cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Re: Practice Questions

OK, an easy one:

Which of the following terms describes the phenomenon when two different
encryption keys can generate the same ciphertext from the same plaintext?

a. Weak keys.
b. Key clustering.
c. Digital signature.
d. MAC code.

Answer: b

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
MPAA calls the Internet going dark in protest of SOPA `An abuse
of power.' In related news, the Eye of Sauron accuses Hobbits of
terrorism. - twitter.com/#!/beach_fox/status/159579304647331840
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

Re: Practice Questions

What is the PRIMARY purpose for using one-way encryption of user passwords within the system?

 

a. It prevents anyone from reading passwords in plaintext.
b. It avoids the excessive processing time that would be required by a symmetric encryption algorithm.
c. It minimizes the amount of primary and secondary storage required to store user passwords.
d. It facilitates the security administrator's investigation in cases where unauthorized uses of a password are suspected.

 

answer: a


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Baller152
Newcomer I

Re: Practice Questions

@rslade , I just wanted to say thanks for posting these questions again.  I passed my CISSP this morning with 30 questions to spare.

Startzc
Newcomer III

Re: Practice Questions

Congratulations Baller152

rslade
Influencer II

Re: Practice Questions

> Baller152 (Newcomer I) mentioned you in a post! Join the conversation below:

> @rslade , I just wanted to say thanks for posting these questions again.  I
> passed my CISSP this morning with 30 questions to spare.

Congrats!

Quite welcome.

Which of the following describes a cryptographic one-way function?

a. A mathematical process that involves the transformation of data, usually with
encryption related routines, into a quantity that cannot then be used to recover
the original data.
b. An iterative process that computes a value from a particular data unit in a
manner that manipulation of the data is detectable.
c. A value computed on data to detect error or manipulation during transmission.
d. A mathematical process which scrambles cleartext so that ciphertext cannot
be decoded without knowledge of the key.

Answer: a.

(Reference: Schneier, Bruce, Applied Cryptography, New York: John Wiley &
Sons, 1994, pg 27)

“b.” describes a MAC plus DES
“c.” describes a MAC or digital signature
“d.” describes basic encryption and decryption.

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 978-0-367-68269-9
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
kamalamalhotra
Newcomer III

Re: Practice Questions

congratulations. 

kamalamalhotra
Newcomer III

Re: Practice Questions

I am finally taking the cissp exam on 20th March 2021. 

Tags (1)
rslade
Influencer II

Re: Practice Questions

Who developed the public key encryption system?

a. Martin Hellman
b. David Kahn
c. Fred Cohen
d. Adi Shamir

Answer: a.

(Reference: Understanding Computers: Computer Security, Alexandria, VA, Time-
Life Books, 1987, pg 99)

David Kahn is the author of ‘easy to read guides’ on encryption and "The
Codebreakers," which is an absoutely fascinating history of cryptography, and will
teach you nothing that you actually need on the exam.
Fred Cohen is most famous for his doctoral thesis on viruses and is sort of the
grandfather of all malware research.
Shamir is one of the developers of the RSA algorithm.

In reality, Ralph Merkle developed asymmetric encryption at about the same time
as Diffie and Hellman, but couldn't get it published because an editor thought it
wasn't "interesting." And both were pipped by the guys from the UK's GCHQ who
developed it five years earlier, weren't allowed to tell anyone--and couldn't figure
out what to use it for.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
A civilization flourishes when people plant trees under which
they will never sit.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
dcontesti
Community Champion

Re: Practice Questions

@rslade wrote:

 

Who developed the public key encryption system?

a. Martin Hellman
b. David Kahn
c. Fred Cohen
d. Adi Shamir

Answer: a.

 

Rob,

 

Not to be critical, this is great historical information but I don;t think a good exam question.  It is pure knowledge.

 

My nickel Canadiana

 

d

 

denbesten
Community Champion

Re: Practice Questions


@dcontesti wrote:

@rsladewrote:

 

Who developed the public key encryption system?

Not to be critical, this is great historical information but I don;t think a good exam question.  It is pure knowledge.


My initial reaction too.  I was somewhat "calmed down" when I realized that it plays into the importance of associating "Diffie-Hellman Key Exchange" with "Public Key Encryption".  That said, I concur that it probably would best be rewritten to not appear quite so much like trivia question.