Ch8 Security Test Bank

Chapter 08: Cryptography
TRUE/FALSE
1. In 1953, Giovan Batista Belaso introduced the idea of the passphrase

(password) as a key for encryption.
ANS: F PTS: 1 REF: 352
2. In 1917, Gilbert S.Vernam, an AT&T employee, invented a polyalphabetic

cipher machine that used a non-repeating random key.
ANS: T PTS: 1 REF: 352
3. Sequence encryption is a series of encryptions and decryptions between a

number of systems, wherein each system in a network decrypts the message sent to it and
then reencrypts it using different keys and sends it to the next neighbor, and this process
continues until the message reaches the final destination.
4. The permutation cipher simply rearranges the values within a block to create
the ciphertext.
5. Julius Caesar was associated with an early version of the transposition cipher.
6. You cannot combine the XOR operation with a block cipher operation.
7. To perform the Caesar cipher encryption operation, the pad values are added
to numeric values that represent the plaintext that needs to be encrypted.
8. One encryption method made popular by spy movies involves using the text
in a book as the key to decrypt a message.
9. Hashing functions require the use of keys.
10. Popular cryptosystems use a hybrid combination of symmetric and

asymmetric algorithms.
11. DES uses a 64-bit key.

12. The 3DES implements a block cipher with a variable block length and a key
length of 128, 192, or 256 bits.
13. The asymmetric encryption systems use a single key to both encrypt and
decrypt a message.
14. The AES algorithm was the first public key encryption algorithm.
15. Two hundred and eighty five computers can crack a 56-bit key in one year;
ten times as many would do it in a little over a month.
16. PKI systems are based on public key cryptosystems and include digital
certificates and certificate authorities.
17. Nonrepudiation means that customers or partners can be held accountable for
transactions, such as online purchases, which they cannot later deny.
18. Common implementations of RA include systems that issue digital

certificates to users and servers; directory enrollment; key issuing systems; tools for
managing the key issuance; and verification and return of certificates.
19. When an asymmetric cryptographic process uses the sender’s private key to
encrypt a message, the sender’s public key must be used to decrypt the message.
20. The most common hybrid system is based on the Diffie-Hellman key
exchange, which is a method for exchanging private keys using public key encryption.
21. Standard-HTTP (S-HTTP) is an extended version of the Hypertext Transfer

Protocol that provides for the encryption of individual messages transmitted via the Internet
between a client and server.
22. SSL builds on the encoding format of the Multipurpose Internet Mail
Extensions protocol and uses digital signatures based on public key cryptosystems to secure
e-mail.
23. Secure Electronic Transactions was developed by MasterCard and VISA in

1997 to protect against electronic payment fraud.
24. The application header protocol provides secrecy for the content of a network
communication.
25. The encapsulating security payload protocol provides secrecy for the contents
of network communications as well as system-to-system authentication and data integrity
verification.
26. The SHTTP security solution provides six services: authentication by digital
signatures, message encryption, compression, e-mail compatibility, segmentation, and key
management.
27. Attackers may conduct an encrypted-plaintext attack by sending potential

victims a specific text that they are sure the victims will forward on to others.
28. Dictionary attacks are a collection of brute-force methods that attempt to

deduce statistical relationships between the structure of the unknown key and the ciphertext
generated by the cryptosystem.
29. Encryption is a process of hiding the true meaning of information.
30. Once the attacker has successfully broken an encryption, he or she may
launch a replay attack, which is an attempt to resubmit a recording of the deciphered
authentication to gain entry into a secure source.
MODIFIED TRUE/FALSE
1. Encryption is the process of converting the ciphertext message back into

plaintext so that it can be readily understood. _________________________
ANS: F, Decryption
PTS: 1 REF: 351
2. A(n) key is the programmatic steps used to convert an unencrypted message

into an encrypted sequence of bits that represent the message. _________________________
ANS: F, algorithm
PTS: 1 REF: 353

3. To translate means to decrypt, decode, or convert, ciphertext into the
equivalent plaintext. _________________________
ANS: F, decipher
PTS: 1 REF: 353
4. Plaintext or cleartext is the original unencrypted message, or a message that

has been successfully decrypted. _________________________
5. Hash algorithms are public functions that create a hash value by converting
variable-length messages into a single fixed-length value. _________________________
6. Encryption methodologies that require the same secret key to encipher and
decipher the message are using what is called public key encryption.
_________________________
ANS: F, private
PTS: 1 REF: 364
7. As DES became known as being too weak for highly classified

communications, Double DES was created to provide a level of security far beyond that of
DES. _________________________
ANS: F, Triple
PTS: 1 REF: 365
8. AES implements a block cipher called the Rijndael Block Cipher.

_________________________
9. Symmetric encryption uses two different but related keys, and either key can
be used to encrypt or decrypt the message. _________________________
ANS: F, Asymmetric
PTS: 1 REF: 366
10. A(n) registration authority issues, manages, authenticates, signs, and revokes
users’ digital certificates, which typically contain the user name, public key, and other
identifying information. _________________________
ANS: F, certificate
PTS: 1 REF: 375
11. Diffie-Hellman key exchange uses asymmetric encryption to exchange

session keys. _________________________

12. A(n) distinguished name uniquely identifies a certificate entity, to a user’s
public key. _________________________
13. The number of horizontal and vertical pixels captured and recorded is known
as the image’s depth. _________________________
ANS: F, resolution
PTS: 1 REF: 380-381
14. The most popular modern version of steganography involves hiding

information within files that contain digital pictures or other images.
_________________________
15. Privacy Enhanced Mail was proposed by the Internet Engineering Task Force
and is a standard that uses 3DES symmetric key encryption and RSA for key exchanges and
digital signatures. _________________________
16. Secure Multipurpose Internet Mail Extensions builds on the encoding format
of the Multipurpose Internet Mail Extensions protocol and uses digital signatures based on
public key cryptosystems to secure e-mail. _________________________
17. Secure HTTP provides the Internet communication services between client
and host without consideration for encryption of the data that is transmitted between client
and server. _________________________
ANS: F, Standard
PTS: 1 REF: 382
18. Internet Protocol Security is designed to protect data integrity, user

confidentiality, and authenticity at the IP packet level. _________________________
19. In transport mode the entire IP packet is encrypted and is then placed as the
content portion of another IP packet. _________________________
ANS: F, tunnel
PTS: 1 REF: 387
20. ESP in transport mode can be used to establish a virtual private network,
assuring encryption and authentication between networks communicating via the Internet.
_________________________
ANS: F, tunnel
PTS: 1 REF: 387-388

21. PGP uses the freeware ZIP algorithm to compress the message after it has
been digitally signed but before it is encrypted. _________________________
22. A(n) man-in-the-middle attack attempts to intercept a public key or even to

insert a known key structure in place of the requested public key.
_________________________
23. An attacker may obtain duplicate texts, one in ciphertext and one in plaintext,
and thus reverse-engineer the encryption algorithm in a known-plaintext attack scheme.
_________________________
24. In a(n) word attack, the attacker encrypts every word in a dictionary using the
same cryptosystem as used by the target. _________________________
ANS: F, dictionary
PTS: 1 REF: 391
25. A(n) response attack is an attempt to resubmit a recording of the deciphered

authentication to gain entry into a secure source. _________________________
ANS: F, replay
PTS: 1 REF: 391
MULTIPLE CHOICE
1. ____ is the process of converting an original message into a form that is

unreadable to unauthorized individuals.
a. Encryption c. Cryptology
b. Decryption d. Cryptography
ANS: A PTS: 1 REF: 350-351
2. ____ is the entire range of values that can possibly be used to construct an
individual key.
a. Code c. Algorithm
b. Keyspace d. Cryptogram
ANS: B PTS: 1 REF: 354
3. ____ is the information used in conjunction with an algorithm to create the

ciphertext from the plaintext or derive the plaintext from the ciphertext.
a. Password c. Key
b. Cipher d. Passphrase
ANS: C PTS: 1 REF: 354
4. ____ is the amount of effort (usually in hours) required to perform

cryptanalysis to decode an encrypted message when the key or algorithm (or both) are
unknown.
a. Code c. Key
b. Algorithm d. Work factor
ANS: D PTS: 1 REF: 354
5. Bit stream methods commonly use algorithm functions like the exclusive OR
operation (____).
a. XOR c. NOR
b. EOR d. OR
ANS: A PTS: 1 REF: 354
6. More advanced substitution ciphers use two or more alphabets, and are
referred to as ____ substitutions.
a. multialphabetic c. polyalphabetic
b. monoalphabetic d. polynomic
7. ____ functions are mathematical algorithms that generate a message

summary or digest to confirm the identity of a specific message and to confirm that there have
not been any changes to the content.
a. Hash c. Key
b. Map d. Encryption
8. A ____ is a key-dependent, one-way hash function that allows only specific

recipients (symmetric key holders) to access the message digest.
a. signature c. fingerprint
b. MAC d. digest
9. SHA-1 produces a(n) ____-bit message digest, which can then be used as an
input to a digital signature algorithm.
a. 48 c. 160
b. 56 d. 256
10. A method of encryption that requires the same secret key to encipher and
decipher the message is known as ____ encryption.
a. asymmetric c. public
b. symmetric d. private
11. DES uses a(n) ____-bit block size.

a. 32 c. 128
b. 64 d. 256
12. ____ is a federal information processing standard that specifies a

cryptographic algorithm used within the U.S. government to protect information in federal
agencies that are not a part of the national defense infrastructure.
a. DES c. AES
b. 2DES d. 3DES
a. DES c. AES
b. 2DES d. 3DES
13. The ____ algorithm was the first public key encryption algorithm developed
(in 1977) and published for commercial use.
a. DES c. MAC
b. RSA d. AES
14. ____ is an integrated system of software, encryption methodologies,

protocols, legal agreements, and third-party services that enables users to communicate
securely.
a. MAC c. DES
b. PKI d. AES
15. The CA periodically distributes a(n) ____ to all users that identifies all
revoked certificates.
a. CRL c. MAC
b. RA d. AES
16. ____ are encrypted messages that can be mathematically proven to be

authentic.
a. Digital signatures c. Message certificates
b. MAC d. Message digests
17. Digital signatures should be created using processes and products that are
based on the ____.
a. DSS c. SSL
b. NIST d. HTTPS
18. An X.509 v3 certificate binds a ____, which uniquely identifies a certificate

entity, to a user’s public key.
a. message digest c. distinguished name
b. fingerprint d. digital signature
19. The ____ is responsible for the fragmentation, compression, encryption, and
attachment of an SSL header to the cleartext prior to transmission.
a. Standard HTTP c. S-HTTP
b. SFTP d. SSL Record
Protocol
ANS: D PTS: 1 REF: 382
20. ____ was developed by Phil Zimmermann and uses the IDEA Cipher for
message encoding.
a. PEM c. S/MIME
b. PGP d. SSL
21. The ____ protocol provides system-to-system authentication and data

integrity verification, but does not provide secrecy for the content of a network
communication.
a. ESP c. HA
b. AH d. SEP
22. ____ is a hybrid cryptosystem that combines some of the best available
cryptographic algorithms and has become the open-source de facto standard for encryption
and authentication of e-mail and file storage applications.
a. PGP c. AH
b. DES d. ESP
23. ____ attacks are a collection of brute-force methods that attempt to deduce
statistical relationships between the structure of the unknown key and the ciphertext that is the
output of the cryptosystem.
a. Timing c. Correlation
b. Dictionary d. Man-in-the-middle
24. In a ____ attack, the attacker eavesdrops during the victim’s session and uses
statistical analysis of patterns and inter-keystroke timings to discern sensitive session
information.
a. replay c. correlation
b. timing d. dictionary
25. ____ is the protocol used to secure communications across any IP-based
network such as LANs, WANs, and the Internet.
a. PEM c. IPSec
b. SSH d. SET
COMPLETION
1. The science of encryption is known as ____________________.
ANS: cryptology
PTS: 1 REF: 350
2. ____________________ is the process of making and using codes to secure

the transmission of information.
ANS: Cryptography
PTS: 1 REF: 350
3. ____________________ or cryptosystem is an encryption method or process

encompassing the algorithm, key(s) or cryptovariable(s), and procedures used to perform
encryption and decryption.
ANS: Cipher
PTS: 1 REF: 353
4. To ____________________ means to encrypt, encode, or convert plaintext

into the equivalent ciphertext.
ANS: encipher
PTS: 1 REF: 353
5. The process of hiding messages within the digital encoding of a picture or

graphic is called ____________________.
ANS: steganography
PTS: 1 REF: 354
6. To use a(n) ____________________ cipher, you substitute one value for

another.
ANS: substitution
PTS: 1 REF: 354
7. A(n) ____________________ substitution uses one alphabet.
ANS: monoalphabetic
PTS: 1 REF: 354
8. The ____________________ cipher simply rearranges the values within a

block to create the ciphertext.
ANS:
transposition
permutation
PTS: 1 REF: 357
9. The ____________________ OR operation is a function of Boolean algebra

in which two bits are compared, and if the two bits are identical, the result is a binary 0.
ANS: exclusive
PTS: 1 REF: 359
10. Also known as the one-time pad, the ____________________ cipher, which
was developed at AT&T, uses a set of characters only one time for each encryption process.
ANS: Vernam
PTS: 1 REF: 360
11. A message ____________________ is a fingerprint of the author’s message

that is compared with the recipient’s locally calculated hash of the same message.
ANS: digest
PTS: 1 REF: 362
12. Hashing functions do not require the use of keys, but it is possible to attach a
message ____________________ code.
ANS: authentication
PTS: 1 REF: 362
13. The Secure ____________________ Standard is a standard issued by the

National Institute of Standards and Technology.
ANS: Hash
PTS: 1 REF: 362
14. One of the most widely known cryptographic algorithms is the Data
____________________ Standard, which was developed by IBM and is based on the
company’s Lucifer algorithm.
ANS: Encryption
PTS: 1 REF: 364
15. The successor to 3DES is the ____________________ Encryption Standard.
ANS: Advanced
PTS: 1 REF: 365
16. The more common name for asymmetric encryption is

____________________-key encryption.
ANS: public
PTS: 1 REF: 366
17. A mathematical ____________________ is a “secret mechanism that enables

you to easily accomplish the reverse function in a one-way function.”
ANS: trapdoor
PTS: 1 REF: 368
18. Digital ____________________ are public-key container files that allow

computer programs to validate the key and identify to whom it belongs.
ANS: certificates
PTS: 1 REF: 374
19. A(n) ____________________ authority operates under the trusted

collaboration of the certificate authority and can be delegated day-to-day certification
functions, such as verifying registration information about new registrants, generating end-
user keys, revoking certificates, and validating that users possess a valid certificate.
ANS: registration
PTS: 1 REF: 375
20. Digital ____________________ are encrypted messages that can be

mathematically proven to be authentic.
ANS: signatures
PTS: 1 REF: 376
21. A digital ____________________ is an electronic document or container file

that contains a key value and identifying information about the entity that controls the key.
ANS: certificate
PTS: 1 REF: 377
22. Netscape developed the ____________________ Layer protocol to use

public key encryption to secure a channel over the Internet, thus enabling secure
communications.
ANS:
Secure Socket
Secure Sockets
PTS: 1 REF: 381
23. In IPSEC ____________________ mode, only the IP data is encrypted, not

the IP headers.
ANS: transport
PTS: 1 REF: 387
24. The encapsulating security ____________________ protocol provides

secrecy for the contents of network communications as well as system-to-system
authentication and data integrity verification.
ANS: payload
PTS: 1 REF: 387
25. In a(n) ____________________ attack, the attacker eavesdrops on the

victim’s session and uses statistical analysis of patterns and inter-keystroke timings to discern
sensitive session information.
ANS: timing
PTS: 1 REF: 391
ESSAY
1. Describe how hash functions work and what they are used for.

Ch8 Security Test Bank

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ch8 Security Test Bank

Uploaded by

Copyright:

Available Formats

Chapter 08: Cryptography

1. In 1953, Giovan Batista Belaso introduced the idea of the passphrase

ANS: F PTS: 1 REF: 352

2. In 1917, Gilbert S.Vernam, an AT&T employee, invented a polyalphabetic

ANS: T PTS: 1 REF: 352

3. Sequence encryption is a series of encryptions and decryptions between a

ANS: F PTS: 1 REF: 354

ANS: T PTS: 1 REF: 357

ANS: T PTS: 1 REF: 359

ANS: F PTS: 1 REF: 360

ANS: F PTS: 1 REF: 360

ANS: T PTS: 1 REF: 361

9. Hashing functions require the use of keys.

ANS: F PTS: 1 REF: 362

10. Popular cryptosystems use a hybrid combination of symmetric and

ANS: T PTS: 1 REF: 363

11. DES uses a 64-bit key.

ANS: F PTS: 1 REF: 364

ANS: F PTS: 1 REF: 365

ANS: F PTS: 1 REF: 366

ANS: F PTS: 1 REF: 372

ANS: T PTS: 1 REF: 373

ANS: T PTS: 1 REF: 375

ANS: T PTS: 1 REF: 375

18. Common implementations of RA include systems that issue digital

ANS: F PTS: 1 REF: 376

ANS: T PTS: 1 REF: 376

ANS: T PTS: 1 REF: 379

21. Standard-HTTP (S-HTTP) is an extended version of the Hypertext Transfer

ANS: F PTS: 1 REF: 382

ANS: F PTS: 1 REF: 382

23. Secure Electronic Transactions was developed by MasterCard and VISA in

ANS: T PTS: 1 REF: 384

ANS: F PTS: 1 REF: 387

ANS: T PTS: 1 REF: 387

ANS: F PTS: 1 REF: 389

27. Attackers may conduct an encrypted-plaintext attack by sending potential

ANS: F PTS: 1 REF: 390

28. Dictionary attacks are a collection of brute-force methods that attempt to

ANS: F PTS: 1 REF: 391

29. Encryption is a process of hiding the true meaning of information.

ANS: T PTS: 1 REF: 391

ANS: T PTS: 1 REF: 391

1. Encryption is the process of converting the ciphertext message back into

PTS: 1 REF: 351

2. A(n) key is the programmatic steps used to convert an unencrypted message

PTS: 1 REF: 353

PTS: 1 REF: 353

4. Plaintext or cleartext is the original unencrypted message, or a message that

ANS: T PTS: 1 REF: 354

ANS: T PTS: 1 REF: 362

PTS: 1 REF: 364

7. As DES became known as being too weak for highly classified

PTS: 1 REF: 365

8. AES implements a block cipher called the Rijndael Block Cipher.

ANS: T PTS: 1 REF: 365

PTS: 1 REF: 366

PTS: 1 REF: 375

11. Diffie-Hellman key exchange uses asymmetric encryption to exchange

ANS: T PTS: 1 REF: 379

ANS: T PTS: 1 REF: 378

PTS: 1 REF: 380-381

14. The most popular modern version of steganography involves hiding