Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. Question {1-4}

Question 1: If Alice wishes to send Bob an encrypted message, what key does she use to encrypt the message?

Bob’s public key

This is Correct. In an asymmetric cryptosystem, the sender of a message always encrypts the message using the recipient’s public key.

Bob’s private key

This is Incorrect.

Alice’s private key

This is Incorrect.

Alice’s public key

This is Incorrect.

Question 2: When Bob receives the encrypted message from Alice, what key does he use to decrypt the message?

Bob’s private key

This is Correct. When Bob receives the message, he uses his own private key to decrypt it. Since he is the only one with his private key, he is the only one who should be able to decrypt it, thus preserving confidentiality.

Bob’s public key

This is Incorrect.

Alice’s private key

This is Incorrect.

Alice’s public key

This is Incorrect.

Question 3: Which one of the following keys would Bob not possess in this scenario?

Alice’s private key

This is Correct.

Alice’s public key

This is Incorrect.

Bob’s private key

This is Incorrect.

Bob’s public key

This is Incorrect.

Question 4: Alice would also like to digitally sign the message that she sends to Bob. What key should she use to create the digital signature?

Alice’s private key

This is Correct. Alice creates the digital signature using her own private key. Then Bob, or any other user, can verify the digital signature using Alice’s public key.

Alice’s public key

This is Incorrect.

Bob’s private key

This is Incorrect.

Bob’s public key

This is Incorrect.

Question 5: Alison is examining a digital certificate presented to her by her bank’s website. Which one of the following requirements is not necessary for her to trust the digital certificate?

She knows that the server belongs to the bank.

This is Correct. The point of the digital certificate is to prove to Alison that the server belongs to the bank, so she does not need to have this trust in advance. To trust the certificate, she must verify the CA’s digital signature on the certificate, trust the CA, verify that the certificate is not listed on a CRL, and verify that the certificate contains the name of the bank.

She trusts the certificate authority.

This is Incorrect.

She verifies that the certificate is not listed on a CRL.

This is Incorrect.

She verifies the digital signature on the certificate.

This is Incorrect.

Question 6: During a system audit, Casey notices that the private key for her organization’s web server has been stored in a public Amazon S3 storage bucket for more than a year. What should she do?

Request a new certificate using a new key

This is Correct. The first thing Casey should do is notify her management, but after that, replacing the certificate and using proper key management practices with the new certificate’s key should be at the top of her list.

Notify all customers that their data may have been exposed

This is Incorrect.

Remove the key from the bucket

This is Incorrect.

Nothing, because the private key should be accessible for validation

This is Incorrect.

Question 7: Alex’s employer creates most of their work output as PDF files. Alex is concerned about limiting the audience for the PDF files to those individuals who have paid for them. What technology can he use to most effectively control the access to and distribution of these files?

DRM

This is Correct. Alex can use digital rights management technology to limit use of the PDFs to paying customers. While DRM is rarely a perfect solution, in this case, it may fit his organization’s needs. EDM is electronic dance music, which his customers may appreciate but which won’t solve the problem. Encryption and digital signatures can help to keep the files secure, and to prove who they came from but won’t solve the rights management issue Alex is tackling.

EDM

This is Incorrect.

Digital Signature

This is Incorrect.

Encryption

This is Incorrect.

Question 8: Howard is choosing a cryptographic algorithm for his organization, and he would like to choose an algorithm that supports the creation of digital signatures. Which one of the following algorithms would meet his requirement?

RSA

This is Correct. Digital signatures are possible only when using an asymmetric encryption algorithm. Of the algorithms listed, only RSA is asymmetric and supports digital signature capabilities.

AES

This is Incorrect.

Blowfish

This is Incorrect.

DES

This is Incorrect.

Question 9: Raj is selecting an encryption algorithm for use in his organization and would like to be able to vary the strength of the encryption with the sensitivity of the information. Which one of the following algorithms allows the use of different key strengths?

Blowfish

This is Correct. Blowfish allows the user to select any key length between 32 and 448 bits.

Skipjack

This is Incorrect.

DES

This is Incorrect.

IDEA

This is Incorrect.

Question 10: Sherry conducted an inventory of the cryptographic technologies in use within her organization and found the following algorithms and protocols in use. Which one of these technologies should she replace because it is no longer considered secure?

MD5

This is Correct. The MD5 hash algorithm has known collisions and, as of 2005, is no longer considered secure for use in modern environments.

3DES

This is Incorrect.

PGP

This is Incorrect.

WPA2

This is Incorrect.

Question 11: Gary intercepts a communication between two individuals and suspects that they are exchanging secret messages. The content of the communication appears to be the image shown here. What type of technique may the individuals use to hide messages inside this image?

Steganography

This is Correct. Steganography is the art of using cryptographic techniques to embed secret messages within other content. Some steganographic algorithms work by making alterations to the least significant bits of the many bits that make up image files.

Cryptographic hashing

This is Incorrect.

Transport layer security

This is Incorrect.

Visual cryptography

This is Incorrect.