Test your basic knowledge |

CISSP Crypto Domain

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Replaces bits characters and block s with differecnt values






2. Upgrade to DES; Replaced by AES; takes three times longer to encrypt






3. Confidentiality - Authentication - Non-Repudiation






4. Certificate Authority; registration authority offloads work; validates identity; distributes key; certificate server maintains repository that stores certificates






5. Polyalphabetic - substitution - 2d grid of alphabet






6. Based on probability with 23 people 50% chance 2 will have same birthday






7. Similar to OFB-insteat of a static IV- a counter is incremented with each data block ;each block XORed with unique keystream value; no chaining; encryption of block s can happen in parallel used in IPSEc and implemented in 802.11i wireless






8. Message Authentication codes; aka message integrity code; modification detection code; cryptographic checksum; generated by running message through secret key(DES CBC) MAC is the last block generated by algorithm 64 bit






9. Malled online encryption or traffic flow security- implemented in hardware' encrypts all traffic in a single path






10. 128 bit digest






11. Rives Shamir; adleman- based on factoring of large prime numbers-encrypt-dig sig- and key exchange variable key length 512 to 4096- strong but slow; 100 times slower than software; 1000-10000 slower than hardware encryption






12. Output feedback; emulates stream cipher; similar to CFB except qty XORed; with each plaintext block; IV used as a seed; then keystream used as IV in continuing process






13. First public key algorithm; not used for message encrypt or digital signatures; uses large prime numbers; requires both sender and reciever to have key pairs; vulnerable to man in the middle attacks






14. Hardware - software - and policies (security association) -






15. Authentication and integrity - needed when... At rest and in transit.






16. One-way - difficult to solve - uses factorization - private key can compute the public key






17. Advanced Encryption Standard






18. Letters represented by numerical place in the alphabet






19. One key - only confidentiality






20. Provided by mixing key values during repeated rounds of encryption






21. Similar to RSA - very efficient for low end hardware/limited processing power.






22. Data in readable format- red side






23. key storage;escrow;archival;recovery agend;multiple key pairs






24. 32 to 448 bit key - Schneier






25. Hash Mess Auth Code (512bit MD5; SHA-1); calculated using a hash function with secret key- shared key appended to data shared faster than DES CBC- used in IPSEC SSL/TLS and SSH






26. Prove knowledge of a fact to a third party without revealing the fact itself






27. RC(x) - 32 - 64 - 128 bit blocks - key max at 2048 bits






28. Rearranges bits or bytes






29. Secret sequence of bits and instructions used to encrypt/decrypt






30. Monsidered unbreakable- each pad made up of truly random values; used once; securely distributed- protected at sender and reciever sites






31. Looks for patterns in ciphertext to discover the key.






32. Based on Dif Hel; provides encrypt; dig sig; and key exchange; discrete logarithms-easy to reverse engineer; main drawback is performance- slower than other algorithms






33. Single authority trust; heirarchal trust; web of trust; hybrid cross certificationusesd in businesses to trust each others CA's; and DISA Model Root; intermediate; leaf at the local levels






34. Modified md5 - v means "variable"






35. Instance when two keys keys generate the same ciphertext from same plaintext






36. Credentials that allow verification; contains serial no; ident info; dig signature;lifetime dates;public key of the cert holder






37. SHA - RSA - Eliptical Curve (ECDSA)






38. Digital signature standard; performs integrity by SHA; uses DSA; RSA;Elyp CurveDSA






39. Storage of keys and certs for extended period of time-normally performed by CA a trusted third party; or key holder






40. Formula is public; used to creat checksums; message digests; or integrity check values






41. Carlisle Adams and Stafford Tavares; CAST 128 64 bit block cipher-uses keys between 48 and 128 bit lengths 12 to 16 rounds of operations CAST 256 uses 48 rounds; of 128; 192; 160; 224; 256






42. Rivest-Shamir-Adleman - factorization - used for encryption - key exchange and digital signature.






43. Secret; single; conventional; session; shared; private






44. MD5 - SHA1






45. Measar cipher






46. Asymmetric enc + Hash - validity of message - non repudiation






47. 128 bit encryption; on 16 rounds of encryption; key size of 64 bits 8 parity; 56 bits long






48. NIST and NSA - 160 bit digest






49. Mipher added to plaintext to encrypt






50. Published document describing: howa CA is structured;which standards are used and how certs are managed