Eccouncil 212-81 Certified Encryption Specialist ECES Exam Practice Test

Page: 1 / 14
Total 206 questions
Question 1

Why is quantum computing a threat to RSA?



Answer : D


Question 2

Which of the following is used to encrypt email and create digital signatures?



Answer : D

RSA

https://en.wikipedia.org/wiki/RSA_(cryptosystem)

RSA usefor encryption email and create digital signatures


Question 3

Which one of the following is a component of the PKI?



Answer : A

CA

https://en.wikipedia.org/wiki/Certificate_authority

Certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party---trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.


Question 4

How can rainbow tables be defeated?



Answer : D

Password salting

https://en.wikipedia.org/wiki/Salt_(cryptography)#Benefits

Salts also combat the use of hash tables and rainbow tables for cracking passwords. A hash table is a large list of pre-computed hashes for commonly used passwords. For a password file without salts, an attacker can go through each entry and look up the hashed password in the hash table or rainbow table. If the look-up is considerably faster than the hash function (which it often is), this will considerably speed up cracking the file. However, if the password file is salted, then the hash table or rainbow table would have to contain 'salt . password' pre-hashed. If the salt is long enough and sufficiently random, this is very unlikely. Unsalted passwords chosen by humans tend to be vulnerable to dictionary attacks since they have to be both short and meaningful enough to be memorized. Even a small dictionary (or its hashed equivalent, a hash table) is significant help cracking the most commonly used passwords. Since salts do not have to be memorized by humans they can make the size of the rainbow table required for a successful attack prohibitively large without placing a burden on the users.


Question 5

A 160-bit hash algorithm developed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel for which there are 128, 256 and 320-bit versions is called what?



Answer : D

RIPEMD

https://en.wikipedia.org/wiki/RIPEMD

RIPEMD (RIPE Message Digest) is a family of cryptographic hash functions developed in 1992 (the original RIPEMD) and 1996 (other variants). There are five functions in the family: RIPEMD, RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320, of which RIPEMD-160 is the most common.

The original RIPEMD, as well as RIPEMD-128, is not considered secure because 128-bit result is too small and also (for the original RIPEMD) because of design weaknesses. The 256- and 320-bit versions of RIPEMD provide the same level of security as RIPEMD-128 and RIPEMD-160, respectively; they are designed for applications where the security level is sufficient but longer hash result is necessary.


Question 6

In relationship to hashing, the term _____refers to random bits that are used as one of the inputs to the hash. Essentially the ______ is intermixed with the message that is to be hashed



Answer : B

Salt

https://en.wikipedia.org/wiki/Salt_(cryptography)

A salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. Salts are used to safeguard passwords in storage. Historically a password was stored in plaintext on a system, but over time additional safeguards were developed to protect a user's password against being read from the system. A salt is one of those methods.

Incorrect answers:

Vector -Wrong!

IV-an initialization vector or starting variable (SV) is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom. Randomization is crucial for encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation. Randomization is also required for other primitives, such as universal hash functions and message authentication codes based thereon.

Stream -A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream. Since encryption of each digit is dependent on the current state of the cipher, it is also known as state cipher. In practice, a digit is typically a bit and the combining operation is an exclusive-or (XOR).


Question 7

You are explaining the details of the AES algorithm to cryptography students. You are discussing the derivation of the round keys from the shared symmetric key. The portion of AES where round keys are derived from the cipher key using Rijndael's key schedule is called what?



Answer : A

The key expansion phase

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

KeyExpansion -- round keys are derived from the cipher key using the AES key schedule. AES requires a separate 128-bit round key block for each round plus one more.


Page:    1 / 14   
Total 206 questions