Test your basic knowledge |

CISSP Crypto Domain

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 32 to 448 bit key - Schneier






2. Integrity Check Value-makes the hash with the hash algorithm






3. Single authority trust; heirarchal trust; web of trust; hybrid cross certificationusesd in businesses to trust each others CA's; and DISA Model Root; intermediate; leaf at the local levels






4. Public Key Infrastructure- Developed to provide standards for key generation; authentication; x.509 non used with Pretty Good Privacy; good private good "web of trust"






5. Operates on bits - higher speed - usually implemented in hardware.






6. Credentials that allow verification; contains serial no; ident info; dig signature;lifetime dates;public key of the cert holder






7. Message hidden within larger context.






8. Authentication and integrity - needed when... At rest and in transit.






9. RSA






10. Asymmetric enc + Hash - validity of message - non repudiation






11. Certificate Authority; registration authority offloads work; validates identity; distributes key; certificate server maintains repository that stores certificates






12. Online Certificate Status Protocol- used to query the CA; useful in large; complex environments; responds to a query with status of valid; suspended; or revoked






13. Hash Mess Auth Code (512bit MD5; SHA-1); calculated using a hash function with secret key- shared key appended to data shared faster than DES CBC- used in IPSEC SSL/TLS and SSH






14. Polyalphabetic - substitution - 2d grid of alphabet






15. Advanced Encryption Standard - replaced DES - Rijndael based - 128 - 192 - and 256 bit keys/blocks with 10 - 12 - 14 rounds resp.






16. Numeric seeding value used to with a symmetric key to provide randomness






17. Rivest-Shamir-Adleman - factorization - used for encryption - key exchange and digital signature.






18. Secret sequence of bits and instructions used to encrypt/decrypt






19. Cipher Block Chaining- most common mode of DES loaded sequenctially- XORed using 64 bit initialization vector- first ciphertext XORed with next text block- since IV different;ciphertext different






20. 64 bit blocks of data; variable key lengths






21. Estimated time resources to break a cryptosystem






22. Centralized key mgt key issuer; keeps copy of keys or decentralized key mgt; end user generates keys and submits to CA;does not provide for key escrow; no recovery possible






23. Replaces bits characters and block s with differecnt values






24. Scrambled version of the alphabet






25. Different keys for encryption and decryption; two keys private and public Encrypt with private- unencrypt with privateor encrypt with public- decrypt with private. Use of private ensures non repudiation; without confidentiality-becomes the digital si






26. Set symbol size usually 64 bits






27. Setting policies; protecting keys; key recovery; responding to key compromise; keys long enough to prevent attack; cryptoperiod: key lifetimes






28. 128 bit encryption; on 16 rounds of encryption; key size of 64 bits 8 parity; 56 bits long






29. Large set of possible values used to construct keys






30. 48 rounds - 2 or 3 keys - enc enc enc (EEE) - or enc dec enc (EDE)






31. SHA - RSA - Eliptical Curve (ECDSA)






32. Block based - adds padding - same key - same clear = same ciphertext






33. Similar to RSA - very efficient for low end hardware/limited processing power.






34. OCSP; OSPF- routing protocol; Online Vulnerability Assessment Language; Orthogonal Frequency Division Multiplexing


35. key storage;escrow;archival;recovery agend;multiple key pairs






36. Based on probability with 23 people 50% chance 2 will have same birthday






37. MD5 - SHA1






38. Keys needed to decrypt cyphertext so an authorized third party can gain access






39. Mipher added to plaintext to encrypt






40. No plaintext exposure; encrypted at source; VPN; SSL ;SSH






41. Eliptical Curve Cryptography; encryption; dig signatures and key exchange;highest strength per bit of key length; most efficient;160 bit el gamal= 1024 RSA-used in wireless devices use






42. Prove knowledge of a fact to a third party without revealing the fact itself






43. Malled online encryption or traffic flow security- implemented in hardware' encrypts all traffic in a single path






44. 1996 - crypto is protected in agreement.






45. Caesar cipher - scytale - Blaise de vigenere - vernam cipher






46. Relies on finding weaknesses in the hashing algorithm






47. Block based - Previous block seeds next blocks key






48. Published document describing: howa CA is structured;which standards are used and how certs are managed






49. Pro's: key management cons: speed/file size






50. DES - 3des - aes - idea - two fish - rc4 - blow fish