Notes from practice test

 What should an administrator use to import and export all items written using X.509 that are
part of a chain of trust?
o Public Key Cryptography Standard (PKCS) #12
 Which field displays the hash, or digest, of the certificate in an X.509 certificate?
o Thumbprint
 Which two components involved in performing encryption are known to the party that will
perform decryption before symmetric encryption is applied?
o Cryptographic algorithm and cryptographic key
 How many characters are used in an LM hash password?
o 14
 A Windows credential is identified as follows:
user:FDA95FBABC199D22LLD3B435B51876KK:199DDFD4EF0E9CD9KMNC6FE771IL124B8:::
What is used to store this password?
o HTLM
 What is the key size for RC4 with WEP?
o 40 bits
 Which wireless security standard uses a 128-bit RC4 stream cipher for encrypted
communications?
o WPA
 Which type of attacks are Diffie-Hellman methods vulnerable to?
o Man-in-the-middle
 Which mechanism mitigates a copy-and-paste attack when using AES?
o Output feedback (OFB) loop
 Which mechanism can be used to ensure perfect forward secrecy during key exchange when
using symmetric encryption?
o ECDH
 How is information about Bitcoin transactions stored?
o Distributed peer-to-peer network
 What is one of the primary characteristics of a blockchain in the context of Bitcoin?
o Adding blocks to a blockchain is computationally expensive.
 What is the length (in bits) of the private key used to sign transactions and associated with an
individual wallet in the context of Bitcoin?
o 256 bits
 What can XOR use as a pseudorandom number to create unique ciphertext?
o IV
 How does cipher block chaining (CBC) create randomness in a second block after encrypting the
first block with an initialization vector (IV)?
o Uses the results of the IV to encrypt the next block
 Which certificate management process involves key recovery?
o Issued
 Which algorithm is used to generate the thumbprint of a certificate?
o SHA-1
 A security analyst is validating the integrity and authenticity of a data transaction. Which PKI
component is being used?
o Digital signature
 What is the maximum length (in bits) of encryption keys used by the WEP protocol?
o 40 bits
 What is a difference between WPA-Enterprise and WPA-Personal?
o Support for an authentication server
 Which cipher is used with WEP?
o RC4
 How does TKIP improve WPA over WEP?
o Hashes the initialization vector and secret key
 Which protocol indicates the virtual private network (VPN) is using Authentication Header (AH)?
o 51
 Which technique should a security analyst use to determine the key length in a Vigenère cipher?
o Kasiski examination
 Which mode encrypts each group with the same key, leaving each group independent of the
others?
o ECB
 Which mode of block encryption results in the same outcome for matching blocks of a plaintext
message?
o ECB
 How does CBC mode encryption function?
o Uses an initialization vector (IV) to encrypt the first block, then uses the result of the
encryption to encrypt the next block
 Which encryption mode always produces the same result for the same plaintext?
o ECB
 How many transformation rounds does AES use with a 192-bit key?
o 12
 How many transformation rounds does AES use with a 128-bit key?
o 10
 256 bits AES is 14 rounds
