1、CISSP and SSCP Open Study GROUP Online Quizzer CISSP and SSCP Open Study GROUP Online Quizzer Question 1640|Difficulty level:3/5|Relevancy:3/31.Which of the following is NOT a property of a one-way hash function?It converts a message of a fixed length into a message digest of arbitrary length.It is
2、computationally infeasible to construct two different messages with the same digest.It converts a message of arbitrary length into a message digest of a fixed length.Given a digest value,it is computationally infeasible to find the corresponding message.You did not provide any answer to this questio
3、n.Please review details below.DetailsSubmit a comment on this questionSource:TIPTON,Hal,(ISC)2,Introduction to the CISSP ExamIntroduction to the CISSP Exam presentation.Available at http:/www.cccure.org.Contributor:Contributor:Hal Tipton Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK
4、 domain#5-Cryptography Covered topic:Covered topic:Message digests and hash functions This question Copyright 2003 Hal Tipton,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 1021|Difficulty level:3/5|Relevancy
5、:3/32.What uses a key of the same length as the message?Running key cipher One-time pad Steganography Cipher block chaining You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionA one-time pad is an encryption scheme using a random key of
6、 the same size as the message and is used only once.It is said to be unbreakable,even with infinite resources.A running key cipher uses articles in the physical world rather than an electronic algorithm.Steganography is a method where the very existence of the message is concealed.Cipher block chain
7、ing is a DES operating mode.Source:HARRIS,Shon,All-In-One CISSP Certification Exam Guide,McGraw-Hill/Osborne,2002,chapter 8:Cryptography(page 555).Contributor:Contributor:Christian V閦ina Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topic:Covered topic:
8、One-time pads This question Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.页码,1/94CISSP and SSCP Open Study GROUP Online Quizzer2006-1-8file:/E:CISSPcccured5.htmNo unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 1321|Difficulty
9、level:4/5|Relevancy:3/33.In a SSL session between a client and a server,who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?Both client and server The clients browser The web server The merchants Certific
10、ate Server You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionOnce the merchant server has been authenticated by the browser client,the browser generates a master secret that is to be shared only between the server and client.This secr
11、et serves as a seed to generate the session(private)keys.The master secret is then encrypted with the merchants public key and sent to the server.The fact that the master secret is generated by the clients browser provides the client assurance that the server is not reusing keys that would have been
12、 used in a previous session with another client.Source:ANDRESS,Mandy,Exam Cram CISSP,Coriolis,2001,Chapter 6:Cryptography(page 112).Also:HARRIS,Shon,All-In-One CISSP Certification Exam Guide,McGraw-Hill/Osborne,2001,page 569.Contributors:Contributors:Christian V閦ina,Will Harmon Study areas:Study are
13、as:CISSP CBK domain#2-Telecommunication and Network Security,CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topic:Covered topic:Secure Sockets Layer(SSL)This question Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.No unauthorized use or duplication without expl
14、icit written permission of author and of cccure.org.Question 388|Difficulty level:3/5|Relevancy:3/34.What kind of Encryption technoloy VeriSIGNs SSL utilize?Secret key Hybrid:Symmetric and asymmetric cryptography Public Key Asymmetric key You did not provide any answer to this question.Please review
15、 details below.DetailsSubmit a comment on this questionVeriSigns SSL use public-key cryptography to secure session key,while session key(private key)to secure communication between both parties.Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topics(2):Cov
16、ered topics(2):Hybrid cryptography,Secure Sockets Layer(SSL)This question Copyright 2003 cccure.org.All rights reserved.No unauthorized 页码,2/94CISSP and SSCP Open Study GROUP Online Quizzer2006-1-8file:/E:CISSPcccured5.htmuse or duplication without explicit written permission of author and of cccure
17、.org.Question 669|Difficulty level:3/5|Relevancy:3/35.Which of the following algorithms does*NOT*provide hashing?SHA-1 MD2 RC4 MD5 You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionRons Code 4(RC4)is an algorithm used for encryption a
18、nd does not provide hashing functions.Source:HARRIS,Shon,All-In-One CISSP Certification Exam Guide,McGraw-Hill/Osborne,2002,Chapter 8:Cryptography(page 550).Contributor:Contributor:Christian V閦ina Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topic:Cove
19、red topic:Message digests and hash functions This question Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 1122|Difficulty level:4/5|Relevancy:3/36.Which of the following is not
20、provided by a public key infrastructure(PKI)?Access control Integrity Authentication Reliability You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionA Public Key Infrastructure(PKI)provides confidentiality,access control,integrity,authe
21、ntication and non-repudiation.It does not provide reliability.Source:TIPTON,Hal,(ISC)2,Introduction to the CISSP ExamIntroduction to the CISSP Exam presentation.Available at http:/www.cccure.org.Contributor:Contributor:Christian V閦ina Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK do
22、main#5-Cryptography Covered topic:Covered topic:Public key infrastructure(PKI)This question Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 1576|Difficulty level:2/5|Relevancy:3/
23、37.Who vouches for the binding between the data items in a digital certificate?Registration authority Certification authority页码,3/94CISSP and SSCP Open Study GROUP Online Quizzer2006-1-8file:/E:CISSPcccured5.htm Issuing authority Vouching authority You did not provide any answer to this question.Ple
24、ase review details below.DetailsSubmit a comment on this questionA certification authority(CA)is an entity that issues digital certificates(especially X.509 certificates)and vouches for the binding between the data items in a certificate.An issuing authority could be considered a correct answer,but
25、not the best answer,since it is too generic.Source:SHIREY,Robert W.,RFC2828:Internet Security Glossary,may 2000.Contributor:Contributor:Christian V閦ina Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topic:Covered topic:Certification authorities(CA)This q
26、uestion Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 1572|Difficulty level:4/5|Relevancy:3/38.Which of the following binds a subject name to a public key value?A public-key ce
27、rtificate A public key infrastructure A Certificate Authority A private key You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionA public-key certificate binds a subject name to a public key value.Source:SHIREY,Robert W.,RFC2828:Internet
28、 Security Glossary,may 2000.Contributor:Contributor:Christian V閦ina Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topic:Covered topic:X.509 Digital certificates This question Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.No unauthorized
29、use or duplication without explicit written permission of author and of cccure.org.Question 1639|Difficulty level:2/5|Relevancy:3/39.In what way does the Rivest-Shamir-Adleman algorithm differ from the Data Encryption Standard?It is based on a symmetric algorithm.It uses a public key for encryption.
30、It eliminates the need for a key-distribution center.It cannot produce a digital signature.You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionThe first answer is wrong because it is based on an asymmetric algorithm.The 页码,4/94CISSP and
31、 SSCP Open Study GROUP Online Quizzer2006-1-8file:/E:CISSPcccured5.htmthird option is wrong because often a third party creates and distributes the key pairs;thereby acting as a key distribution center.The last option is wrong because it can produce a digital signature.Source:TIPTON,Hal,(ISC)2,Intro
32、duction to the CISSP ExamIntroduction to the CISSP Exam presentation.Available at http:/www.cccure.org.Contributor:Contributor:Hal Tipton Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topics(2):Covered topics(2):Rivest Shamir Adleman(RSA),Public vs secr
33、et cryptography This question Copyright 2003 Hal Tipton,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 280|Difficulty level:3/5|Relevancy:3/310.Microsoft and Netscape offer two version of Web browser,export a
34、nd domestic.Which of the following differentiates the versions?The browser for domestic market uses 40-bit encryption and the browser for international market uses 128-bit encryption.The browser for domestic market uses 128-bit encryption and the browser for international market uses 64-bit encrypti
35、on.The browser for domestic market uses 128-bit encryption and the browser for international market uses 40-bit encryption.The browser for domestic market uses 64-bit encryption and the browser for international market uses 96-bit encryption.You did not provide any answer to this question.Please rev
36、iew details below.DetailsSubmit a comment on this questionSource:Building E-Commerce Infrastructure,White Paper from Verisign,Page 11 section-SSL Strength 40-bit and 128-bit SSL.Contributor:Contributor:Jamil Siddique Study areas:Study areas:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptogra
37、phy,CISSP CBK domain#9-Law,Investigations,and Ethics Covered topics(3):Covered topics(3):Secure Sockets Layer(SSL),Import/export laws,Computer lawsThis question Copyright 2003 Jamil Siddique,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of auth
38、or and of cccure.org.Question 1591|Difficulty level:5/5|Relevancy:3/311.Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys that are used to encrypt data in IP packets?Internet Security Association and Key Management Protocol(I
39、SAKMP)Simple Key-management for Internet Protocols(SKIP)Diffie-Hellman Key Distribution Protocol IPsec Key exchange(IKE)You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this question页码,5/94CISSP and SSCP Open Study GROUP Online Quizzer2006-1-8fil
40、e:/E:CISSPcccured5.htmRFC 2828(Internet Security Glossary)defines SKIP as a key distribution protocol that uses hybrid encryption to convey session keys that are used to encrypt data in IP packets.ISAKMP is an Internet IPsec protocol to negotiate,establish,modify,and delete security associations,and
41、 to exchange key generation and authentication data,independent of the details of any specific key generation technique,key establishment protocol,encryption algorithm,or authentication mechanism.IKE is an Internet,IPsec,key-establishment protocol(partly based on OAKLEY)that is intended for putting
42、in place authenticated keying material for use with ISAKMP and for other security associations,such as in AH and ESP.Source:SHIREY,Robert W.,RFC2828:Internet Security Glossary,may 2000.Contributor:Contributor:Christian V閦ina Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cry
43、ptography Covered topic:Covered topic:Simple Key Management for Internet Protocols(SKIP)This question Copyright 2003 Christian V閦ina,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 331|Difficulty level:3/5|Rel
44、evancy:3/312.Which of the following would best describe certificate path validation?verification of the validity of all certificates of the certificate chain till the root certificate verification of the integrity of the associated root certificate verification of the integrity of the concerned priv
45、ate key verification of the revocation status of the concerned certificate You did not provide any answer to this question.Please review details below.DetailsSubmit a comment on this questionReference:FORD,Warwick&BAUM,Michael S.,Secure Electronic Commerce:Building the Infrastructure for Digital Sig
46、natures and Encryption(2nd Edition),2000,Prentice Hall PTR,Page 262.Contributor:Contributor:Claus Stark and his wife Shubhangi Study area:Study area:CISSP CBK domain#5-CryptographyCISSP CBK domain#5-Cryptography Covered topic:Covered topic:Certification authorities(CA)This question Copyright 2003 Cl
47、aus Stark and his wife Shubhangi,cccure.org.All rights reserved.No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question 1410|Difficulty level:3/5|Relevancy:3/313.Which of the following statements pertaining to link encryption is false?It encrypts a
48、ll the data along a specific communication path.It provides protection against packet sniffers and eavesdroppers.Information stays encrypted from one end of its journey to the other.User information,header,trailers,addresses and routing data that are part of the packets are encrypted.You did not pro
49、vide any answer to this question.Please review details below.DetailsSubmit a comment on this question页码,6/94CISSP and SSCP Open Study GROUP Online Quizzer2006-1-8file:/E:CISSPcccured5.htmWhen using link encryption,packets have to be decrypted at each hop and encrypted again.Information staying encry
50、pted from one end of its journey to the other is a characteristic of end-to-end encryption,not link encryption.Source:WALLHOFF,John,CBK#5 CryptographyCBK#5 Cryptography(CISSP Study Guide),April 2002(page 6).Available at http:/www.cccure.org.Contributor:Contributor:Christian V閦ina Study areas:Study a
