- web.groovymark@gmail.com
- November 28, 2024
Question 21
Which stream cipher is commonly used in Wi-Fi encryption under WPA2?
a) AES
b) RC4
c) ChaCha20
d) RSA
Correct Answer: b) RC4
Explanation: RC4 is a stream cipher that was widely used in WPA and WEP encryption, though it has been deprecated in favor of more secure algorithms like AES-CCMP.
Question 22
Which of the following is an asymmetric encryption algorithm?
a) AES
b) DES
c) RSA
d) RC5
Correct Answer: c) RSA
Explanation: RSA is an asymmetric encryption algorithm that uses a public/private key pair, unlike AES and DES, which are symmetric algorithms.
Question 23
Which of the following is a method for verifying the integrity of a message?
a) Public key
b) Digital certificate
c) Digital signature
d) Symmetric encryption
Correct Answer: c) Digital signature
Explanation: A digital signature is used to verify the integrity of a message, ensuring it has not been altered during transmission and verifying the sender’s identity.
Question 24
Which of the following describes the concept of perfect forward secrecy?
a) Compromised session keys will allow access to all past communications
b) Compromised long-term keys will not compromise past session keys
c) Symmetric keys can be reused for multiple sessions
d) Private keys can be used for both signing and encrypting data
Correct Answer: b) Compromised long-term keys will not compromise past session keys
Explanation: Perfect forward secrecy ensures that even if long-term keys are compromised, past session keys remain secure, as each session key is unique.
Question 25
What is a common weakness of password-based encryption methods?
a) Vulnerability to brute-force attacks
b) Inability to use long passwords
c) Requirement of symmetric encryption
d) Requirement of asymmetric encryption
Correct Answer: a) Vulnerability to brute-force attacks
Explanation: Password-based encryption is susceptible to brute-force attacks, where attackers try many possible passwords until they find the correct one.
Question 26
Which of the following modes uses an initialization vector (IV) for the first block but requires feedback from previous ciphertext blocks?
a) Counter Mode (CTR)
b) Cipher Feedback (CFB)
c) Cipher Block Chaining (CBC)
d) Electronic Code Book (ECB)
Correct Answer: c) Cipher Block Chaining (CBC)
Explanation: CBC mode uses an IV for the first block and XORs each subsequent block of plaintext with the previous ciphertext block, ensuring that identical plaintext blocks produce different ciphertexts.
Question 27
What is the main purpose of the modulus operator (mod) in cryptography?
a) To perform exponentiation
b) To return the remainder of a division
c) To factorize large numbers
d) To find the greatest common divisor
Correct Answer: b) To return the remainder of a division
Explanation: The modulus operator returns the remainder after dividing one number by another, and it is frequently used in cryptographic algorithms like RSA and Diffie-Hellman.
Question 28
Which cryptographic attack relies on the ability to obtain multiple ciphertexts encrypted with the same key?
a) Known plaintext attack
b) Frequency analysis
c) Chosen ciphertext attack
d) Ciphertext-only attack
Correct Answer: d) Ciphertext-only attack
Explanation: A ciphertext-only attack relies on the ability to analyze multiple ciphertexts encrypted with the same key to deduce the key or plaintext, often using statistical methods.
Question 29
In a Caesar cipher, how is the encryption process performed?
a) By shifting the plaintext letters by a fixed number of positions
b) By using multiple substitution alphabets
c) By XORing the plaintext with a random key
d) By transposing letters based on a grid pattern
Correct Answer: a) By shifting the plaintext letters by a fixed number of positions
Explanation: In a Caesar cipher, each letter in the plaintext is shifted by a fixed number of positions down or up the alphabet to produce the ciphertext.
Question 30
Which of the following protocols uses symmetric key encryption to secure communication between two parties?
a) TLS
b) SSL
c) IPsec
d) All of the above
Correct Answer: d) All of the above
Explanation: TLS, SSL, and IPsec all use symmetric key encryption to secure communication between two parties, with the session key being negotiated via asymmetric methods.
Question 31
Which public key cryptosystem uses elliptic curves to provide encryption, digital signatures, and key exchange?
a) RSA
b) El Gamal
c) ECC
d) AES
Correct Answer: c) ECC
Explanation: ECC (Elliptic Curve Cryptography) uses elliptic curves for encryption, digital signatures, and key exchange, offering equivalent security to RSA but with smaller key sizes.
Question 32
Which method is commonly used to crack a hashed password?
a) Known plaintext attack
b) Dictionary attack
c) Brute-force attack
d) Replay attack
Correct Answer: b) Dictionary attack
Explanation: A dictionary attack involves trying commonly used passwords or words from a predefined list against a hashed password until the correct one is found.
Question 33
Which encryption algorithm is commonly used to secure communications in wireless networks under WPA2?
a) AES
b) DES
c) RSA
d) Blowfish
Correct Answer: a) AES
Explanation: AES is commonly used to secure communications in wireless networks under WPA2, providing strong encryption for protecting data over Wi-Fi.
Question 34
Which of the following cryptographic algorithms relies on the difficulty of solving discrete logarithms?
a) RSA
b) ECC
c) El Gamal
d) AES
Correct Answer: c) El Gamal
Explanation: El Gamal relies on the difficulty of solving discrete logarithms, which makes it secure for encryption and digital signatures, but it requires longer key sizes than RSA.
Question 35
What is the purpose of a certificate revocation list (CRL)?
a) To issue new digital certificates
b) To store public keys for certificate authorities
c) To list certificates that are no longer valid
d) To manage the expiration dates of certificates
Correct Answer: c) To list certificates that are no longer valid
Explanation: A CRL lists certificates that have been revoked before their expiration date, allowing users and systems to avoid trusting certificates that have been compromised or are no longer valid.
Question 36
Which encryption algorithm is typically used with blockchain technologies like Bitcoin?
a) SHA-1
b) RSA
c) AES
d) Elliptic Curve Cryptography (ECC)
Correct Answer: d) Elliptic Curve Cryptography (ECC)
Explanation: ECC is widely used in blockchain technologies like Bitcoin due to its smaller key sizes, which provide efficient and secure cryptographic operations.
Question 37
What is the output size of a hash generated by the SHA-256 algorithm?
a) 128 bits
b) 160 bits
c) 256 bits
d) 512 bits
Correct Answer: c) 256 bits
Explanation: SHA-256 generates a fixed-length hash output of 256 bits, providing a higher level of security compared to SHA-1 and MD5.
Question 38
Which of the following describes the concept of salting in cryptography?
a) Adding random data to the plaintext before encryption
b) Adding random data to a password before hashing
c) Adding padding to a block cipher
d) Adding an initialization vector to a block cipher mode
Correct Answer: b) Adding random data to a password before hashing
Explanation: Salting involves adding random data to a password before hashing to prevent attackers from using precomputed hash values (rainbow tables) to crack the password.
Question 39
Which of the following describes an ephemeral key?
a) A key used to encrypt a single message or session
b) A key that can be reused across multiple sessions
c) A key that is stored in hardware for long-term use
d) A key that is derived from a user’s password
Correct Answer: a) A key used to encrypt a single message or session
Explanation: An ephemeral key is used for a single message or session and is discarded afterward, providing better security by ensuring that previous keys cannot be reused.
Question 40
What is the primary advantage of stream encryption over block encryption?
a) It provides better security
b) It is faster and works well for real-time applications
c) It uses smaller key sizes
d) It does not require initialization vectors
Correct Answer: b) It is faster and works well for real-time applications
Explanation: Stream encryption is often faster than block encryption and works well for real-time applications like audio and video transmission, where data is processed bit by bit.