Test your basic knowledge |

CISSP Crypto Domain

  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Storage of keys and certs for extended period of time-normally performed by CA a trusted third party; or key holder

2. One time pad - random key - one use - unbreakable

3. Stream based - errors do not propagate across blocks

4. variable block and key sizes 128; 192; 256; uses a variable number of rounds; has low memory requirements; easy to defend against timing attacks; implemented in software; hardware is costly.

5. Eliptical Curve Cryptography; encryption; dig signatures and key exchange;highest strength per bit of key length; most efficient;160 bit el gamal= 1024 RSA-used in wireless devices use

6. Based on diffie-hellman - encryption - digital signatures and key exchange.

7. Secret; single; conventional; session; shared; private

8. Malled online encryption or traffic flow security- implemented in hardware' encrypts all traffic in a single path

9. Credentials that allow verification; contains serial no; ident info; dig signature;lifetime dates;public key of the cert holder

10. Mipher added to plaintext to encrypt

11. Data in readable format- red side

12. Used with keys; do not need to be encypted; required to prevent defeat of keyspace through pattern analysis

13. Upgrade to DES; Replaced by AES; takes three times longer to encrypt

14. No plaintext exposure; encrypted at source; VPN; SSL ;SSH

15. Process of properly destroying keys at end of userful loife

16. Letters represented by numerical place in the alphabet

17. Each pair of entities must receive in secure fashion; requires more overhead than worth; key distro challenging- sender recievermust be on the same sheet

18. First public key algorithm; not used for message encrypt or digital signatures; uses large prime numbers; requires both sender and reciever to have key pairs; vulnerable to man in the middle attacks

19. Keys needed to decrypt cyphertext so an authorized third party can gain access

20. Integrity Check Value-makes the hash with the hash algorithm

21. Rivest-Shamir-Adleman - factorization - used for encryption - key exchange and digital signature.

22. Estimated time resources to break a cryptosystem

23. Binary operation that adds bits together; plaintext is XORed with a random keystream to generate cyphertext

24. Spartans - wrapped around rod.

25. Large set of possible values used to construct keys

26. Uses asymmetric to figure out a key - symmetric used for large data encryption.

27. Output feedback; emulates stream cipher; similar to CFB except qty XORed; with each plaintext block; IV used as a seed; then keystream used as IV in continuing process

28. 64 bit blocks of data; variable key lengths

29. Modified md5 - v means "variable"

30. Buries a message by taking the least significant bit of evvery byte to carry the message; hide a message in another message. Graphics; sound files; alternated used in corporate espionage

31. Data Encryption Standard - 64 bit blocks - 56 bit key - 16 rounds - 4 modes

32. Keyword: integrity

33. RC(x) - 32 - 64 - 128 bit blocks - key max at 2048 bits

34. Centralized key mgt key issuer; keeps copy of keys or decentralized key mgt; end user generates keys and submits to CA;does not provide for key escrow; no recovery possible

35. Instance when two keys keys generate the same ciphertext from same plaintext

36. Placementof a secret copy in a secure location

37. 1996 - crypto is protected in agreement.

38. Hash Mess Auth Code (512bit MD5; SHA-1); calculated using a hash function with secret key- shared key appended to data shared faster than DES CBC- used in IPSEC SSL/TLS and SSH

39. RSA; El Gamal; ECC; Diffe Hellman; DSA

40. Data Encryption Standard (DES) 5 Block Modes; Trple DES runs through it three times; Blowfish; IDEA; RC4; RC5

41. Relies on finding weaknesses in the hashing algorithm

42. Block based - adds padding - same key - same clear = same ciphertext

43. Set of mathmatical rules used in encryption

44. Electronic Code Book Each block encrypted independently; 64 bits at a time; using same key; given message; always same ciphertext; susceptible to plaintext attack

45. Secret sequence of bits and instructions used to encrypt/decrypt

46. Broken

47. Prove knowledge of a fact to a third party without revealing the fact itself

48. Similar to RSA - very efficient for low end hardware/limited processing power.

49. OCSP; OSPF- routing protocol; Online Vulnerability Assessment Language; Orthogonal Frequency Division Multiplexing

50. Replaces bits characters and block s with differecnt values