CISSP Domain 3 questions – Cryptanalytic quiz

Question : Which of the following tools can be used to improve the effectiveness of a brute-force password cracking attack?
Rainbow tables
This is Correct. Rainbow tables contain precomputed hash values for commonly used passwords and may be used to increase the efficiency of password cracking attacks.
Hierarchical screening
This is Incorrect.
TKIP
This is Incorrect.
None of the mentioned
This is Incorrect.
Question : What kind of attack makes the Caesar cipher virtually unusable?
Frequency Analysis
This is Correct. The Caesar cipher (and other simple substitution ciphers) are vulnerable to frequency analysis attacks that analyze the rate at which specific letters appear in the ciphertext.
Escrow attack
This is Incorrect.
Meet-in-the-middle attack
This is Incorrect.
Transposition attack
This is Incorrect.
Question : When an attacker is using a brute force attack to break a password, what are they doing?
Trying every possible key to, over time, break any encryption
This is Correct. Using the entire keyspace (every possible key); with enough time, any plaintext can be decrypted. Effective against all key-based ciphers except the one-time pad; it would eventually decrypt it, but it would also generate so many false positives that the data would be useless.
Looking at common letter frequency to guess the plaintext.
This is Incorrect.
Trying to recover the key without breaking the encryption.
This is Incorrect.
Looking at the hash values and comparing it to thousands or millions of pre-calculated hashes.
This is Incorrect.
Question : Which of these countermeasures would be effective against rainbow tables?
Salting
This is Correct. Random data that is used as an additional input to a one-way function that “hashes” a password or passphrase. The primary function of salts is to defend against dictionary attacks or a pre-compiled rainbow table attack. Rainbow Tables: Pre-made list of plaintext and matching ciphertext, often passwords and matching hashes. A table can contain millions of pairs.
Keeping hashes in Plain Text
This is Incorrect.
Key Stretching
This is Incorrect.
Limiting Login attempts.
This is Incorrect.
Question : When we are using frequency analysis, what are we looking at?
How often certain letters are used.
This is Correct. Frequency Analysis (analyzing the frequency of a certain character) – In English “E” is used 12.7% of the time. Given enough encrypted substitution text, you can break it just with that.
How often pairs of letters are used.
This is Incorrect.
How many messages are sent.
This is Incorrect.
How often messages are sent.
This is Incorrect.
Question : If an attacker is using a digraph attack, what is the attacker looking for? ​
How often pairs of letters are used.
This is Correct. Digraph attack: Similar to frequency analysis/attacks, but looks at common pairs of letters (TH, HE, IN, ER).
How often certain letters are used.
This is Incorrect.
How many messages are sent.
This is Incorrect.
How often messages are sent.
This is Incorrect.
Question : What name is given to the random value added to a password in an attempt to defeat rainbow table attacks?
Salt
This is Correct. The salt is a random value added to a password before it is hashed by the operating system. The salt is then stored in a password file with the hashed password. This increases the complexity of cryptanalytic attacks by negating the usefulness of attacks that use precomputed hash values, such as rainbow tables.
Hash
This is Incorrect.
Extender
This is Incorrect.
Rebar
This is Incorrect.
Question : Tom is a cryptanalyst and is working on breaking a cryptographic algorithm’s secret key. He has a copy of an intercepted message that is encrypted, and he also has a copy of the decrypted version of that message. He wants to use both the encrypted message and its decrypted plaintext to retrieve the secret key for use in decrypting other messages. What type of attack is Tom engaging in?
Known plaintext
This is Correct. In a known plaintext attack, the attacker has a copy of the encrypted message along with the plaintext message used to generate that ciphertext.
Chosen plaintext
This is Incorrect.
Chosen ciphertext
This is Incorrect.
Brute Force
This is Incorrect.
Question : Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message?
Transposition cipher
This is Correct. This message was most likely encrypted with a transposition cipher. The use of a substitution cipher, a category that includes AES and 3DES, would change the frequency distribution so that it did not mirror that of the English language.
Substitution cipher
This is Incorrect.
AES
This is Incorrect.
3DES
This is Incorrect.
Question : The Double DES (2DES) encryption algorithm was never used as a viable alternative to the original DES algorithm. What attack is 2DES vulnerable to that does not exist for the DES or 3DES approach?
Meet in the middle
This is Correct. The meet-in-the-middle attack uses a known plaintext message and uses both encryption of the plaintext and decryption of the ciphertext simultaneously in a brute force manner to identify the encryption key in approximately double the time of a brute force attack against the basic DES algorithm.
Man in the middle
This is Incorrect.
Bruteforce
This is Incorrect.
Chosen Ciphertext
This is Incorrect.
Question : Which attack executed against a cryptographic algorithm uses all possible keys until a key is discovered that successfully decrypts the ciphertext?
Brute force
This is Correct. A brute-force attack executed against a cryptographic algorithm uses all possible keys until a key is discovered that successfully decrypts the ciphertext. A frequency analysis attack relies on the fact that substitution and transposition ciphers will result in repeated patterns in ciphertext. A reverse engineering attack occurs when an attacker purchases a particular cryptographic product to attempt to reverse engineer the product to discover confidential information about the cryptographic algorithm used. A ciphertext-only attack uses several encrypted messages (ciphertext) to figure out the key used in the encryption process.
Ciphertext-only attack
This is Incorrect.
Reverse engineering
This is Incorrect.
Frequency analysis
This is Incorrect.
Question : Countermeasures against brute force attacks on cryptographic keys include which of the following?
1. Change keys
2. Increase key length
3. Change protocol
4. Change algorithm
1 and 2
This is Correct. Changing cryptographic keys frequently and increasing the key length can fight against the brute force attacks on keys. Changing protocols and algorithms cannot fight against the brute force attacks because the changed protocols and algorithms could be subjected to the same attacks or different attacks.
2 and 3
This is Incorrect.
3 and 4
This is Incorrect.
1 and 3
This is Incorrect.
Advertisements

3 thoughts

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.