Which of the following areas is considered a strength of symmetric key cryptography when compared with asymmetric algorithms?
Correct Answer: D
Speed Symmetric key systems are considerably faster than asymmetric key systems but have issues with proper key distribution, controlling keys as more users need to communicate, and cannot provide non-repudiation or authenticity.
Question 22
Denis is looking at an older system that uses DES encryption. A colleague has told him that DES is insecure due to a small key size. What is the key length used for DES?
Correct Answer: C
56 https://en.wikipedia.org/wiki/DES The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for applications, it has been highly influential in the advancement of cryptography.
Question 23
Manipulating individuals so that they will divulge confidential information, rather than by breaking in or using technical cracking techniques.
Correct Answer: D
Social engineering attack https://en.wikipedia.org/wiki/Social_engineering_(security) Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. Incorrect answers: Replay attack - (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution. This is one of the lower tier versions of a "Man-in-the-middle attack." Side-channel attack - is any attack based on information gained from the implementation of a computer system, rather than weaknesses in the implemented algorithm itself (e.g. cryptanalysis and software bugs). Timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information, which can be exploited. Linear cryptanalysis - is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. Attacks have been developed for block ciphers and stream ciphers. Linear cryptanalysis is one of the two most widely used attacks on block ciphers; the other being differential cryptanalysis.
Question 24
With Electronic codebook (ECB) what happens:
Correct Answer: A
The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_(ECB) The simplest of the encryption modes is the electronic codebook (ECB) mode (named after conventional physical codebooks). The message is divided into blocks, and each block is encrypted separately.
Question 25
The ATBASH cipher is best described as what type of cipher?
Correct Answer: C
Substitution https://en.wikipedia.org/wiki/Atbash Atbash is a monoalphabetic substitution cipher originally used to encrypt the Hebrew alphabet. It can be modified for use with any known writing system with a standard collating order.
