EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

• Question 531:

  There is some dispute between two network administrators at your company. Your boss asks you to come and meet with the administrators to set the record straight. Which of these are true about PKI and encryption? Select the best answers.

  A. PKI provides data with encryption, compression, and restorability.

  B. Public-key encryption was invented in 1976 by Whitfield Diffie and Martin Hellman.

  C. When it comes to eCommerce, as long as you have authenticity, and authenticity, you do not need encryption.

  D. RSA is a type of encryption.

  Correct Answer: BD

  PKI provides confidentiality, integrity, and authenticity of the messages exchanged between these two types of systems. The 3rd party provides the public key and the receiver verifies the message with a combination of the private and public key. Public-key encryption WAS invented in 1976 by Whitfield Diffie and Martin Hellman. The famous hashing algorithm Diffie-Hellman was named after them. The RSA Algorithm is created by the RSA Security company that also has created other widely used encryption algorithms.

• Question 532:

  _____ is a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length.

  A. Bit Cipher

  B. Hash Cipher

  C. Block Cipher

  D. Stream Cipher

  Correct Answer: C

  A block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. When encrypting, a block cipher might take a (for example) 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext.

• Question 533:

  How many bits encryption does SHA-1 use?

  A. 64 bits

  B. 128 bits

  C. 160 bits

  D. 256 bits

  Correct Answer: C

  SHA-1 (as well as SHA-0) produces a 160-bit digest from a message with a maximum length of 264 - 1 bits, and is based on principles similar to those used by Professor Ronald L. Rivest of MIT in the design of the MD4 and MD5 message digest algorithms.

• Question 534:

  Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is valid on the server. Why do you think this is possible?

  A. Any cookie can be replayed irrespective of the session status

  B. The scenario is invalid as a secure cookie cannot be replayed

  C. It works because encryption is performed at the network layer (layer 1 encryption)

  D. It works because encryption is performed at the application layer (single encryption key)

  Correct Answer: D

• Question 535:

  Which of the following best describes session key creation in SSL?

  A. It is created by the server after verifying theuser's identity

  B. It is created by the server upon connection by the client

  C. It is created by the client from the server's public key

  D. It is created by the client after verifying the server's identity

  Correct Answer: D

  An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client using public-key techniques, then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows. Optionally, the handshake also allows the client to authenticate itself to the server.

• Question 536:

  Which of the following is NOT true of cryptography?

  A. Science of protecting information by encoding it into an unreadable format

  B. Method of storing and transmitting data in a form that only those it is intended for can read and process

  C. Most (if not all) algorithms can be broken by both technical and non-technical means

  D. An effective way of protecting sensitive information in storage but not in transit

  Correct Answer: D

  Cryptography will protect data in both storage and in transit.

• Question 537:

  What is SYSKEY # of bits used for encryption?

  A. 40

  B. 64

  C. 128

  D. 256

  Correct Answer: C

  System Key hotfix is an optional feature which allows stronger encryption of SAM. Strong encryption protects private account information by encrypting the password data using a 128-bit cryptographically random key, known as a password encryption key.

• Question 538:

  In the context of using PKI, when Sven wishes to send a secret message to Bob, he looks up Bob's public key in a directory, uses it to encrypt the message before sending it off. Bob then uses his private key to decrypt the message and reads it. No one listening on can decrypt the message. Anyone can send an encrypted message to Bob but only Bob can read it. Thus, although many people may know Bob's public key and use it to verify Bob's signature, they cannot discover Bob's private key and use it to forge digital signatures.

  What does this principle refer to?

  A. Irreversibility

  B. Non-repudiation

  C. Symmetry

  D. Asymmetry

  Correct Answer: D

  PKI uses asymmetric key pair encryption. One key of the pair is the only way to decrypt data encrypted with the other.

• Question 539:

  Steven the hacker realizes that the network administrator of company is using syskey to protect organization resources in the Windows 2000 Server. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2000 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch attach.

  How many bits does Syskey use for encryption?

  A. 40 bit

  B. 64 bit

  C. 256 bit

  D. 128 bit

  Correct Answer: D

  SYSKEY is a utility that encrypts the hashed password information in a SAM database using a 128-bit encryption key.

• Question 540:

  Symmetric encryption algorithms are known to be fast but present great challenges on the key management side. Asymmetric encryption algorithms are slow but allow communication with a remote host without having to transfer a key out of band or in person. If we combine the strength of both crypto systems where we use the symmetric algorithm to encrypt the bulk of the data and then use the asymmetric encryption system to encrypt the symmetric key, what would this type of usage be known as?

  A. Symmetric system

  B. Combined system

  C. Hybrid system

  D. Asymmetric system

  Correct Answer: C

  Because of the complexity of the underlying problems, most public-key algorithms involve operations such as modular multiplication and exponentiation, which are much more computationally expensive than the techniques used in most block ciphers, especially with typical key sizes. As a result, public- key cryptosystems are commonly "hybrid" systems, in which a fast symmetric-key encryption algorithm is used for the message itself, while the relevant symmetric key is sent with the message, but encrypted using a public-key algorithm. Similarly, hybrid signature schemes are often used, in which a cryptographic hash function is computed, and only the resulting hash is digitally signed.