Читаем CISSP Practice полностью

184. c. Both pretty good privacy (PGP) and privacy enhanced mail (PEM) encrypt messages and sign messages based on public-key cryptography. However, they operate on different philosophies. PGP is based on a distributed network of individuals. PEM is based on the concept of a hierarchical organization. PGP is suited for individuals communicating on the Internet, whereas PEM might be more suited for application systems in all organizations. PGP is a product, not a standard. It does not interoperate with any other security product, either PEM or non-PEM. PGP is portable to a wide variety of hardware platforms.

185. It is particularly important to protect audit trail data against modification during communication between parties. Which of the following security control techniques would protect against such modifications?

a. Strong access controls, such as passwords

b. Digital signatures

c. Logging before and after image records of modifications

d. Review of audit trail data

185. b. A digital signature is a cryptographic checksum computed as a function of a message and a user’s private key. A user’s digital signature varies with the data and protects against modification. This does not prevent deletion or modification of the audit trail, but it provides an alert that the audit trail has been altered. Access to online audit logs should be strictly controlled

Passwords are not strong access controls due to their weaknesses, such as sharing or writing them down. Logging before and after image records of modification is incorrect because it is a passive activity and does not protect against modification. Audit trail data can be used to review what occurred after an event, for periodic reviews, and for real-time analysis.

186. Cryptography is a branch of mathematics based on the transformation of data. Which of the following is not a true statement about cryptography used in computer security?

a. Cryptography ensures data confidentiality.

b. Cryptography ensures data integrity.

c. Cryptography ensures data availability.

d. Cryptography ensures electronic signatures.

186. c. Cryptography, a hidden writing, is an important tool for protecting information and is used in many aspects of computer security. It can help provide data confidentiality, data integrity, electronic signatures, and advanced user authentication. It has nothing to do with data availability, which is a property that a given resource will use during a given time period.

187. In cryptography, the Rivest, Shamir, and Adelman (RSA) scheme has which of the following pairs of characteristics?

1. Secret key encryption algorithm system

2. Asymmetric cipher system

3. Public key encryption algorithm system

4. Symmetric cipher system

a. 1 and 4

b. 2 and 3

c. 1 and 2

d. 3 and 4

187. b. The Rivest, Shamir, and Adelman (RSA) scheme uses a public key encryption algorithm and is an asymmetric cipher system. The data encryption standard (DES) uses a secret key encryption algorithm and is a symmetric cipher system. RSA uses two keys (private and public), whereas DES uses one key (private).

188. What is the most common attack against cryptographic algorithms?

a. Ciphertext-only attack

b. Birthday attack

c. Chosen plain text attack

d. Adaptive chosen plain text attack

188. a. Exploiting a weakness is called an attack. In a ciphertext-only attack, an attacker has some ciphertext encrypted with an algorithm. He does not know the plain text or the key, but he knows the algorithm. His goal is to find the corresponding plain text. This is the most common attack.

A birthday attack is an attack against message digest 5 (MD5), a hash function. The attack is based on probabilities where it finds two messages that hash to the same value (collision) and then exploits it to attack. The attacker is looking for “birthday” pairs of two messages with the same hash values. This attack is not feasible given today’s computer technology.

In a chosen plain text attack, the attacker knows the plain text and the corresponding ciphertext and algorithm but does not know the key. This type of attack is harder but still possible. The adaptive chosen plain text attack is a variation of the chosen plain text attack where the selection of the plain text is changed based on the previous attack results.