Cryptography Concepts

Questions and Answers

Which of the following BEST defines a 'threat' in cybersecurity?

• An event that compromises system integrity.
• Gaining unauthorized access to system resources.
• An attempt to exploit a system's vulnerability.
• An event with the potential to impact security properties. (correct)

Which scenario exemplifies a passive attack?

• Monitoring network traffic to capture sensitive information. (correct)
• Exploiting a software vulnerability for unauthorized access.
• Exploiting legitimate access to steal sensitive data.
• Using a brute-force attack to guess a user's password.

What does the acronym 'CIA' stand for in the context of information security?

• Confidentiality, Identity, Availability
• Confidentiality, Integrity, Availability (correct)
• Control, Integrity, Authentication
• Confidentiality, Integrity, Accountability

Which statement accurately compares the Data Encryption Standard (DES) and Rivest–Shamir–Adleman (RSA) algorithms?

RSA uses two different keys for encryption and decryption. (B)

According to Claude Shannon's principles, what component is MOST critical to keep secret in a cryptographic system?

The specific key used. (C)

Which statement accurately describes a transposition cipher?

Each character's position is shifted relative to others. (B)

Which of the following data types is unsuitable for a Caesar cipher key?

String of alphabetic characters (B)

Which modern cryptographic algorithm is the MOST susceptible to brute-force attacks, assuming a short key length?

Data Encryption Standard (DES) (B)

What is the primary security risk associated with using Electronic Codebook (ECB) mode encryption?

Patterns in the plaintext are visible in the ciphertext. (C)

What critical problem does the Diffie-Hellman key exchange primarily address?

Preventing eavesdroppers from copying the key. (C)

What property is not a characteristic of a secure hash function?

Different inputs may produce the same output. (A)

Which of the following is the MOST accurate definition of a rainbow table?

A precomputed table of hash values used to crack passwords. (B)

What is the primary reason for using password salting?

To increase the computational effort required for brute-force attacks. (C)

Which password is most likely to be easily guessed by both humans and dictionary attacks?

apple (A)

What is the defining characteristic of password spraying?

Using a single password across many accounts. (A)

Which authentication factor category does a smart card belong to?

Something you possess (C)

What term describes when a valid user's biometric scan is rejected?

False non-match (D)

Based on the lectures, what is typically the initial action performed by a virus?

Check a condition to begin infecting a program (D)

What is the primary purpose of a webshell?

To maintain unauthorized access to a server. (D)

When is a system considered safe from a zero-day exploit?

Once the vulnerability is patched. (C)

Flashcards

Definition of a threat

An event with the potential to adversely impact the security properties of an information system.

Example of a passive attack

Attacker exploits vulnerability in bank system to view bank balances without authorization.

CIA acronym

Confidentiality, Integrity, and Availability.

DES vs. RSA keys

RSA uses two different keys for encryption and decryption.

Claude Shannon's key principle

The key needs to be the most important kept secret.

Transposition cipher

Each character of the plaintext is reordered to form the ciphertext.

Invalid Caesar cipher key

String of alphabetic characters.

Brute-forcing cryptographic algorithms

DES is the most vulnerable to brute-forcing attacks.

Avoid ECB mode because

Easy to see the relationship between plaintext and ciphertext.

Diffie-Hellman solves

Solved by Third party making a copy of a key sent between communicating parties.

False property of a hash function

Different output for the same input.

Rainbow table definition

Dictionary of hashes.

Password salting reason

Increase the work required to brute force a password.

Password easy to guess

apple is most likely to be considered easy for humans to remember but ALSO easy for computers to guess using DICTIONARY attacks.

Password spraying

Use same password on many different accounts.

Smart card authentication type

Something you possess.

Biometric system fails to recognize an enrolled user

False non-match.

Main purpose of a web shell?

Maintain access

Most important requirement for a switched packet network

Delivery of packets.

Source port in packet header

Identifies which program on client will process the reply.

Study Notes

Section A - Concepts

• A threat is defined best as an event with the potential to adversely impact the security properties of information systems
• The best example of a passive attack involves an attacker exploiting system vulnerability to view bank balances
• CIA acronym stands for Confidentiality, Integrity, Availability
• RSA uses two different keys for both encryption and decryption
• According to Claude Shannon, the key is the most important thing to keep secret
• Transposition cipher reorders each character to form the ciphertext
• String of alphabetic characters cannot be chosen as a key for Caesar cipher
• DES is one of the modern cryptography algorithms that is the most vulnerable to brute-forcing attacks
• It's easy to see the relationship between plaintext and ciphertext is the best reason to avoid using Electronic Code Book (ECB) mode of operation
• Third party making a copy of a key sent between communicating parties is the main problem solved by the Diffie-Hellman method
• A false property for a hash function is different output for the same input
• Rainbow table is best defined as a dictionary of hashes
• Password salting is used to increase the work required to brute force a password
• A password like "apple" is easy for humans to remember and easy for computers to guess using dictionary attacks
• Password spraying is using the same password on many different accounts
• A smart card is best described as "something you possess"
• When an enrolled user presents a biometric to an authentication system and it doesn't recognise them, it's called a "False non-match"
• The initial action a virus performs involves checking whether a condition is met that enables it to find a program to infect
• Web shell's primary function is to maintain access
• A system is safe from a zero-day exploit once the vulnerability is fixed
• The most important requirement for a switched packet network is the delivery of packets
• Including a source port identifies which program on client will process the reply
• With a shared key in a WPA2 network, it is false to say that you can protect your web traffic from sniffing using HTTPS
• A digital certificate does not contain the owner's private key
• For a MITM attack using an evil twin, it is LEAST important that the evil twin implements a captive portal

Section B - Applying Concepts

• Being guilty because the action is more important than intention is the correct statement regarding guilt
• Encrypting the plaintext MAXY with the Vigenere cipher and a key of BZ yields the ciphertext NZYX
• Using a cipher with a block size of 16 bits requires 9 bits to be added as padding for a 151-bit plaintext
• If Alice is using RSA to authenticate that she encrypted a message, she should use Alice’s private key

Section C - Short Answers

• Credential stuffing attack: Attacker obtains usernames and passwords then test stolen credentials and gains access if credentials reused, use password per site and some form of SSO
• Hash-based tokens and authenticators using a one-time-password need to have the counter synchronised with each other, since there is no direct communication between the token and the authenticator
• Post quantum computing reduces the time to do number factorisation that is the basis of asymmetric crypto, this allows uses of code that is hard to solve that don't rely on factorising and cannot easily be solved using quantum algorithms