100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CISSP Cram Test Questions_ Domain 7 - Security Engineering $11.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. Tests
  4.  
  5. Tests
  6.  
  7. Tests

Exam (elaborations)

CISSP Cram Test Questions_ Domain 7 - Security Engineering
 2 views  0 purchase
  • Course
  • Tests
  • Institution
  • Tests

CISSP Cram Test Questions_ Domain 7 - Security Engineering

Preview 3 out of 16  pages

Document information

  • July 4, 2024
  • 16
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cissp cram test questions domain 7 security eng

Written for

  • Tests
All documents for this subject (1057)

Seller

avatar-seller
EXAMQA

Reviews received

Content preview

CISSP Cram Test Questions: Domain 7 -
Security Engineering

The RSA algorithm is an example of what type of cryptography? - ANS-Asymmetric Key.

Kerberos depends upon what encryption method? - ANS-Secret Key cryptography.

The DES algorithm is an example of what type of cryptography? - ANS-Secret Key

Which of the following encryption methods is known to be unbreakable? -
ANS-One-time pads.

What algorithm was DES derived from? - ANS-Lucifer.

What is a characteristic of using the Electronic Code Book mode of DES encryption? -
ANS-A given block of plaintext and a given key will always produce the same ciphertext.

Where parties do not have a shared secret and large quantities of sensitive information
must be passed, the
most efficient means of transferring information is to use Hybrid Encryption Methods.
What does this mean? - ANS-Use of public key encryption to secure a secret key, and
message encryption using the secret key.

Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The
originator encrypts
information using the intended recipient's "public" key in order to get confidentiality of
the data being sent. The
recipients use their own "private" key to decrypt the information. The "Infrastructure" of
this methodology
ensures that: - ANS-The recipient's identity can be positively verified by the sender.

Which of the following DoD Model layer provides non-repudiation services? -
ANS-application layer.

Which of the following statements is true about data encryption as a method of
protecting data? - ANS-It requires careful key management

,Which type of algorithm is considered to have the highest strength per bit of key length
of any of the
asymmetric algorithms? - ANS-Elliptic Curve Cryptography (ECC)

How many bits is the effective length of the key of the Data Encryption Standard
algorithm? - ANS-56

The primary purpose for using one-way hashing of user passwords within a password
file is which of the
following? - ANS-It prevents an unauthorized person from reading the password.

Which of the following issues is not addressed by digital signatures? -
ANS-denial-of-service

Brute force attacks against encryption keys have increased in potency because of
increased computing power.
Which of the following is often considered a good protection against the brute force
cryptography attack? - ANS-The use of session keys.

The Data Encryption Standard (DES) encryption algorithm has which of the following
characteristics? - ANS-64 bit blocks with a 64 bit total key length

PGP uses which of the following to encrypt data? - ANS-A symmetric encryption
algorithm

A public key algorithm that does both encryption and digital signature is which of the
following? - ANS-RSA

Which of the following is NOT true of Secure Sockets Layer (SSL)? - ANS-By
convention it uses 's-http://' instead of 'http://'.

There are parallels between the trust models in Kerberos and Public Key Infrastructure
(PKI). When we
compare them side by side, Kerberos tickets correspond most closely to which of the
following? - ANS-public-key certificates

Which of the following identifies the encryption algorithm selected by NIST for the new
Advanced Encryption
Standard? - ANS-Rijndael

, Compared to RSA, which of the following is true of Elliptic Curve Cryptography(ECC)? -
ANS-It is believed to require shorter keys for equivalent security.

What are the three most important functions that Digital Signatures perform? -
ANS-Integrity, Authentication and Nonrepudiation

Which of the following protocols that provide integrity and authentication for IPSec, can
also provide nonrepudiation
in IPSec? - ANS-Authentication Header (AH)

Which of the following is a cryptographic protocol and infrastructure developed to send
encrypted credit card
numbers over the Internet? - ANS-Secure Electronic Transaction (SET)

Which of the following cryptographic attacks describes when the attacker has a copy of
the plaintext and the
corresponding ciphertext? - ANS-known plaintext

Which of the following is NOT a true statement regarding the implementaton of the
3DES modes? - ANS-DES-EEE1 uses one key

Which one of the following is a key agreement protocol used to enable two entities to
agree and generate a
session key (secret key used for one session) over an insecure medium without any
prior secrets or
communications between the entities? The negotiated key will subsequently be used for
message encryption
using Symmetric Cryptography. - ANS-Diffie_Hellmann

Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher
was based on? - ANS-Caesar

In a known plaintext attack, the cryptanalyst has knowledge of which of the following? -
ANS-both the plaintext and the associated ciphertext of several messages

What is the length of an MD5 message digest? - ANS-128 bits

The Secure Hash Algorithm (SHA-1) creates: - ANS-a fixed length message digest from
a variable length input message

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller EXAMQA. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $11.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

70840 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$11.49
  • (0)
  Add to cart