Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
100 Cards in this Set
- Front
- Back
|
QUESTION NO: 701 Java follows which security model: A. least privilege B. Sand box C. CIA D. OSI |
B. Sand box |
|
|
QUESTION NO: 702 What is surreptitious transfer of information from a higher classification compartment to a lower classification compartment without going through the formal communication channels? A. Object Reuse B. Covert Channel C. Security domain D. Data Transfer |
B. Covert Channel |
|
|
QUESTION NO: 703 Many approaches to Knowledge Discovery in Databases (KDD) are used to identify valid and useful patterns in data. This is an evolving field of study that includes a variety of automated analysis solutions such as Data Mining. Which of the following is not an approach used by KDD? A. Probabilistic B. Oriented C. Deviation D. Classification |
B. Oriented |
|
|
QUESTION NO: 704 Business rules can be enforced within a database through the use of A. Proxy B. Redundancy C. Views D. Authentication |
C. Views |
|
|
QUESTION NO: 705 What is the BEST definition of SQL injection? A. SQL injection is a database problem. B. SQL injection is a web Server problem. C. SQL injection is a windows and Linux website problem that could be corrected by applying a website vendors patch. D. SQL injection is an input validation problem. |
D. SQL injection is an input validation problem. |
|
|
QUESTION NO: 706 What allows a relation to contain multiple rows with a same primary key? A. RDBMS B. Polymorphism C. Polyinstantiation D. It is not possible |
C. Polyinstantiation |
|
|
QUESTION NO: 707 The Open Web Application Security Project (OWASP) Top Ten list of risks during the past several years. The following items have been on the list for many years. What of the choices below represent threats that have been at the top of the list for many years? A. Cross Site Scripting and Dynamic Unicode injection attacks B. SQL injection and Cross Site Scripting attacks C. SQL Injection and Weak Authentication and Session Management attacks D. Cross Site Scripting and Security Misconfigurations attacks |
B. SQL injection and Cross Site Scripting attacks |
|
|
QUESTION NO: 708 Which one of the following is NOT a check for Input or Information Accuracy in Software Development security? A. Review check B. Range Check C. Relationship Check D. Reasonableness check |
A. Review check |
|
|
QUESTION NO: 709 What would you call an attack where an attacker can influence the state of the resource between check and use? This attack can happen with shared resources such as files, memory, or even variables in multi-threaded programs. This can cause the software to perform invalid actions when the resource is in an unexpected state. The steps followed by this attack are usually the following: the software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. A. TOCTOU attack B. Input checking attack C. Time of Check attack D. Time of Use attack |
A. TOCTOU attack |
|
|
QUESTION NO: 710 A virus is a program that can replicate itself on a system but not necessarily spread itself by network connections. What is malware that can spread itself over open network connections? A. Worm B. Rootkit C. Adware D. Logic Bomb |
A. Worm |
|
|
QUESTION NO: 711 Debbie from finance called to tell you that she downloaded and installed a free wallpaper program that sets the wallpaper on her computer to match the current weather outside but now her computer runs slowly and the disk drive activity light is always on. You take a closer look and when you do a simple port scan to see which ports are open on her computer, you notice that TCP/80 is open. You point a web browser at her computer's IP Address and port and see a site selling prescription drugs. Apart from the wallpaper changing software, what did Debbie install without her knowledge? A. Trojan horse B. Network mobile code C. Virus D. Logic Bomb |
A. Trojan horse |
|
|
QUESTION NO: 712 Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks? A. Web Applications B. Intrusion Detection Systems C. Firewalls D. DNS Servers |
A. Web Applications |
|
|
QUESTION NO: 713 Examine the following characteristics and identify which answer best indicates the likely cause of this behavior: -Core operating system files are hidden -Backdoor access for attackers to return -Permissions changing on key files -A suspicious device driver -Encryption applied to certain files without explanation -Logfiles being wiped A. Kernel-mode Rootkit B. User-mode Rootkit C. Malware D. Kernel-mode Badware |
A. Kernel-mode Rootkit |
|
|
QUESTION NO: 714 Which of the following attack includes social engineering, link manipulation or web site forgery techniques? A. Smurf attack B. Traffic analysis C. Phishing D. Interrupt attack |
C. Phishing |
|
|
QUESTION NO: 715 Which of the following attack could be avoided by creating more security awareness in the organization and provide adequate security knowledge to all employees? A. Smurf attack B. Traffic analysis C. Phishing D. Interrupt attack |
C. Phishing |
|
|
QUESTION NO: 716 Which of the following answer specifies the correct sequence of levels within the Capability Maturity Model (CMM)? A. Initial, Managed, Defined, Quantitatively managed, Optimized B. Initial, Managed, Defined, Optimized, Quantitatively managed C. Initial, Defined, Managed, Quantitatively managed, Optimized D. Initial, Managed, Quantitatively managed, Defined, Optimized |
A. Initial, Managed, Defined, Quantitatively managed, Optimized |
|
|
QUESTION NO: 717 Which of the following is true about Kerberos? A. It utilizes public key cryptography. B. It encrypts data after a ticket is granted, but passwords are exchanged in plain text. C. It depends upon symmetric ciphers. D. It is a second party authentication system. |
C. It depends upon symmetric ciphers. |
|
|
QUESTION NO: 718 The RSA algorithm is an example of what type of cryptography? A. Asymmetric Key. B. Symmetric Key. C. Secret Key. D. Private Key. |
A. Asymmetric Key. |
|
|
QUESTION NO: 719 Kerberos depends upon what encryption method? A. Public Key cryptography. B. Secret Key cryptography. C. El Gamal cryptography. D. Blowfish cryptography. |
B. Secret Key cryptography. |
|
|
QUESTION NO: 720 The DES algorithm is an example of what type of cryptography? A. Secret Key B. Two-key C. Asymmetric Key D. Public Key |
A. Secret Key |
|
|
QUESTION NO: 721 Which of the following encryption methods is known to be unbreakable? A. Symmetric ciphers. B. DES codebooks. C. One-time pads. D. Elliptic Curve Cryptography. |
C. One-time pads. |
|
|
QUESTION NO: 722 What algorithm was DES derived from? A. Twofish. B. Skipjack. C. Brooks-Aldeman. D. Lucifer. |
D. Lucifer. |
|
|
QUESTION NO: 723 What is a characteristic of using the Electronic Code Book mode of DES encryption? A. A given block of plaintext and a given key will always produce the same ciphertext. B. Repetitive encryption obscures any repeated patterns that may have been present in the plaintext. C. Individual characters are encoded by combining output from earlier encryption routines with plaintext. D. The previous DES output is used as input. |
A. A given block of plaintext and a given key will always produce the same ciphertext. |
|
|
QUESTION NO: 724 Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use Hybrid Encryption Methods. What does this mean? A. Use of public key encryption to secure a secret key, and message encryption using the secret key. B. Use of the recipient's public key for encryption and decryption based on the recipient's private key. C. Use of software encryption assisted by a hardware encryption accelerator. D. Use of elliptic curve encryption. |
A. Use of public key encryption to secure a secret key, and message encryption using the secret key. |
|
|
QUESTION NO: 725 Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The originator encrypts information using the intended recipient's "public" key in order to get confidentiality of the data being sent. The recipients use their own "private" key to decrypt the information. The "Infrastructure" of this methodology ensures that: A. The sender and recipient have reached a mutual agreement on the encryption key exchange that they will use. B. The channels through which the information flows are secure. C. The recipient's identity can be positively verified by the sender. D. The sender of the message is the only other person with access to the recipient's private key. |
C. The recipient's identity can be positively verified by the sender. |
|
|
QUESTION NO: 726 Which of the following DoD Model layer provides non-repudiation services? A. network layer. B. application layer. C. transport layer. D. data link layer. |
B. application layer. |
|
|
QUESTION NO: 727 Which of the following statements is true about data encryption as a method of protecting data? A. It should sometimes be used for password files B. It is usually easily administered C. It makes few demands on system resources D. It requires careful key management |
D. It requires careful key management |
|
|
QUESTION NO: 728 Which type of algorithm is considered to have the highest strength per bit of key length of any of the asymmetric algorithms? A. Rivest, Shamir, Adleman (RSA) B. El Gamal C. Elliptic Curve Cryptography (ECC) D. Advanced Encryption Standard (AES) |
C. Elliptic Curve Cryptography (ECC) |
|
|
QUESTION NO: 729 How many bits is the effective length of the key of the Data Encryption Standard algorithm? A. 168 B. 128 C. 56 D. 64 |
C. 56 |
|
|
QUESTION NO: 730 The primary purpose for using one-way hashing of user passwords within a password file is which of the following? A. It prevents an unauthorized person from trying multiple passwords in one logon attempt. B. It prevents an unauthorized person from reading the password. C. It minimizes the amount of storage required for user passwords. D. It minimizes the amount of processing time used for encrypting passwords. |
B. It prevents an unauthorized person from reading the password. |
|
|
QUESTION NO: 731 Which of the following issues is not addressed by digital signatures? A. nonrepudiation B. authentication C. data integrity D. denial-of-service |
D. denial-of-service |
|
|
QUESTION NO: 732 Brute force attacks against encryption keys have increased in potency because of increased computing power. Which of the following is often considered a good protection against the brute force cryptography attack? A. The use of good key generators. B. The use of session keys. C. Nothing can defend you against a brute force crypto key attack. D. Algorithms that are immune to brute force key attacks. |
B. The use of session keys. |
|
|
QUESTION NO: 733 The Data Encryption Standard (DES) encryption algorithm has which of the following characteristics? A. 64 bits of data input results in 56 bits of encrypted output B. 128 bit key with 8 bits used for parity C. 64 bit blocks with a 64 bit total key length D. 56 bits of data input results in 56 bits of encrypted output |
C. 64 bit blocks with a 64 bit total key length |
|
|
QUESTION NO: 734 PGP uses which of the following to encrypt data? A. An asymmetric encryption algorithm B. A symmetric encryption algorithm C. A symmetric key distribution system D. An X.509 digital certificate |
B. A symmetric encryption algorithm |
|
|
QUESTION NO: 735 A public key algorithm that does both encryption and digital signature is which of the following? A. RSA B. DES C. IDEA D. Diffie-Hellman |
A. RSA |
|
|
QUESTION NO: 736 Which of the following is NOT true of Secure Sockets Layer (SSL)? A. By convention it uses 's-http://' instead of 'http://'. B. Is the predecessor to the Transport Layer Security (TLS) protocol. C. It was developed by Netscape. D. It is used for transmitting private information, data, and documents over the Internet. |
A. By convention it uses 's-http://' instead of 'http://'. |
|
|
QUESTION NO: 737 There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following? A. public keys B. private keys C. public-key certificates D. private-key certificates |
C. public-key certificates |
|
|
QUESTION NO: 738 Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard? A. Twofish B. Serpent C. RC6 D. Rijndael |
D. Rijndael |
|
|
QUESTION NO: 739 Compared to RSA, which of the following is true of Elliptic Curve Cryptography (ECC)? A. It has been mathematically proved to be more secure. B. It has been mathematically proved to be less secure. C. It is believed to require longer key for equivalent security. D. It is believed to require shorter keys for equivalent security. |
D. It is believed to require shorter keys for equivalent security. |
|
|
QUESTION NO: 740 What are the three most important functions that Digital Signatures perform? A. Integrity, Confidentiality and Authorization B. Integrity, Authentication and Nonrepudiation C. Authorization, Authentication and Nonrepudiation D. Authorization, Detection and Accountability |
B. Integrity, Authentication and Nonrepudiation |
|
|
QUESTION NO: 741 Which of the following protocols that provide integrity and authentication for IPSec, can also provide non-repudiation in IPSec? A. Authentication Header (AH) B. Encapsulating Security Payload (ESP) C. Secure Sockets Layer (SSL) D. Secure Shell (SSH-2) |
A. Authentication Header (AH) |
|
|
QUESTION NO: 742 Which of the following is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet? A. Secure Electronic Transaction (SET) B. MONDEX C. Secure Shell (SSH-2) D. Secure Hypertext Transfer Protocol (S-HTTP) |
A. Secure Electronic Transaction (SET) |
|
|
QUESTION NO: 743 Which of the following cryptographic attacks describes when the attacker has a copy of the plaintext and the corresponding ciphertext? A. known plaintext B. brute force C. ciphertext only D. chosen plaintext |
A. known plaintext |
|
|
QUESTION NO: 744 Which of the following is NOT a true statement regarding the implementation of the 3DES modes? A. DES-EEE1 uses one key B. DES-EEE2 uses two keys C. DES-EEE3 uses three keys D. DES-EDE2 uses two keys |
A. DES-EEE1 uses one key |
|
|
QUESTION NO: 745 Which one of the following is a key agreement protocol used to enable two entities to agree and generate a session key (secret key used for one session) over an insecure medium without any prior secrets or communications between the entities? The negotiated key will subsequently be used for message encryption using Symmetric Cryptography. A. RSA B. PKI C. Diffie_Hellmann D. 3DES |
C. Diffie_Hellmann |
|
|
QUESTION NO: 746 Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher was based on? A. Caesar B. The Jefferson disks C. Enigma D. SIGABA |
A. Caesar |
|
|
QUESTION NO: 747 In a known plaintext attack, the cryptanalyst has knowledge of which of the following? A. the ciphertext and the key B. the plaintext and the secret key C. both the plaintext and the associated ciphertext of several messages D. the plaintext and the algorithm |
C. both the plaintext and the associated ciphertext of several messages |
|
|
QUESTION NO: 748 What is the length of an MD5 message digest? A. 128 bits B. 160 bits C. 256 bits D. varies depending upon the message size. |
A. 128 bits |
|
|
QUESTION NO: 749 The Secure Hash Algorithm (SHA-1) creates: A. a fixed length message digest from a fixed length input message B. a variable length message digest from a variable length input message C. a fixed length message digest from a variable length input message D. a variable length message digest from a fixed length input message |
C. a fixed length message digest from a variable length input message |
|
|
QUESTION NO: 750 The RSA Algorithm uses which mathematical concept as the basis of its encryption? A. Geometry B. 16-round ciphers C. PI (3.14159...) D. Two large prime numbers |
D. Two large prime numbers |
|
|
QUESTION NO: 751 The Clipper Chip utilizes which concept in public key cryptography? A. Substitution B. Key Escrow C. An undefined algorithm D. Super strong encryption |
B. Key Escrow |
|
|
QUESTION NO: 752 Which of the following are suitable protocols for securing VPN connections at the lower layers of the OSI model? A. S/MIME and SSH B. TLS and SSL C. IPsec and L2TP D. PKCS#10 and X.509 |
C. IPsec and L2TP |
|
|
QUESTION NO: 753 What is the role of IKE within the IPsec protocol? A. peer authentication and key exchange B. data encryption C. data signature D. enforcing quality of service |
A. peer authentication and key exchange |
|
|
QUESTION NO: 754 In which phase of Internet Key Exchange (IKE) protocol is peer authentication performed? A. Pre Initialization Phase B. Phase 1 C. Phase 2 D. No peer authentication is performed |
B. Phase 1 |
|
|
QUESTION NO: 755 What is NOT an authentication method within IKE and IPsec? A. CHAP B. Pre shared key C. certificate based authentication D. Public key authentication |
A. CHAP |
|
|
QUESTION NO: 756 What is NOT true with pre shared key authentication within IKE / IPsec protocol? A. Pre shared key authentication is normally based on simple passwords B. Needs a Public Key Infrastructure (PKI) to work C. IKE is used to setup Security Associations D. IKE builds upon the Oakley protocol and the ISAKMP protocol. |
B. Needs a Public Key Infrastructure (PKI) to work |
|
|
QUESTION NO: 757 In a hierarchical PKI the highest CA is regularly called Root CA, it is also referred to by which one of the following term? A. Subordinate CA B. Top Level CA C. Big CA D. Master CA |
B. Top Level CA |
|
|
QUESTION NO: 758 What is the primary role of cross certification? A. Creating trust between different PKIs B. Build an overall PKI hierarchy C. set up direct trust to a second root CA D. Prevent the nullification of user certificates by CA certificate revocation |
A. Creating trust between different PKIs |
|
|
QUESTION NO: 759 What kind of encryption is realized in the S/MIME-standard? A. Asymmetric encryption scheme B. Password based encryption scheme C. Public key based, hybrid encryption scheme D. Elliptic curve based encryption |
C. Public key based, hybrid encryption scheme |
|
|
QUESTION NO: 760 What is the main problem of the renewal of a root CA certificate? A. It requires key recovery of all end user keys B. It requires the authentic distribution of the new root CA certificate to all PKI participants C. It requires the collection of the old root CA certificates from all the users D. It requires issuance of the new root CA certificate |
B. It requires the authentic distribution of the new root CA certificate to all PKI participants |
|
|
QUESTION NO: 761 Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is: A. Not possible B. Only possible with key recovery scheme of all user keys C. It is possible only if X509 Version 3 certificates are used D. It is possible only by "brute force" decryption |
A. Not possible |
|
|
QUESTION NO: 762 What attribute is included in a X.509-certificate? A. Distinguished name of the subject B. Telephone number of the department C. secret key of the issuing CA D. the key pair of the certificate holder |
A. Distinguished name of the subject |
|
|
QUESTION NO: 763 Which of the following choices is a valid Public Key Cryptography Standard (PKCS) addressing RSA? A. PKCS #17799 B. PKCS-RSA C. PKCS#1 D. PKCS#11 |
C. PKCS#1 |
|
|
QUESTION NO: 764 What is the primary role of smartcards in a PKI? A. Transparent renewal of user keys B. Easy distribution of the certificates between the users C. Fast hardware encryption of the raw data D. Tamper resistant, mobile storage and application of private keys of the users |
D. Tamper resistant, mobile storage and application of private keys of the users |
|
|
QUESTION NO: 765 What kind of certificate is used to validate a user identity? A. Public key certificate B. Attribute certificate C. Root certificate D. Code signing certificate |
A. Public key certificate |
|
|
QUESTION NO: 766 What does the directive of the European Union on Electronic Signatures deal with? A. Encryption of classified data B. Encryption of secret data C. Non repudiation D. Authentication of web servers |
C. Non repudiation |
|
|
QUESTION NO: 767 An X.509 public key certificate with the key usage attribute "non-repudiation" can be used for which of the following? A. encrypting messages B. signing messages C. verifying signed messages D. decrypting encrypted messages |
C. verifying signed messages |
|
|
QUESTION NO: 768 Which of the following would best describe certificate path validation? A. Verification of the validity of all certificates of the certificate chain to the root certificate B. Verification of the integrity of the associated root certificate C. Verification of the integrity of the concerned private key D. Verification of the revocation status of the concerned certificate |
A. Verification of the validity of all certificates of the certificate chain to the root certificate |
|
|
QUESTION NO: 769 FIPS-140 is a standard for the security of which of the following? A. Cryptographic service providers B. Smartcards C. Hardware and software cryptographic modules D. Hardware security modules |
C. Hardware and software cryptographic modules |
|
|
QUESTION NO: 770 Which of the following can best define the "revocation request grace period"? A. The period of time allotted within which the user must make a revocation request upon a revocation reason B. Minimum response time for performing a revocation by the CA C. Maximum response time for performing a revocation by the CA D. Time period between the arrival of a revocation request and the publication of the revocation information |
C. Maximum response time for performing a revocation by the CA |
|
|
QUESTION NO: 771 Which is NOT a suitable method for distributing certificate revocation information? A. CA revocation mailing list B. Delta CRL C. OCSP (online certificate status protocol) D. Distribution point CRL |
A. CA revocation mailing list |
|
|
QUESTION NO: 772 Which of the following is true about digital certificate? A. It is the same as digital signature proving Integrity and Authenticity of the data B. Electronic credential proving that the person the certificate was issued to is who they claim to be C. You can only get digital certificate from Verisign, RSA if you wish to prove the key belong to a specific user. D. Can't contain geography data such as country for example. |
B. Electronic credential proving that the person the certificate was issued to is who they claim to be |
|
|
QUESTION NO: 773 What kind of Encryption technology does SSL utilize? A. Secret or Symmetric key B. Hybrid (both Symmetric and Asymmetric) C. Public Key D. Private key |
B. Hybrid (both Symmetric and Asymmetric) |
|
|
QUESTION NO: 774 What is the name of a one way transformation of a string of characters into a usually shorter fixedlength value or key that represents the original string? Such a transformation cannot be reversed. A. One-way hash B. DES C. Transposition D. Substitution |
A. One-way hash |
|
|
QUESTION NO: 775 Which of the following is NOT an asymmetric key algorithm? A. RSA B. Elliptic Curve Cryptosystem (ECC) C. El Gamal D. Data Encryption Standard (DES) |
D. Data Encryption Standard (DES) |
|
|
QUESTION NO: 776 Which of the following is NOT a symmetric key algorithm? A. Blowfish B. Digital Signature Standard (DSS) C. Triple DES (3DES) D. RC5 |
B. Digital Signature Standard (DSS) |
|
|
QUESTION NO: 777 Which of the following ASYMMETRIC encryption algorithms is based on the difficulty of FACTORING LARGE NUMBERS? A. El Gamal B. Elliptic Curve Cryptosystems (ECCs) C. RSA D. International Data Encryption Algorithm (IDEA) |
C. RSA |
|
|
QUESTION NO: 778 The Diffie-Hellman algorithm is primarily used to provide which of the following? A. Confidentiality B. Key Agreement C. Integrity D. Non-repudiation |
B. Key Agreement |
|
|
QUESTION NO: 779 Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank? A. SSH (Secure Shell) B. S/MIME (Secure MIME) C. SET (Secure Electronic Transaction) D. SSL (Secure Sockets Layer) |
C. SET (Secure Electronic Transaction) |
|
|
QUESTION NO: 780 Which of the following algorithms does NOT provide hashing? A. SHA-1 B. MD2 C. RC4 D. MD5 |
C. RC4 |
|
|
QUESTION NO: 781 In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process? A. Known-plaintext attack B. Ciphertext-only attack C. Chosen-Ciphertext attack D. Plaintext-only attack |
B. Ciphertext-only attack |
|
|
QUESTION NO: 782 Which encryption algorithm is BEST suited for communication with handheld wireless devices? A. ECC (Elliptic Curve Cryptosystem) B. RSA C. SHA D. RC4 |
A. ECC (Elliptic Curve Cryptosystem) |
|
|
QUESTION NO: 783 Which of the following keys has the SHORTEST lifespan? A. Secret key B. Public key C. Session key D. Private key |
C. Session key |
|
|
QUESTION NO: 784 What is the RESULT of a hash algorithm being applied to a message? A. A digital signature B. A ciphertext C. A message digest D. A plaintext |
C. A message digest |
|
|
QUESTION NO: 785 Secure Sockets Layer (SSL) uses a Message Authentication Code (MAC) for what purpose? A. message non-repudiation. B. message confidentiality. C. message interleave checking. D. message integrity. |
D. message integrity. |
|
|
QUESTION NO: 786 Which of the following services is NOT provided by the digital signature standard (DSS)? A. Encryption B. Integrity C. Digital signature D. Authentication |
A. Encryption |
|
|
QUESTION NO: 787 What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext? A. Key collision B. Key clustering C. Hashing D Ciphertext collision |
B. Key clustering |
|
|
QUESTION NO: 788 Which of the following is true about link encryption? A. Each entity has a common key with the destination node. B. Encrypted messages are only decrypted by the final node. C. This mode does not provide protection if anyone of the nodes along the transmission path is compromised. D. Only secure nodes are used in this type of transmission. |
C. This mode does not provide protection if anyone of the nodes along the transmission path is compromised. |
|
|
QUESTION NO: 789 What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition? A. Running key cipher B. One-time pad C. Steganography D. Cipher block chaining |
B. One-time pad |
|
|
QUESTION NO: 790 What can be defined as secret communications where the very existence of the message is hidden? A. Clustering B. Steganography C. Cryptology D. Vernam cipher |
B. Steganography |
|
|
QUESTION NO: 791 What is the maximum number of different keys that can be used when encrypting with Triple DES? A. 1 B. 2 C. 3 D. 4 |
C. 3 |
|
|
QUESTION NO: 792 What algorithm has been selected as the AES algorithm, replacing the DES algorithm? A. RC6 B. Twofish C. Rijndael D. Blowfish |
C. Rijndael |
|
|
QUESTION NO: 793 Which of the following is a symmetric encryption algorithm? A. RSA B. Elliptic Curve C. RC5 D. El Gamal |
C. RC5 |
|
|
QUESTION NO: 794 Which of the following is NOT a property of the Rijndael block cipher algorithm? A. The key sizes must be a multiple of 32 bits B. Maximum block size is 256 bits C. Maximum key size is 512 bits D. The key size does not have to match the block size |
C. Maximum key size is 512 bits |
|
|
QUESTION NO: 795 Which of the following is not a property of the Rijndael block cipher algorithm? A. It employs a round transformation that is comprised of three layers of distinct and invertible transformations. B. It is suited for high speed chips with no area restrictions. C. It operates on 64-bit plaintext blocks and uses a 128 bit key. D. It could be used on a smart card. |
C. It operates on 64-bit plaintext blocks and uses a 128 bit key. |
|
|
QUESTION NO: 796 What is the maximum allowable key size of the Rijndael encryption algorithm? A. 128 bits B. 192 bits C. 256 bits D. 512 bits |
C. 256 bits |
|
|
QUESTION NO: 797 What is the name for a substitution cipher that shifts the alphabet by 13 places? A. Caesar cipher B. Polyalphabetic cipher C. ROT13 cipher D. Transposition cipher |
C. ROT13 cipher |
|
|
QUESTION NO: 798 Which of the following standards concerns digital certificates? A. X.400 B. X.25 C. X.509 D. X.75 |
C. X.509 |
|
|
QUESTION NO: 799 Which of the following offers security to wireless communications? A. S-WAP B. WTLS C. WSP D. WDP |
B. WTLS |
|
|
QUESTION NO: 800 What is the effective key size of DES? A. 56 bits B. 64 bits C. 128 bits D. 1024 bits |
A. 56 bits |
