Hello All,

Sorry this has been so long in coming — the chapter was long with lots to remember.

This following is a list of questions of my own creation dealing with Security+; any errors made are my own fault not Sybex’s (the book I am using).

This would be Chapter 7 — Cyrptography Basics, Methods, and Standards.

So on with the questions based on the sections that drove me crazy!
1) What is Steganography?

A) The process of hiding one message in another, such as hiding information inside a picture
B) It is a made up term that does not exist
C) It is the process of character substitution — one character or symbol into another
D) Steganography is a hash value

2) Transposition Ciphers is/are:

A) A form of electronic watermarking
B) when a message is broken down into blocks and those blocks are then scrambled
C) The science of hiding one message inside another
D) A very strong hashing method used by the government

3) What is the primary use of a one-way hash?

A) Confidentiality
B) Authenticity
C) Availability
D) A true one-way hash does not exist — it is just half the process of a two-way hash.

4) Both SHA-1 and MD5 are good hashing algorithms — which of the two is faster?

A) SHA-1 is faster
B) MD5 is faster
C) Both are the same
D) SHA-1 is not a hashing algorithm

5) How many keys does an Asymmetric Algorithm use?

A) 1
B) 2
C) 3
D) 4

6) Which of these asymmetric algorithms are considered the de facto standard?

B) Diffie-Hellman
C) El Gamal

7) Which of these asymmetric algorithms are NOT used to encrypt or decrypt messages? it is used only to send keys securely over an
unsecure network (such as the Internet).

C) Diffie-Hellman
D) El Gamal

8 ) Which of these algorithms has a similar function as RSA but is used in smaller, less intelligent devices such as cell phones or wireless devices?

A) Elliptical Curve Cryptography (ECC)
B) Diffie-Hellman
C) El Gamal

9) The Digital Signature Algorithm (DSA) is based on which algorithm?

B) El Gamal

10) True or False — PKI (Public Key Infrastructure) is a/an asymmetric system

A) True
B) False

11) What is a Certificate Authority (CA) responsible for?

A) Message encryption
B) Issuing certificates
C) Issuing and revoking certificates
D) Issuing, revoking, and distributing certificates

12) A PKI (Public Key Infrastructure) has four key components — name them

A) CA, RA, RSA, and digital certificates
B) CA, RSA, digital certificates, CPS
C) CPS, RSA, RA, and digital certificates
D) Only digital certificates

13) Public Key Cryptography Standards (PKCS) is a set of mandatory standards created by RSA and security leaders. True or False?

A) True
B) False

14) True or false — X.509 v2 is for CRL and the v3 is for certificates

A) True
B) False

15) True or false — S/MIME uses asymmetric algorithms for confidentiality and digital certificates for authentication.

A) True
B) False

16) True or false — PGP uses only asymmetric encryption

A) True
B) False

17) There are two primary protocols used by IPSec — AH (Authentication Header) and ESP (Encapsulating Security Payload). What ports does AH and ESP use?

A) 48, 49
B) 50, 51
C) 52, 53
D) 54, 55


The answers:








1) A
2) B
3) B
4) B
5) B
6) D
7) C
8 ) A
9) B
10) True
11) D
12) A
13) False — voluntary standards
14) True
15) True
16) False
17) B


Hello All,

As I continue my studying for my Security+ exam I find myself challenged occasionally from certain topics.

So to make these topics easier for me, I create my own test questions to challenge my mind. In turn I post them here to challenge your mind.

I figure if I give myself a good headache studying the least I could do is share that headache with you.

The questions below are based on Chapter 4 in the Sybex book (Amazon.com is your friend) and they are entirely my own creation.

If there are any mistakes please post a comment; I hate making mistakes.

1) What does Windows Internet Naming Service (WINS) do?

A) Nothing as there is no such application called WINS
B) It translates TCP/IP into IPX/SPX.
C) It translates NetBIOS names to TCP/IP addresses
D) WINS creates a typical NDS tree structure

2) Network Files System (NFS) is the default file sharing protocol for?

A) Microsoft
B) Windows
C) Unix
D) Cisco

3) An Intrusion Detection System has many different elements to it; what is the “manager”?

A) The person in charge of the IDS
B) The component or process the operator uses to manage the IDS
C) The component that analyzes the data collected by a sensor
D) The person who sets the security policy.

4) A misuse-detection IDS is primarily focused on what?

A) Looking for network anomalies
B) Evaluating attacks based on signatures and audit trails
C) Tracking what files are opened by any given employee
D) Supplementing the anti-virus program with additional information.

5) Where is the best place to put a network based IDS?

A) In front of the firewall
B) Behind the firewall
C) On a workstation
D) Both in front and behind the firewall

6) Passive responses strategies for a IDS include:

A) Logging,Notification, and Shunning
B) Shunning, Leaping, and Disrupting
C) Logging, Enticement, and Honeypots
D) Disrupting, Logging, Network configuration changes

7) Active Responses by an IDS are:

A) Notification, Shunning, Logging
B) Terminating processes, Network configuration changes, Deception
C) Honeypots, Leaping, Logging
D) Deception, Shunning, Network configuration changes






1) C
2) C
3) B
4) B
5) D
6) A
7) B