Читаем CISSP Practice полностью

c. Min-entropy

d. Guessing entropy

77. a. Salt is a nonsecret value that is used in a cryptographic process, usually to ensure that an attacker cannot reuse the results of computations for one instance.

Shared secret is incorrect because it is a secret used in authentication that is known to the claimant and the verifier. Min-entropy is incorrect because it is a measure of the difficulty that an attacker has to guess the most commonly chosen password used in a system. Guessing entropy is incorrect because it is a measure of the difficulty that an attacker has to guess the average password used in a system.

78. A technique to protect software from potential forgeries is to use:

a. Digital libraries

b. Digital signals

c. Digital watermarks

d. Digital signatures

78. c. Digital watermarks are used to prove proprietary rights. It is the process of irreversibly embedding information into a digital signal. An example is embedding copyright information about the copyright owner.

Digital libraries are storage places for data and programs. Digital signals are electronic switches in computers and are represented as binary digits called bits. Digital signatures are a security authorization method to prove that a message was not modified.

79. Which of the following specifically deals with hiding messages and obscuring senders and receivers?

a. Quantum cryptography

b. Steganography

c. Cryptology

d. Cryptography

79. b. Steganography is a part of cryptology that deals with hiding messages and obscuring who is sending or receiving them. Message traffic is padded to reduce the signals that otherwise would come from the sudden beginning of messages. Quantum cryptography is based on quantum-mechanics principles where eavesdroppers alter the quantum state of the system.

Cryptology is the science and study of writing, sending, receiving, and deciphering secret messages. It includes authentication, digital signatures, steganography, and cryptanalysis. Cryptology includes both cryptography and cryptanalysis. Cryptology is the science that deals with hidden communications. Cryptography involves the principles, means, and methods used to render information unintelligible and for restoring encrypted information to intelligible form.

80. What is an encryption algorithm that encrypts and decrypts arbitrarily sized messages called?

a. Link encryption

b. Bulk encryption

c. End-to-end encryption

d. Stream encryption

80. d. The cipher block chaining method is used to convert a block encryption scheme with a variable length key into a stream encryption of arbitrarily sized messages.

In link encryption, all information passing over the link is encrypted in its entirety. Link encryption is also called an online encryption. Simultaneous encryption of all channels of a multichannel telecommunications trunk is called a bulk encryption.

In end-to-end encryption, the information is encrypted at its origin and decrypted at its intended destination without any intermediate decryption. End-to-end encryption is also called an offline encryption. In link encryption, bulk encryption, and end-to-end encryption, the algorithm takes a fixed-length block of message (for example, 64 bits in the case of both DES and IDEA).

81. What is a message authentication code?

a. Data checksum

b. Cryptographic checksum

c. Digital signature

d. Cyclic redundancy check

81. b. A checksum is digits or bits summed according to arbitrary rules and used to verify the integrity of data. All forms of checksums have the same objective, that is, to ensure that the conveyed information has not been changed in transit from sender to recipient. The difference between these checksums is how strong the protective mechanism is for changing the information, that is, how hard it will be to attack for a knowledgeable attacker, not for a natural source. A message authentication code is a cryptographic checksum with the highest form of security against attacks. The public key is used to encrypt the message prior to transmission, and knowledge of a private (secret) key is needed to decode or decrypt the received message.

A data checksum is incorrect because it catches errors that are the result of noise or other more natural or nonintentional sources. For example, most of these errors are due to human errors.