Your organization has implemented a virtual private network (VPN) that allows branch offices to connect to the main office. Recently, you have discovered that the key used on the VPN has been compromised. You need to ensure that the key is not compromised in the future. What should you do?

Your organization has implemented a virtual private network (VPN) that allows branch offices to connect to the main office. Recently, you have discovered...

Your organization has recently become the victim of an attack against a cryptographic algorithm. The particular attack used all possible keys until a key is discovered that successfully decrypts the ciphertext. Which type of attack occurred?

Your organization has recently become the victim of an attack against a cryptographic algorithm. The particular attack used all possible keys until...

Your organization implements a public key infrastructure (PKI) to issue digital certificates to users. Management has requested that you ensure that all the digital certificates that were issued to contractors have been revoked. Which PKI component should you consult?

Your organization implements a public key infrastructure (PKI) to issue digital certificates to users. Management has requested that you ensure that...

Users on your organization's network need to be able to access several confidential files located on a file server. Currently, the files are encrypted. Recently, it was discovered that attackers were able to change the contents of the file. You need to use a hash function to calculate the hash values of the correct files. Which of the following should you not use?

Users on your organization's network need to be able to access several confidential files located on a file server. Currently, the files are encrypted....

Management at your organization has decided that it no longer wants to implement asymmetric algorithms because they are much more expensive to implement. You have determined that several algorithms are being used across the enterprise. Which of the following should you discontinue using, based on management's request?

Management at your organization has decided that it no longer wants to implement asymmetric algorithms because they are much more expensive to implement....

You have recently been hired by a company to analyze its security mechanisms to determine any weaknesses in their current security mechanisms. During this analysis, you detect that an application is using a 3DES implementation that encrypts each block of data three times, each time with a different key. Which 3DES implementation does the application use?

You have recently been hired by a company to analyze its security mechanisms to determine any weaknesses in their current security mechanisms. During...

Your organization recently obtained a contract with the U.S. Department of Defense (DoD). As part of this contract, your organization will be exchanging confidential data with the DoD. Management has requested that you implement the most secure encryption scheme available for these data exchanges. Which scheme should you implement?

Your organization recently obtained a contract with the U.S. Department of Defense (DoD). As part of this contract, your organization will be exchanging...

Your organization has recently decided to implement encryption on the network. Management requests that you implement a system that uses a private or secret key that must remain secret between the two parties. Which system should you implement?

Your organization has recently decided to implement encryption on the network. Management requests that you implement a system that uses a private or...

Your organization's enterprise implements several different encryption algorithms, based on the organizational needs and the data being protected. Recently, several different encryption keys have generated the same ciphertext from the same plaintext message. This has resulted in your organization's enterprise being susceptible to attackers. Which condition has occurred?

Your organization's enterprise implements several different encryption algorithms, based on the organizational needs and the data being protected. Recently,...

Your organization has decided that it needs to protect all confidential data that is residing on a file server. All confidential data is located within a folder named Confidential. You need to ensure that this data is protected. What should you do?

Your organization has decided that it needs to protect all confidential data that is residing on a file server. All confidential data is located within...

How you can detect TLS/SSL encrypted command and control traffic?

How you can detect TLS/SSL encrypted command and control traffic? Answer: Perform decryption and inspection of TLS/SSL traffic. Perform analysis...

Who is currently further along, cryptographers or cryptanalysts?

Who is currently further along, cryptographers or cryptanalysts? Answer: cryptographe...

When two different inputs produce an identical output.

When two different inputs produce an identical output. Answer: hash collisio...

Encryption at different layers of OSI model.

•layer 7- encrypt email with PGP •layer 5- encrypt session data with SSL or TLS •layer 3- encrypt network layer data with IPSec •layer 2- encrypt data...

A good cryptographic algorithm should

A good cryptographic algorithm should Answer: resist common cryptographic attacks. ...

What determines the strength of a modern encryption algorithm?

What determines the strength of a modern encryption algorithm? Answer: Key si...

DES uses two standardized block cipher modes.

ECB: [electronic codebook] mode- serially encrypts each 64-bit plaintext block using same 56-bit key. If two identical plaintext blocks are encrypted...

What once-patented public-key asymmetric algorithm is now public domain?

What once-patented public-key asymmetric algorithm is now public domain? Answer: RSA ...

PGP process

The content of emails is encrypted twice, once with the sender's private key, and again with the receiver's public key. The receiver must reverse the...

Diffie-Hellman [DH] Key Agreement

Lets 2 parties share information over an untrusted network and mutually compute an identical shared secret that cannot be computed by eavesdroppers who...

Mathematical model in the DH key exchange process.

Mathematical model in the DH key exchange process. •p = large prime number, can be known to all •g = based or generator, can be known to all •a =...

SSHv1 connection process.

SSHv1 connection process Answer: • Client connects to server and server presents client with its public key. • Client and server agree to a mutually...

Distinction between digital signatures and asymmetric encryption.

Distinction between digital signatures and asymmetric encryption. Answer: Anyone who decrypts the file with your public key knows that you were...

To facilitate encrypted bulk data transfer using TLS:

To facilitate encrypted bulk data transfer using TLS: Answer: The shared secret key is sent from the client to the server, encrypted with server's...

Why is using ECDHE_ECDSA stronger than using RSA?

Why is using ECDHE_ECDSA stronger than using RSA? Answer: If the server's private key is later compromised, all the prior TLS handshakes that...

Suite B cryptography secures information traveling over networks using four well established, public-domain cryptographic algorithms:

Suite B cryptography secures information traveling over networks using four well established, public-domain cryptographic algorithms: Answer: •Encryption...

Where are most attacks on cryptographic systems aimed?

Where are most attacks on cryptographic systems aimed? Answer: At the key management level rather than at the cryptographic algorithm itsel...

How to ensure the identity of the entity?

How to ensure the identity of the entity? Answer: A system must challenge the peer to prove that it has the private key that is associated with...

What allows you to verify entity authentication, data integrity, and authenticity of communications, without encrypting the actual data?

What allows you to verify entity authentication, data integrity, and authenticity of communications, without encrypting the actual data? Answer: Both...

A user's laptop developed a problem and can no longer boot. Help desk personnel tried to recover the data on the disk, but the disk is encrypted. Which of the following can be used to retrieve data from the hard drive?

A user's laptop developed a problem and can no longer boot. Help desk personnel tried to recover the data on the disk, but the disk is encrypted. Which...

Your organization requires the use of a PKI and it wants to implement a protocol to validate trust with minimal traffic. Which of the following protocols validates trust by returning short responses, such as "good" or "revoked"?

Your organization requires the use of a PKI and it wants to implement a protocol to validate trust with minimal traffic. Which of the following protocols...

Your organization is planning to implement an internal PKI. What is required to ensure users can validate certificates?

Your organization is planning to implement an internal PKI. What is required to ensure users can validate certificates? A. An intermediate CA B. CSR C....

You need to submit a CSR to a CA. Which of the following would you do FIRST?

You need to submit a CSR to a CA. Which of the following would you do FIRST? A. Generate a new RSA-based session key. B. Generate a new RSA-based...

Homer wants to use digital signatures for his emails and realizes he needs a certificate. Which of the following will issue Homer a certificate?

Homer wants to use digital signatures for his emails and realizes he needs a certificate. Which of the following will issue Homer a certificate? A....

An application requires users to log on with passwords. The application developers want to store the passwords in such a way that it will thwart rainbow table attacks. Which of the following is the BEST solution?

An application requires users to log on with passwords. The application developers want to store the passwords in such a way that it will thwart rainbow...

Users in your organization sign their emails with digital signatures. What provides integrity for these certificates?

Users in your organization sign their emails with digital signatures. What provides integrity for these certificates? A. Hashing B. Encryption C....

Bart wants to send a secure email to Lisa so he decides to encrypt it. Bart wants to ensure that Lisa can verify that he sent it. Which of the following does Lisa need to meet this requirement?

Bart wants to send a secure email to Lisa so he decides to encrypt it. Bart wants to ensure that Lisa can verify that he sent it. Which of the following...

Homer wants to send a secure email to Marge so he decides to encrypt it. Homer wants to ensure that Marge can verify that he sent it. Which of the following does Marge need to verify the certificate that Homer used in this process is valid?

Homer wants to send a secure email to Marge so he decides to encrypt it. Homer wants to ensure that Marge can verify that he sent it. Which of the following...

You are planning to encrypt data in transit. Which of the following protocols meets this need and encapsulates IP packets within an additional IP header?

You are planning to encrypt data in transit. Which of the following protocols meets this need and encapsulates IP packets within an additional IP header? A....

A heavily used application accesses a financial database on a server within your network. Due to recent data breaches, management wants to ensure transport encryption protects this data. Which of the following algorithms is the BEST choice to meet this goal?

A heavily used application accesses a financial database on a server within your network. Due to recent data breaches, management wants to ensure transport...

A manager is suspected of leaking trade secrets to a competitor. A security investigator is examining his laptop and notices a large volume of vacation pictures on the hard drive. Data on this laptop automatically uploads to a private cloud owned by the company once a week. The investigator noticed that the hashes of most of the pictures on the hard drive are different from the hashes of the pictures in the cloud location. Which of the following is the MOST likely explanation for this scenario?

A manager is suspected of leaking trade secrets to a competitor. A security investigator is examining his laptop and notices a large volume of vacation...

Your organization plans to issue some employees mobile devices such as smartphones and tablets. These devices don't have a lot of processing power. Which of the following cryptographic methods has the LEAST overhead and will work with these mobile devices?

Your organization plans to issue some employees mobile devices such as smartphones and tablets. These devices don't have a lot of processing power....

Your network requires a secure method of sharing encryption keys over a public network. Which of the following is the BEST choice?

Your network requires a secure method of sharing encryption keys over a public network. Which of the following is the BEST choice? A. Symmetric encryption B....

Your organization uses several different types of cryptographic techniques. Which of the following techniques uses a private key and a public key?

Your organization uses several different types of cryptographic techniques. Which of the following techniques uses a private key and a public key? A....

An application developer needs to use an encryption protocol to encrypt credit card data within a database used by the application. Which of the following would be the FASTEST, while also providing strong confidentiality?

An application developer needs to use an encryption protocol to encrypt credit card data within a database used by the application. Which of the following...

Which of the following algorithms encrypts data in 64-bit blocks?

Which of the following algorithms encrypts data in 64-bit blocks? A. AES B. DES C. Twofish D. RC4 Answer: B. D...

Some encryption algorithms use stream ciphers and some use block ciphers. Which of the following are examples of block ciphers? (Choose THREE.)

Some encryption algorithms use stream ciphers and some use block ciphers. Which of the following are examples of block ciphers? (Choose THREE.) A....

A security technician runs an automated script every night designed to detect changes in files. Of the following choices, what are the most likely protocols used in this script?

A security technician runs an automated script every night designed to detect changes in files. Of the following choices, what are the most likely protocols...

A security technician runs an automated script every night designed to detect changes in files. Of the following choices, what are the most likely protocols used in this script?

A security technician runs an automated script every night designed to detect changes in files. Of the following choices, what are the most likely protocols...

Of the following choices, what can you use to verify data integrity?

Of the following choices, what can you use to verify data integrity? A. AES B. DES C. RC4 D. SHA Answer: D. S...