Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic.The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher.Which of the following techniques will she use to fulfill this requirement?
Answer(s): C
The Data Encryption Standard (DES) is a block cipher (a form of shared secret encryption) that was selected by the National Bureau of Standards as an official Federal Information Processing Standard (FIPS) for the United States in 1976and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm that uses a 56-bit key. The algorithm was initially controversial with classified design elements, a relatively short key length, and suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutiny, which motivated the modern understanding of block ciphers and their cryptanalysis.
Which of the following protocols uses public-key cryptography to authenticate the remote computer?
Answer(s): A
Secure Shell (SSH) is a protocol that provides strong authentication and secure communications over unsecured channels. It uses public key encryption as the main method for user authentication. SSH secures connections over the Internet by encrypting passwords and other data.It also protects networks against IP spoofing, packet spoofing, password sniffing, and eavesdropping.SSH uses TCP port 22 as the default port and operates at the application layer.SSH protocol has the following three components:1.Transport layer protocol2.User authentication protocol3.Connection protocolAnswer option C is incorrect. The SCP protocol sends data in encrypted format. It is used to prevent potential packet sniffers from extracting usable information from data packets. The protocol itself does not provide authentication and security; it relies on the underlying protocol,SSH, to provide these features. SCP can interactively request any passwords or passphrases required to make a connection to a remote host,unlike rcp that fails in this situation.The SCP protocol implements file transfers only. It does so by connecting to the host using SSH and there executes an SCP server (scp). TheSCP server program is typically the same program as the SCP client. Answer option D is incorrect. Secure Sockets Layer (SSL), also known as Transport Layer Security (TLS) are cryptographic protocols that provide security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at theTransport Layer end-to-end. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and TransportControl Protocol (TCP) layers.Answer option B is incorrect. The full form of Telnet is Teletype Network. It is used to connect a computer to a local network (LAN) or theInternet. It can also be used for accessing servers by using a valid user name and password. It is a common way to control Web servers remotely.
Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?
Answer(s): D
The confidentiality service of a cryptographic system ensures that information will not be disclosed to any unauthorized person on a local network.
Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.
Answer(s): A,B,C
The following are the examples of technical controls:Network acchitectureSystem access auditing
Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.
Answer(s): A,C,D
The CIA triad provides the following three tenets for which security practices are measured:Confidentiality: It is the property of preventing disclosure of information to unauthorized individuals or systems. Breaches of confidentiality take many forms. Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality. If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality. Integrity: It means that data cannot be modified without authorization. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast a very large number of votes in an online poll, and so on.Availability: It means that data must be available at every time when it is needed.
Share your comments for ISC2 ISSAP exam with other users:
i can practice for exam
need certification.