Test your basic knowledge |

CISSP Crypto Domain

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. NIST 1991 - outlines authorized algorithms






2. Online Certificate Status Protocol- used to query the CA; useful in large; complex environments; responds to a query with status of valid; suspended; or revoked






3. Authentication and integrity - needed when... At rest and in transit.






4. Prevent disclosure - privacy






5. Different keys for encryption and decryption; two keys private and public Encrypt with private- unencrypt with privateor encrypt with public- decrypt with private. Use of private ensures non repudiation; without confidentiality-becomes the digital si






6. Used with keys; do not need to be encypted; required to prevent defeat of keyspace through pattern analysis






7. Advanced Encryption Standard






8. variable block and key sizes 128; 192; 256; uses a variable number of rounds; has low memory requirements; easy to defend against timing attacks; implemented in software; hardware is costly.






9. Binary operation that adds bits together; plaintext is XORed with a random keystream to generate cyphertext






10. Output feedback; emulates stream cipher; similar to CFB except qty XORed; with each plaintext block; IV used as a seed; then keystream used as IV in continuing process






11. Monsidered unbreakable- each pad made up of truly random values; used once; securely distributed- protected at sender and reciever sites






12. Spartans - wrapped around rod.






13. Provided by mixing up the location of plaintext throughout the cipher






14. One-way - difficult to solve - uses factorization - private key can compute the public key






15. NIST and NSA - 160 bit digest






16. Mipher added to plaintext to encrypt






17. 32 to 448 bit key - Schneier






18. Block based - adds padding - same key - same clear = same ciphertext






19. Secret sequence of bits and instructions used to encrypt/decrypt






20. Caesar cipher - scytale - Blaise de vigenere - vernam cipher






21. International Data Enc Algorithm - 64 bit block - 128 bit key






22. No plaintext exposure; encrypted at source; VPN; SSL ;SSH






23. RC(x) - 32 - 64 - 128 bit blocks - key max at 2048 bits






24. Formula is public; used to creat checksums; message digests; or integrity check values






25. Has authority to remove keys from escrow;






26. Based on Dif Hel; provides encrypt; dig sig; and key exchange; discrete logarithms-easy to reverse engineer; main drawback is performance- slower than other algorithms






27. Storage of keys and certs for extended period of time-normally performed by CA a trusted third party; or key holder






28. Carlisle Adams and Stafford Tavares; CAST 128 64 bit block cipher-uses keys between 48 and 128 bit lengths 12 to 16 rounds of operations CAST 256 uses 48 rounds; of 128; 192; 160; 224; 256






29. Secret; single; conventional; session; shared; private






30. Both parties have same key(kept secret) exchage keys before comms begins; faster than asymmetric crypto; best suited for bulk encryption; N(N-1)/2 is the number of keys needed; File Encryption Key (FEK)






31. Confidentiality - Authentication - Non-Repudiation






32. Measar cipher






33. Science of protecting information by encoding it






34. Integrity






35. Each pair of entities must receive in secure fashion; requires more overhead than worth; key distro challenging- sender recievermust be on the same sheet






36. Replaces bits characters and block s with differecnt values






37. SHA - RSA - Eliptical Curve (ECDSA)






38. Data in readable format- red side






39. DES - 3des - aes - idea - two fish - rc4 - blow fish






40. 1996 - crypto is protected in agreement.






41. Keys needed to decrypt cyphertext so an authorized third party can gain access






42. Similar to OFB-insteat of a static IV- a counter is incremented with each data block ;each block XORed with unique keystream value; no chaining; encryption of block s can happen in parallel used in IPSEc and implemented in 802.11i wireless






43. Message Authentication codes; aka message integrity code; modification detection code; cryptographic checksum; generated by running message through secret key(DES CBC) MAC is the last block generated by algorithm 64 bit






44. Instance when two keys keys generate the same ciphertext from same plaintext






45. Link Encryption and end to end encryption






46. Single authority trust; heirarchal trust; web of trust; hybrid cross certificationusesd in businesses to trust each others CA's; and DISA Model Root; intermediate; leaf at the local levels






47. Process of properly destroying keys at end of userful loife






48. Encryption - decryption - signing - verifying






49. Published document describing: howa CA is structured;which standards are used and how certs are managed






50. First public key algorithm; not used for message encrypt or digital signatures; uses large prime numbers; requires both sender and reciever to have key pairs; vulnerable to man in the middle attacks