Sans 401: Data Security Technologies || Solved Correctly.
The following example shows which kind of cipher operation?CAT becomes PNGPNG becomes
CAT (Book 4 Page 18)
Permutation
XOR operation
Rotation substitution
One-way operation correct answers Rotation Subsitution
Which of the following cryptographic algorithms is best suited for an application that requires
high security and high speed; despite very limited space and power resources (such as with a
smart card)? (Book 4 Page 74)
RSA
IDEA
3DES
ECC correct answers ECC
After storing the cryptographic hashes of critical files in a secure location, what is the next step
in the process of file integrity checking? (Book 4 Page 202)
Alert on new files within critical directories.
At set intervals, rerun cryptographic hashes on the specified files.
Confirm that cryptographic hashes cannot be modified.
Compare new hashes against the original. correct answers Confirm the cryptographic hashes
cannot be modfied
Which of the following provides secure e-mail abilities such as digitally signed email and
encrypted email? (Book 4 Page 104)
,EFS
Veracrypt
GPG
BitLocker correct answers GPG
Which of the following is true of IDS? (Book 4 Page 149)
It requires monitoring and maintenance.
It protects from an attack.
It replaces firewalls.
It does not need trained analysts. correct answers It requires monitoring and maintenance
What is the correct classification when an IDS triggers malicious activity alerts that are
determined to be benign/normal activity? (Book 4 Page 150)
True negative
False positive
True positive
False negative correct answers False Positive
Which of the following ciphers would provide for nonrepudiation of an e-mail that you compose
and are about to send? (Book 4 Page 13)
Diffie-Hellman and AES-256
ECC and SHA1
3DES and RSA
Rijndael and MD5 correct answers ECC and SHA1
, What technique is used by a network-based intrusion detection system when it collects data and
baselines it before analysis? (Book 4 Page
Frame buffering
Data normalization
Data scrubbing
Packet fragmentation correct answers Data Normalization
Which of the following statements describes the main use of a hashing algorithm? (Book 4 Page
76)
Creates a pre-shared key to protect the data's confidentiality
Encrypts an e-mail message to ensure integrity and non-repudiation
Produces a unique digital fingerprint of input data to verify integrity
Generates keys used in perfect forward secrecy correct answers Produces a unique digital
fingerprint of input data to verify integrity
What is the name of a common symmetric encryption technique that constructs a cipher using
plaintext message letters but rearranges the order in which the characters appear? (Book 4 Page
22)
Arbitrary substitution
Permutation
XOR
Rotation substitution correct answers Permutation
Which of the following firewall types is the least costly, as well as the fastest? (Book 4 Page
143)
The following example shows which kind of cipher operation?CAT becomes PNGPNG becomes
CAT (Book 4 Page 18)
Permutation
XOR operation
Rotation substitution
One-way operation correct answers Rotation Subsitution
Which of the following cryptographic algorithms is best suited for an application that requires
high security and high speed; despite very limited space and power resources (such as with a
smart card)? (Book 4 Page 74)
RSA
IDEA
3DES
ECC correct answers ECC
After storing the cryptographic hashes of critical files in a secure location, what is the next step
in the process of file integrity checking? (Book 4 Page 202)
Alert on new files within critical directories.
At set intervals, rerun cryptographic hashes on the specified files.
Confirm that cryptographic hashes cannot be modified.
Compare new hashes against the original. correct answers Confirm the cryptographic hashes
cannot be modfied
Which of the following provides secure e-mail abilities such as digitally signed email and
encrypted email? (Book 4 Page 104)
,EFS
Veracrypt
GPG
BitLocker correct answers GPG
Which of the following is true of IDS? (Book 4 Page 149)
It requires monitoring and maintenance.
It protects from an attack.
It replaces firewalls.
It does not need trained analysts. correct answers It requires monitoring and maintenance
What is the correct classification when an IDS triggers malicious activity alerts that are
determined to be benign/normal activity? (Book 4 Page 150)
True negative
False positive
True positive
False negative correct answers False Positive
Which of the following ciphers would provide for nonrepudiation of an e-mail that you compose
and are about to send? (Book 4 Page 13)
Diffie-Hellman and AES-256
ECC and SHA1
3DES and RSA
Rijndael and MD5 correct answers ECC and SHA1
, What technique is used by a network-based intrusion detection system when it collects data and
baselines it before analysis? (Book 4 Page
Frame buffering
Data normalization
Data scrubbing
Packet fragmentation correct answers Data Normalization
Which of the following statements describes the main use of a hashing algorithm? (Book 4 Page
76)
Creates a pre-shared key to protect the data's confidentiality
Encrypts an e-mail message to ensure integrity and non-repudiation
Produces a unique digital fingerprint of input data to verify integrity
Generates keys used in perfect forward secrecy correct answers Produces a unique digital
fingerprint of input data to verify integrity
What is the name of a common symmetric encryption technique that constructs a cipher using
plaintext message letters but rearranges the order in which the characters appear? (Book 4 Page
22)
Arbitrary substitution
Permutation
XOR
Rotation substitution correct answers Permutation
Which of the following firewall types is the least costly, as well as the fastest? (Book 4 Page
143)
