C836 Module 1 to 12
What occurs in the postmortem or post-incident phase? - correct answer the
determination of what happened, why it happened, and what can be done to ensure it
does not happen again
What is the basic idea behind defense in depth? - correct answer to formulate a
multilayered defense that will allow us to achieve a successful defense should one or
more of our defensive measures fail; well implemented defenses at each layer make it
very difficult to penetrate deeply into the network and attack assets directly.
What is identification? - correct answer the claim of what someone or something is
What is authentication? - correct answer the set of methods used to determine of
whether someone or something is who he, she, or it claims to be
What are the different types of authentication factors? - correct answer something you
know, something you are, something you have, something you do, and the place you
are
What are three examples of a 'something you know' authentication factor? - correct
answer passwords, PINS, passphrases
What are three examples of a 'something you are' authentication factor? - correct
answer fingerprint, iris or retina patterns, facial characteristics
What is it called when the evidence, which someone or something provides so as to
convince that he, she, or it is who he, she, or it claims to be, confirms his, her, or its
claim? - correct answer verification
What is a 'something you have' authentication factor? - correct answer a factor
generally based on the physical possession of an item or device
,What are three examples of a 'something you have' authentication factor? - correct
answer ATM card, state or federally issued identity card, or a software based security
token
What is a "something you do" authentication factor? - correct answer a factor based on
the actions or behaviors of an individual
What are three examples of a "something you do" authentication factor? - correct
answer an individual's gait, multiple factors in his or her handwriting, the time delay
between keystrokes
What is a "where you are" authentication factor? - correct answer a factor based upon
whether the person is physically present at a particular location or locations
Where is the "where you are" authentication factor commonly implemented? - correct
answer at terminals in server rooms
What is encryption correct answer
The process of transforming clear text or plaintext into coded, unintelligible text for
secure storage or communication
What is text called in its encrypted form correct answer
Ciphertext
What is a substitution cipher correct answer
A cipher in which one letter is consistently substituted for another. The Caesar cipher
and ROT13 cipher are examples.
,What does symmetric key (private key) cryptography use correct answer
A single key for both encryption of the plaintext and decryption of the ciphertext
In which type of cryptography must the key be exchanged between the sender and
receiver correct answer
Symmetric key cryptography
How does a block cipher function correct answer
By encrypting a predetermined number of bits (a block) in the plaintext message
How does a stream cipher function correct answer
By encrypting a plaintext message one bit at a time
How large are blocks correct answer
Generally 64 bits, but can be larger or smaller based on the particular algorithm being
used and the various modes in which the algorithm might be capable of operating
Which is faster, a block cipher or a stream cipher correct answer
Stream cipher
Since a block cipher by nature processes larger sequences of information at a time than
a stream cipher, what is true about it correct answer
, 1) it is more efficient, 2) more resource intensive, 3) more complex to implement in
hardware or software, 4) more sensitive to errors in the encryption process
Which type of symmetric key cipher is better for use where the size of the message is
known in advance correct answer
Block cipher
Which type of symmetric key cipher is better for use where the size of the message is
not known in advance correct answer
Stream cipher
What two things does DES use correct answer
A block cipher based on symmetric key cryptography and a 56 bit key
What are the keys of ciphers which AES uses correct answer
A 128 bit key, a 192 bit key, and a 256 bit key, all having a block length of 128 bits
List several symmetric block ciphers
Twofish, Serpent, Blowfish, CAST5, RC6, IDEA
List several symmetric stream ciphers
RC4, ORYX, SEAL
What occurs in the postmortem or post-incident phase? - correct answer the
determination of what happened, why it happened, and what can be done to ensure it
does not happen again
What is the basic idea behind defense in depth? - correct answer to formulate a
multilayered defense that will allow us to achieve a successful defense should one or
more of our defensive measures fail; well implemented defenses at each layer make it
very difficult to penetrate deeply into the network and attack assets directly.
What is identification? - correct answer the claim of what someone or something is
What is authentication? - correct answer the set of methods used to determine of
whether someone or something is who he, she, or it claims to be
What are the different types of authentication factors? - correct answer something you
know, something you are, something you have, something you do, and the place you
are
What are three examples of a 'something you know' authentication factor? - correct
answer passwords, PINS, passphrases
What are three examples of a 'something you are' authentication factor? - correct
answer fingerprint, iris or retina patterns, facial characteristics
What is it called when the evidence, which someone or something provides so as to
convince that he, she, or it is who he, she, or it claims to be, confirms his, her, or its
claim? - correct answer verification
What is a 'something you have' authentication factor? - correct answer a factor
generally based on the physical possession of an item or device
,What are three examples of a 'something you have' authentication factor? - correct
answer ATM card, state or federally issued identity card, or a software based security
token
What is a "something you do" authentication factor? - correct answer a factor based on
the actions or behaviors of an individual
What are three examples of a "something you do" authentication factor? - correct
answer an individual's gait, multiple factors in his or her handwriting, the time delay
between keystrokes
What is a "where you are" authentication factor? - correct answer a factor based upon
whether the person is physically present at a particular location or locations
Where is the "where you are" authentication factor commonly implemented? - correct
answer at terminals in server rooms
What is encryption correct answer
The process of transforming clear text or plaintext into coded, unintelligible text for
secure storage or communication
What is text called in its encrypted form correct answer
Ciphertext
What is a substitution cipher correct answer
A cipher in which one letter is consistently substituted for another. The Caesar cipher
and ROT13 cipher are examples.
,What does symmetric key (private key) cryptography use correct answer
A single key for both encryption of the plaintext and decryption of the ciphertext
In which type of cryptography must the key be exchanged between the sender and
receiver correct answer
Symmetric key cryptography
How does a block cipher function correct answer
By encrypting a predetermined number of bits (a block) in the plaintext message
How does a stream cipher function correct answer
By encrypting a plaintext message one bit at a time
How large are blocks correct answer
Generally 64 bits, but can be larger or smaller based on the particular algorithm being
used and the various modes in which the algorithm might be capable of operating
Which is faster, a block cipher or a stream cipher correct answer
Stream cipher
Since a block cipher by nature processes larger sequences of information at a time than
a stream cipher, what is true about it correct answer
, 1) it is more efficient, 2) more resource intensive, 3) more complex to implement in
hardware or software, 4) more sensitive to errors in the encryption process
Which type of symmetric key cipher is better for use where the size of the message is
known in advance correct answer
Block cipher
Which type of symmetric key cipher is better for use where the size of the message is
not known in advance correct answer
Stream cipher
What two things does DES use correct answer
A block cipher based on symmetric key cryptography and a 56 bit key
What are the keys of ciphers which AES uses correct answer
A 128 bit key, a 192 bit key, and a 256 bit key, all having a block length of 128 bits
List several symmetric block ciphers
Twofish, Serpent, Blowfish, CAST5, RC6, IDEA
List several symmetric stream ciphers
RC4, ORYX, SEAL
