登录　| 注册　| 充值

试卷名称:CISSP认证考试（密码学）模拟试卷1

首页 > 计算机 > CISSP认证

上一题： Which of the following incorrectly ...

下一题： Which of the following occurs in a ...

单项选择题

Which of the following correctly describes a drawback of symmetric key systems?

A．Computationally less intensive than asymmetric systems

B．Work much more slowly than asymmetric systems

C．Carry out mathematically intensive tasks

D．Key must be delivered via secure courier

查看答案进入试题列表

您可能感兴趣的题目

There are several components involved with steganography. Which of the following refers to a file that has hidden information in it? Stego-medium Concealment cipher Carrier Payload

Which of the following incorrectly describes steganography? It is a type of security through obscurity. Modifying the most significant bit is the most common method used. Steganography does not draw attention to itself like encryption does. Media files are ideal for steganographic transmission because of their large size.

Which of the following correctly describes a drawback of symmetric key systems? Computationally less intensive than asymmetric systems Work much more slowly than asymmetric systems Carry out mathematically intensive tasks Key must be delivered via secure courier

Encryption can happen at different layers of an operating system and network stack. Where does PPTP encryption take place? Data link layer Within applications Transport layer Data link and physical layers

Sally is responsible for key management within her organization. Which of the following incorrectly describes a principle of secure key management? Keys should be backed up or escrowed in case of emergencies. The more a key is used, the shorter its lifetime should be. Less secure data allows for a shorter key lifetime. Keys should be stored and transmitted by secure means.

Mandy needs to calculate how many keys must be generated for the 260 employees using the company’s PKI asymmetric algorithm. How many keys are required? 33,670 520 67340 260

Advanced Encryption Standard is an algorithm used for which of the following? Data integrity Bulk data encryption Key recovery Distribution of symmetric keys

The CA is responsible for revoking certificates when necessary. Which of the following correctly describes a CRL and OSCP? The CRL was developed as a more streamlined approach to OCSP. OCSP is a protocol that submits revoked certificates to the CRL. OCSP is a protocol developed specifically to check the CRL during a certificate validation process. CRL carries out real-time validation of a certificate and reports to the OCSP.

There are several different types of important architectures within public key infrastructures. Which architecture does the graphic that follows represent? [*] Cross-certification Cross-revocation list Online Certificate Status Protocol Registration authority

If Marge uses her private key to create a digital signature on a message she is sending to George, but she does not show or share her private key with George, what is it an example of? Key clustering Avoiding a birthday attack Providing data confidentiality Zero-knowledge proof

Which of the following best describes Key Derivation Functions (KDFs)? Keys are generated from a master key. Session keys are generated from each other. Asymmetric cryptography is used to encrypt symmetric keys. A master key is generated from a session key.

An elliptic curve cryptosystem is an asymmetric algorithm. What sets it apart from other asymmetric algorithms? It provides digital signatures, secure key distribution, and encryption. It computes discrete logarithms in a finite field. It uses a larger percentage of resources to carry out encryption. It is more efficient.

If implemented properly, a one-time pad is a perfect encryption scheme. Which of the following incorrectly describes a requirement for implementation? The pad must be securely distributed and protected at its destination. The pad must be made up of truly random values. The pad must always be the same length. The pad must be used only one time.

Which of the following works similarly to stream ciphers? One-time pad AES Block RSA

There are two main types of symmetric ciphers: stream and block. Which of the following is not an attribute of a good stream cipher? Statistically unbiased keystream Statistically predictable Long periods of no repeating patterns Keystream not linearly related to key

SSL is a de facto protocol used for securing transactions that occur over untrusted networks. Which of the following best describes what takes place during an SSL connection setup process? The server creates a session key and encrypts it with a public key. The server creates a session key and encrypts it with a private key. The client creates a session key and encrypts it with a private key. The client creates a session key and encrypts it with a public key.

There are several different modes that block ciphers can work in. Which mode does the graphic that follows portray? [*] Electronic Code Book Mode Cipher Block Chaining Output Feedback Mode Counter Mode

There are two main functions that Trusted Platform Modules (TPMs) carry out within systems today. Which of the following best describes these two functions? Sealing a hard disk drive is when the decryption key that can be used to decrypt data on the drive is stored on the TPM. Binding is when data pertaining to the system’s state are hashed and stored on the TPM. Binding a hard disk drive is when whole-disk encryption is enabled through the use of the TPM. Sealing is when a digital certificate is sealed within a TPM and the system cannot boot up without this certificate being validated. Sealing a hard disk drive is when whole-disk encryption is enabled through the use of the TPM. Binding is when a digital certificate is sealed within a TPM and the system cannot boot up without this certificate being validated. Binding a hard disk drive is when the decryption key that can be used to decrypt data on the drive is stored on the TPM. Sealing is when data pertaining to the system’s state are hashed and stored on the TPM.

The following scenario will be used for questions 28 and 29. Jack has been told that successful attacks have been taking place and data that have been encrypted by his company’s software systems have leaked to the company’s competitors. Through Jack’s investigation he has discovered that the lack of randomness in the seeding values used by the encryption algorithms in the company’s software uncovered patterns and allowed for successful reverse engineering.

Which of the following correctly describes the relationship between SSL and TLS? TLS is the open-community version of SSL. SSL can be modified by developers to expand the protocol’s capabilities. TLS is a proprietary protocol, while SSL is an open-community protocol. SSL is more extensible and backward compatible with TLS.

相关试卷

CISSP认证考试模拟试卷4
CISSP认证考试模拟试卷3
CISSP认证考试模拟试卷2
CISSP认证考试模拟试卷1
CISSP认证考试（软件开发安全）模拟试卷1
CISSP认证考试（访问控制）模拟试卷1
CISSP认证考试（信息安全治理与风险管理）模拟试卷1
CISSP认证考试（通信安全与网络安全）模拟试卷1
CISSP认证考试（安全体系结构和设计）模拟试卷1
CISSP认证考试（密码学）模拟试卷1
CISSP认证考试（物理安全与环境安全）模拟试卷1
CISSP认证考试（法律、法规、调查与合规）模拟试卷1
CISSP认证考试（业务连续性和灾难恢复）模拟试卷1
CISSP认证考试（安全运营）模拟试卷1