Chapter 10 – Understanding Cryptography and PKI

CompTIA Security+ (SY0-701) – Chapter 10

1 / 165

Which of the following describes the correct use of public and private keys in asymmetric encryption?

2 / 165

What is the role of a key recovery agent in the context of a PKI?

3 / 165

Why might an organization decide against encrypting all data?

4 / 165

What is a common hashing algorithm in use today?

5 / 165

What is an offline password attack according to the context?

6 / 165

What is the purpose of post-quantum cryptography?

7 / 165

What is the primary use of an Email certificate?

8 / 165

What is included in a digital certificate?

9 / 165

How do most email applications use asymmetric and symmetric encryption to enhance security?

10 / 165

What is one of the first steps in thwarting an offline brute force attack?

11 / 165

What is a primary indicator of an online password attack?

12 / 165

Which of the following statements about the Canonical Encoding Rules (CER) is correct?

13 / 165

Which of these is NOT part of the process of validating a certificate?

14 / 165

What is the purpose of key exchange in asymmetric encryption?

15 / 165

What is the main characteristic of the ROT13 cipher?

16 / 165

What is the Rayburn box referred to in the text?

17 / 165

What is the main reason why systems store hashes of passwords instead of the actual passwords?

18 / 165

What is a key principle to remember when using a stream cipher?

19 / 165

Which of the following security benefits does a digital signature provide when a recipient successfully decrypts the hash included in a digitally signed email?

20 / 165

Why might an organization choose to keep some CAs offline, as per the text?

21 / 165

What does high resiliency refer to in the context of cryptography?

22 / 165

What is the purpose of a hash in cryptography?

23 / 165

What is a key characteristic of asymmetric encryption?

24 / 165

What does size, in relation to cryptography, typically refer to?

25 / 165

What does ’Data at rest’ refer to?

26 / 165

What are the three security benefits provided by digital signatures?

27 / 165

What is the major flaw of symmetric encryption methods?

28 / 165

What is the primary purpose of steganography?

29 / 165

What are the three security benefits that are provided by the Digital Signature Algorithm?

30 / 165

What does the response ’unknown’ from an Online Certificate Status Protocol (OCSP) check most likely indicate?

31 / 165

What does Confidentiality ensure in the context of cryptography?

32 / 165

What is the main advantage of Elliptic Curve Cryptography (ECC)?

33 / 165

What is a primary indicator of an online password attack, as typically seen in systems such as Windows?

34 / 165

In terms of symmetric encryption, why are symmetric keys often compared to a house key?

35 / 165

Which of the following best describes the role of a private key in asymmetric encryption?

36 / 165

Which of the following accurately describes the strengths of the Advanced Encryption Standard (AES)?

37 / 165

Which of the following is NOT correct about Privacy Enhanced Mail (PEM) certificates?

38 / 165

What is a common method used in video steganography and why does it have a drawback?

39 / 165

Which of the following is an strong indicator of a pass the hash attack?

40 / 165

What is a notable weakness of the PBKDF2 key stretching technique?

41 / 165

What distinguishes a password spraying attack from other types of brute force or dictionary attacks?

42 / 165

What does the ’Subject’ element in a certificate represent?

43 / 165

Which of the following is NOT a characteristic or function of key stretching?

44 / 165

Why is it important to consider the limitations of different algorithms?

45 / 165

What problem presented with hash calculations does HMAC solve?

46 / 165

Which of the following describes the key differences between Blowfish and Twofish?

47 / 165

What supports a use case of low latency in relation to cryptographic concepts in the SY-601 exam objectives?

48 / 165

What is the main difference between Stream ciphers and Block ciphers?

49 / 165

What purpose do hashes serve in file verification as demonstrated by the Kali Linux image download example?

50 / 165

Why is a slower algorithm desired when salting and hashing passwords?

51 / 165

Which of the following best describes the MD5 hashing algorithm?

52 / 165

What are the three security benefits provided by Digital Signature Algorithm?

53 / 165

Which of the following is an important principle when using a stream cipher?

54 / 165

Why does HTTPS combine both asymmetric and symmetric encryption in securing web traffic?

55 / 165

Why shouldn’t keys be reused in symmetric encryption, especially with stream ciphers?

56 / 165

What would happen if your friend tried to decrypt your encoded message with a key of six, but you encrypted the message with a key of three in symmetric encryption?

57 / 165

What is the purpose of a ’code signing’ certificate?

58 / 165

What is the purpose of the sha256sum.exe program?

59 / 165

Which certificate type uses additional steps beyond domain validation and used to display the name of the organisation before the URL in some browsers?

60 / 165

What inhibits the longevity of the DES cryptographic algorithm?

61 / 165

What does the ROT13 cipher do in symmetric encryption?

62 / 165

What does hashing provide for messages?

63 / 165

What is a Trusted Root Certification Authority store?

64 / 165

What is a significant difference between block ciphers and stream ciphers according to the given text?

65 / 165

What is the main benefit of email encryption?

66 / 165

What purposes can a certificate in asymmetric encryption serve besides including the public key?

67 / 165

What is an important characteristic of ephemeral keys in asymmetric encryption?

68 / 165

Which of the following file extension is commonly used for a PEM file holding just the private key?

69 / 165

Which of the following use cases is supported by encryption protocols in relation to cryptographic concepts as listed in the SY-601 exam objectives?

70 / 165

What is the purpose of the serial number within a certificate?

71 / 165

Which of the following elements does a certificate typically include?

72 / 165

Which steps are involved in sending an encrypted email using only asymmetric encryption?

73 / 165

What does the term ’Certificate revoked’ refer to?

74 / 165

What is a birthday attack in the context of computing security?

75 / 165

When did NIST recommend deprecating 1024-bit keys and implementing 2048 keys, and until when do they predict 2048-bit keys should be safe?

76 / 165

What is the purpose of hashing a patch file before releasing it for download?

77 / 165

What is the function of digital signatures in the context of cryptographic concepts?

78 / 165

What are the Distinguished Encoding Rules (DER) primarily used for in the context of certificates?

79 / 165

What is a key difference between a plaintext attack and a chosen plaintext attack, as described in the text?

80 / 165

Which mode of operation used with encryption does not provide authenticity?

81 / 165

What is the correct statement regarding P7B certificates?

82 / 165

What is one recommended way to prevent SSL-based downgrade attacks mentioned in the text?

83 / 165

Which of the following is NOT a security benefit provided by the use of digital signatures?

84 / 165

What is the function of the public key in the ’Rayburn Box’ analogy?

85 / 165

What is the function of ’User’ type of certificate?

86 / 165

What does a different hash value in a downloaded file as compared to the original indicate?

87 / 165

What is the role of the ’Issuer’ in a certificate?

88 / 165

What is a characteristic of a self-signed certificate?

89 / 165

According to the text, which of the following statements about symmetric encryption is incorrect?

90 / 165

What does the term ’Data in processing’ refer to in the context of encryption?

91 / 165

What is the primary use of a Subject Alternative Name (SAN) certificate?

92 / 165

What is the purpose of an encryption algorithm?

93 / 165

What does a lack of entropy result in when related to cryptographic algorithms?

94 / 165

What does a domain-validated certificate indicate?

95 / 165

What are the three security benefits of using a digital signature?

96 / 165

What is the purpose of Public Key Pinning?

97 / 165

Why might a Certificate Authority (CA) revoke a certificate?

98 / 165

What are some of the strengths of the Advanced Encryption Standard (AES)?

99 / 165

What is the main function of OpenSSL in certificate registration?

100 / 165

What does ’data in motion’ refer to and how is it commonly protected?

101 / 165

Which of the following correctly represents non-repudiation in the context of digital signatures?

102 / 165

What is the role of the Registration Authority (RA) in the process of certificate creation?

103 / 165

What is the main characteristic of symmetric encryption?

104 / 165

What is the key size used in 3DES encryption?

105 / 165

Which of the following best describes the function and use of a wildcard certificate?

106 / 165

What is the main advantage of using rainbow tables in password cracking?

107 / 165

What is the purpose of Secure Hash Algorithms (SHA) within the context of system security?

108 / 165

What is the purpose of transport encryption methods?

109 / 165

What is the primary vulnerability of symmetric encryption if the same key is continuously reused?

110 / 165

What does predictability refer to in the context of cryptography?

111 / 165

Why is MD5 no longer recommended as a cryptographic hash?

112 / 165

Which of the following best describes the purpose of encryption as part of cryptography?

113 / 165

What does the label ’—–BEGIN CERTIFICATE—–’ and ’—–END CERTIFICATE—–’ in a certificate text signify?

114 / 165

What are the two primary methods of encryption described in the text?

115 / 165

What does the term ’data in transit’ refer to in the context of data security, and how is it commonly protected?

116 / 165

What is the primary purpose of a SHA-3-256 hash?

117 / 165

What is the role of the Registration Authority (RA) in the certification process?

118 / 165

What is the purpose of audio beacons in the context of audio steganography?

119 / 165

What is the purpose of steganography in cryptography?

120 / 165

Which feature does HMAC provide that other hashing algorithms like MD5 and SHA-256 do not?

121 / 165

What is one main use of Machine/Computer certificates?

122 / 165

What is a Certificate Revocation List (CRL) in the context of a Certificate Authority (CA)?

123 / 165

Which certificate format is a predecessor to the P12 and is commonly used on Windows systems to import and export certificates?

124 / 165

What key is used to encrypt an email digital signature?

125 / 165

What does key management within a PKI involve?

126 / 165

According to the text, which concept provides assurances that data has not been modified?

127 / 165

Which element is not included in a Certificate Signing Request (CSR) according to the text?

128 / 165

What does a hash function in cryptography ensure?

129 / 165

What is the function of a ’key’ in the process of data encryption?

130 / 165

What is the main purpose of salting passwords?

131 / 165

What is the main characteristic of Asymmetric encryption as defined in the CompTIA Security+ exam guide?

132 / 165

What is a dictionary attack and how can it be prevented?

133 / 165

What is the main purpose of public key pinning?

134 / 165

What are the two primary security methods provided by cryptography for email protection?

135 / 165

What is a key element in a Public Key Infrastructure (PKI)?

136 / 165

What are the benefits of using homomorphic encryption?

137 / 165

What is the role of hashing protocols in cryptographic concepts as outlined in the SY-601 exam objectives?

138 / 165

Which of the following use cases provided in the SY-601 exam objectives is supported by ECC and other lightweight cryptography algorithms?

139 / 165

Which cryptographic algorithms are used to support deploying cryptography on low power devices, such as wireless devices and IoT devices?

140 / 165

Which of the following is a function of Secure/Multipurpose Internet Mail Extensions (S/MIME)?

141 / 165

Which of the following is not mentioned in the study material as a characteristic of symmetric algorithms?

142 / 165

What is the relationship between key size and strength in terms of data encryption in the Advanced Encryption Standard (AES)?

143 / 165

What purpose does the Serial Number serve in a certificate?

144 / 165

What does the term ’block’ in ’blockchain’ refer to?

145 / 165

What is meant by ’Lightweight Cryptography’ in the context of internet security?

146 / 165

What is a common method used in Image Steganography to hide data without noticeably altering the image or the file size?

147 / 165

What are the essential components that enable a block to be added to a blockchain?

148 / 165

What is the purpose of a Root certificate?

149 / 165

What does it signify when you can unlock the Rayburn box with the matching public key?

150 / 165

Why are weak keys a risk to data security?

151 / 165

What is the benefit of Perfect forward secrecy in a cryptographic system?

152 / 165

What is the first step in the process of validating a certificate?

153 / 165

What is the primary consequence of a man-in-the-middle attack on a Quantum key distribution (QKD) connection?

154 / 165

What does Cryptographic diversity typically refer to?

155 / 165

What does non-repudiation in cryptography ensure?

156 / 165

Which of the following best describes the function of a Certificate Authority (CA)?

157 / 165

Which technique is used to support obfuscation according to the SY-601 exam objectives?

158 / 165

What is a critical difference between SSL and TLS?

159 / 165

What is a Rayburn box used for in the context of public and private keys?

160 / 165

Which of the following statements best describes the efficiency of the Advanced Encryption Standard (AES) based on the given text?

161 / 165

What check is done to determine if a certificate is not trusted?

162 / 165

What is a key difference between the behavior of bits in regular computing vs. quantum computing?

163 / 165

Which of the following is TRUE about Bcrypt?

164 / 165

What is the primary difference in the process of obtaining an Extended Validation (EV) certificate as compared to a Domain Validation certificate?

165 / 165

Which of the following statements best describes the difference between a hash and a checksum?

Your score is

Boost Your Skills with Free Anki Flashcards

Click the download button to get the CompTIA Security+ Anki deck.

Anki deck of CompTIA A+ Practice Questions images

Chapter 10 – Understanding Cryptography and PKI

Boost your IT skills with our free CompTIA Security+ practice test focusing on Chapter 10: Understanding Cryptography and PKI. Whether you’re entering the IT industry or advancing in cyber security, our resources are here to help you succeed in the CompTIA Exam.

Why Choose Our CompTIA Security+ Practice Test?

  • Skill Enhancement:

Covers essential concepts in cryptography and PKI crucial for the CompTIA Exam.

  • Career Advancement:

Passing the CompTIA Security+ exam can open doors to new job opportunities and significant career changes in the IT industry.

  • Vulnerability Management:

Master the art of cryptography and PKI, key skills in cyber security.

Free Anki Deck Download

Download our free Anki Deck, reviewed by industry expert Josh Madakor, who has extensive experience in IT and cyber security, including work with Microsoft and government sectors. Learn more about Anki on the official site. Get Started with Your IT Career Change Today! Visit the CompTIA Security+ official site and the CompTIA Network+ official site for more information.
Explore our other free practice tests:
Share the Post:

Related Posts

RSS  
  • Discover How to Work Remotely and Travel!
    Have you ever dreamed about working from beautiful places like Thailand or Japan, but weren’t sure if it’s possible? I’m here to share my adventures and some tips on how to make working remotely while exploring the world a reality.  Who Am I? My name is Josh, and I’m all about creating helpful content on […]
  • Why Contract Work in IT Can Be a Good Start for Your Career
    Hey buddies! Are you curious about what it’s like to work in IT and cyber security? Well, you’re in luck because today we’re diving into the world of contract work and how it might just be the jumpstart your career needed! Getting Into the World of Contract Work in IT Josh, an expert in IT […]
  • Is Cyber Security a Career That Will Last Forever?
    Hey everyone! Have you ever wondered if choosing a career in cyber security is a good idea for the long haul? Well, let’s dive into this topic with the help of Josh Maor’s insights, and find out why cyber security might just be one of the smartest career choices out there. What Is Cyber Security? […]
IT Course

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

Ready to get started your journey?
Cyber Course

The Affordable, Hands-On Cyber Security that gets Results!

Ready to get started your journey?

JOIN OUR

NEWSLETTER

Sign up for our free newsletters.

by joining 8000+ others in my weekly newsletter 

where you’ll get a dose of my thoughts on self-improvement, career,

and life!