CISSP Domain 3 Questions – Hashing

Question : Which of these would be the PRIMARY reason we would choose to use hash functions?
Integrity
This is Correct. Hash Functions (One-Way Hash Functions) are used for Integrity: A variable-length plaintext is hashed into a fixed-length value hash or MD (Message Digest). It is used to prove the Integrity of the data has not changed.
Confidentiality
This is Incorrect.
Availability
This is Incorrect.
Authorization
This is Incorrect.
Question : We have decided to change the type of hashing we use to a newer version that is collision resistant. What happens when a hash collision occurs?
When two different plaintexts produce the same hash.
This is Correct. When two different plaintexts produce the same hash value it is called as Collision Free.
A variable-length text produces a fixed-length hash.
This is Incorrect.
The same plain text produces two different hashes using the same hash function.
This is Incorrect.
You can figure out the plain text from the hash.
This is Incorrect.
Question : We are adding hashing to our passwords. Which of these is a hashing function we could consider?
RIPEMD
This is Correct. RIPEMD is Developed outside of defense to ensure no government backdoors. 128, 256, 320 bit hashes. 
RSA
This is Incorrect.
Salting
This is Incorrect.
DES
This is Incorrect.
Question : “mrcissp” and “Bob” are talking about hashing and they use the abbreviation MAC. What are they talking about?
Message Authentication Code.
This is Correct. MAC (Message Authentication Code) – Hash function using a key. CBC-MAC, for instance, uses Cipher Block Chaining from a symmetric encryption (like DES). Provides integrity and authenticity.
Message Access Code.
This is Incorrect.
Media Access Control.
This is Incorrect.
Mandatory Access Control.
This is Incorrect.
Question : Which of these hashing algorithms are still considered secure and collision free?
RIPEMD160
This is Correct. RIPEMD160 – Redesigned, fixing flaws of RIPEMD. 160 bit hashes. Not used much but Considered secure. Refer to MD5 & SHA-1 option for further clarification
MD5
This is Incorrect. MD5 (Message Digest 5): 128bit Fixed-Length hash, used very widely until a flaw was found making it possible to produce collisions in a reasonable amount of time. While not a chosen-text collision, it is still a collision. MD6 (Message Digest 6): Was not used for very long; was supposed to replace MD5, but SHA2/3 were better. It was in the running for the SHA3 race, but withdrawn due to flaws.
MD4
This is Incorrect.
SHA-1
This is Incorrect. Found to have weak collision avoidance, but still commonly used.
Question : Chris wants to verify that a software package that he downloaded matches the original version. What hashing tool should he use if he believes that technically sophisticated attackers may have replaced the software package with a version containing a backdoor?
SHA256
This is Correct. Intentional collisions have been created with MD5, and a real-world collision attack against SHA 1 was announced in early 2017. 3DES is not a hashing tool, leaving SHA 256 (sometimes called SHA 2) as the only real choice that Chris has in this list.
SHA-1
This is Incorrect.
3DES
This is Incorrect.
MD5
This is Incorrect.
Question : Which one of the following is not an attribute of a hashing algorithm?
They require a cryptographic key.
This is Correct. Hash functions do not include any element of secrecy and, therefore, do not require a cryptographic key.
They are irreversible.
This is Incorrect.
It is very difficult to find two messages with the same hash value.
This is Incorrect.
They take variable-length input.
This is Incorrect.
Question : Which one of the following is not one of the basic requirements for a cryptographic hash function?
The function must work on fixed-length input.
This is Correct. Hash functions must be able to work on any variable-length input and produce a fixed-length output from that input, regardless of the length of the input.
The function must be relatively easy to compute for any input.
This is Incorrect.
The function must be one way.
This is Incorrect.
The function must be collision free.
This is Incorrect.
Question : “mrcissp” computes the digest of a single sentence of text using a SHA-2 hash function. He then changes a single character of the sentence and computes the hash value again. Which one of the following statements is true about the new hash value?
The new hash value will be completely different from the old hash value.
This is Correct. It is not possible to determine the degree of difference between two inputs by comparing their hash values. Changing even a single character in the input to a hash function will result in completely different output.
The new hash value will share at least 50% of the characters of the old hash value.
This is Incorrect.
The new hash value will be unchanged.
This is Incorrect.
The new hash value will be one character different from the old hash value.
This is Incorrect.
Question : John wants to produce a message digest of a 2,048-byte message he plans to send to Mary. If he uses the SHA-1 hashing algorithm, what size will the message digest for this particular message be?
160 bits
This is Correct. The SHA-1 hashing algorithm always produces a 160-bit message digest, regardless of the size of the input message. In fact, this fixed-length output is a requirement of any secure hashing algorithm.
512 bits
This is Incorrect.
1024 bits
This is Incorrect.
2048 bits
This is Incorrect.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.