Network Defense Module 8.8.2 Module 8: Public Key Cryptography Quiz Questions Exam Answers
1. What is the purpose of the DH algorithm?
- to provide nonrepudiation support
- to support email data confidentiality
- to encrypt data traffic after a VPN is established
- to generate a shared secret between two hosts that have not communicated before
2. Which statement is a feature of HMAC?
- HMAC is based on the RSA hash function.
- HMAC uses a secret key that is only known to the sender and defeats man-in-the-middle attacks.
- HMAC uses protocols such as SSL or TLS to provide session layer confidentiality.
- HMAC uses a secret key as input to the hash function, adding authentication to integrity assurance.
3. Which requirement of secure communications is ensured by the implementation of MD5 or SHA hash generating algorithms?
- confidentiality
- authentication
- integrity
- nonrepudiation
4. Which two statements correctly describe certificate classes used in the PKI? (Choose two.)
- A class 0 certificate is for testing purposes.
- A class 0 certificate is more trusted than a class 1 certificate.
- The lower the class number, the more trusted the certificate.
- A class 5 certificate is for users with a focus on verification of email.
- A class 4 certificate is for online business transactions between companies.
5. Which statement describes the use of certificate classes in the PKI?
- The lower the class number, the more trusted the certificate.
- A vendor must issue only one class of certificates when acting as a CA.
- A class 5 certificate is more trustworthy than a class 4 certificate.
- Email security is provided by the vendor, not by a certificate.
6. What technology allows users to verify the identity of a website and to trust code that is downloaded from the Internet?
- asymmetric key algorithm
- digital signature
- encryption
- hash algorithm
7. What two assurances does digital signing provide about code that is downloaded from the Internet? (Choose two.)
- The code is authentic and is actually sourced by the publisher.
- The code contains no errors.
- The code was encrypted with both a private and public key.
- The code has not been modified since it left the software publisher.
- The code contains no viruses.
8. What term is used to describe the technology that replaces sensitive information with a nonsensitive version?
- hiding
- masking
- retracting
- whiteout
- blanking
9. What term is used to describe concealing data in another file such as a graphic, audio, or other text file?
- masking
- obfuscation
- steganography
- hiding
10. What is a strength of using a hashing function?
- It is a one-way function and not reversible.
- It can take only a fixed length message.
- It has a variable length output.
- Two different files can be created that have the same output.
- It is not commonly used in security.
11. An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the evidence is submitted in court?
- The investigator found a USB drive and was able to make a copy of it.
- The data is all there.
- An exact copy cannot be made of a device.
- The data in the image is an exact copy and nothing has been altered by the process.
12. In which way does the use of HTTPS increase the security monitoring challenges within enterprise networks?
- HTTPS traffic is much faster than HTTP traffic.
- HTTPS traffic enables end-to-end encryption.
- HTTPS traffic does not require authentication.
- HTTPS traffic can carry a much larger data payload than HTTP can carry.