Question : Which of the following tools can be used to improve the effectiveness of a brute-force password cracking attack?

Rainbow tables

This is Correct. Rainbow tables contain precomputed hash values for commonly used passwords and may be used to increase the efficiency of password cracking attacks.

Hierarchical screening

This is Incorrect.

TKIP

This is Incorrect.

None of the mentioned

This is Incorrect.

Question : What kind of attack makes the Caesar cipher virtually unusable?

Frequency Analysis

This is Correct. The Caesar cipher (and other simple substitution ciphers) are vulnerable to frequency analysis attacks that analyze the rate at which specific letters appear in the ciphertext.

Escrow attack

This is Incorrect.

Meet-in-the-middle attack

This is Incorrect.

Transposition attack

This is Incorrect.

Question : When an attacker is using a brute force attack to break a password, what are they doing?

Trying every possible key to, over time, break any encryption

This is Correct. Using the entire keyspace (every possible key); with enough time, any plaintext can be decrypted. Effective against all key-based ciphers except the one-time pad; it would eventually decrypt it, but it would also generate so many false positives that the data would be useless.

Looking at common letter frequency to guess the plaintext.

This is Incorrect.

Trying to recover the key without breaking the encryption.

This is Incorrect.

Looking at the hash values and comparing it to thousands or millions of pre-calculated hashes.

This is Incorrect.

Question : Which of these countermeasures would be effective against rainbow tables?

Salting

This is Correct. Random data that is used as an additional input to a one-way function that “hashes” a password or passphrase. The primary function of salts is to defend against dictionary attacks or a pre-compiled rainbow table attack. Rainbow Tables: Pre-made list of plaintext and matching ciphertext, often passwords and matching hashes. A table can contain millions of pairs.

Keeping hashes in Plain Text

This is Incorrect.

Key Stretching

This is Incorrect.

Limiting Login attempts.

This is Incorrect.

Question : When we are using frequency analysis, what are we looking at?

How often certain letters are used.

This is Correct. Frequency Analysis (analyzing the frequency of a certain character) – In English “E” is used 12.7% of the time. Given enough encrypted substitution text, you can break it just with that.

How often pairs of letters are used.

This is Incorrect.

How many messages are sent.

This is Incorrect.

How often messages are sent.

This is Incorrect.

Question : If an attacker is using a digraph attack, what is the attacker looking for?

How often pairs of letters are used.

This is Correct. Digraph attack: Similar to frequency analysis/attacks, but looks at common pairs of letters (TH, HE, IN, ER).

How often certain letters are used.

This is Incorrect.

How many messages are sent.

This is Incorrect.

How often messages are sent.

This is Incorrect.

Question : What name is given to the random value added to a password in an attempt to defeat rainbow table attacks?

Salt

This is Correct. The salt is a random value added to a password before it is hashed by the operating system. The salt is then stored in a password file with the hashed password. This increases the complexity of cryptanalytic attacks by negating the usefulness of attacks that use precomputed hash values, such as rainbow tables.

Hash

This is Incorrect.

Extender

This is Incorrect.

Rebar

This is Incorrect.

Question : Tom is a cryptanalyst and is working on breaking a cryptographic algorithm’s secret key. He has a copy of an intercepted message that is encrypted, and he also has a copy of the decrypted version of that message. He wants to use both the encrypted message and its decrypted plaintext to retrieve the secret key for use in decrypting other messages. What type of attack is Tom engaging in?

Known plaintext

This is Correct. In a known plaintext attack, the attacker has a copy of the encrypted message along with the plaintext message used to generate that ciphertext.

Chosen plaintext

This is Incorrect.

Chosen ciphertext

This is Incorrect.

Brute Force

This is Incorrect.

Question : Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message?

Transposition cipher

This is Correct. This message was most likely encrypted with a transposition cipher. The use of a substitution cipher, a category that includes AES and 3DES, would change the frequency distribution so that it did not mirror that of the English language.

Substitution cipher

This is Incorrect.

AES

This is Incorrect.

3DES

This is Incorrect.

Question : The Double DES (2DES) encryption algorithm was never used as a viable alternative to the original DES algorithm. What attack is 2DES vulnerable to that does not exist for the DES or 3DES approach?

Meet in the middle

This is Correct. The meet-in-the-middle attack uses a known plaintext message and uses both encryption of the plaintext and decryption of the ciphertext simultaneously in a brute force manner to identify the encryption key in approximately double the time of a brute force attack against the basic DES algorithm.

Man in the middle

This is Incorrect.

Bruteforce

This is Incorrect.

Chosen Ciphertext

This is Incorrect.

Question : Which attack executed against a cryptographic algorithm uses all possible keys until a key is discovered that successfully decrypts the ciphertext?

Brute force

This is Correct. A brute-force attack executed against a cryptographic algorithm uses all possible keys until a key is discovered that successfully decrypts the ciphertext. A frequency analysis attack relies on the fact that substitution and transposition ciphers will result in repeated patterns in ciphertext. A reverse engineering attack occurs when an attacker purchases a particular cryptographic product to attempt to reverse engineer the product to discover confidential information about the cryptographic algorithm used. A ciphertext-only attack uses several encrypted messages (ciphertext) to figure out the key used in the encryption process.

Ciphertext-only attack

This is Incorrect.

Reverse engineering

This is Incorrect.

Frequency analysis

This is Incorrect.

Question : Countermeasures against brute force attacks on cryptographic keys include which of the following?

1. Change keys 2. Increase key length

3. Change protocol

4. Change algorithm

1 and 2

This is Correct. Changing cryptographic keys frequently and increasing the key length can fight against the brute force attacks on keys. Changing protocols and algorithms cannot fight against the brute force attacks because the changed protocols and algorithms could be subjected to the same attacks or different attacks.

2 and 3

This is Incorrect.

3 and 4

This is Incorrect.

1 and 3

This is Incorrect.

Pingback: Domain 3: Security Architecture and Engineering – mrcissp

Love the way these questions are framed!! nice work Gaurav

LikeLike

Thank you Shashi.

LikeLike