# CISSP Cryptography Practice Test

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
| By Cindymurray
C
Cindymurray
Community Contributor
Quizzes Created: 8 | Total Attempts: 14,920
Questions: 17 | Attempts: 9,193

Settings

Are you looking for some good practice test questions and answers on CISSP cryptography? Then, you've arrived at the right place. In this test, we will be asking you questions related to cryptography and its related concepts. You have to choose the correct option for every given question. Do you think you can pass this test? Let's start the quiz and see how well you score. So, are you ready? Let's get started then.

• 1.

### Asymmetric key cryptography is used for all of the following except:

• A.

Encryption of data

• B.

Access control

• C.

Nonrepudiation

• D.

Steganography

D. SteganograpHy
Explanation
Asymmetric key cryptography is a method of encryption that uses two different keys, a public key and a private key, to encrypt and decrypt data. It is commonly used for encryption of data to ensure confidentiality and secure communication between parties. It can also be used for access control, where the private key is used to authenticate and grant access to authorized users. Additionally, asymmetric key cryptography can provide nonrepudiation, which means that the sender cannot deny sending a message as their private key is used to sign the message. However, steganography is a different technique that involves hiding information within other media, such as images or audio files, and does not directly involve encryption or asymmetric key cryptography.

Rate this question:

• 2.

### The most common forms of asymmetric key cryptography include

• A.

Diffieâ€“Hellman

• B.

Rijndael

• C.

Blowfish

• D.

SHA-256

A. Diffieâ€“Hellman
Explanation
Diffie-Hellman is a widely used asymmetric key cryptography algorithm. It allows two parties to securely exchange cryptographic keys over an insecure channel. The algorithm is based on the mathematical problem of calculating discrete logarithms in a finite field. Diffie-Hellman provides a way for two parties to generate a shared secret key without actually transmitting it, making it resistant to eavesdropping attacks. It is commonly used in secure communication protocols such as SSL/TLS to establish secure connections between clients and servers.

Rate this question:

• 3.

### What is an important disadvantage of using a public key algorithm compared to a symmetric algorithm?

• A.

A symmetric algorithm provides better access control.

• B.

A symmetric algorithm is a faster process.

• C.

A symmetric algorithm provides nonrepudiation of delivery.

• D.

A symmetric algorithm is more difficult to implement.

B. A symmetric algorithm is a faster process.
Explanation
Using a public key algorithm is slower compared to a symmetric algorithm. Public key algorithms involve complex mathematical calculations and require more computational resources, making them slower in processing data. On the other hand, symmetric algorithms use a single key for both encryption and decryption, resulting in faster processing times.

Rate this question:

• 4.

### When a user needs to provide message integrity, what options may be best?

• A.

Send a digital signature of the message to the recipient

• B.

Encrypt the message with a symmetric algorithm and send it

• C.

Encrypt the message with a private key so the recipient can decrypt with the corresponding public key

• D.

Create a checksum, append it to the message, encrypt the message, then send to recipient.

D. Create a checksum, append it to the message, encrypt the message, then send to recipient.
• 5.

### A certificate authority provides what benefits to a user?

• A.

Protection of public keys of all users

• B.

History of symmetric keys

• C.

Proof of nonrepudiation of origin

• D.

Validation that a public key is associated with a particular user

D. Validation that a public key is associated with a particular user
• 6.

• A.

160 bits

• B.

150 bits

• C.

128 bits

• D.

104 bits

A. 160 bits
• 7.

### ANSI X9.17 is concerned primarily with

• A.

Protection and secrecy of keys

• B.

Financial records and retention of encrypted data

• C.

Formalizing a key hierarchy

• D.

The lifespan of key-encrypting keys (KKMs)

A. Protection and secrecy of keys
• 8.

### When a certificate is revoked, what is the proper procedure?

• A.

Setting new key expiry dates

• B.

Updating the certificate revocation list

• C.

Removal of the private key from all directories

• D.

Notification to all employees of revoked keys

B. Updating the certificate revocation list
• 9.

• A.

• B.

• C.

Link encryption is suitable for high-risk environments.

• D.

Link encryption provides better traffic flow confidentiality.

C. Link encryption is suitable for high-risk environments.
Explanation

Rate this question:

• 10.

### A_________ is the sequence that controls the operation of the cryptographic algorithm.

• A.

Encoder

• B.

Decoder wheel

• C.

Cryptovariable

• D.

Cryptographic routine

C. Cryptovariable
• 11.

### The process used in most block ciphers to increase their strength is

• A.

Diffusion

• B.

Confusion

• C.

Step function

• D.

SP-network

D. SP-network
• 12.

### The two methods of encrypting data are

• A.

Substitution and transposition

• B.

Block and stream

• C.

Symmetric and asymmetric

• D.

DES and AES

C. Symmetric and asymmetric
• 13.

### Cryptography supports all of the core principles of information security except

• A.

Availability

• B.

Confidentiality

• C.

Integrity

• D.

Authenticity

D. Authenticity
Explanation
Cryptography supports the core principles of information security, including availability, confidentiality, integrity, and authenticity. Availability ensures that information is accessible to authorized users when needed, while confidentiality ensures that information is protected from unauthorized access. Integrity ensures that information remains unaltered and accurate, while authenticity ensures that the source of the information can be verified. Therefore, the correct answer is authenticity.

Rate this question:

• 14.

### A way to defeat frequency analysis as a method to determine the key is to use

• A.

Substitution ciphers

• B.

Transposition ciphers

• C.

Polyalphabetic ciphers

• D.

Inversion ciphers

C. PolyalpHabetic cipHers
Explanation
Polyalphabetic ciphers use multiple alphabets or keys to encrypt the plaintext, making it more difficult for frequency analysis to determine the key. Unlike substitution ciphers, where each letter is replaced with a fixed substitution, polyalphabetic ciphers use different substitutions based on the position of the letter in the plaintext. This adds complexity and randomness to the encryption, making it harder to detect patterns and break the cipher using frequency analysis.

Rate this question:

• 15.

### Th e running key cipher is based on

• A.

Modular arithmetic

• B.

XOR mathematics

• C.

Factoring

• D.

Exponentiation

A. Modular arithmetic
Explanation
The running key cipher is based on modular arithmetic because it involves performing calculations within a finite set of numbers. In this encryption method, each letter of the plaintext is shifted by a corresponding letter from the running key, which is a repeating sequence of characters. The shift is determined by the position of the letters in the alphabet, and if the shift exceeds the number of letters in the alphabet, it wraps around using modular arithmetic. This ensures that the resulting ciphertext remains within the range of the alphabet.

Rate this question:

• 16.

### The only cipher system said to be unbreakable by brute force is

• A.

AES

• B.

DES

• C.

• D.

Triple DES

Explanation
The one-time pad is considered unbreakable by brute force because it uses a random key that is as long as the message itself. This key is never reused and is kept completely secret. Each character of the message is encrypted by combining it with the corresponding character of the key using a simple mathematical operation. Since the key is random and used only once, it provides perfect secrecy and makes it impossible for an attacker to determine the original message without knowing the key. In contrast, other cipher systems like AES, DES, and Triple DES can potentially be broken through brute force attacks or other cryptographic attacks.

Rate this question:

• 17.

### Messages protected by steganography can be transmitted to

• A.

Picture files

• B.

Music files

• C.

Video files

• D.

All of the above

D. All of the above
Explanation
Steganography is the practice of hiding messages within other files to ensure secrecy. It involves embedding the message within the data of another file, such as a picture, music, or video file. This allows the message to be transmitted without arousing suspicion. Therefore, all of the above options are correct as they can be used to transmit messages protected by steganography.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

• Current Version
• May 01, 2023
Quiz Edited by
ProProfs Editorial Team
• Dec 21, 2012
Quiz Created by
Cindymurray

Related Topics