-
web.groovymark@gmail.com
- November 29, 2024
Question 21
Which cryptographic attack involves capturing and reusing valid data transmissions at a later time?
a) Replay attack
b) Side-channel attack
c) Timing attack
d) Brute-force attack
Correct Answer: a) Replay attack
Explanation: A replay attack involves capturing valid data transmissions and reusing them at a later time to gain unauthorized access or perform malicious actions.
Question 22
What is the key length for AES-256 encryption?
a) 128 bits
b) 192 bits
c) 256 bits
d) 64 bits
Correct Answer: c) 256 bits
Explanation: AES-256 uses a 256-bit key for encryption, providing a high level of security.
Question 23
Which of the following describes the purpose of salting in password hashing?
a) To make the password hash harder to crack by adding random data
b) To encrypt the password before hashing
c) To compress the password into a fixed length
d) To generate a secret key for encryption
Correct Answer: a) To make the password hash harder to crack by adding random data
Explanation: Salting adds random data to the password before hashing, making it more difficult for attackers to use precomputed rainbow tables to crack the hash.
Question 24
Which of the following cryptographic algorithms is commonly used for generating a digital signature?
a) AES
b) RSA
c) DES
d) SHA-256
Correct Answer: b) RSA
Explanation: RSA is commonly used for generating digital signatures, providing authentication and data integrity by allowing the recipient to verify the sender's identity.
Question 25
Which of the following best describes the function of a Certificate Authority (CA)?
a) It generates encryption keys for secure communications
b) It issues and manages digital certificates for public key infrastructure
c) It encrypts messages using symmetric encryption
d) It verifies the identity of senders using a hash function
Correct Answer: b) It issues and manages digital certificates for public key infrastructure
Explanation: A Certificate Authority (CA) is responsible for issuing and managing digital certificates used in public key infrastructure (PKI).
Question 26
Which of the following best describes a man-in-the-middle attack?
a) An attacker intercepts and alters communications between two parties
b) An attacker intercepts data and replays it at a later time
c) An attacker captures and decrypts encrypted messages
d) An attacker tries every possible key until the correct one is found
Correct Answer: a) An attacker intercepts and alters communications between two parties
Explanation: A man-in-the-middle attack occurs when an attacker intercepts communications between two parties and potentially alters the data without their knowledge.
Question 27
What is the primary purpose of a cryptographic nonce?
a) To store a secret key
b) To ensure that identical plaintexts produce different ciphertexts
c) To generate a digital signature
d) To provide authentication
Correct Answer: b) To ensure that identical plaintexts produce different ciphertexts
Explanation: A nonce is a random value used only once in encryption to ensure that the same plaintext encrypted multiple times results in different ciphertexts.
Question 28
Which of the following is a symmetric block cipher?
a) AES
b) RSA
c) ECC
d) Diffie-Hellman
Correct Answer: a) AES
Explanation: AES is a symmetric block cipher that encrypts data in fixed-size blocks using the same key for both encryption and decryption.
Question 29
Which of the following cryptographic algorithms is used for generating a hash value?
a) AES
b) RSA
c) SHA-256
d) Diffie-Hellman
Correct Answer: c) SHA-256
Explanation: SHA-256 is a cryptographic hash algorithm that generates a fixed-length hash value, ensuring data integrity.
Question 30
Which cryptographic attack involves analyzing the time taken to execute encryption operations to deduce the key?
a) Side-channel attack
b) Brute-force attack
c) Known-plaintext attack
d) Man-in-the-middle attack
Correct Answer: a) Side-channel attack
Explanation: In a side-channel attack, the attacker analyzes the time, power consumption, or other physical characteristics of encryption operations to gather information about the encryption key
Question 31
Which of the following is a characteristic of hashing algorithms?
a) They are reversible
b) They generate a fixed-length output from a variable-length input
c) They use a public key for encryption
d) They provide confidentiality for data
Correct Answer: b) They generate a fixed-length output from a variable-length input
Explanation: Hashing algorithms generate a fixed-length output, called a hash value, from a variable-length input and are used to ensure data integrity.
Question 32
Which type of cryptographic attack involves modifying encrypted messages in transit to change their meaning?
a) Replay attack
b) Man-in-the-middle attack
c) Timing attack
d) Chosen-ciphertext attack
Correct Answer: b) Man-in-the-middle attack
Explanation: In a man-in-the-middle attack, the attacker intercepts and potentially modifies encrypted messages in transit, altering the data without the sender or receiver's knowledge.
Question 33
Which of the following block cipher modes allows parallel processing of blocks, improving performance?
a) ECB
b) CBC
c) CTR
d) CFB
Correct Answer: c) CTR
Explanation: Counter (CTR) mode allows for parallel processing of blocks because each block is encrypted independently, improving performance in high-speed environments.
Question 34
Which of the following cryptographic methods uses different keys for encryption and decryption?
a) Symmetric encryption
b) Asymmetric encryption
c) Hashing
d) Stream ciphers
Correct Answer: b) Asymmetric encryption
Explanation: Asymmetric encryption uses a public key for encryption and a private key for decryption, making it more secure for key exchange.
Question 35
What is the primary role of a cryptographic hash function?
a) To encrypt data for secure transmission
b) To ensure data integrity by generating a fixed-length output
c) To generate a public and private key pair
d) To create a digital signature
Correct Answer: b) To ensure data integrity by generating a fixed-length output
Explanation: A cryptographic hash function ensures data integrity by generating a unique, fixed-length hash value from input data, allowing verification that the data has not been altered.
Question 36
Which of the following best describes the purpose of digital certificates in public key infrastructure (PKI)?
a) To encrypt data for secure transmission
b) To verify the identity of the certificate holder and provide public key information
c) To hash data for verification
d) To store private keys securely
Correct Answer: b) To verify the identity of the certificate holder and provide public key information
Explanation: Digital certificates in PKI are used to verify the identity of the certificate holder and provide the corresponding public key for secure communications.
Question 37
Which of the following encryption algorithms is commonly used for generating a digital signature?
a) AES
b) RSA
c) DES
d) SHA-256
Correct Answer: b) RSA
Explanation: RSA is commonly used for generating digital signatures, providing authentication and data integrity by allowing the recipient to verify the sender's identity.
Question 38
Which of the following cryptographic attacks involves an attacker choosing ciphertext to be decrypted and then analyzing the resulting plaintext?
a) Known-plaintext attack
b) Chosen-ciphertext attack
c) Side-channel attack
d) Brute-force attack
Correct Answer: b) Chosen-ciphertext attack
Explanation: In a chosen-ciphertext attack, the attacker selects ciphertext to be decrypted and analyzes the resulting plaintext to gather information about the encryption key.
Question 39
What is the primary function of salting in password hashing?
a) To generate a secret key for encryption
b) To ensure that the same password generates different hash values
c) To encrypt the password before hashing
d) To compress the password into a fixed length
Correct Answer: b) To ensure that the same password generates different hash values
Explanation: Salting adds random data to passwords before hashing to ensure that identical passwords result in different hash values, making it harder to crack.
Question 40
Which cryptographic algorithm is based on the difficulty of solving discrete logarithms?
a) RSA
b) AES
c) ECC
d) DES
Correct Answer: c) ECC
Explanation: Elliptic Curve Cryptography (ECC) is based on the mathematical difficulty of solving discrete logarithms, making it secure for encryption and key exchange
