Test your basic knowledge |

CISSP Crypto Domain

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Set symbol size usually 64 bits






2. Cert Revocation List- identifies Certs that are no longer recognized; maintained and updated periodically; Browsers use OCSP for updates.






3. Centralized key mgt key issuer; keeps copy of keys or decentralized key mgt; end user generates keys and submits to CA;does not provide for key escrow; no recovery possible






4. Stream based - also uses prior cypher text to seed






5. 128 bit digest






6. Published document describing: howa CA is structured;which standards are used and how certs are managed






7. Rives Shamir; adleman- based on factoring of large prime numbers-encrypt-dig sig- and key exchange variable key length 512 to 4096- strong but slow; 100 times slower than software; 1000-10000 slower than hardware encryption






8. Block based - adds padding - same key - same clear = same ciphertext






9. Scrambled version of the alphabet






10. No plaintext exposure; encrypted at source; VPN; SSL ;SSH






11. Pro's: key management cons: speed/file size






12. Instance when two keys keys generate the same ciphertext from same plaintext






13. International Data Encryption Algorithm- operateson 64 bit blocks-uses 128 bit key and is faster than DES; used in PGP and other software; no successful attacks






14. Certificate Authority; registration authority offloads work; validates identity; distributes key; certificate server maintains repository that stores certificates






15. Hardware - software - and policies (security association) -






16. Rearrances the bits characters or character blocks






17. Data Encryption Standard (DES) 5 Block Modes; Trple DES runs through it three times; Blowfish; IDEA; RC4; RC5






18. Credentials that allow verification; contains serial no; ident info; dig signature;lifetime dates;public key of the cert holder






19. Cipher Block Chaining- most common mode of DES loaded sequenctially- XORed using 64 bit initialization vector- first ciphertext XORed with next text block- since IV different;ciphertext different






20. First public key exchange system - users exchange keys over insecure medium.






21. Different keys for encryption and decryption; two keys private and public Encrypt with private- unencrypt with privateor encrypt with public- decrypt with private. Use of private ensures non repudiation; without confidentiality-becomes the digital si






22. Public algorithm - private key.






23. Eliptical Curve Cryptography; encryption; dig signatures and key exchange;highest strength per bit of key length; most efficient;160 bit el gamal= 1024 RSA-used in wireless devices use






24. Science of protecting information by encoding it






25. Integrity Check Value-makes the hash with the hash algorithm






26. Numeric seeding value used to with a symmetric key to provide randomness






27. Similar to OFB-insteat of a static IV- a counter is incremented with each data block ;each block XORed with unique keystream value; no chaining; encryption of block s can happen in parallel used in IPSEc and implemented in 802.11i wireless






28. Setting policies; protecting keys; key recovery; responding to key compromise; keys long enough to prevent attack; cryptoperiod: key lifetimes






29. 32 to 448 bit key - Schneier






30. characters are substituted or shifted






31. Stream based - errors do not propagate across blocks






32. Binary operation that adds bits together; plaintext is XORed with a random keystream to generate cyphertext






33. RC(x) - 32 - 64 - 128 bit blocks - key max at 2048 bits






34. Mipher added to plaintext to encrypt






35. Estimated time resources to break a cryptosystem






36. International Data Enc Algorithm - 64 bit block - 128 bit key






37. SHA - RSA - Eliptical Curve (ECDSA)






38. Relies on finding weaknesses in the hashing algorithm






39. 256 or 512-bit digest






40. Single authority trust; heirarchal trust; web of trust; hybrid cross certificationusesd in businesses to trust each others CA's; and DISA Model Root; intermediate; leaf at the local levels






41. variable block and key sizes 128; 192; 256; uses a variable number of rounds; has low memory requirements; easy to defend against timing attacks; implemented in software; hardware is costly.






42. Provided by mixing key values during repeated rounds of encryption






43. Study of both cryptography and cryptanalysis






44. Letters represented by numerical place in the alphabet






45. Similar to RSA - very efficient for low end hardware/limited processing power.






46. RSA; El Gamal; ECC; Diffe Hellman; DSA






47. Buries a message by taking the least significant bit of evvery byte to carry the message; hide a message in another message. Graphics; sound files; alternated used in corporate espionage






48. Has authority to remove keys from escrow;






49. A specific proceedure






50. Science of breakin the code