CISSP - Question Bank 09

Test your knowledge of CISSP with these multiple choice questions. Each Question Bank includes 20 practice questions that have been designed to measure your knowledge of key ideas.

A key factor to keep in mind is that guessing is better than not answering a question.

Every single question on the CISSP exam is a four-option multiple choice question with a single correct answer. Some are straightforward, such as asking you to select a definition. Some are a bit more involved, such as asking you to select the appropriate concept or best practice. And some questions present you with a scenario or situation and ask you to select the best response.

Start

Q1. Which one of the following is not a goal of cryptographic systems?

A. Nonrepudiation
B. Confidentiality
C. Availability
D. Integrity

View Answer
The Correct Answer is C.
Explanation: The four goals of cryptographic systems are confidentiality, integrity, authentication, and nonrepudiation.
Q2. John recently received an electronic mail message from Bill. What cryptographic goal would need to be met to convince John that Bill was actually the sender of the message?

A. Nonrepudiation
B. Confidentiality
C. Availability
D. Integrity

View Answer
The Correct Answer is A.
Explanation: Nonrepudiation prevents the sender of a message from later denying that they sent it.
Q3. What is the length of the cryptographic key used in the Data Encryption Standard (DES) cryptosystem?

A. 56 bits
B. 128 bits
C. 192 bits
D. 256 bits

View Answer
The Correct Answer is A.
Explanation: DES uses a 56-bit key. This is considered one of the major weaknesses of this cryptosystem.
Q4. What type of cipher relies upon changing the location of characters within a message to achieve confidentiality?

A. Stream cipher
B. Transposition cipher
C. Block cipher
D. Substitution cipher

View Answer
The Correct Answer is B.
Explanation: Transposition ciphers use a variety of techniques to reorder the characters within a message.
Q5. Which one of the following is not a possible key length for the Advanced Encryption Standard Rijndael cipher?

A. 56 bits
B. 128 bits
C. 192 bits
D. 256 bits

View Answer
The Correct Answer is A.
Explanation: The Rijndael cipher allows users to select a key length of 128, 192, or 256 bits, depending upon the specific security requirements of the application.
Q6. Which one of the following is a cryptographic goal that cannot be achieved by a secret key cryptosystem?

A. Nonrepudiation
B. Confidentiality
C. Availability
D. Integrity

View Answer
The Correct Answer is A.
Explanation: Nonrepudiation requires the use of a public key cryptosystem to prevent users from falsely denying that they originated a message.
Q7. When correctly implemented, what is the only cryptosystem known to be unbreakable?

A. Transposition cipher
B. Substitution cipher
C. Advanced Encryption Standard
D. One-time pad

View Answer
The Correct Answer is D.
Explanation: Assuming that it is used properly, the one-time pad is the only known cryptosystem that is not vulnerable to attacks.
Q8. What is the output value of the mathematical function 16 mod 3?

A. 0
B. 1
C. 3
D. 5

View Answer
The Correct Answer is B.
Explanation: Option B is correct because 16 divided by 3 equals 5, with a remainder value of 1.
Q9. In the 1940s, a team of cryptanalysts from the United States successfully broke a Soviet code based upon a one-time pad in a project known as VENONA. What rule did the Soviets break that caused this failure?

A. Key values must be random.
B. Key values must be the same length as the message.
C. Key values must be used only once.
D. Key values must be protected from physical disclosure.

View Answer
The Correct Answer is A.
Explanation: The cryptanalysts from the United States discovered a pattern in the method the Soviets used to generate their one-time pads. After this pattern was discovered, much of the code was eventually broken.
Q10. Which one of the following cipher types operates on large pieces of a message rather than individual characters or bits of a message?

A. Stream cipher
B. Caesar cipher
C. Block cipher
D. ROT3 cipher

View Answer
The Correct Answer is C.
Explanation: Block ciphers operate on message “chunks” rather than on individual characters or bits. The other ciphers mentioned are all types of stream ciphers that operate on individual bits or characters of a message.
Q11. What is the minimum number of cryptographic keys required for secure two-way communications in symmetric key cryptography?

A. One
B. Two
C. Three
D. Four

View Answer
The Correct Answer is A.
Explanation: Symmetric key cryptography uses a shared secret key. All communicating parties utilize the same key for communication in any direction.
Q12. What is the minimum number of cryptographic keys required for secure two-way communications in asymmetric key cryptography?

A. One
B. Two
C. Three
D. Four

View Answer
The Correct Answer is D.
Explanation: In asymmetric (public key) cryptography, each communicating party must have a pair of public and private keys. Therefore, two-way communication between parties requires a total of four cryptographic keys (a public and private key for each user).
Q13. Which one of the following Data Encryption Standard (DES) operating modes can be used for large messages with the assurance that an error early in the encryption/decryption process won't spoil results throughout the communication?

A. Cipher Block Chaining (CBC)
B. Electronic Codebook (ECB)
C. Cipher Feedback (CFB)
D. Output Feedback (OFB)

View Answer
The Correct Answer is D.
Explanation: Cipher Block Chaining and Cipher Feedback modes will carry errors throughout the entire encryption/decryption process. Electronic Codebook (ECB) operation is not suitable for large amounts of data. Output Feedback (OFB) mode does not allow early errors to interfere with future encryption/decryption.
Q14. What encryption algorithm is used by the Clipper chip, which supports the Escrowed Encryption Standard sponsored by the U.S. government?

A. Data Encryption Standard (DES)
B. Advanced Encryption Standard (AES)
C. Skipjack
D. IDEA

View Answer
The Correct Answer is C.
Explanation: The Skipjack algorithm implemented the key escrow standard supported by the U.S. government.
Q15. What is the minimum number of cryptographic keys required to achieve a higher level of security than DES with the Triple DES algorithm?

A. 1
B. 2
C. 3
D. 4

View Answer
The Correct Answer is B.
Explanation: To achieve added security over DES, 3DES must use at least two cryptographic keys.
Q16. What approach to key escrow divides the secret key into several pieces that are distributed to independent third parties?

A. Fair Cryptosystems
B. Key Escrow Standard
C. Escrowed Encryption Standard
D. Fair Escrow

View Answer
The Correct Answer is A.
Explanation: The Fair Cryptosystems approach would have independent third parties each store a portion of the secret key and then provide them to the government upon presentation of a valid court order.
Q17. What kind of attack makes the Caesar cipher virtually unusable?

A. Meet-in-the-middle attack
B. Escrow attack
C. Frequency attack
D. Transposition attack

View Answer
The Correct Answer is C.
Explanation: The Caesar cipher (and other simple substitution ciphers) are vulnerable to frequency attacks that analyze the rate at which specific letters appear in the ciphertext.
Q18. What type of cryptosystem commonly makes use of a passage from a well-known book for the encryption key?

A. Vernam cipher
B. Running key cipher
C. Skipjack cipher
D. Twofish cipher

View Answer
The Correct Answer is B.
Explanation: Running key (or “book”) ciphers often use a passage from a commonly available book as the encryption key.
Q19. Which AES finalist makes use of prewhitening and postwhitening techniques?

A. Rijndael
B. Twofish
C. Blowfish
D. Skipjack

View Answer
The Correct Answer is B.
Explanation: The Twofish algorithm, developed by Bruce Schneier, uses prewhitening and postwhitening.
Q20. Matthew and Richard wish to communicate using symmetric cryptography but do not have a prearranged secret key. What algorithm might they use to resolve this situation?

A. DES
B. AES
C. Diffie-Hellman
D. Skipjack

View Answer
The Correct Answer is C.
Explanation: The Diffie-Hellman algorithm allows for the secure exchange of symmetric keys over an insecure medium.

Copyright © 2018 | All Rights Reserved | Designed & Developed by Yeahhub.com