Cybersecurity Plus Bootcamp Module 3 Quiz

Which part of a simple cryptographic system must be kept secret for security?

Cipher (algorithm)
Ciphertext (encrypted message)
Key
All of the above

Why is hashing a useful security technique, even though it cannot be reversed?

It hides encryption keys.
It allows two parties to verify data integrity by comparing digests.
It compresses data for faster transmission.
It can replace encryption entirely.

Which security property is primarily assured by symmetric encryption?

Integrity
Confidentiality
Non-repudiation
Availability

Which of the following describes the properties of a public/private key pair?

Both keys can reverse each other’s operations; private key is secret, public key is shared.
The private key can be derived from the public key.
Both keys are kept secret.
Only the public key can encrypt data.

What is the correct process for digitally signing a message?

Encrypt the message with the sender’s public key.
Hash the message and encrypt the digest with the sender’s private key.
Hash the message and encrypt the digest with the recipient’s public key.
Encrypt the message with the recipient’s private key.

How does a subject obtain a certificate from a Certificate Authority (CA)?

Email the CA directly requesting a certificate.
Generate a key pair, submit a CSR with public key and info to the CA.
Download the CA’s private key.
Ask a third party to vouch for them without verification.

What cryptographic information is stored in a digital certificate?

The subject’s private key
The subject’s public key and supported algorithms.
Only the CA’s signature
Encryption keys for all users

Which certificate field supports identification of a server by multiple subdomains?

Common Name (CN)
Subject Alternative Name (SAN)
Issuer
Key Usage

If a company loses control of its private key, what could be at risk?

Only encrypted data
Only authentication systems
Both data confidentiality and authentication systems
Nothing, if the public key is intact

What is the main risk of key escrow, and how can it be mitigated?

Loss of encryption capability; mitigated with backups
Rogue insider decryption; mitigated with M-of-N access controls
Public key disclosure; mitigated with hashing
Brute force attacks; mitigated with longer keys

What mechanism informs clients about suspended or revoked certificates?

DNS lookups
CRL or OCSP
Key escrow service
Public key hashing

Why is a Hardware Security Module (HSM) often preferred over server-based key management?

It is cheaper and easier to deploy.
It reduces attack surface, is tamper-evident, and offers better RNG.
It automatically issues certificates without verification.
It eliminates the need for public keys.

In full-disk encryption, what type of cipher is used for the Key Encryption Key (KEK)?

Symmetric cipher (AES)
Asymmetric cipher (RSA or ECC)
Hash function (SHA-256)
Stream cipher (RC4)

True or False: Perfect Forward Secrecy (PFS) ensures that if a server’s private key is compromised, past traffic cannot be decrypted.

TRUE
FALSE

Why does Diffie-Hellman support Perfect Forward Secrecy (PFS)?

It hides the public key.
It allows session keys to be derived without transmitting them directly.
It encrypts passwords.
It stores keys in a certificate.

True or False: A salt value must be kept secret to protect a hashed password.

TRUE
FALSE

Cybersecurity Plus Bootcamp Module 3 Quiz

Cybersecurity Plus Bootcamp Module 3 Quiz

Quiz Summary

Information

Results

Results

Categories

1. Question

2. Question

3. Question

4. Question

5. Question

6. Question

7. Question

8. Question

9. Question

10. Question

11. Question

12. Question

13. Question

14. Question

15. Question

16. Question