1 = False (0)
question
Cipher vs key
answer
Cipher is the function or operation. Key is the value.
question
___________ is the term given to data or text that has been encoded. • Cleartext • Key • Codetext • Ciphertext
answer
Ciphertext
question
Plaintext or cleartext is the term for: • The algorithm used to encrypt or decrypt data or text • The data or text that has been encrypted • Data used to encrypt or decrypt other data or text • The data or text that is not encrpted
answer
• The data or text that is not encrpted
question
A ___________ analyzes data and produces a unique value based on that data. It is used in the creation of digital signatures. • Hash function • Key • Cipher • Cleartext
answer
Hash function
question
Which of the following is one definition of the word "cipher"? • Data that has been successfully encrypted AND decrypted • The data that is output from the encryption function/process • The algorithm or method used to encrypt/decrypt data • The data is output from a hashing function
answer
The algorithm or method used to encrypt/decrypt data
question
___________ is the term that describes the study of encoding data so it is kept confidential between two parties. • Encryption • Cryptography • Cipher • Decryption
answer
Cryptography
question
Both the XOR (Exclusive OR) cipher and the ROT 13 Caesar Cipher are examples which use: • Double key encryption • Public key encryption • Single key encryption • Transmitted key encryption
answer
Single key encryption
question
A(n) ___________ function basically works as a black box, where cleartext and a key go in, and ciphertext comes out. • Decryption • Encryption • Hash • Cleartext
answer
Encryption
question
The word hellow is encrypted into the text ydssm. Which of the following is considered the cyphertext in this example? • Ciphertext is not used in this example • ydssm • Hello • The method used to encrypt the word
answer
ydssm
question
___________ is the piece of data that is used to encrypt or decrypt a message or other blocks of data. • Hash function • Cipher • Cleartext • Key
answer
Key
question
A(n) ________ function takes ciphertext (data that has been encrypted) and a secret key as input and uses the secret key to decode the data back into the original, unaltered cleartext. • Encryption • Decryption • Hash • Routing
answer
Decryption
question
Symmetric key distribution
answer
• Distribute the key ahead of time. • Use complex mathematics to transmit part of the key over the network.
question
Symmetric key algorithm examples
answer
• Advanced Encryption Standard (AES) (Rijindael) • Data Encryption Standard (DES) • Triple-DES (TDES) • Serpent • Blowfish • Secure Sockets Layer (SSL)
question
A ________ key is an encryption key made available to anyone wanting to transmit data to the key's creator. • Private • Secure • Public • Master
answer
Public
question
With modern technology, an encryption key with a length of 128 bits would: • Take one year to crack • Take an effectively infinite time to crack • Take one week to crack • Take one day to crack
answer
Take an effectively infinite time to crack
question
In order to double the amount of time it would take an attacker to crack an encryption key, you could: • Add one bit to the length of the encryption key • Remove one bit from the encryption key length • You can only do this by adding a second encryption key • Create a new encryption key once a week
answer
Add one bit to the length of the encryption key
question
When using ________ encryption, two people decide on a mutual encryption key in order to securely exchange data wit one another. • Private key • Mutual key • Public key • Symmetric key
answer
Symmetric key
question
Blowfish and data encryption standard or DES are examples of algorithms that use: • Multiple key encryption • Symmetric key encryption • Asymmetric key encryption • Public key encryption
answer
Symmetric key encryption
question
If an attacker discovers another person's private encryption key, then they have successfully ________. • Ciphered the system • Hashed the key • Cracked the key • Encrypted the system
answer
Cracked the key
question
Public key cryptography
answer
Also called asymmetric key cryptography. In most instances, each person publishes one key publicly. Parties who wish to communicate with that person will then use that public key to encrypt the data that they wish to transmit. Each person/party has two keys. •Public key which is published and can be accessed by anyone. •Private key, also known as the secret key, that is kept confidential. The two keys are mathematically related. •Information encrypted with the public key can be decrypted only with the private key.
question
Digital signature
answer
The inverse of how traditional encryption works, with the user's private key being used to sign the document, and others using the public key to verify the signature.
question
Examples of Certificate Authorities
answer
•Verisign •GlobalSign •Entrust •GoDaddy •Thawte (Owned by Verisign)
question
Examples of public key algorithms/protocols
answer
• Secure Sockets Layer (SSL) • Pretty Good Privacy (PGP) • Secure Shell (SSH)
question
Secure Shell (SSH)
answer
Utilizes public key cryptography during the initial stages of the connection, while the identities of one or both parties are being validated. This is done to ensure that an attacker is not performing a man in the middle attack and posing as either the client or (more often) server. Once the identities of one or both parties have been verified, SSH utilizes traditional symmetric key cryptography for the actual transfer of data. This is done to take advantage of the speed of traditional symmetric key cryptography.
question
Secure Sockets Layer (SSL)
answer
Utilizes public key cryptography during the initial stages of the connection, while the identities of one or both parties are being validated. This is done to ensure that an attacker is not performing a man in the middle attack and posing as either the client or (more often) server. Once the identities of one or both parties have been verified, SSL utilizes traditional symmetric key cryptography for the actual transfer of data. This is done to take advantage of the speed of traditional symmetric key cryptography.
question
An output value produced by a mathematical function that utilizes the data input, especially in the use of creating digital signatures, is referred to as a: • Protocol • Ciphertext • Hash • Cipher
answer
Hash
question
What is a digital signature? • A cryptographic value attached to data to certify the integrity of the data • A certified public key used for public key encryption • A name typed on a document • A scanned copy of a person's signature
answer
A cryptographic value attached to data to certify the integrity of the data
question
What is a private key? • An encryption key that is accidentally exposed to the public • An encryption key kept secret by the owner • An encryption key that is made by a publicly available software utility • An encryption key purposefully made available to transmit encrypted data
answer
An encryption key kept secret by the owner
question
By acting as the creators and distributors of digitally signed encryption keys, Certificate Authorities use public key encryption to: • Prevent data decryption • Prevent man-in-the-middle attacks • Create a problem-less security measure • Screen falsified documents
answer
Prevent man-in-the-middle attacks
question
The ideal location to store a private key is: • On a stand-alone computer system that is not networked • On the same network as the cipher • It is not safe to store a private key • On the same server as the data decryption software
answer
On a stand-alone computer system that is not networked
question
________ serve as third parties that can verify the true identity of a person during encrypted communications. • Cipher Authorities • Verification Authorities • Government Authorities • Certificate Authorities
answer
Certificate Authorities
question
How does symmetric key cryptography differ from public key cryptography? • Symmetric key uses the same key for encryption and decryption • Symmetric key uses two different keys for encryption and decryption • Public key secures data so it can travel over public networks • Symmetric key always ensures the data is preserved after decryption
answer
Symmetric key uses the same key for encryption and decryption
question
A ______ key should be kept secure because it can be worth a lot of money since it can decrypt valuable data. • Private • Short • Public • Simplex
answer
Private
question
In order to avoid using a certificate authority that is in alliance with an attacker, it is recommended that you: • Avoid using certificate authorities • Use certificate authorities that implement symmetric key encryption • Use certificate authorities that are well known and reputable • Use certificate authorities that originate in your local area
answer
Use certificate authorities that are well known and reputable
question
Which of the following uses public key cryptography? • ROT 13 • XOR • Secure Sockets Layer (SSL) • Secure Protocol Layer
answer
Secure Sockets Layer (SSL)
question
Software encryption
answer
For organizations who want to perform data encryption in software, several commercial products exist. Folder Locker, SensiGuard, SafeHouse and SecureIT are just a few of the products available. The high-end versions of newer versions of Windows (Enterprise or Ultimate) now feature a product named "BitLocker" which is a whole drive encryption utility built into the Windows OS. The encryption key is entered by the user at startup and stored in RAM, encrypting and decrypting data on the fly as it is written to/read from the hard disk. The data is encrypted using 128 bit or longer keys using the AES encryption algorithm.
question
Hardware encryption
answer
For organizations who want to perform all encryption and decryption in hardware, several companies offer hard disks that perform all of the cryptographic functions in specially designed hardware. These devices offer some enhanced security over software protection, though this comes with a much higher monetary price. One manufacturer offering whole drive encryption in hardware is Seagate, who uses 128 bit or greater keys with AES, similar to the Microsoft BitLocker system.
question
Encryption summary
answer
Cryptography is a way to secure data stored on your computer, removable media or being transmitted over the Internet. It involves the encryption and decryption of data. Using encryption reduces the risk of your data being compromised if it is intercepted or your computer is stolen. Key points regarding encryption are: • Symmetric encryption uses the same key to encrypt and decrypt data. • Asymmetric encryption uses different keys to encrypt and decrypt data. • Encryption key length is vital to security. The longer the key, the more secure it is. • Distribution of encryption keys must be considered to avoid an attacker obtaining the key. • Digital signatures verify the integrity of the data. • Certificate Authorities verify the identity of the party during encrypted communications. • Data can be encrypted in software or hardware.
question
When encrypting a storage device, which is the most secure place to store a key? Select one: a. On a separate (from the encrypted device) and secured storage device b. A key should not be stored c. On the storage device, unencrypted with the encrypted data d. On the storage device, encrypted along with the data
answer
a. On a separate (from the encrypted device) and secured storage device
question
Regarding cryptography, what is a private key? Select one: a. An encryption key that is kept confidential and used to decrypt data that has been encrypted with the corresponding public key in public key cryptography b. An encryption key that is purposely made available to anyone that wants it so that they may transmit encrypted data to the key's creator c. An encryption key that is created and shared between two or more parties for secure communication d. None of the above
answer
a. An encryption key that is kept confidential and used to decrypt data that has been encrypted with the corresponding public key in public key cryptography
question
Which of the following could best help an attack to successfully occur on an encryption system? Select one: a. Public key encryption b. A short encryption key length c. A long encryption key length d. A single 256 bit key length
answer
b. A short encryption key length
question
The study of encrypting data so that confidentiality between two parties is maintained is known as: Select one: a. Cipher processing b. Hashing c. Cryptography d. Encryption
answer
c. Cryptography
question
A cracked encryption key is a key that: Select one: a. Has been entered into the cipher or encryption system b. Has been discovered by some method and is now compromised c. Has been delivered by some method to a second party for safe communications d. Has been encrypted by a cipher and is now safe from the discovery of others
answer
b. Has been discovered by some method and is now compromised
question
Which of the following statements is true? Select one: a. Symmetric key encryption uses the same key while public key encryption uses two different keys for each person b. Symmetric key encryption requires that keys are distributed ahead of time, while public key encryption requires that keys are discovered during the communications process c. In public key encryption, one key is available for the public to encrypt their messages, but only the creator of that public key can decrypt the messages with their private key d. All of the above are correct
answer
d. All of the above are correct
question
A hash function is: Select one: a. A one-way function that mathematically manipulates the input data to create an output value b. A one-way function that uses a cipher to produce a piece of data that helps to encrypt other data c. A one-way function that creates a random number as a digital signature d. A two-way function that, used in conjunction with a key, takes cleartext and encrypts it into ciphertext
answer
a. A one-way function that mathematically manipulates the input data to create an output value
question
______ is the technical term for the encryption algorithm used to encrypt or decrypt a piece of data. Select one: a. Key b. Hash c. Cipher d. Cryptography
answer
a. Key
question
A simple Caesar cipher uses a shift to encrypt while the XOR cipher needs a key to encrypt. Select one: True False
answer
True
question
By acting as the creators and distributors of ______, certificate authorities use public key encryption to prevent man-in-the-middle attacks. Select one: a. Digitally signed public keys b. Digitally signed encryption keys c. Digitally signed public and private keys d. Digitally signed ciphers
answer
c. Digitally signed public and private keys
question
What is a certificate authority (CA)? Select one: a. An organization that offers free encryption and decryption services b. An organization that offers free digital signature services c. An organization that certifies public keys as being legitimate by signing public keys with their private key d. A third party that certifies organizations as having appropriate information security policies
answer
c. An organization that certifies public keys as being legitimate by signing public keys with their private key
question
Certificate Authorities assure involved parties that the right people are sending or receiving the correct information by: Select one: a. Distributing public and private keys with digital signatures to the sender and the receiver to be verified during the transfer process b. Distributing symmetric keys to the sender and the receiver to be verified during the transfer process c. Requesting digital signatures of both the sender and the receiver to be sent for verification during the initialization of the communication process d. None of the above
answer
a. Distributing public and private keys with digital signatures to the sender and the receiver to be verified during the transfer process
question
A(n) ______ function takes data and a secret key as input and uses the secret key to scramble/encode the data, producing ciphertext that cannot be deciphered by anyone other than the appropriate parties. Select one: a. decryption b. encryption c. hash d. cleartext
answer
b. encryption
question
The words sunny day are encrypted to produce the text wndda lia. Which of the following is considered to be the cleartext in this example? Select one: a. Sunny day b. Wndda lia c. Cleartext is not used in this example d. The method used to encrypt the word
answer
a. Sunny day
question
Why must a private key not be stored with the data it has encrypted? Select one: a. The preferred place to store a private key is on the same system as the data it has encrypted. b. To prevent the key from accidentally being lost due to human error c. To prevent the key from being accessed by untrusted employees d. If an attacker is able to hack into that system, they will have everything they need to read the sensitive information.
answer
d. If an attacker is able to hack into that system, they will have everything they need to read the sensitive information.
question
An encryption function takes ciphertext and a key as input and returns cleartext, provided the correct key is used. Select one: True False
answer
False
question
What happens when signing a document with a digital signature? Select one: a. A person's message is encrypted with a private key and then hashed to a message digest to form the actual signature b. A person's message is hashed to a message digest and then compared to a newly created message digest. Both digests are encrypted with a private key to form the actual signature c. A person's message is hashed to a message digest and then encrypted with a private key to form the actual signature d. None of the above
answer
c. A person's message is hashed to a message digest and then encrypted with a private key to form the actual signature
question
Which of the following is true? Select one: a. Software encryption is much more secure than hardware encryption b. Hardware encryption is more vulnerable to tampering than software encryption c. Software encryption is more vulnerable to tampering than hardware encryption d. None of the above
answer
c. Software encryption is more vulnerable to tampering than hardware encryption
question
Which of the following is true? Select one: a. Keys that are longer than 8 bits require considerable processing time, making them unattractive for most applications b. Key length does not affect modern security c. A key length of 128 bits provides significant security for most applications d. A key length of 32 bits is highly effective for most security applications
answer
c. A key length of 128 bits provides significant security for most applications
question
It is important to use reputable certificate authorities since: Select one: a. An attacker could trick a less-known certificate authority into giving them customer information b. Only those that have been in business long enough actually have the appropriate resources to encrypt and decrypt data c. An attacker could pose as a certificate authority or a certificate authority could be in alliance with an attacker d. None of the above
answer
c. An attacker could pose as a certificate authority or a certificate authority could be in alliance with an attacker
question
What is a public key? Select one: a. An encryption key that is made by a publicly available software utility b. An encryption key that is accidentally exposed to the public c. An encryption key published on a network d. An encryption key that is deliberately made available to anyone that wants it so that they may transmit encrypted data to the key's owner/creator
answer
d. An encryption key that is deliberately made available to anyone that wants it so that they may transmit encrypted data to the key's owner/creator
question
Secure Sockets Layer or SSL, which uses a encryption algorithm, is the encryption technique that is used by Secure HTTP, thus enabling e-commerce. Select one: a. private key b. single key c. public key d. symmetric key
answer
c. public key
question
Which of the following is an example of a brute force attack? Select one: a. Using known facts about the person in an effort to guess the correct password/key b. Contacting a responsible party (like a 'help desk' or customer support) and attempting to use deception in the hopes that someone will divulge the correct password/key c. Trying every combination of letters and numbers until the correct password/key is found d. Analyzing the encrypted data in an effort to deduce the correct password/key
answer
c. Trying every combination of letters and numbers until the correct password/key is found
question
The lowest level of attack or simplest attack for cracking an encryption key would be a dictionary attack, which is basically trying to crack a key by trial and error. Select one: True False
answer
False
question
The length of an encryption key is important because: Select one: a. The length determines the maximum number of possible keys that an attacker will have to try before the correct key is discovered b. Every additional bit of data added to the key makes it easier to discover the correct encryption key c. The length determines the method that has to be used when attempting to decrypt data d. None of the above
answer
a. The length determines the maximum number of possible keys that an attacker will have to try before the correct key is discovered
question
Using symmetric key encryption alone, data is vulnerable to a man-in-the-middle attack. Select one: True False
answer
True
question
When using ______ cryptography, two people decide on a mutual key in a safe or secure way in order to exchange encrypted data with one another. Select one: a. Public key b. Private key c. Multiple key d. Symmetric key
answer
a. Public key
question
What is used along with an encryption algorithm (cipher) to encode and decode data? Select one: a. Ciphertext b. Key c. Cipher d. Cleartext
answer
b. Key