Читаем CISSP Practice полностью

Technical control is incorrect because it includes activities such as failure detection, problem diagnosis, and service restoration of network components. The scope includes alarms, status indicators, test-equipment interfaces, remote controls, and automatic monitoring.

71. Which of the following is an example of passive wiretapping?

a. Traffic analysis

b. Message modification

c. Message delay

d. Message deletion

71. a. Passive wiretapping includes not only information release but also traffic analysis (using addresses, other header data, message length, and message frequency). Security measures such as traffic padding can be used to prevent traffic analysis attacks. Active wiretapping includes message stream modifications, including delay, duplication, deletion, or counterfeiting.

72. What is a hash-based message authentication code (HMAC) based on?

a. Asymmetric key

b. Public key

c. Symmetric key

d. Private key

72. c. A hash-based message authentication code (HMAC) is based on a symmetric key authentication method using hash functions. A symmetric key is a cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt and decrypt, or create a message authentication code (MAC), and to verify the code.

Asymmetric key is incorrect because there are two related keys in asymmetric keys; a public key and a private key that are used to perform complementary operations, such as encryption and decryption, or signature generation and signature verification. Public key is incorrect because it is the public part of an asymmetric key pair that is typically used to verify signatures or encrypt data. Private key is incorrect because it is the secret part of an asymmetric key pair that is typically used to digitally sign or decrypt data.

73. What is the main purpose of a message authentication code (MAC)?

a. Recovery

b. Prevention

c. Detection

d. Correction

73. c. A message authentication code (MAC) is a cryptographic checksum on data that uses a symmetric key to detect both accidental and intentional modifications of data.

74. The major functions of a public key used in cryptography include which of the following?

1. Encrypt data

2. Decrypt data

3. Generate signatures

4. Verify signatures

a. 1 only

b. 2 only

c. 1 or 4

d. 2 or 3

74. c. The public key is the public part of an asymmetric key pair that is typically used to encrypt data or verify signatures. The private key is the secret part of an asymmetric key pair that is typically used to decrypt data and to digitally sign (i.e., generate signatures).

75. Approved hash functions must satisfy which of the following properties?

1. One-way

2. Collision resistant

3. Resistant to offline attacks

4. Resistant to online attacks

a. 1 only

b. 3 only

c. 4 only

d. 1 and 2

75. d. A hash function maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions must satisfy the following two properties: one-way and collision resistant. It is computationally infeasible to find any input that map to any prespecified output or two distinct inputs that map to the same output.

Offline attack is an attack where the attacker obtains some data through eavesdropping that he can analyze in a system of his own choosing. Online attack is an attack against an authentication protocol where the attacker either assumes the role of a claimant with a genuine verifier or actively alters the authentication channel. The goal of the attack may be to gain authenticated access or learn authentication secrets.

76. Which of the following is a measure of the amount of uncertainty that an attacker faces to determine the value of a secret?

a. Entropy

b. Random number

c. Nonce

d. Pseudonym

76. a. Entropy is a measure of the amount of uncertainty that an attacker faces to determine the value of a secret. Entropy is usually stated in bits as it relates to information theory. It is a statistical parameter.

Random number is incorrect because it can be used to generate passwords or keys. Nonce is incorrect because it is a value used in security protocols that is never repeated with the same key. Pseudonym is incorrect because it is a subscriber name that has been chosen by the subscriber that is not verified as meaningful by identity proofing.

77. Which of the following is a nonsecret value that is used in a cryptographic process?

a. Salt

b. Shared secret