- You need to reduce the likelihood that an unauthorised person can piggyback their way into your data centre. Which of the following is the BEST way to ensure this?
(a) Retina scanners
(b) Security awareness training
(c) Magnetically locked doors with PIN pad access
(d) Fingerprint activated locks
(e) Mantrap
Answer:
(e)
Explanation:
(a), (c) & (d) would not prevent an adversary piggybacking an authorised user
(b) Security awareness training is a basic requirements, can help increase vigilance of users and reduce piggybacking incidents, but some users are apathetic/ignorant to security so this will not ensure piggybacking doesn’t happen.
(e) Mantraps can be expensive but are a very good physical access control that mitigates piggybacking
Remember that tailgating = following an authorised user without their consent or knowledge, and piggybacking = being allowed through a secured entrance by an authorised user (e.g. under false pretences/social engineering). However, a mantrap prevents against both, as the user will need to be authenticated before the nextdoor opens, at which point the security guard will deny access as there’s a “piggybacker”. Some mantraps even incorporate weighing scales to detect if there is more than one person trying to get through.
- How many possible keys exist in a 4-bit key space?
(a) 4
(b) 8
(c) 16
(d) 128
Answer:
(c)
Explanation:
An n-bit key space contains 2n keys; 24 = 16.
- What block size is used by the 3DES encryption algorithm?
(a) 32 bits
(b) 64 bits
(c) 128 bits
(d) 256 bits
Answer:
(b)
Explanation:
3DES uses the same encryption algorithm as DES, albeit three times, so the block size is the same: 64 bits (though the key size doubles or triples from 56 to 112 or 128 bit depending on the mode)
- Which of the following DES operating modes can be used for large messages with the assurance that an error early in the encryption/decryption process won’t spoilt results throughout the communication
(a) Cipher Block Chaining (CBC)
(b) Electronic Code Book (ECB)
(c) Cipher Feedback (CFB)
(d) Output Feedback (OFB)
Answer:
(d)
Explanation:
Neither ECB or OFB propagate errors, but ECB is not suitable for large messages.
- How many keys are required to fully implement a symmetric algorithm with 10 participants?
(a) 10
(b) 20
(c) 45
(d) 100
Answer:
(c)
Explanation:
Fully implementing a symmetric algorithm with n participants requires ((n * (n – 1)) / 2 separate keys.
- What block size is used by AES?
(a) 32 bits
(b) 64 bits
(c) 128 bits
(d) Variable
Answer:
(c)
Explanation:
AES uses a fixed block size of 128 bits, although the underlying Rijndael algorithm supports variable block sizes.
- How many encryption keys are required to fully implement an asymmetric algorithm with 10 participants?
(a) 10
(b) 20
(c) 45
(d) 100
Answer:
(b)
Explanation:
In an asymmetric cryptosystem, each participant requires two keys.
- Which cryptographic algorithm forms the basis of the El Gamal cryptosystem?
(a) RSA
(b) Diffie-Hellman
(c) 3DES
(d) IDEA
Answer:
(b)
Explanation:
The El Gamal cryptosystem extends the functionality of the Diffie-Hellman key exchange protocol to support the encryption & decryption of messages.
- If a 2,048-bit plaintext message were encrypted with the El Gamal public key cryptosystem, how long would the resulting ciphertext message be?
(a) 1,024 bits
(b) 2,048 bits
(c) 4,096 bits
(d) 8,192 bits
Answer:
(c)
Explanation:
El Gamal doubles the length of any message it encrypts. This is its major disadvantage.
- What ECC key length is equivalent to a 1,024-bit RSA key?
(a) 160 bits
(b) 512 bits
(c) 1,024 bits
(d) 2,048 bits
Answer:
(a)
- Comment
- Reblog
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
My CISSP Notes 