We just do not compromise with the bright future of our respected customers. PassExam4Sure takes the future of clients quite seriously and we ensure that our SSCP exam dumps get you through the line. If you think that our exam question and answers did not help you much with the exam paper and you failed it somehow, we will happily return all of your invested money with a full 100% refund.
100% Real Questions
We verify and assure the authenticity of ISC2 SSCP exam dumps PDFs with 100% real and exam-oriented questions. Our exam questions and answers comprise 100% real exam questions from the latest and most recent exams in which you’re going to appear. So, our majestic library of exam dumps for ISC2 SSCP is surely going to push on forward on the path of success.
Security & Privacy
Free for download ISC2 SSCP demo papers are available for our customers to verify the authenticity of our legit helpful exam paper samples, and to authenticate what you will be getting from PassExam4Sure. We have tons of visitors daily who simply opt and try this process before making their purchase for ISC2 SSCP exam dumps.
Last Week SSCP Exam Results
207
Customers Passed ISC2 SSCP Exam
95%
Average Score In Real SSCP Exam
98%
Questions came from our SSCP dumps.
Authentic SSCP Exam Dumps
Prepare for ISC2 SSCP Exam like a Pro
PassExam4Sure is famous for its top-notch services for providing the most helpful, accurate, and up-to-date material for ISC2 SSCP exam in form of PDFs. Our SSCP dumps for this particular exam is timely tested for any reviews in the content and if it needs any format changes or addition of new questions as per new exams conducted in recent times. Our highly-qualified professionals assure the guarantee that you will be passing out your exam with at least 85% marks overall. PassExam4Sure ISC2 SSCP ProvenDumps is the best possible way to prepare and pass your certification exam.
Easy Access and Friendly UI
PassExam4Sure is your best buddy in providing you with the latest and most accurate material without any hidden charges or pointless scrolling. We value your time and we strive hard to provide you with the best possible formatting of the PDFs with accurate, to the point, and vital information about ISC2 SSCP. PassExam4Sure is your 24/7 guide partner and our exam material is curated in a way that it will be easily readable on all smartphone devices, tabs, and laptop PCs.
PassExam4Sure - The Undisputed King for Preparing SSCP Exam
We have a sheer focus on providing you with the best course material for ISC2 SSCP. So that you may prepare your exam like a pro, and get certified within no time. Our practice exam material will give you the necessary confidence you need to sit, relax, and do the exam in a real exam environment. If you truly crave success then simply sign up for PassExam4Sure ISC2 SSCP exam material. There are millions of people all over the globe who have completed their certification using PassExam4Sure exam dumps for ISC2 SSCP.
100% Authentic ISC2 SSCP – Study Guide (Update 2024)
Our ISC2 SSCP exam questions and answers are reviewed by us on weekly basis. Our team of highly qualified ISC2 professionals, who once also cleared the exams using our certification content does all the analysis of our recent exam dumps. The team makes sure that you will be getting the latest and the greatest exam content to practice, and polish your skills the right way. All you got to do now is to practice, practice a lot by taking our demo questions exam, and making sure that you prepare well for the final examination. ISC2 SSCP test is going to test you, play with your mind and psychology, and so be prepared for what’s coming. PassExam4Sure is here to help you and guide you in all steps you will be going through in your preparation for glory. Our free downloadable demo content can be checked out if you feel like testing us before investing your hard-earned money. PassExam4Sure guaranteed your success in the ISC2 SSCP exam because we have the newest and most authentic exam material that cannot be found anywhere else on the internet.
ISC2 SSCP Sample Questions
Question # 1
Which of the following statements is most accurate regarding a digital signature?
A. It is a method used to encrypt confidential data. B. It is the art of transferring handwritten signature to electronic media. C. It allows the recipient of data to prove the source and integrity of data. D. It can be used as a signature system and a cryptosystem.
Answer: C
Explanation:
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Question # 2
Which of the following standards concerns digital certificates?
A. X.400 B. X.25 C. X.509 D. X.75
Answer: C
Explanation:
X.509 is used in digital certificates. X.400 is used in e-mail as a message handling protocol. X.25
is a standard for the network and data link levels of a communication network and X.75 is a
standard defining ways of connecting two X.25 networks.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 164).
Question # 3
Which of the following offers confidentiality to an e-mail message?
A. The sender encrypting it with its private key. B. The sender encrypting it with its public key. C. The sender encrypting it with the receiver's public key. D. The sender encrypting it with the receiver's private key.
Answer: C
Explanation:
An e-mail message's confidentiality is protected when encrypted with the receiver's public key,
because he is the only one able to decrypt the message. The sender is not supposed to have the
receiver's private key. By encrypting a message with its private key, anybody possessing the
corresponding public key would be able to read the message. By encrypting the message with its
public key, not even the receiver would be able to read the message.
Which of the following is NOT a property of the Rijndael block cipher algorithm?
A. The key sizes must be a multiple of 32 bits B. Maximum block size is 256 bits C. Maximum key size is 512 bits D. The key size does not have to match the block size
Answer: C
Explanation:
The above statement is NOT true and thus the correct answer. The maximum key size on Rijndael
is 256 bits.
There are some differences between Rijndael and the official FIPS-197 specification for AES.
Rijndael specification per se is specified with block and key sizes that must be a multiple of 32
bits, both with a minimum of 128 and a maximum of 256 bits. Namely, Rijndael allows for both key
and block sizes to be chosen independently from the set of { 128, 160, 192, 224, 256 } bits. (And
the key size does not in fact have to match the block size).
However, FIPS-197 specifies that the block size must always be 128 bits in AES, and that the key
size may be either 128, 192, or 256 bits. Therefore AES-128, AES-192, and AES-256 are actually:
Key Size (bits) Block Size (bits)
AES-128 128 128
AES-192 192 128
AES-256 256 128
So in short:
Rijndael and AES differ only in the range of supported values for the block length and cipher key
length.
For Rijndael, the block length and the key length can be independently specified to any multiple of
32 bits, with a minimum of 128 bits, and a maximum of 256 bits.
AES fixes the block length to 128 bits, and supports key lengths of 128, 192 or 256 bits only.
What principle focuses on the uniqueness of separate objects that must be joined together toperform a task? It is sometimes referred to as “what each must bring” and joined together whengetting access or decrypting a file. Each of which does not reveal the other?
A. Dual control B. Separation of duties C. Split knowledge D. Need to know
Answer: C
Explanation:
Split knowledge involves encryption keys being separated into two components, each of which
does not reveal the other. Split knowledge is the other complementary access control principle to
dual control.
In cryptographic terms, one could say dual control and split knowledge are properly implemented if
no one person has access to or knowledge of the content of the complete cryptographic key being
protected by the two rocesses.
The sound implementation of dual control and split knowledge in a cryptographic environment
necessarily means that the quickest way to break the key would be through the best attack known
for the algorithm of that key. The principles of dual control and split knowledge primarily apply to
access to plaintext keys.
Access to cryptographic keys used for encrypting and decrypting data or access to keys that are
encrypted under a master key (which may or may not be maintained under dual control and split
knowledge) do not require dual control and split knowledge. Dual control and split knowledge can
be summed up as the determination of any part of a key being protected must require the collusion
between two or more persons with each supplying unique cryptographic materials that must be
joined together to access the protected key.
Any feasible method to violate the axiom means that the principles of dual control and split
knowledge are not being upheld.
Split knowledge is the unique “what each must bring” and joined together when implementing dual
control. To illustrate, a box containing petty cash is secured by one combination lock and one
keyed lock. One employee is given the combination to the combo lock and another employee has
possession of the correct key to the keyed lock.
In order to get the cash out of the box both employees must be present at the cash box at the
same time. One cannot open the box without the other. This is the aspect of dual control.
On the other hand, split knowledge is exemplified here by the different objects (the combination to
the combo lock and the correct physical key), both of which are unique and necessary, that each
brings to the meeting. Split knowledge focuses on the uniqueness of separate objects that must be
joined together.
Dual control has to do with forcing the collusion of at least two or more persons to combine their
split knowledge to gain access to an asset. Both split knowledge and dual control complement
each other and are necessary functions that implement the segregation of duties in high integrity
cryptographic environments.
The following are incorrect answers:
Dual control is a procedure that uses two or more entities (usually persons) operating in concert to
protect a system resource, such that no single entity acting alone can access that resource. Dual
control is implemented as a security procedure that requires two or more persons to come
together and collude to complete a process. In a cryptographic system the two (or more) persons
would each supply a unique key, that when taken together, performs a cryptographic process.
Split knowledge is the other complementary access control principle to dual control.
Separation of duties - The practice of dividing the steps in a system function among different
individuals, so as to keep a single individual from subverting the process.
The need-to-know principle requires a user having necessity for access to, knowledge of, or
possession of specific information required to perform official tasks or services.
Reference(s) used for this question:
Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition :
Shon Harris, CISSP All In One (AIO), 6th Edition , page 126
Question # 13
Which of the following is a symmetric encryption algorithm?
A. RSA B. Elliptic Curve C. RC5 D. El Gamal
Answer: C
Explanation:
RC5 is a symmetric encryption algorithm. It is a block cipher of variable block length, encrypts
through integer addition, the application of a bitwise Exclusive OR (XOR), and variable rotations.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 153).
Question # 14
What level of assurance for a digital certificate verifies a user's name, address, social securitynumber, and other information against a credit bureau database?
A. Level 1/Class 1 B. Level 2/Class 2 C. Level 3/Class 3 D. Level 4/Class 4
Answer: B
Explanation:
Users can obtain certificates with various levels of assurance. Here is a list that describe each of
them:
- Class 1/Level 1 for individuals, intended for email, no proof of identity
For example, level 1 certificates verify electronic mail addresses. This is done through the use of a
personal information number that a user would supply when asked to register. This level of
certificate may also provide a name as well as an electronic mail address; however, it may or may
not be a genuine name (i.e., it could be an alias). This proves that a human being will reply back if
you send an email to that name or email address.
- Class 2/Level 2 is for organizations and companies for which proof of identity is required
Level 2 certificates verify a user's name, address, social security number, and other information
against a credit bureau database.
- Class 3/Level 3 is for servers and software signing, for which independent verification and
checking of identity and authority is done by the issuing certificate authority
Level 3 certificates are available to companies. This level of certificate provides photo identification
to accompany the other items of information provided by a level 2 certificate.
- Class 4 for online business transactions between companies
- Class 5 for private organizations or governmental security
What algorithm has been selected as the AES algorithm, replacing the DES algorithm?
A. RC6 B. Twofish C. Rijndael D. Blowfish
Answer: C
Explanation:
On October 2, 2000, NIST announced the selection of the Rijndael Block Cipher, developed by the
Belgian cryptographers Dr. Joan Daemen and Dr. Vincent Rijmen, as the proposed AES
algorithm. Twofish and RC6 were also candidates. Blowfish is also a symmetric algorithm but
wasn't a finalist for a replacement for DES.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 152).
Question # 16
Which of the following statements pertaining to block ciphers is incorrect?
A. It operates on fixed-size blocks of plaintext. B. It is more suitable for software than hardware implementations. C. Plain text is encrypted with a public key and decrypted with a private key. D. Some Block ciphers can operate internally as a stream.
Answer: C
Explanation:
Block ciphers do not use public cryptography (private and public keys).
Block ciphers is a type of symmetric-key encryption algorithm that transforms a fixed-size block of
plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length.
They are appropriate for software implementations and can operate internally as a stream. See
more info below about DES in Output Feedback Mode (OFB), which makes use internally of a
stream cipher.
The output feedback (OFB) mode makes a block cipher into a synchronous stream cipher. It
generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
Just as with other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the
plaintext at the same location. This property allows many error correcting codes to function
What can be defined as secret communications where the very existence of the message is hidden?
A. Clustering B. Steganography C. Cryptology D. Vernam cipher
Answer: B
Explanation:
Steganography is a secret communication where the very existence of the message is hidden. For
example, in a digital image, the least significant bit of each word can be used to comprise a
message without causing any significant change in the image. Key clustering is a situation in
which a plaintext message generates identical ciphertext messages using the same transformation
algorithm but with different keys. Cryptology encompasses cryptography and cryptanalysis. The
Vernam Cipher, also called a one-time pad, is an encryption scheme using a random key of the
same size as the message and is used only once. It is said to be unbreakable, even with infinite
resources.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 134).
Question # 18
Which of the following BEST describes a function relying on a shared secret key that is used alongwith a hashing algorithm to verify the integrity of the communication content as well as the sender?
A. Message Authentication Code - MAC B. PAM - Pluggable Authentication Module C. NAM - Negative Acknowledgement Message D. Digital Signature Certificate
Answer: A
Explanation:
The purpose of a message authentication code - MAC is to verify both the source and message
integrity without the need for additional processes.
A MAC algorithm, sometimes called a keyed (cryptographic) hash function (however,
cryptographic hash function is only one of the possible ways to generate MACs), accepts as input
a secret key and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes
known as a tag). The MAC value protects both a message's data integrity as well as its
authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the
message content.
MACs differ from digital signatures as MAC values are both generated and verified using the same
secret key. This implies that the sender and receiver of a message must agree on the same key
before initiating communications, as is the case with symmetric encryption. For the same reason,
MACs do not provide the property of non-repudiation offered by signatures specifically in the case
of a network-wide shared secret key: any user who can verify a MAC is also capable of generating
MACs for other messages.
In contrast, a digital signature is generated using the private key of a key pair, which is asymmetric
encryption. Since this private key is only accessible to its holder, a digital signature proves that a
document was signed by none other than that holder. Thus, digital signatures do offer nonrepudiation.
The following answers are incorrect:
PAM - Pluggable Authentication Module: This isn't the right answer. There is no known message
authentication function called a PAM. However, a pluggable authentication module (PAM) is a
mechanism to integrate multiple low-level authentication schemes and commonly used within the
Linux Operating System.
NAM - Negative Acknowledgement Message: This isn't the right answer. There is no known
message authentication function called a NAM. The proper term for a negative acknowledgement
is NAK, it is a signal used in digital communications to ensure that data is received with a
minimum of errors.
Digital Signature Certificate: This isn't right. As it is explained and contrasted in the explanations
provided above.
The following reference(s) was used to create this question:
The CCCure Computer Based Tutorial for Security+, you can subscribe at http://www.cccure.tv
Which of the following is true about link encryption?
A. Each entity has a common key with the destination node. B. Encrypted messages are only decrypted by the final node. C. This mode does not provide protection if anyone of the nodes along the transmission path is compromised. D. Only secure nodes are used in this type of transmission.
Answer: C
Explanation:
In link encryption, each entity has keys in common with its two neighboring nodes in the
transmission chain.
Thus, a node receives the encrypted message from its predecessor, decrypts it, and then re773
encrypts it with a new key, common to the successor node. Obviously, this mode does not provide
protection if anyone of the nodes along the transmission path is compromised.
Encryption can be performed at different communication levels, each with different types of
protection and implications. Two general modes of encryption implementation are link encryption
and end-to-end encryption.
Link encryption encrypts all the data along a specific communication path, as in a satellite link, T3
line, or telephone circuit. Not only is the user information encrypted, but the header, trailers,
addresses, and routing data that are part of the packets are also encrypted. The only traffic not
encrypted in this technology is the data link control messaging information, which includes
instructions and parameters that the different link devices use to synchronize communication
methods. Link encryption provides protection against packet sniffers and eavesdroppers.
In end-to-end encryption, the headers, addresses, routing, and trailer information are not
encrypted, enabling attackers to learn more about a captured packet and where it is headed.
Which of the following answers is described as a random value used in cryptographic algorithmsto ensure that patterns are not created during the encryption process?
A. IV - Initialization Vector B. Stream Cipher C. OTP - One Time Pad D. Ciphertext
Answer: A
Explanation:
The basic power in cryptography is randomness. This uncertainty is why encrypted data is
unusable to someone without the key to decrypt.
Initialization Vectors are a used with encryption keys to add an extra layer of randomness to
encrypted data. If no IV is used the attacker can possibly break the keyspace because of patterns
resulting in the encryption process. Implementation such as DES in Code Book Mode (CBC)
would allow frequency analysis attack to take place.
In cryptography, an initialization vector (IV) or starting variable (SV)is a fixed-size input to a
cryptographic primitive that is typically required to be random or pseudorandom. Randomization is
crucial for encryption schemes to achieve semantic security, a property whereby repeated usage
of the scheme under the same key does not allow an attacker to infer relationships between
segments of the encrypted message. For block ciphers, the use of an IV is described by so-called
modes of operation. Randomization is also required for other primitives, such as universal hash
functions and message authentication codes based thereon.
It is define by TechTarget as:
An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data
encryption. This number, also called a nonce, is employed only one time in any session.
The use of an IV prevents repetition in data encryption, making it more difficult for a hacker using a
dictionary attack to find patterns and break a cipher. For example, a sequence might appear twice
or more within the body of a message. If there are repeated sequences in encrypted data, an
attacker could assume that the corresponding sequences in the message were also identical. The
IV prevents the appearance of corresponding duplicate character sequences in the ciphertext.
The following answers are incorrect:
- Stream Cipher: This isn't correct. A stream cipher is a symmetric key cipher where plaintext digits
are combined with pseudorandom key stream to product cipher text.
- OTP - One Time Pad: This isn't correct but OTP is made up of random values used as key
material. (Encryption key) It is considered by most to be unbreakable but must be changed with a
new key after it is used which makes it impractical for common use.
- Ciphertext: Sorry, incorrect answer. Ciphertext is basically text that has been encrypted with key
material (Encryption key)
The following reference(s) was used to create this question:
For more details on this TOPIC and other QUESTION NO: s of the Security+ CBK, subscribe to
Which type of encryption is considered to be unbreakable if the stream is truly random and is aslarge as the plaintext and never reused in whole or part?
A. One Time Pad (OTP) B. One time Cryptopad (OTC) C. Cryptanalysis D. Pretty Good Privacy (PGP)
Answer: A
Explanation:
OTP or One Time Pad is considered unbreakable if the key is truly random and is as large as the
plaintext and never reused in whole or part AND kept secret.
In cryptography, a one-time pad is a system in which a key generated randomly is used only once
to encrypt a message that is then decrypted by the receiver using the matching one-time pad and
key. Messages encrypted with keys based on randomness have the advantage that there is
theoretically no way to "break the code" by analyzing a succession of messages. Each encryption
is unique and bears no relation to the next encryption so that some pattern can be detected.
With a one-time pad, however, the decrypting party must have access to the same key used to
encrypt the message and this raises the problem of how to get the key to the decrypting party
safely or how to keep both keys secure. One-time pads have sometimes been used when the both
parties started out at the same physical location and then separated, each with knowledge of the
keys in the one-time pad. The key used in a one-time pad is called a secret key because if it is
revealed, the messages encrypted with it can easily be deciphered.
One-time pads figured prominently in secret message transmission and espionage before and
during World War II and in the Cold War era. On the Internet, the difficulty of securely controlling
secret keys led to the invention of public key cryptography.
The biggest challenge with OTP was to get the pad security to the person or entity you wanted to
communicate with. It had to be done in person or using a trusted courrier or custodian. It certainly
did not scale up very well and it would not be usable for large quantity of data that needs to be
encrypted as we often time have today.
The following answers are incorrect:
- One time Cryptopad: Almost but this isn't correct. Cryptopad isn't a valid term in cryptography.
- Cryptanalysis: Sorry, incorrect. Cryptanalysis is the process of analyzing information in an effort
to breach the cryptographic security systems.
- PGP - Pretty Good Privacy: PGP, written by Phil Zimmermann is a data encryption and
decryption program that provides cryptographic privacy and authentication for data. Still isn't the
right answer though. Read more here about PGP.
The following reference(s) was used to create this question:
To get more info on this QUESTION NO: s or any QUESTION NO: s of Security+, subscribe to the
Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credi card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?
A. SSH ( Secure Shell) B. S/MIME (Secure MIME) C. SET (Secure Electronic Transaction) D. SSL (Secure Sockets Layer)
Answer: C
Explanation:
As protocol was introduced by Visa and Mastercard to allow for more credit card transaction
possibilities. It is comprised of three different pieces of software, running on the customer's PC (an
electronic wallet), on the merchant's Web server and on the payment server of the merchant's
bank. The credit card information is sent by the customer to the merchant's Web server, but it
does not open it and instead digitally signs it and sends it to its bank's payment server for
processing.
The following answers are incorrect because :
SSH (Secure Shell) is incorrect as it functions as a type of tunneling mechanism that provides
terminal like access to remote computers.
S/MIME is incorrect as it is a standard for encrypting and digitally signing electronic mail and for
providing secure data transmissions.
SSL is incorrect as it uses public key encryption and provides data encryption, server
authentication, message integrity, and optional client authentication.
When we encrypt or decrypt data there is a basic operation involving ones and zeros where theyare compared in a process that looks something like this:0101 0001 Plain text0111 0011 Key stream0010 0010 OutputWhat is this cryptographic operation called?
A. Exclusive-OR B. Bit Swapping C. Logical-NOR D. Decryption
Answer: A
Explanation:
When we encrypt data we are basically taking the plaintext information and applying some key
material or keystream and conducting something called an XOR or Exclusive-OR operation.
The symbol used for XOR is the following: This is a type of cipher known as a stream cipher.
The operation looks like this:
0101 0001 Plain text
0111 0011 Key stream
0010 0010 Output (ciphertext)
As you can see, it's not simple addition and the XOR Operation uses something called a truth
table that explains why 0+1=1 and 1+1=0.
The rules are simples, if both bits are the same the result is zero, if both bits are not the same the
result is one.
The following answers are incorrect:
- Bit Swapping: Incorrect. This isn't a known cryptographic operations.
- Logical NOR: Sorry, this isn't correct but is where only 0+0=1. All other combinations of 1+1, 1+0
equals 0. More on NOR here.
- Decryption: Sorry, this is the opposite of the process of encryption or, the process of applying the
keystream to the plaintext to get the resulting encrypted text.
The following reference(s) was used to create this question:
For more details on XOR and all other QUESTION NO: s of cryptography. Subscribe to our holistic
The Diffie-Hellman algorithm is primarily used to provide which of the following?
A. Confidentiality B. Key Agreement C. Integrity D. Non-repudiation
Answer: B
Explanation:
Diffie and Hellman describe a means for two parties to agree upon a shared secret in such a way
that the secret will be unavailable to eavesdroppers. This secret may then be converted into
cryptographic keying material for other (symmetric) algorithms. A large number of minor variants of
this process exist. See RFC 2631 Diffie-Hellman Key Agreement Method for more details.
In 1976, Diffie and Hellman were the first to introduce the notion of public key cryptography,
requiring a system allowing the exchange of secret keys over non-secure channels. The DiffieHellman algorithm is used for key exchange between two parties communicating with each other,
it cannot be used for encrypting and decrypting messages, or digital signature.
Diffie and Hellman sought to address the issue of having to exchange keys via courier and other
unsecure means. Their efforts were the FIRST asymmetric key agreement algorithm. Since the
Diffie-Hellman algorithm cannot be used for encrypting and decrypting it cannot provide
confidentiality nor integrity. This algorithm also does not provide for digital signature functionality
and thus non-repudiation is not a choice.
NOTE: The DH algorithm is susceptible to man-in-the-middle attacks.
KEY AGREEMENT VERSUS KEY EXCHANGE
A key exchange can be done multiple way. It can be done in person, I can generate a key and
then encrypt the key to get it securely to you by encrypting it with your public key. A Key
Agreement protocol is done over a public medium such as the internet using a mathematical
formula to come out with a common value on both sides of the communication link, without the
ennemy being able to know what the common agreement is.
The following answers were incorrect:
All of the other choices were not correct choices
Reference(s) used for this question:
Shon Harris, CISSP All In One (AIO), 6th edition . Chapter 7, Cryptography, Page 812.
You work in a police department forensics lab where you examine computers for evidence ofcrimes. Your work is vital to the success of the prosecution of criminals.One day you receive a laptop and are part of a two man team responsible for examining ittogether. However, it is lunch time and after receiving the laptop you leave it on your desk and youboth head out to lunch.What critical step in forensic evidence have you forgotten?
A. Chain of custody B. Locking the laptop in your desk C. Making a disk image for examination D. Cracking the admin password with chntpw
Answer: A
Explanation:
When evidence from a crime is to be used in the prosecution of a criminal it is critical that you
follow the law when handling that evidence. Part of that process is called chain of custody and is
when you maintain proactive and documented control over ALL evidence involved in a crime.
Failure to do this can lead to the dismissal of charges against a criminal because if the evidence is
compromised because you failed to maintain of chain of custody.
A chain of custody is chronological documentation for evidence in a particular case, and is
especially important with electronic evidence due to the possibility of fraudulent data alteration,
deletion, or creation. A fully detailed chain of custody report is necessary to prove the physical
custody of a piece of evidence and show all parties that had access to said evidence at any given
time.
Evidence must be protected from the time it is collected until the time it is presented in court.
The following answers are incorrect:
- Locking the laptop in your desk: Even this wouldn't assure that the defense team would try to
challenge chain of custody handling. It's usually easy to break into a desk drawer and evidence
should be stored in approved safes or other storage facility.
- Making a disk image for examination: This is a key part of system forensics where we make a
disk image of the evidence system and study that as opposed to studying the real disk drive. That
could lead to loss of evidence. However if the original evidence is not secured than the chain of
custoday has not been maintained properly.
- Cracking the admin password with chntpw: This isn't correct. Your first mistake was to
compromise the chain of custody of the laptop. The chntpw program is a Linux utility to (re)set the
password of any user that has a valid (local) account on a Windows system, by modifying the
crypted password in the registry's SAM file. You do not need to know the old password to set a
new one. It works offline which means you must have physical access (i.e., you have to shutdown
your computer and boot off a linux floppy disk). The bootdisk includes stuff to access NTFS
partitions and scripts to glue the whole thing together. This utility works with SYSKEY and includes
the option to turn it off. A bootdisk image is provided on their website at
What is NOT true about a one-way hashing function?
A. It provides authentication of the message B. A hash cannot be reverse to get the message used to create the hash C. The results of a one-way hash is a message digest D. It provides integrity of the message
Answer: A
Explanation:
A one way hashing function can only be use for the integrity of a message and not for
authentication or confidentiality. Because the hash creates just a fingerprint of the message which
cannot be reversed and it is also very difficult to create a second message with the same hash.
A hash by itself does not provide Authentication. It only provides a weak form or integrity. It would
be possible for an attacker to perform a Man-In-The-Middle attack where both the hash and the
digest could be changed without the receiver knowing it.
A hash combined with your session key will produce a Message Authentication Code (MAC) which
will provide you with both authentication of the source and integrity. It is sometimes referred to as
a Keyed Hash.
A hash encrypted with the sender private key produce a Digital Signature which provide
authentication, but not the hash by itself.
Hashing functions by themselves such as MD5, SHA1, SHA2, SHA-3 does not provide
This type of attack is generally most applicable to public-key cryptosystems, what type of attackam I ?
A. Chosen-Ciphertext attack B. Ciphertext-only attack C. Plaintext Only Attack D. Adaptive-Chosen-Plaintext attack
Answer: A
Explanation:
A chosen-ciphertext attack is one in which cryptanalyst may choose a piece of ciphertext and
attempt to obtain the corresponding decrypted plaintext. This type of attack is generally most
applicable to public-key cryptosystems.
A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis in which the cryptanalyst
gathers information, at least in part, by choosing a ciphertext and obtaining its decryption under an
unknown key. In the attack, an adversary has a chance to enter one or more known ciphertexts
into the system and obtain the resulting plaintexts. From these pieces of information the adversary
can attempt to recover the hidden secret key used for decryption.
A number of otherwise secure schemes can be defeated under chosen-ciphertext attack. For
example, the El Gamal cryptosystem is semantically secure under chosen-plaintext attack, but this
semantic security can be trivially defeated under a chosen-ciphertext attack. Early versions of RSA
padding used in the SSL protocol were vulnerable to a sophisticated adaptive chosen-ciphertext
attack which revealed SSL session keys. Chosen-ciphertext attacks have implications for some
self-synchronizing stream ciphers as well. Designers of tamper-resistant cryptographic smart
cards must be particularly cognizant of these attacks, as these devices may be completely under
the control of an adversary, who can issue a large number of chosen-ciphertexts in an attempt to
recover the hidden secret key.
According to RSA:
Cryptanalytic attacks are generally classified into six categories that distinguish the kind of
information the cryptanalyst has available to mount an attack. The categories of attack are listed
here roughly in increasing order of the quality of information available to the cryptanalyst, or,
equivalently, in decreasing order of the level of difficulty to the cryptanalyst. The objective of the
cryptanalyst in all cases is to be able to decrypt new pieces of ciphertext without additional
information. The ideal for a cryptanalyst is to extract the secret key.
A ciphertext-only attack is one in which the cryptanalyst obtains a sample of ciphertext, without the
plaintext associated with it. This data is relatively easy to obtain in many scenarios, but a
successful ciphertext-only attack is generally difficult, and requires a very large ciphertext sample.
Such attack was possible on cipher using Code Book Mode where frequency analysis was being
used and even thou only the ciphertext was available, it was still possible to eventually collect
enough data and decipher it without having the key.
A known-plaintext attack is one in which the cryptanalyst obtains a sample of ciphertext and the
corresponding plaintext as well. The known-plaintext attack (KPA) or crib is an attack model for
cryptanalysis where the attacker has samples of both the plaintext and its encrypted version
(ciphertext), and is at liberty to make use of them to reveal further secret information such as
secret keys and code books.
A chosen-plaintext attack is one in which the cryptanalyst is able to choose a quantity of plaintext
and then obtain the corresponding encrypted ciphertext. A chosen-plaintext attack (CPA) is an
attack model for cryptanalysis which presumes that the attacker has the capability to choose
arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. The goal of the
attack is to gain some further information which reduces the security of the encryption scheme. In
the worst case, a chosen-plaintext attack could reveal the scheme's secret key.
This appears, at first glance, to be an unrealistic model; it would certainly be unlikely that an
attacker could persuade a human cryptographer to encrypt large amounts of plaintexts of the
attacker's choosing. Modern cryptography, on the other hand, is implemented in software or
hardware and is used for a diverse range of applications; for many cases, a chosen-plaintext
attack is often very feasible. Chosen-plaintext attacks become extremely important in the context
of public key cryptography, where the encryption key is public and attackers can encrypt any
plaintext they choose.
Any cipher that can prevent chosen-plaintext attacks is then also guaranteed to be secure against
known-plaintext and ciphertext-only attacks; this is a conservative approach to security.
Two forms of chosen-plaintext attack can be distinguished:
Batch chosen-plaintext attack, where the cryptanalyst chooses all plaintexts before any of them
are encrypted. This is often the meaning of an unqualified use of "chosen-plaintext attack".
Adaptive chosen-plaintext attack, is a special case of chosen-plaintext attack in which the
cryptanalyst is able to choose plaintext samples dynamically, and alter his or her choices based on
the results of previous encryptions. The cryptanalyst makes a series of interactive queries,
choosing subsequent plaintexts based on the information from the previous encryptions.
Non-randomized (deterministic) public key encryption algorithms are vulnerable to simple
"dictionary"-type attacks, where the attacker builds a table of likely messages and their
corresponding ciphertexts. To find the decryption of some observed ciphertext, the attacker simply
looks the ciphertext up in the table. As a result, public-key definitions of security under chosenplaintext attack require probabilistic encryption (i.e., randomized encryption). Conventional
symmetric ciphers, in which the same key is used to encrypt and decrypt a text, may also be
vulnerable to other forms of chosen-plaintext attack, for example, differential cryptanalysis of block
ciphers.
An adaptive-chosen-ciphertext is the adaptive version of the above attack. A cryptanalyst can
mount an attack of this type in a scenario in which he has free use of a piece of decryption
hardware, but is unable to extract the decryption key from it.
An adaptive chosen-ciphertext attack (abbreviated as CCA2) is an interactive form of chosenciphertext attack in which an attacker sends a number of ciphertexts to be decrypted, then uses
the results of these decryptions to select subsequent ciphertexts. It is to be distinguished from an
indifferent chosen-ciphertext attack (CCA1).
The goal of this attack is to gradually reveal information about an encrypted message, or about the
decryption key itself. For public-key systems, adaptive-chosen-ciphertexts are generally applicable
only when they have the property of ciphertext malleability — that is, a ciphertext can be modified
in specific ways that will have a predictable effect on the decryption of that message.
A Plaintext Only Attack is simply a bogus detractor. If you have the plaintext only then there is no
need to perform any attack.
References:
RSA Laboratories FAQs about today's cryptography: What are some of the basic types of
Which of the following concerning the Rijndael block cipher algorithm is false?
A. The design of Rijndael was strongly influenced by the design of the block cipher Square. B. A total of 25 combinations of key length and block length are possible C. Both block size and key length can be extended to multiples of 64 bits. D. The cipher has a variable block length and key length.
Answer: C
Explanation:
The answer above is the correct answer because it is FALSE. Rijndael does not support multiples
of 64 bits but multiples of 32 bits in the range of 128 bits to 256 bits. Key length could be 128, 160,
192, 224, and 256.
Both block length and key length can be extended very easily to multiples of 32 bits. For a total
combination of 25 different block and key size that are possible.
The Rijndael Cipher
Rijndael is a block cipher, designed by Joan Daemen and Vincent Rijmen as a candidate
algorithm for the Advanced Encryption Standard (AES) in the United States of America. The cipher
has a variable block length and key length.
Rijndael can be implemented very efficiently on a wide range of processors and in hardware.
The design of Rijndael was strongly influenced by the design of the block cipher Square.
The Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) keys are defined to be either 128, 192, or 256 bits in
accordance with the requirements of the AES.
The number of rounds, or iterations of the main algorithm, can vary from 10 to 14 within the
Advanced Encryption Standard (AES) and is dependent on the block size and key length. 128 bits
keys uses 10 rounds or encryptions, 192 bits keys uses 12 rounds of encryption, and 256 bits keys
uses 14 rounds of encryption.
The low number of rounds has been one of the main criticisms of Rijndael, but if this ever
becomes a problem the number of rounds can easily be increased at little extra cost performance
wise by increasing the block size and key length.
Range of key and block lengths in Rijndael and AES
Rijndael and AES differ only in the range of supported values for the block length and cipher key
length.
For Rijndael, the block length and the key length can be independently specified to any multiple of
32 bits, with a minimum of 128 bits, and a maximum of 256 bits. The support for block and key
lengths 160 and 224 bits was introduced in Joan Daemen and Vincent Rijmen, AES submission
document on Rijndael, Version 2, September 1999 available at
FIPS PUB 197, Advanced Encryption Standard (AES), National Institute of Standards and
Technology, U.S. Department of Commerce, November 2001.
Question # 41
What is the name of a one way transformation of a string of characters into a usually shorter fixedlength value or key that represents the original string? Such a transformation cannot be reversed?
A. One-way hash B. DES C. Transposition D. Substitution
Answer: A
Explanation:
A cryptographic hash function is a transformation that takes an input (or 'message') and returns a
fixed-size string, which is called the hash value (sometimes termed a message digest, a digital
fingerprint, a digest or a checksum).
The ideal hash function has three main properties - it is extremely easy to calculate a hash for any
given data, it is extremely difficult or almost impossible in a practical sense to calculate a text that
has a given hash, and it is extremely unlikely that two different messages, however close, will
have the same hash.
Functions with these properties are used as hash functions for a variety of purposes, both within
and outside cryptography. Practical applications include message integrity checks, digital
signatures, authentication, and various information security applications. A hash can also act as a
concise representation of the message or document from which it was computed, and allows easy
indexing of duplicate or unique data files.
In various standards and applications, the two most commonly used hash functions are MD5 and
SHA-1. In 2005, security flaws were identified in both of these, namely that a possible
mathematical weakness might exist, indicating that a stronger hash function would be desirable. In
2007 the National Institute of Standards and Technology announced a contest to design a hash
function which will be given the name SHA-3 and be the subject of a FIPS standard.
A hash function takes a string of any length as input and produces a fixed length string which acts
as a kind of "signature" for the data provided. In this way, a person knowing the hash is unable to
work out the original message, but someone knowing the original message can prove the hash is
created from that message, and none other. A cryptographic hash function should behave as
much as possible like a random function while still being deterministic and efficiently computable.
A cryptographic hash function is considered "insecure" from a cryptographic point of view, if either
of the following is computationally feasible:
finding a (previously unseen) message that matches a given digest
finding "collisions", wherein two different messages have the same message digest.
An attacker who can do either of these things might, for example, use them to substitute an
authorized message with an unauthorized one.
Ideally, it should not even be feasible to find two messages whose digests are substantially
similar; nor would one want an attacker to be able to learn anything useful about a message given
only its digest. Of course the attacker learns at least one piece of information, the digest itself,
which for instance gives the attacker the ability to recognise the same message should it occur
again.
REFERENCES:
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Pages 40-41.
What kind of Encryption technology does SSL utilize?
A. Secret or Symmetric key B. Hybrid (both Symmetric and Asymmetric) C. Public Key D. Private key
Answer: B
Explanation:
SSL use public-key cryptography to secure session key, while the session key (secret key) is used
to secure the whole session taking place between both parties communicating with each other.
The SSL protocol was originally developed by Netscape. Version 1.0 was never publicly released;
version 2.0 was released in February 1995 but "contained a number of security flaws which
ultimately led to the design of SSL version 3.0." SSL version 3.0, released in 1996, was a
complete redesign of the protocol produced by Paul Kocher working with Netscape engineers Phil
Karlton and Alan Freier.
All of the other answers are incorrect
Question # 43
The computations involved in selecting keys and in enciphering data are complex, and are notpractical for manual use. However, using mathematical properties of modular arithmetic and amethod known as "_________________," RSA is quite feasible for computer use.
A. computing in Galois fields B. computing in Gladden fields C. computing in Gallipoli fields D. computing in Galbraith fields
Answer: A
Explanation:
The computations involved in selecting keys and in enciphering data are complex, and are not
practical for manual use. However, using mathematical properties of modular arithmetic and a
method known as computing in Galois fields, RSA is quite feasible for computer use.
Source: FITES, Philip E., KRATZ, Martin P., Information Systems Security: A Practitioner's
Reference, 1993, Van Nostrand Reinhold, page 44.
Question # 44
Which of the following is true about digital certificate?
A. It is the same as digital signature proving Integrity and Authenticity of the data B. Electronic credential proving that the person the certificate was issued to is who they claim to be C. You can only get digital certificate from Verisign, RSA if you wish to prove the key belong to a specific user. D. Can't contain geography data such as country for example.
Answer: B
Explanation:
Digital certificate helps others verify that the public keys presented by users are genuine and valid.
It is a form of Electronic credential proving that the person the certificate was issued to is who they
claim to be.
The certificate is used to identify the certificate holder when conducting electronic transactions.
It is issued by a certification authority (CA). It contains the name of an organization or individual,
the business address, a serial number, expiration dates, a copy of the certificate holder's public
key (used for encrypting messages), and the digital signature of the certificate-issuing authority so
that a recipient can verify that the certificate is real. Some digital certificates conform to a
standard, X.509. Digital certificates can be kept in registries so that authenticating users can look
up other users' public keys.
Digital certificates are key to the PKI process. The digital certificate serves two roles. First, it
ensures the integrity of the public key and makes sure that the key remains unchanged and in a
valid state. Second, it validates that the public key is tied to the stated owner and that all
associated information is true and correct. The information needed to accomplish these goals is
added into the digital certificate.
A Certificate Authority (CA) is an entity trusted by one or more users as an authority in a network
that issues, revokes, and manages digital certificates.
A Registration Authority (RA) performs certificate registration services on behalf of a CA. The RA,
a single purpose server, is responsible for the accuracy of the information contained in a certificate
request. The RA is also expected to perform user validation before issuing a certificate request.
A Digital Certificate is not like same as a digital signature, they are two different things, a digital
Signature is created by using your Private key to encrypt a message digest and a Digital
Certificate is issued by a trusted third party who vouch for your identity.
There are many other third parties which are providing Digital Certifictes and not just Verisign,
RSA.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
Which of the following statements is most accurate regarding a digital signature?
A. It is a method used to encrypt confidential data. B. It is the art of transferring handwritten signature to electronic media. C. It allows the recipient of data to prove the source and integrity of data. D. It can be used as a signature system and a cryptosystem.
Answer: C
Explanation:
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Question # 46
The Data Encryption Algorithm performs how many rounds of substitution and permutation?
A. 4 B. 16 C. 54 D. 64
Answer: B
Explanation:
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Question # 47
Which of the following is NOT a property of a one-way hash function?
A. It converts a message of a fixed length into a message digest of arbitrary length. B. It is computationally infeasible to construct two different messages with the same digest. C. It converts a message of arbitrary length into a message digest of a fixed length. D. Given a digest value, it is computationally infeasible to find the corresponding message.
Answer: A
Explanation:
An algorithm that turns messages or text into a fixed string of digits, usually for security or data
management purposes. The "one way" means that it's nearly impossible to derive the original text
from the string.
A one-way hash function is used to create digital signatures, which in turn identify and
authenticate the sender and message of a digitally distributed message.
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and
returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional
change to the data will change the hash value. The data to be encoded is often called the
"message," and the hash value is sometimes called the message digest or simply digest.
The ideal cryptographic hash function has four main or significant properties:
it is easy (but not necessarily quick) to compute the hash value for any given message
it is infeasible to generate a message that has a given hash
it is infeasible to modify a message without changing the hash
it is infeasible to find two different messages with the same hash
Cryptographic hash functions have many information security applications, notably in digital
signatures, message authentication codes (MACs), and other forms of authentication. They can
also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect
duplicate data or uniquely identify files, and as checksums to detect accidental data corruption.
Indeed, in information security contexts, cryptographic hash values are sometimes called (digital)
fingerprints, checksums, or just hash values, even though all these terms stand for functions with
rather different properties and purposes.
Source:
TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Which of the following can best be defined as a cryptanalysis technique in which the analyst triesto determine the key from knowledge of some plaintext-ciphertext pairs?
A. A known-plaintext attack B. A known-algorithm attack C. A chosen-ciphertext attack D. A chosen-plaintext attack
Answer: A
Explanation:
RFC2828 (Internet Security Glossary) defines a known-plaintext attack as a cryptanalysis
technique in which the analyst tries to determine the key from knowledge of some plaintextciphertext pairs (although the analyst may also have other clues, such as the knowing the
cryptographic algorithm). A chosen-ciphertext attack is defined as a cryptanalysis technique in
which the analyst tries to determine the key from knowledge of plaintext that corresponds to
ciphertext selected (i.e., dictated) by the analyst. A chosen-plaintext attack is a cryptanalysis
technique in which the analyst tries to determine the key from knowledge of ciphertext that
corresponds to plaintext selected (i.e., dictated) by the analyst. The other choice is a distracter.
The following are incorrect answers:
A chosen-plaintext attacks
The attacker has the plaintext and ciphertext, but can choose the plaintext that gets encrypted to
see the corresponding ciphertext. This gives her more power and possibly a deeper understanding
of the way the encryption process works so she can gather more information about the key being
used. Once the key is discovered, other messages encrypted with that key can be decrypted.
A chosen-ciphertext attack
In chosen-ciphertext attacks, the attacker can choose the ciphertext to be decrypted and has
access to the resulting decrypted plaintext. Again, the goal is to figure out the key. This is a harder
attack to carry out compared to the previously mentioned attacks, and the attacker may need to
have control of the system that contains the cryptosystem.
A known-algorithm attack
Knowing the algorithm does not give you much advantage without knowing the key. This is a
bogus detractor. The algorithm should be public, which is the Kerckhoffs's Principle . The only
secret should be the key.
Reference(s) used for this question:
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Which of the following can best be defined as a key distribution protocol that uses hybridencryption to convey session keys. This protocol establishes a long-term key once, and thenrequires no prior communication in order to establish or exchange keys on a session-by-sessionbasis?
A. Internet Security Association and Key Management Protocol (ISAKMP) B. Simple Key-management for Internet Protocols (SKIP) C. Diffie-Hellman Key Distribution Protocol D. IPsec Key exchange (IKE)
Answer: B
Explanation:
RFC 2828 (Internet Security Glossary) defines Simple Key Management for Internet Protocols
(SKIP) as:
A key distribution protocol that uses hybrid encryption to convey session keys that are used to
encrypt data in IP packets.
SKIP is an hybrid Key distribution protocol similar to SSL, except that it establishes a long-term
key once, and then requires no prior communication in order to establish or exchange keys on a
session-by-session basis. Therefore, no connection setup overhead exists and new keys values
are not continually generated. SKIP uses the knowledge of its own secret key or private
component and the destination's public component to calculate a unique key that can only be used
between them.
IKE stand for Internet Key Exchange, it makes use of ISAKMP and OAKLEY internally.
Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in
the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509
certificates for authentication and a Diffie–Hellman key exchange to set up a shared session
secret from which cryptographic keys are derived.
The following are incorrect answers:
ISAKMP is an Internet IPsec protocol to negotiate, establish, modify, and delete security
associations, and to exchange key generation and authentication data, independent of the details
of any specific key generation technique, key establishment protocol, encryption algorithm, or
authentication mechanism.
IKE is an Internet, IPsec, key-establishment protocol (partly based on OAKLEY) that is intended
for putting in place authenticated keying material for use with ISAKMP and for other security
associations, such as in AH and ESP.
IPsec Key exchange (IKE) is only a detracto.
Reference(s) used for this question:
SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Which of the following can best define the "revocation request grace period"?
A. The period of time allotted within which the user must make a revocation request upon a revocation reason B. Minimum response time for performing a revocation by the CA C. Maximum response time for performing a revocation by the CA D. Time period between the arrival of a revocation request and the publication of the revocation information
Answer: D
Explanation:
The length of time between the Issuer’s receipt of a revocation request and the time the Issuer is
required to revoke the certificate should bear a reasonable relationship to the amount of risk the
participants are willing to assume that someone may rely on a certificate for which a proper
evocation request has been given but has not yet been acted upon.
How quickly revocation requests need to be processed (and CRLs or certificate status databases
need to be updated) depends upon the specific application for which the Policy Authority is rafting
the Certificate Policy.
A Policy Authority should recognize that there may be risk and lost tradeoffs with respect to grace
periods for revocation notices.
If the Policy Authority determines that its PKI participants are willing to accept a grace period of a
few hours in exchange for a lower implementation cost, the Certificate Policy may reflect that
decision.
Question # 52
Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based onOAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMPand for other security associations?
A. Internet Key exchange (IKE) B. Security Association Authentication Protocol (SAAP) C. Simple Key-management for Internet Protocols (SKIP) D. Key Exchange Algorithm (KEA)
Answer: A
Explanation:
RFC 2828 (Internet Security Glossary) defines IKE as an Internet, IPsec, key-establishment
protocol (partly based on OAKLEY) that is intended for putting in place authenticated keying
material for use with ISAKMP and for other security associations, such as in AH and ESP.
The following are incorrect answers:
SKIP is a key distribution protocol that uses hybrid encryption to convey session keys that are
used to encrypt data in IP packets.
The Key Exchange Algorithm (KEA) is defined as a key agreement algorithm that is similar to the
Diffie-Hellman algorithm, uses 1024-bit asymmetric keys, and was developed and formerly
classified at the secret level by the NSA.
Security Association Authentication Protocol (SAAP) is a distracter.
Reference(s) used for this question:
SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 53
Which of the following is defined as a key establishment protocol based on the Diffie-Hellmanalgorithm proposed for IPsec but superseded by IKE?
A. Diffie-Hellman Key Exchange Protocol B. Internet Security Association and Key Management Protocol (ISAKMP) C. Simple Key-management for Internet Protocols (SKIP) D. OAKLEY
Answer: D
Explanation:
RFC 2828 (Internet Security Glossary) defines OAKLEY as a key establishment protocol
(proposed for IPsec but superseded by IKE) based on the Diffie-Hellman algorithm and designed
to be a compatible component of ISAKMP.
ISAKMP is an Internet IPsec protocol to negotiate, establish, modify, and delete security
associations, and to exchange key generation and authentication data, independent of the details
of any specific key generation technique, key establishment protocol, encryption algorithm, or
authentication mechanism.
SKIP is a key distribution protocol that uses hybrid encryption to convey session keys that are
used to encrypt data in IP packets.
ISAKMP provides a framework for authentication and key exchange but does not define them.
ISAKMP is designed to be key exchange independant; that is, it is designed to support many
different key exchanges.
Oakley and SKEME each define a method to establish an authenticated key exchange. This
includes payloads construction, the information payloads carry, the order in which they are
processed and how they are used.
Oakley describes a series of key exchanges-- called modes and details the services provided by
each (e.g. perfect forward secrecy for keys, identity protection, and authentication).
SKEME describes a versatile key exchange technique which provides anonymity, repudiability,
and quick key refreshment.
RFC 2049 describes the IKE protocol using part of Oakley and part of SKEME in conjunction with
ISAKMP to obtain authenticated keying material for use with ISAKMP, and for other security
associations such as AH and ESP for the IETF IPsec DOI.
While Oakley defines "modes", ISAKMP defines "phases". The relationship between the two is
very straightforward and IKE presents different exchanges as modes which operate in one of two
phases.
Phase 1 is where the two ISAKMP peers establish a secure, authenticated channel with which to
communicate. This is called the ISAKMP Security Association (SA). "Main Mode" and "Aggressive
Mode" each accomplish a phase 1 exchange. "Main Mode" and "Aggressive Mode" MUST ONLY
be used in phase 1.
Phase 2 is where Security Associations are negotiated on behalf of services such as IPsec or any
other service which needs key material and/or parameter negotiation. "Quick Mode" accomplishes
a phase 2 exchange. "Quick Mode" MUST ONLY be used in phase 2.
References:
CISSP: Certified Information Systems Security Professional Study Guide By James Michael
SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
The All-in-one CISSP Exam Guide, 3rd Edition, by Shon Harris, page 674
The CISSP and CAP Prep Guide, Platinum Edition, by Krutz and Vines
Question # 54
Which of the following is an Internet IPsec protocol to negotiate, establish, modify, and deletesecurity associations, and to exchange key generation and authentication data, independent of thedetails of any specific key generation technique, key establishment protocol, encryption algorithm,or authentication mechanism?
A. OAKLEY B. Internet Security Association and Key Management Protocol (ISAKMP) C. Simple Key-management for Internet Protocols (SKIP) D. IPsec Key exchange (IKE)
Answer: B
Explanation:
RFC 2828 (Internet Security Glossary) defines the Internet Security Association and Key
Management Protocol (ISAKMP) as an Internet IPsec protocol to negotiate, establish, modify, and
delete security associations, and to exchange key generation and authentication data,
independent of the details of any specific key generation technique, key establishment protocol,
encryption algorithm, or authentication mechanism.
Let's clear up some confusion here first. Internet Key Exchange (IKE) is a hybrid protocol, it
consists of 3 "protocols"
ISAKMP: It's not a key exchange protocol per se, it's a framework on which key exchange
protocols operate. ISAKMP is part of IKE. IKE establishs the shared security policy and
authenticated keys. ISAKMP is the protocol that specifies the mechanics of the key exchange.
Oakley: Describes the "modes" of key exchange (e.g. perfect forward secrecy for keys, identity
protection, and authentication). Oakley describes a series of key exchanges and services.
SKEME: Provides support for public-key-based key exchange, key distribution centres, and
manual installation, it also outlines methods of secure and fast key refreshment.
So yes, IPSec does use IKE, but ISAKMP is part of IKE.
The questions did not ask for the actual key negotiation being done but only for the "exchange of
key generation and authentication data" being done. Under Oakly it would be Diffie Hellman (DH)
that would be used for the actual key nogotiation.
The following are incorrect answers:
Simple Key-management for Internet Protocols (SKIP) is a key distribution protocol that uses
hybrid encryption to convey session keys that are used to encrypt data in IP packets.
OAKLEY is a key establishment protocol (proposed for IPsec but superseded by IKE) based on
the Diffie-Hellman algorithm and designed to be a compatible component of ISAKMP.
IPsec Key Exchange (IKE) is an Internet, IPsec, key-establishment protocol [R2409] (partly based
on OAKLEY) that is intended for putting in place authenticated keying material for use with
ISAKMP and for other security associations, such as in AH and ESP.
Reference used for this question:
SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 55
Which of the following can be best defined as computing techniques for inseparably embeddingunobtrusive marks or labels as bits in digital data and for detecting or extracting the marks later?
A. Steganography B. Digital watermarking C. Digital enveloping D. Digital signature
Answer: B
Explanation:
RFC 2828 (Internet Security Glossary) defines digital watermarking as computing techniques for
inseparably embedding unobtrusive marks or labels as bits in digital data-text, graphics, images,
video, or audio#and for detecting or extracting the marks later. The set of embedded bits (the
digital watermark) is sometimes hidden, usually imperceptible, and always intended to be
unobtrusive. It is used as a measure to protect intellectual property rights. Steganography involves
hiding the very existence of a message. A digital signature is a value computed with a
cryptographic algorithm and appended to a data object in such a way that any recipient of the data
can use the signature to verify the data's origin and integrity. A digital envelope is a combination of
encrypted data and its encryption key in an encrypted form that has been prepared for use of the
recipient.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 56
What can be defined as a value computed with a cryptographic algorithm and appended to a dataobject in such a way that any recipient of the data can use the signature to verify the data's originand integrity?
A. A digital envelope B. A cryptographic hash C. A Message Authentication Code D. A digital signature
Answer: D
Explanation:
RFC 2828 (Internet Security Glossary) defines a digital signature as a value computed with a
cryptographic algorithm and appended to a data object in such a way that any recipient of the data
can use the signature to verify the data's origin and integrity.
The steps to create a Digital Signature are very simple:
1. You create a Message Digest of the message you wish to send
2. You encrypt the message digest using your Private Key which is the action of Signing
3. You send the Message along with the Digital Signature to the recipient
To validate the Digital Signature the recipient will make use of the sender Public Key. Here are the
steps:
1. The receiver will decrypt the Digital Signature using the sender Publick Key producing a clear
text message digest.
2. The receiver will produce his own message digest of the message received.
3. At this point the receiver will compare the two message digest (the one sent and the one
produce by the receiver), if the two matches, it proves the authenticity of the message and it
confirms that the message was not modified in transit validating the integrity as well. Digital
Signatures provides for Authenticity and Integrity only. There is no confidentiality in place, if you
wish to get confidentiality it would be needed for the sender to encrypt everything with the receiver
public key as a last step before sending the message.
A Digital Envelope is a combination of encrypted data and its encryption key in an encrypted form
that has been prepared for use of the recipient. In simple term it is a type of security that uses two
layers of encryption to protect a message. First, the message itself is encoded using symmetric
encryption, and then the key to decode the message is encrypted using public-key encryption.
This technique overcomes one of the problems of public-key encryption, which is that it is slower
than symmetric encryption. Because only the key is protected with public-key encryption, there is
very little overhead.
A cryptographic hash is the result of a cryptographic hash function such as MD5, SHA-1, or SHA2. A hash value also called a Message Digest is like a fingerprint of a message. It is used to
proves integrity and ensure the message was not changed either in transit or in storage.
A Message Authentication Code (MAC) refers to an ANSI standard for a checksum that is
computed with a keyed hash that is based on DES or it can also be produced without using DES
by concataning the Secret Key at the end of the message (simply adding it at the end of the
message) being sent and then producing a Message digest of the Message+Secret Key together.
The MAC is then attached and sent along with the message but the Secret Key is NEVER sent in
clear text over the network.
In cryptography, HMAC (Hash-based Message Authentication Code), is a specific construction for
calculating a message authentication code (MAC) involving a cryptographic hash function in
combination with a secret key. As with any MAC, it may be used to simultaneously verify both the
data integrity and the authenticity of a message. Any cryptographic hash function, such as MD5 or
SHA-1, may be used in the calculation of an HMAC; the resulting MAC algorithm is termed HMACMD5 or HMAC-SHA1 accordingly. The cryptographic strength of the HMAC depends upon the
cryptographic strength of the underlying hash function, the size of its hash output length in bits and
on the size and quality of the cryptographic key.
There is more than one type of MAC: Meet CBC-MAC
In cryptography, a Cipher Block Chaining Message Authentication Code, abbreviated CBC-MAC,
is a technique for constructing a message authentication code from a block cipher. The message
is encrypted with some block cipher algorithm in CBC mode to create a chain of blocks such that
each block depends on the proper encryption of the previous block. This interdependence ensures
that a change to any of the plaintext bits will cause the final encrypted block to change in a way
that cannot be predicted or counteracted without knowing the key to the block cipher.
References:
SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Which of the following would best define a digital envelope?
A. A message that is encrypted and signed with a digital certificate. B. A message that is signed with a secret key and encrypted with the sender's private key. C. A message encrypted with a secret key attached with the message. The secret key is encryptedwith the public key of the receiver. D. A message that is encrypted with the recipient's public key and signed with the sender's privatekey.
Answer: C
Explanation:
A digital envelope for a recipient is a combination of encrypted data and its encryption key in an
encrypted form that has been prepared for use of the recipient.
It consists of a hybrid encryption scheme in sealing a message, by encrypting the data and
sending both it and a protected form of the key to the intended recipient, so that one else can open
the message.
In PKCS #7, it means first encrypting the data using a symmetric encryption algorithm and a
secret key, and then encrypting the secret key using an asymmetric encryption algorithm and the
public key of the intended recipient.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 58
A X.509 public key certificate with the key usage attribute "non repudiation" can be used for which of the following?
A. encrypting messages B. signing messages C. verifying signed messages D. decrypt encrypted messages
Answer: C
Explanation:
References: RFC 2459 : Internet X.509 Public Key Infrastructure Certificate and CRL Profile;
GUTMANN, P., X.509 style guide.
Question # 59
What enables users to validate each other's certificate when they are certified under differentcertification hierarchies?
A. Cross-certification B. Multiple certificates C. Redundant certification authorities D. Root certification authorities
Answer: A
Explanation:
Cross-certification is the act or process by which two CAs each certifiy a public key of the other,
issuing a public-key certificate to that other CA, enabling users that are certified under different
certification hierarchies to validate each other's certificate.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 60
What does the directive of the European Union on Electronic Signatures deal with?
A. Encryption of classified data B. Encryption of secret data C. Non repudiation D. Authentication of web servers
Answer: C
Reference: FORD, Warwick & BAUM, Michael S., Secure Electronic Commerce: Building the
Infrastructure for Digital Signatures and Encryption (2nd Edition), 2000, Prentice Hall PTR, Page
589; Directive 1999/93/EC of 13 December 1999 on a Community framework for electronic
signatures.
Question # 61
What is the name of the third party authority that vouches for the binding between the data itemsin a digital certificate?
A. Registration authority B. Certification authority C. Issuing authority D. Vouching authority
Answer: B
Explanation:
A certification authority (CA) is a third party entity that issues digital certificates (especially X.509
certificates) and vouches for the binding between the data items in a certificate. An issuing
authority could be considered a correct answer, but not the best answer, since it is too generic.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 62
What kind of certificate is used to validate a user identity?
A. Public key certificate B. Attribute certificate C. Root certificate D. Code signing certificate
Answer: A
Explanation:
In cryptography, a public key certificate (or identity certificate) is an electronic document which
incorporates a digital signature to bind together a public key with an identity — information such as
the name of a person or an organization, their address, and so forth. The certificate can be used to
verify that a public key belongs to an individual.
In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority
(CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other
users ("endorsements"). In either case, the signatures on a certificate are attestations by the
certificate signer that the identity information and the public key belong together.
In computer security, an authorization certificate (also known as an attribute certificate) is a digital
document that describes a written permission from the issuer to use a service or a resource that
the issuer controls or has access to use. The permission can be delegated.
Some people constantly confuse PKCs and ACs. An analogy may make the distinction clear. A
PKC can be considered to be like a passport: it identifies the holder, tends to last for a long time,
and should not be trivial to obtain. An AC is more like an entry visa: it is typically issued by a
different authority and does not last for as long a time. As acquiring an entry visa typically requires
presenting a passport, getting a visa can be a simpler process.
A real life example of this can be found in the mobile software deployments by large service
providers and are typically applied to platforms such as Microsoft Smartphone (and related),
Symbian OS, J2ME, and others.
In each of these systems a mobile communications service provider may customize the mobile
terminal client distribution (ie. the mobile phone operating system or application environment) to
include one or more root certificates each associated with a set of capabilities or permissions such
as "update firmware", "access address book", "use radio interface", and the most basic one,
"install and execute". When a developer wishes to enable distribution and execution in one of
these controlled environments they must acquire a certificate from an appropriate CA, typically a
large commercial CA, and in the process they usually have their identity verified using out-of-band
mechanisms such as a combination of phone call, validation of their legal entity through
government and commercial databases, etc., similar to the high assurance SSL certificate vetting
process, though often there are additional specific requirements imposed on would-be
developers/publishers.
Once the identity has been validated they are issued an identity certificate they can use to sign
their software; generally the software signed by the developer or publisher's identity certificate is
not distributed but rather it is submitted to processor to possibly test or profile the content before
generating an authorization certificate which is unique to the particular software release. That
certificate is then used with an ephemeral asymmetric key-pair to sign the software as the last step
of preparation for distribution. There are many advantages to separating the identity and
authorization certificates especially relating to risk mitigation of new content being accepted into
the system and key management as well as recovery from errant software which can be used as
What can be defined as a data structure that enumerates digital certificates that were issued toCAs but have been invalidated by their issuer prior to when they were scheduled to expire?
A. Certificate revocation list B. Certificate revocation tree C. Authority revocation list D. Untrusted certificate list
Answer: C
Explanation:
The Internet Security Glossary (RFC2828) defines the Authority Revocation List (ARL) as a data
structure that enumerates digital certificates that were issued to CAs but have been invalidated by
their issuer prior to when they were scheduled to expire.
Do not to confuse with an ARL with a Certificate Revocation List (CRL). A certificate revocation list
is a mechanism for distributing notices of certificate revocations. The question specifically
mentions "issued to CAs" which makes ARL a better answer than CRL.
(I) A data structure that enumerates digital certificates that were issued to CAs but have been
invalidated by their issuer prior to when they were scheduled to expire. (See: certificate expiration,
X.509 authority revocation list.)
In a few words: We use CRL's for end-user cert revocation and ARL's for CA cert revocation - both
can be placed in distribution points.
Question # 64
What is the primary role of smartcards in a PKI?
A. Transparent renewal of user keys B. Easy distribution of the certificates between the users C. Fast hardware encryption of the raw data D. Tamper resistant, mobile storage and application of private keys of the users.
Tamper-resistant microprocessors are used to store and process private or sensitive information,
such as private keys or electronic money credit. To prevent an attacker from retrieving or
modifying the information, the chips are designed so that the information is not accessible through
external means and can be accessed only by the embedded software, which should contain the
appropriate security measures.
Examples of tamper-resistant chips include all secure cryptoprocessors, such as the IBM 4758
and chips used in smartcards, as well as the Clipper chip.
It has been argued that it is very difficult to make simple electronic devices secure against
tampering, because numerous attacks are possible, including:
physical attack of various forms (microprobing, drills, files, solvents, etc.)
freezing the device
applying out-of-spec voltages or power surges
applying unusual clock signals
inducing software errors using radiation
measuring the precise time and power requirements of certain operations (see power analysis)
Tamper-resistant chips may be designed to zeroise their sensitive data (especially cryptographic
keys) if they detect penetration of their security encapsulation or out-of-specification environmental
parameters. A chip may even be rated for "cold zeroisation", the ability to zeroise itself even after
its power supply has been crippled.
Nevertheless, the fact that an attacker may have the device in his possession for as long as he
likes, and perhaps obtain numerous other samples for testing and practice, means that it is
practically impossible to totally eliminate tampering by a sufficiently motivated opponent. Because
of this, one of the most important elements in protecting a system is overall system design. In
particular, tamper-resistant systems should "fail gracefully" by ensuring that compromise of one
device does not compromise the entire system. In this manner, the attacker can be practically
restricted to attacks that cost less than the expected return from compromising a single device
(plus, perhaps, a little more for kudos). Since the most sophisticated attacks have been estimated
to cost several hundred thousand dollars to carry out, carefully designed systems may be
invulnerable in practice
Question # 65
What can be defined as a digital certificate that binds a set of descriptive data items, other than apublic key, either directly to a subject name or to the identifier of another certificate that is a publickey certificate?
A. A public-key certificate B. An attribute certificate C. A digital certificate D. A descriptive certificate
Answer: B
Explanation:
The Internet Security Glossary (RFC2828) defines an attribute certificate as a digital certificate
that binds a set of descriptive data items, other than a public key, either directly to a subject name
or to the identifier of another certificate that is a public-key certificate. A public-key certificate binds
a subject name to a public key value, along with information needed to perform certain
cryptographic functions. Other attributes of a subject, such as a security clearance, may be
certified in a separate kind of digital certificate, called an attribute certificate. A subject may have
multiple attribute certificates associated with its name or with each of its public-key certificates.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question # 66
Which of the following binds a subject name to a public key value?
A. A public-key certificate B. A public key infrastructure C. A secret key infrastructure D. A private key certificate
Answer: A
Explanation:
Remember the term Public-Key Certificate is synonymous with Digital Certificate or Identity
certificate.
The certificate itself provides the binding but it is the certificate authority who will go through the
Certificate Practice Statements (CPS) actually validating the bindings and vouch for the identity of
the owner of the key within the certificate.
As explained in Wikipedia:
In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is
an electronic document which uses a digital signature to bind together a public key with an identity
— information such as the name of a person or an organization, their address, and so forth. The
certificate can be used to verify that a public key belongs to an individual.
In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority
(CA). In a web of trust scheme such as PGP or GPG, the signature is of either the user (a selfsigned certificate) or other users ("endorsements") by getting people to sign each other keys. In
either case, the signatures on a certificate are attestations by the certificate signer that the identity
information and the public key belong together.
RFC 2828 defines the certification authority (CA) as:
An entity that issues digital certificates (especially X.509 certificates) and vouches for the binding
between the data items in a certificate.
An authority trusted by one or more users to create and assign certificates. Optionally, the
certification authority may create the user's keys.
X509 Certificate users depend on the validity of information provided by a certificate. Thus, a CA
should be someone that certificate users trust, and usually holds an official position created and
granted power by a government, a corporation, or some other organization. A CA is responsible
for managing the life cycle of certificates and, depending on the type of certificate and the CPS
that applies, may be responsible for the life cycle of key pairs associated with the certificates
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
What attribute is included in a X.509-certificate?
A. Distinguished name of the subject B. Telephone number of the department C. secret key of the issuing CA D. the key pair of the certificate holder
Answer: A
Explanation:
RFC 2459 : Internet X.509 Public Key Infrastructure Certificate and CRL Profile; GUTMANN, P.,
X.509 style guide; SMITH, Richard E., Internet Cryptography, 1997, Addison-Wesley Pub Co.
Question # 68
What is the name of the protocol use to set up and manage Security Associations (SA) for IPSecurity (IPSec)?
A. Internet Key Exchange (IKE) B. Secure Key Exchange Mechanism C. Oakley D. Internet Security Association and Key Management Protocol
Answer: A
Explanation:
The Key management for IPSec is called the Internet Key Exchange (IKE)
Note: IKE underwent a series of improvements establishing IKEv2 with RFC 4306. The basis of
this answer is IKEv2.
The IKE protocol is a hybrid of three other protocols: ISAKMP (Internet Security Association and
Key Management Protocol), Oakley and SKEME. ISAKMP provides a framework for
authentication and key exchange, but does not define them (neither authentication nor key
exchange). The Oakley protocol describes a series of modes for key exchange and the SKEME
protocol defines key exchange techniques.
IKE—Internet Key Exchange. A hybrid protocol that implements Oakley and Skeme key
exchanges inside the ISAKMP framework. IKE can be used with other protocols, but its initial
implementation is with the IPSec protocol. IKE provides authentication of the IPSec peers,
negotiates IPSec keys, and negotiates IPSec security associations.
IKE is implemented in accordance with RFC 2409, The Internet Key Exchange.
The Internet Key Exchange (IKE) security protocol is a key management protocol standard that is
used in conjunction with the IPSec standard. IPSec can be configured without IKE, but IKE
enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec
standard.
IKE is a hybrid protocol that implements the Oakley key exchange and the SKEME key exchange
inside the Internet Security Association and Key Management Protocol (ISAKMP) framework.
(ISAKMP, Oakley, and SKEME are security protocols implemented by IKE.)
IKE automatically negotiates IPSec security associations (SAs) and enables IPSec secure
communications without costly manual preconfiguration. Specifically, IKE provides these benefits:
•Eliminates the need to manually specify all the IPSec security parameters in the crypto maps at
both peers.
833
•Allows you to specify a lifetime for the IPSec security association.
•Allows encryption keys to change during IPSec sessions.
•Allows IPSec to provide anti-replay services.
•Permits certification authority (CA) support for a manageable, scalable IPSec implementation.
•Allows dynamic authentication of peers.
About ISAKMP
The Internet Security Association and Key Management Protocol (ISAKMP) is a framework that
defines the phases for establishing a secure relationship and support for negotiation of security
attributes, it does not establish sessions keys by itself, it is used along with the Oakley session key
establishment protocol. The Secure Key Exchange Mechanism (SKEME) describes a secure
exchange mechanism and Oakley defines the modes of operation needed to establish a secure
connection.
ISAKMP provides a framework for Internet key management and provides the specific protocol
support for negotiation of security attributes. Alone, it does not establish session keys. However it
can be used with various session key establishment protocols, such as Oakley, to provide a
complete solution to Internet key management.
About Oakley
The Oakley protocol uses a hybrid Diffie-Hellman technique to establish session keys on Internet
hosts and routers. Oakley provides the important security property of Perfect Forward Secrecy
(PFS) and is based on cryptographic techniques that have survived substantial public scrutiny.
Oakley can be used by itself, if no attribute negotiation is needed, or Oakley can be used in
conjunction with ISAKMP. When ISAKMP is used with Oakley, key escrow is not feasible.
The ISAKMP and Oakley protocols have been combined into a hybrid protocol. The resolution of
ISAKMP with Oakley uses the framework of ISAKMP to support a subset of Oakley key exchange
modes. This new key exchange protocol provides optional PFS, full security association attribute
negotiation, and authentication methods that provide both repudiation and non-repudiation.
Implementations of this protocol can be used to establish VPNs and also allow for users from
remote sites (who may have a dynamically allocated IP address) access to a secure network.
About IPSec
The IETF's IPSec Working Group develops standards for IP-layer security mechanisms for both
IPv4 and IPv6. The group also is developing generic key management protocols for use on the
Internet. For more information, refer to the IP Security and Encryption Overview.
IPSec is a framework of open standards developed by the Internet Engineering Task Force (IETF)
that provides security for transmission of sensitive information over unprotected networks such as
the Internet. It acts at the network level and implements the following standards:
IPSec
Internet Key Exchange (IKE)
Data Encryption Standard (DES)
MD5 (HMAC variant)
SHA (HMAC variant)
Authentication Header (AH)
Encapsulating Security Payload (ESP)
IPSec services provide a robust security solution that is standards-based. IPSec also provides
data authentication and anti-replay services in addition to data confidentiality services.
For more information regarding IPSec, refer to the chapter "Configuring IPSec Network Security."
About SKEME
SKEME constitutes a compact protocol that supports a variety of realistic scenarios and security
models over Internet. It provides clear tradeoffs between security and performance as required by
the different scenarios without incurring in unnecessary system complexity. The protocol supports
key exchange based on public key, key distribution centers, or manual installation, and provides
for fast and secure key refreshment. In addition, SKEME selectively provides perfect forward
secrecy, allows for replaceability and negotiation of the underlying cryptographic primitives, and
addresses privacy issues as anonymity and repudiatability
SKEME's basic mode is based on the use of public keys and a Diffie-Hellman shared secret
generation.
However, SKEME is not restricted to the use of public keys, but also allows the use of a preshared key. This key can be obtained by manual distribution or by the intermediary of a key
distribution center (KDC) such as Kerberos.
In short, SKEME contains four distinct modes:
Basic mode, which provides a key exchange based on public keys and ensures PFS thanks to
Diffie-Hellman.
A key exchange based on the use of public keys, but without Diffie-Hellman.
A key exchange based on the use of a pre-shared key and on Diffie-Hellman.
A mechanism of fast rekeying based only on symmetrical algorithms.
In addition, SKEME is composed of three phases: SHARE, EXCH and AUTH.
During the SHARE phase, the peers exchange half-keys, encrypted with their respective public
keys. These two half-keys are used to compute a secret key K. If anonymity is wanted, the
identities of the two peers are also encrypted. If a shared secret already exists, this phase is
skipped.
The exchange phase (EXCH) is used, depending on the selected mode, to exchange either DiffieHellman public values or nonces. The Diffie-Hellman shared secret will only be computed after the
end of the exchanges.
The public values or nonces are authenticated during the authentication phase (AUTH), using the
secret key established during the SHARE phase.
The messages from these three phases do not necessarily follow the order described above; in
actual practice they are combined to minimize the number of exchanged messages.
References used for this question:
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 172).
Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:
A. Not possible B. Only possible with key recovery scheme of all user keys C. It is possible only if X509 Version 3 certificates are used D. It is possible only by "brute force" decryption
Answer: A
Explanation:
Content security measures presumes that the content is available in cleartext on the central mail
server.
Encrypted emails have to be decrypted before it can be filtered (e.g. to detect viruses), so you
need the decryption key on the central "crypto mail server".
There are several ways for such key management, e.g. by message or key recovery methods.
However, that would certainly require further processing in order to achieve such goal.
Question # 70
What is the main problem of the renewal of a root CA certificate?
A. It requires key recovery of all end user keys B. It requires the authentic distribution of the new root CA certificate to all PKI participants C. It requires the collection of the old root CA certificates from all the users D. It requires issuance of the new root CA certificate
Answer: B
Explanation:
The main task here is the authentic distribution of the new root CA certificate as new trust anchor
to all the PKI participants (e.g. the users).
In some of the rollover-scenarios there is no automatic way, often explicit assignment of trust from
each user is needed, which could be very costly.
Other methods make use of the old root CA certificate for automatic trust establishment (see
PKIX-reference), but these solutions works only well for scenarios with currently valid root CA
certificates (and not for emergency cases e.g. compromise of the current root CA certificate).
The rollover of the root CA certificate is a specific and delicate problem and therefore are often
ignored during PKI deployment.
Reference: Camphausen, I.; Petersen, H.; Stark, C.: Konzepte zum Root CA Zertifikatswechsel,
conference Enterprise Security 2002, March 26-27, 2002, Paderborn; RFC 2459 : Internet X.509
Public Key Infrastructure Certificate and CRL Profile.
Question # 71
Which of the following statements pertaining to Secure Sockets Layer (SSL) is false?
A. The SSL protocol was developed by Netscape to secure Internet client-server transactions. B. The SSL protocol's primary use is to authenticate the client to the server using public keycryptography and digital certificates. C. Web pages using the SSL protocol start with HTTPS D. SSL can be used with applications such as Telnet, FTP and email protocols.
Answer: B
Explanation:
All of these statements pertaining to SSL are true except that it is primary use is to authenticate
the client to the server using public key cryptography and digital certificates. It is the opposite, Its
primary use is to authenticate the server to the client.
The following reference(s) were used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of
SMITH, Richard E., Internet Cryptography, 1997, Addison-Wesley Pub Co.
Question # 73
Which of the following was developed in order to protect against fraud in electronic fund transfers(EFT) by ensuring the message comes from its claimed originator and that it has not been alteredin transmission?
A. Secure Electronic Transaction (SET) B. Message Authentication Code (MAC) C. Cyclic Redundancy Check (CRC) D. Secure Hash Standard (SHS)
Answer: B
Explanation:
In order to protect against fraud in electronic fund transfers (EFT), the Message Authentication
Code (MAC), ANSI X9.9, was developed. The MAC is a check value, which is derived from the
contents of the message itself, that is sensitive to the bit changes in a message. It is similar to a
Cyclic Redundancy Check (CRC).
The aim of message authentication in computer and communication systems is to verify that he
message comes from its claimed originator and that it has not been altered in transmission. It is
particularly needed for EFT Electronic Funds Transfer). The protection mechanism is generation of
a Message Authentication Code (MAC), attached to the message, which can be recalculated by
the receiver and will reveal any alteration in transit. One standard method is described in (ANSI,
X9.9). Message authentication mechanisms an also be used to achieve non-repudiation of
messages.
The Secure Electronic Transaction (SET) was developed by a consortium including MasterCard
and VISA as a means of preventing fraud from occurring during electronic payment.
The Secure Hash Standard (SHS), NIST FIPS 180, available at
A. Creating trust between different PKIs B. Build an overall PKI hierarchy C. set up direct trust to a second root CA D. Prevent the nullification of user certificates by CA certificate revocation
Answer: A
Explanation:
More and more organizations are setting up their own internal PKIs. When these independent
PKIs need to interconnect to allow for secure communication to take place (either between
departments or different companies), there must be a way for the two root CAs to trust each other.
These two CAs do not have a CA above them they can both trust, so they must carry out cross
certification. A cross certification is the process undertaken by CAs to establish a trust relationship
in which they rely upon each other's digital certificates and public keys as if they had issued them
themselves.
When this is set up, a CA for one company can validate digital certificates from the other company
and vice versa.
Reference(s) used for this question:
For more information and illustration on Cross certification:
Shon Harris, CISSP All in one book, 4th Edition, Page 727
and
RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile; FORD, Warwick &
BAUM, Michael S., Secure Electronic Commerce: Building the Infrastructure for Digital Signatures
and Encryption (2nd Edition), 2000, Prentice Hall PTR, Page 254.
Question # 75
Which of the following elements is NOT included in a Public Key Infrastructure (PKI)?
A. Timestamping B. Repository C. Certificate revocation D. Internet Key Exchange (IKE)
Answer: D
Explanation:
Other elements are included in a PKI.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 165).
Related Exams
Our Clients Say About ISC2 SSCP Exam
Simon
Thank you so much PassExam4Sure for making my success possible in my ISC2 SSCP exam. Your ISC2 SSCP exam material was so concise and to the point. I followed the guidelines and studied very hard. You did a great job of preparing me for the ISC2 SSCP exam. Thank you again for all your efforts.
Andrew
PassExam4Sure not only provided me the educational knowledge needed to pass the SSCP exam but confidence SSCP and sharpness as well! I was fully prepared before the day of the ISC2 SSCP exam, and could not have passed the exam without PassExam4Sure. I would highly recommend the material to anyone looking to take the SSCP exam.
Mikhail
Hey, When I came to know that my family is under the severe clutch of financial problems I decided to quit studies, do a job, and earn money for helping in financial matters. I began to work and after a month one of my friends met me and advised me to continue the job but appear for the SSCP exam. I refused the idea as I thought I'd have to join an institute but I was wrong he suggested me to prepare at PassExam4Sure with online training. I completed the training within 1 month approximately and passed the exam. After passing the exam I have got a job that was offering me much more than the previous one. For this favor, I am greatly thankful to my friend and PassExam4Sure.
Robert
Numerous sites are offering several courses and tests such as ISC2 SSCP but I must tell you that most of them are fraud and don't provide any impressive notes and materials. I have a very bad experience with such fake websites as I failed in ISC2 SSCP. I was very disappointed but my friend told me to try it again with PassExam4Sure and it was a sheer success. PassExam4Sure is the best website for ISC2 SSCP.
Terry
There were a lot of expectations with me regarding my ISC2 SSCP exam and I had to pass it with wonderful grades. For this, I consulted so many preparation materials that could not be given by others. At last, the most wanted PassExam4Sure came into my life and its high-quality test papers overwhelmed me and I decided to use them for my ISC2 SSCP exam preparations. I was luckiest to have these outclass test papers because they taught me all those questions on which my ISC2 SSCP exam was based and I performed dazzlingly.
