Public Key Infrastructure (PKI) and Cryptographic Protocols
For instance, during an investigation, it was found that an attacker did the following:
Intercepted the request from the user to the server and established an HTTPS connection between the attacker's computer and the server while having an unsecured HTTP connection with the user. This gave the attacker complete control over the secure webpage.
This protocol helped facilitate this attack.
a. S/MIME
b. SSL
c. SSH
d. ECB
What is b. SSL
This is a third-party network analysis tool?
a. netstat
b. curl
c. hping
d. nmap
What is d. nmap
This is NOT an attack on cryptography.
a. Algorithm attack
b. Collission attack
c. Watering hole attack
d. Birthday attack
What is c. Watering hole attack
You should apply this technique as a cybersecurity expert to mitigate DDoS attacks on your enterprise servers.
a. You should set up a DNS sinkhole.
b. You should set up a host-based firewall.
c. You should set up a proxy server.
d. You should set up a virtual private network.
What is a. You should set up a DNS sinkhole.
In a security review meeting, you are asked to take appropriate security measures to mitigate IP spoofing attacks against the enterprise network, so you implement this method.
a. You should set up a proxy server.
b. You should set up an ACL.
c. You should set up a VPN.
d. You should set up a DLP.
What is b. You should set up an ACL.
Jane, an IT security expert whose services are sought by XYZ Company, has recommended implementing CTR mode in the network. This requirement needs to be fulfilled for computers to communicate when the CTR mode is implemented.
Both sender and receiver should have access to a synchronous counter.
Sender should have access to a counter.
c. Receiver should have access to a counter.
d. Neither sender nor receiver need access to a counter.
Analysis:
a. Correct. Both the message sender and receiver have access to a synchronous counter, which computes a new value each time a ciphertext block is exchanged.
b. Incorrect. With CTR mode, it would not be sufficient for only the sender to have a counter.
c. Incorrect. With CTR mode, it would not be sufficient for only the sender to have a counter.
d. Incorrect. CTR mode cannot be implemented if neither the sender nor the receiver has access to a counter.
What is d. Incorrect. CTR mode cannot be implemented if neither the sender nor the receiver has access to a counter.
A true statement about domain reputation.
a. Domain reputation will be high if the enterprise has access to a huge volume of resources.
b. Domain reputation will be low if the enterprise has access to a huge volume of resources.
c. Domain reputation will be low if the domain is used for distributing malware or launching attacks.
d. Domain reputation will be high if the domain is used for distributing malware or launching attacks.
What is c. Domain reputation will be low if the domain is used for distributing malware or launching attacks.
This uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors.
a. Pad
b. Key
c. Opal
d. Qubits
What is c. Opal
This is the best description of a network hardware security module.
a. A network hardware security module is a deception instrument used to deceive threat actors by intentionally deploying vulnerable devices.
b. A network hardware security module is a trusted network computer that performs cryptographic operations.
c. A network hardware security module is an intrusion detection system that detects any intrusion in a network.
d. A network hardware security module is a hardware firewall that monitors incoming and outgoing traffic of a network.
What is b. A network hardware security module is a trusted network computer that performs cryptographic operations.
In an interview, you are asked to analyze the following statements regarding secure network designs and choose the correct one. Which of the following should you choose?
a. Zero trust is designed to make a system trusted.
b. Workgroup switches reside at the top of the hierarchy and carry traffic between switches.
c. When VLAN members on the same switch communicate with each other, the switch uses tags to transfer the packets.
d. Load balancers can detect and stop protocol attacks directed at a server or application
Which is d. Load balancers can detect and stop protocol attacks directed at a server or application
This is a characteristic of electronic code book (ECB) mode.
a. Only one character is processed at a time.
b. It requires access to a synchronous counter for both the sender and receiver of the message.
c. Each block of plaintext is XORed with the previous block of ciphertext before being encrypted, making it susceptible to attacks.
d. Two identical plaintext blocks are encrypted into two identical ciphertext blocks, making them susceptible to attacks.
What is d. Two identical plaintext blocks are encrypted into two identical ciphertext blocks, making them susceptible to attacks.
This is a major objective of packet analysis.
a. Assess and secure networks
b. Ensure physical security
c. Calculate employee work hours
d. Estimate network cost
What is a. Assess and secure networks
This function in cryptography takes a string of any length as input and returns a string of any requested variable length.
a. Filesystem
b. BitLocker
c. Steganography
d. Sponge
What is d. Sponge
The purpose of a jump box.
a. Deceiving threat actors by intentionally creating vulnerable devices
b. Restricting access to a demilitarized zone
c. Switching from a public IP to a private IP
d. Bypassing a firewall by generating a log entry
What is b. Restricting access to a demilitarized zone
In a security review meeting, you proposed a demilitarized zone for one of your company's data centers. You were then asked to explain the objective of having a DMZ in the data centers, for instance.
a. A DMZ will separate the secure facilities from unknown and potentially hostile outsiders.
b. A DMZ will allow employees to relax between working hours and be more vigilant while working.
c. A DMZ will open up a discussion about enterprise strategies to a broader employee base.
d. A DMZ will monitor network traffic so that the cybersecurity team can focus on other threats.
What is a. A DMZ will separate the secure facilities from unknown and potentially hostile outsiders.
This is a Linux/UNIX-based command interface and protocol.
What is SSH?
Tyler is a cybersecurity expert assigned to look after the security of a public DNS server. One day, during his usual inspection of the DNS server, he found that the DNS table has been altered, resulting in URL redirection for some users, for instance, of this type of attack.
What is DNS hijacking?
This characteristic of cryptography makes information obscure or unclear, and by which the original information becomes impossible to be determined.
What is Obfuscation?
This technique is best fit for monitoring traffic on switches with large volumes of traffic.
What is a Port TAP?
You are asked to configure your enterprise network in such a way that the customer support team gets a higher priority in the network and can conduct customer video calls without any connectivity issues, so you implement this method.
What is You should set up quality of service to give higher priority to the customer support team?
These two protocols are used to secure HTTP.
What are TLS and SSL?
You are a cyber forensic expert wanting to protect devices retrieved from a crime scene from being remotely wiped of evidence. You should use this physical security equipment so that inbound and outbound signals cannot be sent or received.
What are Faraday bags?
This encryption is a chip on the motherboard of a computer that provides cryptographic services.
What is a Trusted platform module (TPM)?
For example, Sansa is a network security administrator at an enterprise. She is asked to take appropriate steps to defend against a MAC address spoofing attack in the enterprise network.
What is Configure the switch so that only one port can be assigned per MAC address?
The earliest and most general cryptographic protocol.
What is SSL?