1.

A symmetric encryption algorithm is BEST suited for:

A. key-exchange scalability.
B. protecting large amounts of data.
C. providing hashing capabilities.
D. implementing non-repudiation. Correct Answer: B

2. Which of the following should a technician consider when selecting an encryption method for
data that needs to remain confidential for a specific length of time?
A. The key length of the encryption algorithm
B. The encryption algorithm’s longevity
C. A method of introducing entropy into key calculations
D. The computational overhead of calculating the encryption key Correct Answer: A

3. Which of the following cryptographic concepts would a security engineer utilize while
implementing non-repudiation? (Choose two.)
A. Block cipher
B. Hashing
C. Private key
D. Perfect forward secrecy
E. Salting
F. Symmetric keys

4. A database administrator needs to ensure all passwords are stored in a secure manner, so the
administrator adds randomly generated data to each password before storing. Which of the
following techniques BEST explains this action?
A. Predictability
B. Key stretching
C. Salting
D. Hashing Correct Answer: C

5. A security assessment determines DES and 3DES are still being used on recently deployed
production servers. Which of the following did the assessment identify?
A. Unsecure protocols B. Default settings C. Open permissions D. Weak encryption Correct
Answer: D

6. Which of the following BEST describes the method a security analyst would use to confirm a file
that is downloaded from a trusted security website is not altered in transit or corrupted using a
verified checksum?
A. Hashing B. Salting C. Integrity D. Digital signature Correct Answer: A

7. If a current private key is compromised, which of the following would ensure it cannot be used
to decrypt all historical data?
A. Perfect forward secrecy B. Elliptic-curve cryptography C. Key stretching D. Homomorphic
encryption Correct Answer: A

8. Which of the following provides the BEST protection for sensitive information and data stored
in cloud-based services but still allows for full functionality and searchability of data within the
 cloud-based services? A. Data encryption B. Data masking C. Anonymization D. Tokenization
Correct Answer: A

9. To secure an application after a large data breach, an e-commerce site will be resetting all
users’ credentials. Which of the following will BEST ensure the site’s users are not compromised
after the reset?

A. A password reuse policy B. Account lockout after three failed attempts C. Encrypted
credentials in transit D. A geofencing policy based on login history Correct Answer: C

10. Which of the following would MOST likely support the integrity of a voting machine? A.
Asymmetric encryption B. Blockchain C. Transport Layer Security D. Perfect forward secrecy
Correct Answer: D

11. A website developer is working on a new e-commerce website and has asked an information
security expert for the most appropriate way to store credit card numbers to create an easy
reordering process. Which of the following methods would BEST accomplish this goal?

A. Salting the magnetic strip information B. Encrypting the credit card information in transit C.
Hashing the credit card numbers upon entry D. Tokenizing the credit cards in the database
Correct Answer: C

12. A security assessment determines DES and 3DES are still being used on recently deployed
production servers. Which of the following did the assessment identify?
A. Unsecure protocols B. Default settings C. Open permissions D. Weak encryption Correct
Answer: D
13. In which of the following common use cases would steganography be employed?
A. Obfuscation
B. Integrity
C. Non-repudiation
D. Blockchain

14. Which of the following types of keys is found in a key escrow?

A. Public
B. Private
C. Shared
D. Session
15. Which of the following is used by the recipient of a digitally signed email to verify the identity of the
sender? A. Recipient's private key B. Sender's public key C. Recipient's public key D. Sender's private key
16. A developer needs to utilize AES encryption in an application but requires the speed of encryption
and decryption to be as fast as possible. The data that will be secured is not sensitive so speed is valued
over encryption complexity. Which of the following would BEST satisfy these requirements?
A. AES with output feedback B. AES with cipher feedback C. AES with cipher block chaining D. AES with
counter mode
17. Which of the following BEST explains the use of an HSM within the company servers?
A. Thumb drives present a significant threat which is mitigated by HSM.
B. Software encryption can perform multiple functions required by HSM.
C. Data loss by removable media can be prevented with DLP
D. Hardware encryption is faster than software encryption.
Explanation: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance
security. It provides a fast solution for the for large asymmetrical encryption calculations and is much
faster than software-based cryptographic solutions.
18. Which of the following types of encryption will help in protecting files on a PED?
A. Mobile device encryption
B. Transport layer encryption
C. Encrypted hidden container
D. Database encryption
Answer: A Explanation: Device encryption encrypts the data on a Personal Electronic Device (PED). This
feature ensures that the data on the device cannot be accessed in a useable form should the device be
stolen.
19. An attacker captures the encrypted communication between two parties for a week, but is unable
to decrypt the messages. The attacker then compromises the session key during one exchange and
successfully compromises a single message. The attacker plans to use this key to decrypt previously
captured and future communications, but is unable to. This is because the encryption scheme in use
adheres to:
A. Asymmetric encryption B. Out-of-band key exchange C. Perfect forward secrecy D. Secure key escrow
Answer: C
20. An organization uses application whitelisting to help prevent zero-day attacks. Malware was recently
identified on one client, which was able to run despite the organization's application whitelisting
approach. The forensics team has identified the malicious file, conducted a post-incident analysis, and
compared this with the original system baseline. The team sees the following output:
filename hash (SHA-1)
original: winSCP.exe 2d da b1 4a 98 fc f1 98 06 b1 e5 26 b2 df e5 f5 3e cb 83 el
latest: winSCP.exe a3 4a c2 4b 85 fa f2 dd 0b ba f4 16 b2 df f2 4b 3f ac 4a e1
Which of the following identifies the flaw in the team's application whitelisting approach?
 A. The original baseline never captured the latest file signature

B. SHA-1 has known collision vulnerabilities and should not be used.

C. Their approach uses executable names and not hashes for the whitelist.

D. Zero-day attacks require the latest file signatures

21. A server administrator discovers the web farm is using weak ciphers and wants to ensure that only
stronger ciphers are accepted. Which of the following ciphers should the administrator implement in the
load balancer? (Select Two)
A. DES
B. CRC-32
C. SHA-129
D. RC4
E. MD5

22. A security administrator is choosing an algorithm to generate password hashes.

Which of the following would offer the BEST protection against offline brute force attacks?
A. 3DES
B. AES
C. SHA-1
D. MD5

23. When connected to a secure WAP, which of the following encryption technologies is MOST likely to
be configured when connecting to WPA2-PSK?
A. MD5
B. WEP
C. AES
D. DES

24. A security analyst reviews the following output:

The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network.
After inspecting a large number of files, the security analyst reports the following:

Which of the following is the MOST likely cause of the hash being found in other areas?
A. Jan Smith is an insider threat
B. There are MD5 hash collisions
C. Shadow copies are present
D. The file is encrypted

25. A company must send sensitive data over a non-secure network via web services. The company
suspects that competitors are actively trying to intercept all transmissions. Some of the information may
be valuable to competitors, even years after it has been sent. Which of the following will help mitigate
the risk in the scenario? A. Use a third party for key escrow
B. Use algorithms that allow for PFS
C. Choose steam ciphers over block ciphers
D. Enable TLS instead of SSL
E. Digitally sign the data before transmission

26. Which of the following algorithms would be used to provide non-repudiation of a file transmission?
A. AES
B. RSA
C. MD5
D. SHA
27. A website developer who is concerned about theft cf the company's user database warns to protect
weak passwords from offline brute-force attacks. Which of the following be the BEST solution?
A. Use a key-stretching technique
B. Lock accounts after five failed logons
C. Hash passwords with the MD5 algorithm
D. Precompute passwords with rainbow tables

28. A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any
external networks. Which of the following methods would BEST prevent data? (Select TWO)
A. File-level encryption
B. Drive encryption
C. USB blocker
D. VPN
E. Network firewall
F. MFA

29. A security analyst is hardening a network infrastructure. The analyst is given the following
requirements;
* Preserve the use of public IP addresses assigned to equipment on the core router.
* Enable "in transport 'encryption protection to the web server with the strongest ciphers.
Which of the following should the analyst implement to meet these requirements? (Select TWO).
A. Configure NAT on the core router
B. Configure VLANs on the core router
C. Enable 3DES encryption on the web server
D. Configure AES encryption on the web server
E. Configure BGP on the core router
F. Enable TLSv2 encryption on the web server

30. Which of the following algorithms has the SMALLEST key size?
A. RSA
B. AES
C. DES
D. Twofish

31. Which of the following BEST helps to demonstrate integrity during a forensic investigation?
A. Event logs
B. Encryption
C. Hashing
D. Snapshots