ECCouncil 212-81 Practice Test - Questions Answers, Page 7

CHAP

https://en.wikipedia.org/wiki/Challenge-Handshake_Authentication_Protocol

Challenge-Handshake Authentication Protocol (CHAP) is an identity verification protocol that does not rely on sending a shared secret between the access-requesting party and the identity-verifying party (the authenticator). CHAP is based on a shared secret, but in order to authenticate, the authenticator sends a ''challenge'' message to the access-requesting party, which responds with a value calculated using a ''one-way hash'' function that takes as inputs the challenge and the shared secret. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication succeeds, otherwise it fails. Following the establishment of an authenticated connection, the authenticator may send a challenge to the access-requesting party at random intervals, to which the access-requesting party will have to produce the correct response.

Incorrect answers:

EAP - A framework that allows for creation of different ways to provide authentication, such as smart cards

SPAP - Shiva Password Authentication Protocol, PAP with encryption for the usernames/passwords that are transmitted.

PAP - Password Authentication Protocol. Used to authenticate users, but is no longer used because the information was sent in cleartext.

Global deduction

https://en.wikipedia.org/wiki/Cryptanalysis

Global deduction --- the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.

Incorrect answers:

Instance (local) deduction --- the attacker discovers additional plaintexts (or ciphertexts) not previously known.

Information deduction --- the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.

Total break --- the attacker deduces the secret key.

Diffie-Hellman

https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

Diffie-Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.

Incorrect answers:

Elliptic Curve - Asymmetric Key Algorithm, provides encryption, digital signatures, key exchange, based on the idea of using points on a curve to define the public/private key, used in wireless devices and smart cards. The security of the Elliptic Curve cryptography is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impractical to do so. (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985

MD5 - hash function - Created by Ronald Rivest. Replaced MD4. 128 bit output size, 512 bit block size, 32 bit word size, 64 rounds. Infamously compromised by Flame malware in 2012. Not collision resistant - Not Reversible - RFC 1321

RSA - is a public-key cryptosystem that is widely used for secure data transmission.

A pseudo random number generator

https://en.wikipedia.org/wiki/Linear_congruential_generator

A linear congruential generator (LCG) is an algorithm that yields a sequence of pseudo-randomized numbers calculated with a discontinuous piecewise linear equation. The method represents one of the oldest and best-known pseudorandom number generator algorithms. The theory behind them is relatively easy to understand, and they are easily implemented and fast, especially on computer hardware which can provide modular arithmetic by storage-bit truncation.

2^56

https://en.wikipedia.org/wiki/Data_Encryption_Standard

The Data Encryption Standard (DES) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for applications, it has been highly influential in the advancement of cryptography.

Finding any method that is more efficient than brute force.

https://en.wikipedia.org/wiki/Cryptanalysis

Bruce Schneier notes that even computationally impractical attacks can be considered breaks: 'Breaking a cipher simply means finding a weakness in the cipher that can be exploited with a complexity less than brute force. Never mind that brute-force might require 2^128 encryptions; an attack requiring 2^110 encryptions would be considered a break...simply put, a break can just be a certificational weakness: evidence that the cipher does not perform as advertised.'

multi-alphabet encryption

https://en.wikipedia.org/wiki/Polyalphabetic_cipher

Two different shifts create two different alphabets.

For +1 and +2

Plaintext alphabet

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

2 ciphertext alphabets

B C D E F G H I J K L M N O P Q R S T U V W X Y Z A

C D E F G H I J K L M N O P Q R S T U V W X Y Z A B

Incorrect answers:

Scytale - transposition cipher

Caesar cipher - monoalphabetic cipher

Atbash - monoalphabetic cipher

Integrity. In information security, data integrity means maintaining and assuring the accuracy and completeness of data over its entire lifecycle. This means that data cannot be modified in an unauthorized or undetected manner.

An important application of hashes is verification of message integrity. Comparing message digests (hash digests over the message) calculated before, and after, transmission can determine whether any changes have been made to the message or file.

SHA-1

https://en.wikipedia.org/wiki/SHA-1

SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest -- typically rendered as a hexadecimal number, 40 digits long. It was designed by the United States National Security Agency, and is a U.S. Federal Information Processing Standard.

Incorrect answers:

RSA (Rivest--Shamir--Adleman) is one of the first public-key cryptosystems and is widely used for secure data transmission.

RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher.

AES (Advanced Encryption Standard) is a subset of the Rijndael block cipher

CRL

https://ru.wikipedia.org/wiki/Certificate_Revocation_List

Certificate Revocation List (or CRL) is 'a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted'.

Incorrect answers:

RA - Used to proxy the certificate requests on behalf of the user and validate whether or not they are legitimate instead of having the user go directly to the CA. The RA talks to the subordinate CA on behalf of the user, which makes it harder for the actor to get directly to the certificate authority and do harm.

RFC -- Request for Comments (RFC) is a publication from the Internet Society (ISOC) and its associated bodies, most prominently the Internet Engineering Task Force (IETF), the principal technical development and standards-setting bodies for the Internet.

CA - certificate authority or certification authority is an entity that issues digital certificates