CCNA Cyber Ops (210-250 Secfnd)

114 Questions | Total Attempts: 226

SettingsSettingsSettings
CCNA Cyber Ops (210-250 Secfnd) - Quiz


Questions and Answers
  • 1. 
    What are two examples of the impacts of cryptography on security investigations that an analyst must know? (Choose two)
    • A. 

      Attackers can attack the cryptographic algorithms.

    • B. 

      Cryptographic algorithms make it impossible for an attacker to carry out an attack.

    • C. 

      Attackers can use cryptography to hide their attacks.

    • D. 

      Cryptography does not offer any security against attacks.

  • 2. 
    Which two methods might be used by an analyst to detect SSL/TLS encrypted command-and-control communication? (Choose two.)
    • A. 

      Perform analysis of the NetFlow data to detect anomalous TLS/SSL flows

    • B. 

      Perform firewall HTTP application inspection to detect for the command and control traffic

    • C. 

      Perform decryption and inspection of SSL/TLS traffic

    • D. 

      Perform IPS HTTP deep packets inspection to detect for the command and control traffic

  • 3. 
    Which type of ciphers rearrange or permutate letters?
    • A. 

      Substitution

    • B. 

      Polyalphabetic

    • C. 

      Transposition

    • D. 

      One-time pad

  • 4. 
    Which one of the following algorithms is most susceptible to collision when hashing different data sets?
    • A. 

      SHA-512

    • B. 

      SHA-256

    • C. 

      SHA-1

    • D. 

      MD5

  • 5. 
    What is the primary purpose for using a hash algorithm for a message?
    • A. 

      Integrity

    • B. 

      Availability

    • C. 

      Authentication

    • D. 

      Confidentiality

  • 6. 
    Which one of the following options is used to determine the strength of a modern encryption algorithm?
    • A. 

      Message digest (fingerprint) size

    • B. 

      Cipher block size

    • C. 

      Key size

    • D. 

      Encryption operations OSI layer

  • 7. 
    What is the primary purpose for using an encryption algorithm on a message?
    • A. 

      Availability

    • B. 

      Integrity

    • C. 

      Confidentiality

    • D. 

      Authentication

  • 8. 
    After encryption has been applied to a message, what is the message identified as?
    • A. 

      Hash result

    • B. 

      Ciphertext

    • C. 

      Fingerprint

    • D. 

      Message digest

  • 9. 
    Which type of encryption algorithm uses the same key to encrypt and decrypt data?
    • A. 

      Asymmetric encryption algorithm

    • B. 

      Dodecaphonic algorithm

    • C. 

      Diffie-Hellman algorithm

    • D. 

      Symmetric encryption algorithm

  • 10. 
    Which type of encryption algorithm uses the different but related keys to encrypt and decrypt data?
    • A. 

      Asymmetric encryption algorithm

    • B. 

      Symmetric encryption algorithm

    • C. 

      Dodecaphonic algorithm

    • D. 

      Diffie-Hellman algorithm

  • 11. 
    One cryptanalysis method that is used to defeat a multi-step encryption process uses both the original clear text to work forward toward an intermediate value, and the ending cipher text to work backward toward an intermediate value so that the key space that is to be defeated is smaller and more computationally manageable. Which one of the following terms describes this method?
    • A. 

      Brute-force attack

    • B. 

      Birthday attack

    • C. 

      Meet-in-the-middle attack

    • D. 

      Ciphertext-only attack

  • 12. 
    Which one of the following statements best describes crypto analysis?
    • A. 

      The practice of breaking codes to obtain the meaning of encrypted data.

    • B. 

      The practice of creating one-way encryption cryptographic algorithms.

    • C. 

      The practice of breaking codes to obtain the fingerprint of encrypted data.

    • D. 

      The practice of creating codes to obscure the meaning of plaintext data.

  • 13. 
    Of the following, in which type of an attack does the attacker try every possible key with the decryption algorithm, knowing that eventually one of the keys will work?
    • A. 

      Chosen-ciphertext attack

    • B. 

      Birthday attack

    • C. 

      Brute-force attack

    • D. 

      Ciphertext-only attack

  • 14. 
    Which one of the following options is the block cipher mode that uses an encryption method which has a feedback mechanism where each plaintext block is XORed with the previously encrypted block, and then is encrypted with the DES key?
    • A. 

      ECB

    • B. 

      CBC

    • C. 

      DES

    • D. 

      3DES

  • 15. 
    Which one of the following encryption algorithms is the preferred symmetrical algorithm that is intended to replace 3DES?
    • A. 

      DES

    • B. 

      SHA256

    • C. 

      MD5

    • D. 

      AES

    • E. 

      DSA

    • F. 

      RSA

  • 16. 
    Which one of the following encryption methodologies allows you to maintain the privacy of an email communication, and ensure the origin of the message using PGP?
    • A. 

      Which one of the following encryption methodologies allows you to maintain the privacy of an email communication, and ensure the origin of the message using PGP?

    • B. 

      Encrypt the message with your private key, and again with the destination’s public key, so that the recipients can decrypt the message with their private key and your public key.

    • C. 

      Encrypt the message with your public key, and again with the destination’s private key, so that the recipients can decrypt the message with your private key and their public key.

    • D. 

      Encrypt the message with the destination’s private key so that the recipients can decrypt it with their private key and know they are the only party who generated the private key.

  • 17. 
    Which one do you like?
    • A. 

      Sender’s private key

    • B. 

      Sender’s shared key

    • C. 

      Sender’s public key

    • D. 

      Sender’s digital signature

  • 18. 
    Which one of the following parts of the Diffie-Hellman calculation is an arbitrary item that is agreed upon by both parties before any mathematical calculations?
    • A. 

      Secret key (a)

    • B. 

      Prime number (p)

    • C. 

      Public key (g)

    • D. 

      Public key (g)

  • 19. 
    Which statement about the Diffie-Hellman Key Agreement is true?
    • A. 

      The higher the Diffie-Hellman group number indicates a larger key size.

    • B. 

      The higher the Diffie-Hellman group number indicates a smaller prime number (p).

    • C. 

      The higher the Diffie-Hellman group number indicates a smaller key size.

    • D. 

      The higher the Diffie-Hellman group number indicates no difference in processing requirements.

  • 20. 
    Which one of the following is the first exchange during SSHv1 authentication negotiation?
    • A. 

      The server requests a username and password from the user.

    • B. 

      The server sends a public key to the client.

    • C. 

      The client generates a session key.

    • D. 

      The client and server agree upon the encryption algorithm.

  • 21. 
    To communicate that a document is using a digital signature, which one of the following is the next step in the process after a hash of the document is calculated by the sender?
    • A. 

      The hash is signed using the public key of the receiver.

    • B. 

      The hash is stored by the sender.

    • C. 

      The hash is encrypted using the private key of the sender.

    • D. 

      The hash is appended to the end of the document.

  • 22. 
    Which three security services do digital signatures provide? (Choose three.)
    • A. 

      Integrity

    • B. 

      Confidentiality

    • C. 

      Non-repudiation

    • D. 

      Authenticity

    • E. 

      Availability

  • 23. 
    Which five of the following options are components of the X.509 v3 certificate standard? (Choose five.)
    • A. 

      Serial number

    • B. 

      User name

    • C. 

      Issuer

    • D. 

      Validity date range

    • E. 

      Subject

    • F. 

      Subject public key info

    • G. 

      Department name

  • 24. 
    When using PKI which two of the following are true? (Choose two.)
    • A. 

      The client devices must trust the issuing CA root certificate to validate and trust another device certificate that is issued by the same CA.

    • B. 

      Currently, the PKI architecture requires that the client devices stay in constant contact with the CA in order to trust a certificate that is issued by the CA.

    • C. 

      The CA does not sign the user or device certificate; it only signs its own root certificate.

    • D. 

      Currently, PKI digital identity certificates use the X.509 version 3 structure.

  • 25. 
    Which one of the following actions should be taken by a client to verify the entity that they received a certificate from is the entity that should be using the certificate?
    • A. 

      Decrypt the certificate signature using the CA private key and check to make sure that the certificate hash matches what they received from the peer.

    • B. 

      Send a message encrypted with the system’s peer’s public key to verify that the peer can decrypt the message with the private key of the entity that is identified in the certificate.

    • C. 

      Ensure that the issuer and the subject match on the certificate of the peer.

    • D. 

      Contact the CA by phone to determine how they validated the identity of the system during certificate enrollment of the peer that they are communicating with.

Related Topics
Back to Top Back to top