Topic 21, Cryptography
Richard is a network Administrator working at a student loan company in lowa. This
company processes over 20,000 students loan a year from colleges all over the
state. Most communication between the company, schools and lenders is carried out
through email. Because of privacy laws that are in the process of being
implemented, Richard wants to get ahead of the game and become compliant before
any sort of auditing occurs. Much of the email communication used at his company
contains sensitive information such as social security numbers. For this reason,
Richard wants to utilize email encryption agency-wide. The only problem for Richard
is that his department only has couple of servers and they are utilized to their full
capacity. Since a server-based PKI is not an option for him, he is looking for a
low/no cost solution to encrypt email.
What should Richard use?
A.
PGP
B.
RSA
C.
3DES
D.
OTP
PGP
Explanation: PGP (Pretty Good Privacy) is an encryption program being used for secure
transmission of files and e-mails. This adapts public-key encryption technology in which
pairs of keys are used to maintain secure communication. For PGP-based communication
both the sender and receiver should have public and private key pairs. The senders public
key should be distributed to the receiver. Similarly, the receivers public key should be
distributed to the sender. When sending a message or a file, the sender can sign using his
private key. Also, the senders private key is never distributed. All encryption is made on
the workstation sending the e-mail.
Which of the following encryption is not based on Block Cipher?
A.
DES
B.
Blowfish
C.
AES
D.
RC4
RC4
Explanation: RC4 (also known as ARC4 or ARCFOUR) is the most widely-used software
stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to
protect Internet traffic) and WEP (to secure wireless networks).
Symmetric encryption algorithms are known to be fast but present great challenges
on the key management side. Asymmetric encryption algorithms are slow but allow
communication with a remote host without having to transfer a key out of band or in
person. If we combine the strength of both crypto systems where we use the
symmetric algorithm to encrypt the bulk of the data and then use the asymmetric
encryption system to encrypt the symmetric key, what would this type of usage be
known as?
A.
Symmetric system
B.
Combined system
C.
Hybrid system
D.
Asymmetric system
Hybrid system
Explanation: Because of the complexity of the underlying problems, most public-key
algorithms involve operations such as modular multiplication and exponentiation, which are
much more computationally expensive than the techniques used in most block ciphers,
especially with typical key sizes. As a result, public-key cryptosystems are commonly
"hybrid" systems, in which a fast symmetric-key encryption algorithm is used for the
message itself, while the relevant symmetric key is sent with the message, but encrypted
using a public-key algorithm. Similarly, hybrid signature schemes are often used, in which a
cryptographic hash function is computed, and only the resulting hash is digitally signed.
Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic.
She is worried that adversaries might be monitoring the communication link and
could inspect captured traffic. She would line to tunnel the information to the remote
end but does not have VPN capabilities to do so.
Which of the following tools can she use to protect the link?
A.
MD5
B.
SSH
C.
RSA
D.
PGP
SSH
Explanation: Port forwarding, or tunneling, is a way to forward otherwise insecure TCP
traffic through SSH Secure Shell. You can secure for example POP3, SMTP and HTTP
connections that would otherwise be insecure.
There is some dispute between two network administrators at your company. Your
boss asks you to come and meet with the administrators to set the record straight.
Which of these are true about PKI and encryption?
Select the best answers.
A.
PKI provides data with encryption, compression, and restorability.
B.
Public-key encryption was invented in 1976 by Whitfield Diffie and Martin Hellman.
C.
When it comes to eCommerce, as long as you have authenticity, and authenticity, you dont need encyrption
D.
RSA is a type of encryption.
Public-key encryption was invented in 1976 by Whitfield Diffie and Martin Hellman.
RSA is a type of encryption.
Explanation: PKI provides confidentiality, integrity, and authenticity of the messages
exchanged between these two types of systems. The 3rd party provides the public key and
the receiver verifies the message with a combination of the private and public key. Publickey
encryption WAS invented in 1976 by Whitfield Diffie and Martin Hellman. The famous
hashing algorithm Diffie-Hellman was named after them. The RSA Algorithm is created by
the RSA Security company that also has created other widely used encryption algorithms.
In the context of using PKI, when Sven wishes to send a secret message to Bob, he
looks up Bob’s public key in a directory, uses it to encrypt the message before
sending it off. Bob then uses his private key to decrypt the message and reads it. No
one listening on can decrypt the message.
Anyone can send an encrypted message to Bob but only Bob can read it. Thus,
although many people may know Bob’s public key and use it to verify Bob’s
signature, they cannot discover Bob’s private key and use it to forge digital
signatures.
What does this principle refer to?
A.
Irreversibility
B.
Non-repudiation
C.
Symmetry
D.
Asymmetry
Asymmetry
Explanation: PKI uses asymmetric key pair encryption. One key of the pair is the only way
to decrypt data encrypted with the other
Microsoft Authenticode technology is used for:
A.
Digital Signing Activex controls
B.
Digitally signing SSL Certificates
C.
Digitally Signing JavaScript Files
D.
Digitally Signing Java Applets
Digital Signing Activex controls
Explanation: Authenticode identifies the publisher of signed software and verifies that it
hasn't been tampered with, before users download software to their PCs. As a result, end
users can make a more informed decision as to whether or not to download code.
Authenticode relies on digital certificates and is based on specifications that have been
used successfully in the industry for some time, including Public Key Cryptography
Standards (PKCS) #7 (encrypted key specification), PKCS #10 (certificate request
formats), X.509 (certificate specification), and Secure Hash Algorithm (SHA) and MD5 hash
algorithms.
Which of the following best describes session key creation in SSL?
A.
It is created by the server after verifying theusers identity
B.
It is created by the server upon connection by the client
C.
It is created by the client from the server's public key
D.
It is created by the client after verifying the server's identity
It is created by the client after verifying the server's identity
Explanation: An SSL session always begins with an exchange of messages called the
SSL handshake. The handshake allows the server to authenticate itself to the client using
public-key techniques, then allows the client and the server to cooperate in the creation of
symmetric keys used for rapid encryption, decryption, and tamper detection during the
session that follows. Optionally, the handshake also allows the client to authenticate itself
to the server.
A digital signature is simply a message that is encrypted with the public key instead
of the private key.
A.
true
B.
false
false
Explanation: Digital signatures enable the recipient of information to verify the authenticity
of the informations origin, and also verify that the information is intact. Thus, public key
digital signatures provide authentication and data integrity. A digital signature also provides
non-repudiation, which means that it prevents the sender from claiming that he or she did
not actually send the information. Instead of encrypting information using someone else's
public key, you encrypt it with your private key. If the information can be decrypted with
your public key, then it must have originated with you.
As a securing consultant, what are some of the things you would recommend to a
company to ensure DNS security?
Select the best answers.
A.
Use the same machines for DNS and other applications
B.
Harden DNS servers
C.
Use split-horizon operation for DNS servers
D.
Restrict Zone transfers
E.
Have subnet diversity between DNS servers
Harden DNS servers
Use split-horizon operation for DNS servers
Restrict Zone transfers
Have subnet diversity between DNS servers
Explanation: Explanations:
A is not a correct answer as it is never recommended to use a DNS server for any other
application. Hardening of the DNS servers makes them less vulnerable to attack. It is
recommended to split internal and external DNS servers (called split-horizon operation).
Zone transfers should only be accepted from authorized DNS servers.
By having DNS servers on different subnets, you may prevent both from going down, even
if one of your networks goes down.
What are the different between SSL and S-HTTP?
A.
SSL operates at the network layer and S-HTTP operates at the application layer
B.
SSL operates at the application layer and S-HTTP operates at the network layer
C.
SSL operates at transport layer and S-HTTP operates at the application layer
D.
SSL operates at the application layer and S-HTTP operates at the transport layer
SSL operates at transport layer and S-HTTP operates at the application layer
Explanation: Whereas SSL is designed to establish a secure connection between two
computers, S-HTTP is designed to send individual messages securely. S-HTTP is defined
in RFC 2660
Eve is spending her day scanning the library computers. She notices that Alice is
using a computer whose port 445 is active and listening. Eve uses the ENUM tool to
enumerate Alice machine. From the command prompt, she types the following
command.
For /f "tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:"Administrator"
%%a
What is Eve trying to do?
A.
Eve is trying to connect as an user with Administrator privileges
B.
Eve is trying to enumerate all users with Administrative privileges
C.
Eve is trying to carry out a password crack for user Administrator
D.
Eve is trying to escalate privilege of the null user to that of Administrator
Eve is trying to carry out a password crack for user Administrator
Explanation: Eve tries to get a successful login using the username Administrator and
passwords from the file hackfile.txt.
| Page 22 out of 64 Pages |
| Previous |