1. What are the components that make up a cryptosystem? Check all that apply.
Answers
·
Key generation algorithms
·
Encryption algorithms
·
Transmission algorithms
· Decryption algorithms
2. What is
steganography?
Answers
·
The practice of encoding messages
·
The study of languages
·
The study of stegosauruses
·
The practice of hiding
messages
Explanation: The art of steganography, sometimes known as the "James Bond" of the digital world, consists in concealing messages within other messages or data that seem to be completely harmless. Instead of encrypting the message, steganography conceals its existence. It might be as easy as concealing a message in the pixels of a picture or in the bits of a file that are considered to be of the least significance. It is possible that you won't even be aware that there is a secret message to decipher if you don't know where to search or how to seek for it.
3. What makes an
encryption algorithm symmetric?
Answers
·
High speed
·
Very large key sizes
·
Different keys used for encryption and
decryption
·
The same keys used for
encryption and decryption
Explanation: Symmetric encryption is like having a secret code that both the sender and the recipient share. The data can only be read when it has been decrypted using the same key that was used to encrypt it. It's kind of like a secret handshake in that both parties have to use the exact identical gesture to complete the transaction. The primary benefit is increased speed, since symmetric encryption is often much quicker than its opponent, asymmetric encryption. The difficulty, on the other hand, is in the safe distribution and administration of the secret key.
4. What's the difference
between a stream cipher and a block cipher?
Answers
·
Stream ciphers can’t save encrypted
data to disk.
·
Stream ciphers encrypt
data as a continuous stream, while block ciphers operate on chunks of data.
·
Block ciphers are only used for block
device encryption.
· There is no difference.
5. True or false: The
smaller the encryption key is, the more secure the encrypted data is.
Answers
·
TRUE
· FALSE
6. Which of the
following do asymmetric cryptography systems provide? Select all that apply.
Answers
·
Confidentiality
·
Availability
·
Authenticity
· Non-repudiation
7. What advantage does
asymmetric encryption have over symmetric encryption?
Answers
·
They have very fast performance.
·
They allow secure
communication over untrusted channels.
·
They’re more secure.
·
They’re easier to implement.
Explanation: The
ability to distribute keys is an important benefit of asymmetric encryption,
which also has other advantages. With symmetric encryption, you have to
securely share the same key between the communicating parties. It would be
foolish to do something as dangerous as giving around a single key to a private
club.
Asymmetric encryption, on the other hand, requires two keys: a public key and a private key. These keys are kept separate from one another. You are allowed to share the public key with anybody in the world, but you must remember to keep the private key to yourself at all times. Because of this, you won't need to be concerned about safely disseminating the key, since the fact that only the owner of the private key may decode communications encrypted with the associated public key frees you from this responsibility. It's kind of like putting a magic lock on your message, where anybody can put a padlock on it, but only you have the key to release it.
8. What's a common
application for asymmetric algorithms?
Answers
·
Full disk encryption
·
Secure password storage
·
Secure key exchange
· Random number generation
9. What do we call a bit
of information that allows authentication of a received message?
Answers
·
Asymmetric encryption
·
RSA
·
Symmetric encryption
·
MAC (Message
Authentication Codes)
Explanation: That magical bit of information is called a "digital signature." It is comparable to a digital seal that is placed on a communication and serves the dual purpose of confirming the identity of the sender while also protecting the confidentiality of the message. When someone signs a message using their private key, other people may use the signer's public key to verify that the message originated from the correct owner and has not been altered in any way. This ensures that the message cannot be falsely attributed to someone else. It serves the same purpose as a fancy wax seal would on an important letter, assuring that the document is genuine and has not been tampered with by anybody who could be looking in on it.
10. Which form of
encryption does the US NEST recommend?
Answers
·
NSA
·
DSA
·
EC
·
DH
Explanation: As
of my last knowledge update in January 2022, the National Institute of
Standards and Technology (NIST) in the United States provides recommendations
on cryptographic standards rather than endorsing a specific encryption method
for all purposes. They have traditionally been very crucial in laying the
groundwork for and pushing for the adoption of various encryption algorithm
standards.
In the case of symmetric encryption, the Advanced
Encryption Standard (AES) is the technique that is recommended and used most
often, while asymmetric encryption typically makes use of algorithms such as
RSA and Elliptic Curve Cryptography (ECC).
It is important to note that the guidelines and standards may change over time; thus, it is a good idea to examine the most recent publications released by NIST to get the most recent information on encryption standards and recommendations.
11. How is hashing
different from encryption?
Answers
·
Hashing operations are
one-directional.
·
It is less secure.
·
It is faster.
· Hashing is meant for large amounts of data while encryption is meant for small amounts of data.
12. What is a hash
collision?
Answers
·
When two different files
generate the same hash digest.
·
When a hash digest is reversed to
recover the original.
·
When two identical files generate
different hash digests.
·
When two different hashing algorithms
produce the same hash.
Explanation: When
a hash function is applied to separate inputs and produces the same hash result
for both sets of inputs, this is known as a hash collision. A hash function
should, in a perfect world, generate a different hash value for each every
piece of data it receives. Collisions are possible, despite the fact that the
amount of hash values (the output) is limited, since there is the possibility
of an endless number of inputs (the input space).
Hash functions used in cryptography should ideally have
collision resistance as one of its properties. This indicates that it ought to
be computationally impossible to discover two distinct inputs that both hash to
the same result. It is possible for a hash function to have security
consequences if it experiences a collision. This is particularly true in
applications such as digital signatures and password storage, where it is
essential to have unique hash values for security purposes.
Cryptographic hash functions are designed to minimize the likelihood of collisions, and when they do occur, they should be difficult to predict or deliberately create. The usage of hash functions in a variety of cryptographic applications receives an additional measure of protection thanks to the introduction of the notion of collision resistance.
13. How is a Message
Integrity Check (MIC) different from a Message Authentication Code (MAC)?
Answers
·
A MIC only hashes the
message while a MAC incorporates a secret key.
·
They’re the same thing.
·
A MAC requires a password while a MIC
does not.
· A MIC is more reliable than a MAC.
14. How can one defend
against brute-force password attacks? Check all that apply.
Answers
·
Incorporate salts into
password hashing.
·
Run passwords through the
hashing function multiple times.
·
Enforce the use of strong
passwords.
· Store passwords in a rainbow table.
15. ______ is a type of
function or operation that takes in an arbitrary data input and maps it to an
output of a fixed size, called a hash or a digest.
Answers
·
Phishing
·
A hash function
·
Cryptography
·
Secure key exchange
Explanation: It seems like you're searching for the word "hash function." A hash function is a mathematical function or operation that takes an input (or message) and outputs a string of characters with a set length. This string of characters is generally known as a hash or digest. Hash functions are used in cryptography. The key characteristic of a hash function is that it should be deterministic (the same input always produces the same hash) and produce a unique hash for different inputs. Hash functions are used rather often in a variety of applications, including the verification of data integrity, the creation of digital signatures, and the storing of passwords.
16. Which three of these
pieces of information does a digital certificate contain?
Answers
·
Identifying information of
the certificate owner
·
Public key data
·
Private key data
· Digital signature
17. Which type of
encryption does SSL/TLS use?
Answers
·
Neither
·
Both
·
Asymmetric encryption
·
Symmetric encryption
Explanation: SSL/TLS offers a safe and efficient technique of creating encrypted communication over the internet by combining symmetric and asymmetric encryption. This guarantees the confidentiality, integrity, and authenticity of the data that is being traded between the client and the server.
18. Which two of these
are functions a TPM (Trusted Platform Module) can perform?
Answers
·
Define the creation, storage, and
distribution of digital certificates
·
Malware detection
·
Data binding and sealing
·
Remote attestation
19. Which of these is a
system that defines the creation, storage, and distribution of digital
certificates?
Answers
·
PKI
·
CA
·
DSA
·
SHA-3
Explanation: Public Key Infrastructure (abbreviated as PKI) is the name given to the framework that specifies the processes of producing, storing, and distributing digital certificates. PKI stands for public key infrastructure and is a set of rules, procedures, and technologies that are used to handle digital certificates and keys. It offers a safe and well-organized method of producing, storing, distributing, and revoking digital certificates, making it easier to engage in encrypted communication and authenticate oneself in the digital sphere.
20. Which of these is a
mechanism that lets you remotely connect a network or host to an internal
private network while passing data over a public channel?
Answers
·
IPsec
·
L2TP
·
VPN
·
PGP
Explanation: Virtual Private Networks, or VPNs, are what people usually mean when they talk about the technique you're talking to. A virtual private network, or VPN, permits safe and encrypted communication across a public network, such as the internet. This enables individuals or networks located in faraway locations to connect to an internal private network as if they were physically present in the same area. Virtual private networks (VPNs) protect the privacy and integrity of data during its transmission across a public channel by using a variety of protocols and encryption methods.
21. Plaintext is the
original message, while _____ is the encrypted message.
Answers
·
ciphertext
·
algorithm
·
digest
·
cipher
Explanation: The original communication is called the plaintext, while the encrypted version is called the ciphertext. The original message is rendered unintelligible without the correct decryption key or algorithm, which is produced when an encryption algorithm is applied to the plaintext when a particular key is being used. Ciphertext is the output of this process.
22. The specific
function of converting plaintext into ciphertext is called a(n) ______.
Answers
·
integrity check
·
encryption algorithm
·
permutation
·
data protection standard
Explanation: The specific function of converting plaintext into ciphertext is called a(n) encryption algorithm or simply an encryptor. This method takes the original message, which is readable (called the plaintext), and converts it into a secure version that cannot be read (called the ciphertext) by using a particular key together with a series of rules or mathematical operations.
23. Studying how often
letters and pairs of letters occur in a language is referred to as _______.
Answers
·
frequency analysis
·
codebreaking
·
espionage
·
cryptography
Explanation: Studying how often letters and pairs of letters occur in a language is referred to as frequency analysis. This approach is used rather often in the field of cryptography, particularly when cracking or evaluating the efficacy of substitution ciphers. In these ciphers, each letter in the plaintext is changed to a different letter. Cryptanalysts are able to make informed assumptions about the replacements by studying the frequency of letters or letter pairs in an encrypted communication. This allows them to make progress toward decrypting the message.
24. The practice of
hiding messages instead of encoding them is referred to as ______.
Answers
·
obfuscation
·
hashing
·
encryption
·
steganography
Explanation: The practice of hiding messages instead of encoding them is referred to as steganography. Steganography is the practice of disguising the presence of a message inside another message or medium that seems to be completely innocent. This makes it difficult for anyone who were not meant to receive the message to discover the information that was concealed. It's like mastering the skill of sneaking about undetected!
25. ROT13 and a Caesar
cipher are examples of _______.
Answers
·
substitution ciphers
·
asymmetric encryption
·
digital signatures
·
steganography
Explanation: Examples of substitution ciphers include the ROT13 algorithm and the Caesar cipher. In these kinds of ciphers, each letter in the plaintext is changed to a different letter that is located either a certain number of places below or higher on the alphabet. The ROT13 cipher is a variant of the Caesar cipher in which the shift is set to 13 places. This cipher is often used for the purpose of simple text obfuscation rather than for secure communication.
26. DES, RC4, and AES
are examples of ______ encryption algorithms.
Answers
·
symmetric
·
weak
·
asymmetric
·
strong
Explanation: A few examples of symmetric encryption methods are the Data Encryption Standard (DES), the Advanced Encryption Standard (AES), and the RC4 algorithm. When using symmetric encryption, both the encrypting and decrypting procedures make use of the same key. Symmetric encryption is the most used kind of encryption. These algorithms are used extensively in a variety of contexts, including the securing of data transfer, the protection of sensitive information, and the guaranteeing of data confidentiality. These algorithms each have their own distinct qualities and advantages in terms of the level of protection they provide and the amount of time they save.
27. Which of the
following are necessary components for encryption and decryption operations
when using an asymmetric encryption system? Check all that apply.
Answers
·
Public key
·
Random number generator
·
Digest
·
Private key
28. To create a public
key signature, use the ______ key.
Answers
·
public
·
private
·
decryption
·
decryption
Explanation: To create a public key signature, you would use your private key. In order to complete the procedure, you will need to make use of your private key to sign a piece of data, so producing a digital signature. Others will then be able to use your public key to verify this digital signature, which proves that the data was truly signed by the owner of the private key that is linked with that public key.
29. Using an asymmetric
cryptosystem provides which of the following benefits? Check all that apply.
Answers
·
Non-repudiation
·
Confidentiality
·
Hashing
·
Authenticity
30. If two different
files result in the same hash, it is referred to as a ________.
Answers
·
key collision
·
hash collision
·
coincidence
·
mistake
Explanation: A collision occurs when two distinct files produce the same hash value. This situation is referred to as a collision. When two different inputs yield the same hash result, this is known as a collision in the hashing process. It is important for a hash function to reduce the chances of collisions as much as possible since these occurrences might compromise the data's integrity and security, particularly in contexts where it is essential to generate unique hash values.