Term
The process of scrambling, mixing up or changing data in a way that makes it unreadable to anyone but the owner or intended recipient. (pg. 354)
A. Authentication
B. Nonrepudiation
C. Encryption
D. Ciphering |
|
Definition
C. The encrypted data is scrambled and unscrambled with cryptographic keys.
Authentication verifies that the right person is accessing the data.
Nonrepudiation traces actions back to specific users.
A cipher is a way to encrypt data, but not necessarily the process. |
|
|
Term
The process that guarantees that the data received is the same as originally sent. (pg. 354)
A. Encryption
B. Authentication
C. Algorithm
D. Integrity |
|
Definition
D. Integrity is designed to cover situations in which someone intercepts your data on-the-fly and makes changes.
Encryption makes data unreadable to unintended viewers.
An algorithm is the mathematical formula that underlies the cipher. |
|
|
Term
Not being able to deny having taken a specific action. (pg. 354)
A. Event tracking
B. Integrity
C. Activity monitoring
D. Nonrepudiation |
|
Definition
D. Non repudiation
Integrity guarantees that the data received is the same as originally sent.
Event tracking and activity monitoring are concepts that exist, but weren't the specific terms that applied. |
|
|
Term
When it comes to TCP/IP security, ___ combine encryption, integrity, non-repudiation, authentication and authorization to create complete security solutions in a way that makes sense for their specific purpose. (pg. 354)
A. Anti-malware applications
B. Protocols
C. Security suites
D. Policies |
|
Definition
B. Protocols
Anti-malware apps and security suites may have features to help secure TCP/IP but are usually designed for an entire OS.
Policies is almost a synonym for protocols, but the latter is the more commonly used term. |
|
|
Term
What is the difference between cleartext, plaintext and ciphertext? (pg. 355)
|
|
Definition
| Cleartext is data that hasn't yet been encrypted. Plaintext is any data that passes through a cipher, even if it has already been encrypted. Running it through a cipher algorithm using a key generates the encrypted ciphertext. |
|
|
Term
Any encryption that uses the same key for both encryption and decryption is called ___ encryption. Any encryption that uses different keys for encryption and decryption is called ____ encryption. (pg. 358)
A. uniform, diverse
B. symmetric, asymmetric
C. unicode, multicode
D. static, dynamic |
|
Definition
| B. Symmetric and asymmetric encryption |
|
|
Term
A method of cryptography that uses two different keys. (pg. 359)
A. stream cipher
B. checksum
C. AES
D. public-key |
|
Definition
D. Public-key cryptography uses a public-key for encryption and a private key for decryption. This key pair is generated at the same time and is designed to work together.
Stream cipher and AES (Advanced Encryption Standard) are both symmetric-key encryption methods.
A checksum is an error-detection method that enables the receiver to detect the corruption of network packets. |
|
|
Term
A mathematical function ran on a string of binary digits of any length that results in a value of some fixed length. (pg. 361)
A. message digest
B. stream cipher
C. hash
D. checksum |
|
Definition
C. A cryptographic hash function will always be the same length no matter how long or short the input and is a irreversible, meaning the original data from the hash can't be recreated.
A message digest and checksum are the same thing: the fixed-length value created from the hash after its run.
A stream cipher is a form of symmetric encryption in which each bit is encrypted one at a time on the fly. |
|
|
Term
A digitally signed electronic document issued by a trusted third party attesting to the identity of the holder of a specific cryptographic public key. (pg. 366)
A. Key Distribution Center
B. certificate
C. digital signature
D. Access Control List |
|
Definition
B. A certificate includes a public key, some info about the file, and the digital signature of the trusted third party.
The other options are either a system in Kerberos (Key Distribution Center), secure part of message (digital signature) or list (Access Control List). Their names hint that they aren't documents. |
|
|
Term
The system for creating and distributing digital certificates issued by trusted third parties such as Let's Encrypt, Go Daddy, or Sectigo. (pg. 370)
A. digital authority
B. DigiCert
C. public-key authority
D. certificate authority |
|
Definition
C. A public-key authority is a hierarchy that consists of a root certificate authority (CA), with intermediate CAs between the root and the issued certificates.
DigiCert is a well-known CA that can act as the root and issue certificates. |
|
|
