ECCouncil 212-81 Practice Test - Questions Answers, Page 19

PKI

https://en.wikipedia.org/wiki/Public_key_infrastructure

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.

Incorrect answers:

PIKE -stream cipher was invented by Ross Anderson to be a 'leaner and meaner' version of FISH after he broke FISH in 1994. Its name is supposed to be a humorous allusion to the pike fish.

GOST-hash function, defined in the standards GOST R 34.11-94 and GOST 34.311-95 is a 256-bit cryptographic hash function. It was initially defined in the Russian national standard GOST R 34.11-94 Information Technology -- Cryptographic Information Security -- Hash Function. The equivalent standard used by other member-states of the CIS is GOST 34.311-95.

CA -certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party---trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.

Elliptic Curve

https://en.wikipedia.org/wiki/Elliptic-curve_cryptography

For current cryptographic purposes, an elliptic curve is a plane curve over a finite field (rather than the real numbers) which consists of the points satisfying the equation:

RC4

https://en.wikipedia.org/wiki/RC4

RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

The key-scheduling algorithm is used to initialize the permutation in the array 'S'. 'keylength' is defined as the number of bytes in the key and can be in the range 1 keylength 256, typically between 5 and 16, corresponding to a key length of 40 -- 128 bits. First, the array 'S' is initialized to the identity permutation. S is then processed for 256 iterations in a similar way to the main PRGA, but also mixes in bytes of the key at the same time.

Incorrect answers:

Blowfish -has a 64-bit block size and a variable key length from 32 bits up to 448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes. In structure it resembles CAST-128, which uses fixed S-boxes.

Twofish -is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits.

PIKE-stream cipher was invented by Ross Anderson to be a 'leaner and meaner' version of FISH after he broke FISH in 1994. Its name is supposed to be a humorous allusion to the pike fish.

Integrity

https://en.wikipedia.org/wiki/Cryptographic_hash_function#Verifying_the_integrity_of_messages_and_files

An important application of secure hashes is verification of message integrity. Comparing message digests (hash digests over the message) calculated before, and after, transmission can determine whether any changes have been made to the message or file.

Brute force

https://en.wikipedia.org/wiki/Brute-force_attack

A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key search.

A brute-force attack is a cryptanalytic attack that can, in theory, be used to attempt to decrypt any encrypted data (except for data encrypted in an information-theoretically secure manner). Such an attack might be used when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier.

Incorrect answers:

Rainbow tables -is a precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a key derivation function (or credit card numbers, etc.) up to a certain length consisting of a limited set of characters.

Dictionary attack -is a form of brute force attack technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying thousands or millions of likely possibilities, such as words in a dictionary or previously used passwords, often from lists obtained from past security breaches.

Shoulder surfing -is a type of social engineering technique used to obtain information such as personal identification numbers (PINs), passwords and other confidential data by looking over the victim's shoulder, either from keystrokes on a device or sensitive information being spoken and heard, also known as eavesdropping.

Coprime

https://en.wikipedia.org/wiki/Coprime_integers

In number theory, two integers a and b are said to be relatively prime, mutually prime, or coprime if the only positive integer (factor) that divides both of them is 1. Consequently, any prime number that divides one of a or b does not divide the other. This is equivalent to their greatest common divisor (gcd) being 1.

Incorrect answers:

Convergent - a series is the sum of the terms of an infinite sequence of numbers.

Euler's totient function - counts the positive integers up to a given integer n that are relatively prime to n. It is written using the Greek letter phi as (n) or (n), and may also be called Euler's phi function. In other words, it is the number of integers k in the range 1 k n for which the greatest common divisor gcd(n, k) is equal to 1. The integers k of this form are sometimes referred to as totatives of n.

Fermat's number - named after Pierre de Fermat, who first studied them, is a positive integer of the form

where n is a non-negative integer.

Collision

https://en.wikipedia.org/wiki/Collision_(computer_science)

A collision or clash is a situation that occurs when two distinct pieces of data have the same hash value, checksum, fingerprint, or cryptographic digest.