Last Updated on June 5, 2019 by Admin
CCNA Cybersecurity Operations (Version 1.1) – CyberOps Chapter 9 Exam Online 2019
CCNA CyberOps 1.1 -- Chapter 9 Exam
Quiz-summary
0 of 25 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
Information
CCNA CyberOps 1.1 -- Chapter 9 Exam
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 25 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- Answered
- Review
-
Question 1 of 25
1. Question
1 pointsWhat is the focus of cryptanalysis?Correct
Incorrect
Cryptology is the science of making and breaking secret codes. There are two separate disciplines in cryptology, cryptography and cryptanalysis. Cryptography is the development and use of codes. Cryptanalysis is the breaking of those secret (encrypted) codes.
Hint
Cryptology is the science of making and breaking secret codes. There are two separate disciplines in cryptology, cryptography and cryptanalysis. Cryptography is the development and use of codes. Cryptanalysis is the breaking of those secret (encrypted) codes. -
Question 2 of 25
2. Question
1 pointsThe following message was encrypted using a Caesar cipher with a key of 2: fghgpf vjg ecuvng What is the plaintext message?Correct
Incorrect
The Caesar cipher was a simple substitution cipher. In this example, if the key is 2, the letter d was moved two spaces to the right, resulting in an encoded message that used the letter f in place of the letter d. The letter g would be the substitute for the letter e, and so on. So, the resulting plaintext is f=d, g=e, h=f, g=e, p=n, f=d, v=t, j=h, g=e, e=c, c=a, u=s, v=t, n=l, g=e.
Hint
The Caesar cipher was a simple substitution cipher. In this example, if the key is 2, the letter d was moved two spaces to the right, resulting in an encoded message that used the letter f in place of the letter d. The letter g would be the substitute for the letter e, and so on. So, the resulting plaintext is f=d, g=e, h=f, g=e, p=n, f=d, v=t, j=h, g=e, e=c, c=a, u=s, v=t, n=l, g=e. -
Question 3 of 25
3. Question
1 pointsA company is developing a security policy for secure communication. In the exchange of critical messages between a headquarters office and a branch office, a hash value should only be recalculated with a predetermined code, thus ensuring the validity of data source. Which aspect of secure communications is addressed?Correct
Incorrect
Secure communications consists of four elements:Data confidentiality - guarantees that only authorized users can read the message Data integrity - guarantees that the message was not altered Origin authentication - guarantees that the message is not a forgery and does actually come from whom it states Data nonrepudiation – guarantees that the sender cannot repudiate, or refute, the validity of a message sent
Hint
Secure communications consists of four elements:Data confidentiality - guarantees that only authorized users can read the message Data integrity - guarantees that the message was not altered Origin authentication - guarantees that the message is not a forgery and does actually come from whom it states Data nonrepudiation – guarantees that the sender cannot repudiate, or refute, the validity of a message sent -
Question 4 of 25
4. Question
1 pointsWhen implementing keys for authentication, if an old key length with 4 bits is increased to 8 bits, which statement describes the new key space?Correct
Incorrect
A key length with 4 bits will provide a key space of 2^4=16 keys. The new key length with 8 bits can provide a key space of 2^8=256 keys. The key space with 256 keys is 15 times larger than a key space with 16 keys.
Hint
A key length with 4 bits will provide a key space of 2^4=16 keys. The new key length with 8 bits can provide a key space of 2^8=256 keys. The key space with 256 keys is 15 times larger than a key space with 16 keys. -
Question 5 of 25
5. Question
1 pointsWhich statement is a feature of HMAC?Correct
Incorrect
A keyed-hash message authentication code (HMAC or KHMAC) is a type of message authentication code (MAC). HMACs use an additional secret key as input to the hash function, adding authentication to data integrity assurance.
Hint
A keyed-hash message authentication code (HMAC or KHMAC) is a type of message authentication code (MAC). HMACs use an additional secret key as input to the hash function, adding authentication to data integrity assurance. -
Question 6 of 25
6. Question
2 pointsWhat are two properties of a cryptographic hash function? (Choose two.)Correct
Incorrect
A cryptographic hash function should have the following properties:The input can be any length. The output has a fixed length. The hash value is relatively easy to compute for any given input. The hash is one way and not reversible. The hash is collision free, meaning that two different input values will result in different hash values
Hint
A cryptographic hash function should have the following properties:The input can be any length. The output has a fixed length. The hash value is relatively easy to compute for any given input. The hash is one way and not reversible. The hash is collision free, meaning that two different input values will result in different hash values -
Question 7 of 25
7. Question
2 pointsA security specialist is tasked to ensure that files transmitted between the headquarters office and the branch office are not altered during transmission. Which two algorithms can be used to achieve this task? (Choose two.)Correct
Incorrect
The task to verify that messages are not altered during transmission is to ensure data integrity, which can be implemented using hash function. HMAC can be used for ensuring origin authentication. AES and 3DES are encryption algorithms.
Hint
The task to verify that messages are not altered during transmission is to ensure data integrity, which can be implemented using hash function. HMAC can be used for ensuring origin authentication. AES and 3DES are encryption algorithms. -
Question 8 of 25
8. Question
1 pointsA company is developing a security policy to ensure that OSPF routing updates are authenticated with a key. What can be used to achieve the task?Correct
Incorrect
The task to ensure that routing updates are authenticated is data origin authentication, which can be implemented using HMAC. HMAC is MD5 or SHA-1 plus a secret key. AES and 3DES are two encryption algorithms. MD5 and SHA-1 can be used to ensure data integrity, but not authentication.
Hint
The task to ensure that routing updates are authenticated is data origin authentication, which can be implemented using HMAC. HMAC is MD5 or SHA-1 plus a secret key. AES and 3DES are two encryption algorithms. MD5 and SHA-1 can be used to ensure data integrity, but not authentication. -
Question 9 of 25
9. Question
1 pointsWhich statement describes the Software-Optimized Encryption Algorithm (SEAL)?Correct
Incorrect
SEAL is a stream cipher that uses a 160-bit encryption key. It is a symmetric encryption algorithm that has a lower impact on the CPU resources compared to other software-based algorithms, such as software-based DES, 3DES, and AES.
Hint
SEAL is a stream cipher that uses a 160-bit encryption key. It is a symmetric encryption algorithm that has a lower impact on the CPU resources compared to other software-based algorithms, such as software-based DES, 3DES, and AES. -
Question 10 of 25
10. Question
1 pointsWhich encryption algorithm is an asymmetric algorithm?Correct
Incorrect
DH is an asymmetric algorithm. AES, 3DES, and SEAL are all symmetric algorithms.
Hint
DH is an asymmetric algorithm. AES, 3DES, and SEAL are all symmetric algorithms. -
Question 11 of 25
11. Question
1 pointsWhich algorithm is used to automatically generate a shared secret for two systems to use in establishing an IPsec VPN?Correct
Incorrect
The Diffie-Helman (DH) algorithm is the basis of most modern automatic key exchange methods. It is a mathematical algorithm that allows two computers to generate an identical shared secret on both systems without having communicated before. DH is commonly used when data is exchanged using an IPsec VPN.
Hint
The Diffie-Helman (DH) algorithm is the basis of most modern automatic key exchange methods. It is a mathematical algorithm that allows two computers to generate an identical shared secret on both systems without having communicated before. DH is commonly used when data is exchanged using an IPsec VPN. -
Question 12 of 25
12. Question
2 pointsWhich two statements describe the characteristics of symmetric algorithms? (Choose two.)Correct
Incorrect
Symmetric encryption algorithms use the same key (also called shared secret) to encrypt and decrypt the data. In contrast, asymmetric encryption algorithms use a pair of keys, one for encryption and another for decryption.
Hint
Symmetric encryption algorithms use the same key (also called shared secret) to encrypt and decrypt the data. In contrast, asymmetric encryption algorithms use a pair of keys, one for encryption and another for decryption. -
Question 13 of 25
13. Question
1 pointsAn online retailer needs a service to support the nonrepudiation of the transaction. Which component is used for this service?Correct
Incorrect
Digital signatures, generated by hash function, can provide the service for nonrepudiation of the transaction. Both public and private keys are used to encrypt data during the transaction. Shared secrets between the retailer and customers are not used.
Hint
Digital signatures, generated by hash function, can provide the service for nonrepudiation of the transaction. Both public and private keys are used to encrypt data during the transaction. Shared secrets between the retailer and customers are not used. -
Question 14 of 25
14. Question
1 pointsWhat is the purpose of a digital certificate?Correct
Incorrect
Digital signatures commonly use digital certificates that are used to verify the identity of the originator in order to authenticate a vendor website and establish an encrypted connection to exchange confidential data. One such example is when a person logs into a financial institution from a web browser.
Hint
Digital signatures commonly use digital certificates that are used to verify the identity of the originator in order to authenticate a vendor website and establish an encrypted connection to exchange confidential data. One such example is when a person logs into a financial institution from a web browser. -
Question 15 of 25
15. Question
1 pointsWhat technology allows users to verify the identity of a website and to trust code that is downloaded from the Internet?Correct
Incorrect
Digital signatures provide assurance of the authenticity and integrity of software codes. They provide the ability to trust code that is downloaded from the Internet.
Hint
Digital signatures provide assurance of the authenticity and integrity of software codes. They provide the ability to trust code that is downloaded from the Internet. -
Question 16 of 25
16. Question
3 pointsWhich three algorithms are designed to generate and verify digital signatures? (Choose three.)Correct
Incorrect
There are three Digital Signature Standard (DSS) algorithms that are used for generating and verifying digital signatures:Digital Signature Algorithm (DSA) Rivest-Shamir Adelman Algorithm (RSA) Elliptic Curve Digital Signature Algorithm (ECDSA)
Hint
There are three Digital Signature Standard (DSS) algorithms that are used for generating and verifying digital signatures:Digital Signature Algorithm (DSA) Rivest-Shamir Adelman Algorithm (RSA) Elliptic Curve Digital Signature Algorithm (ECDSA) -
Question 17 of 25
17. Question
3 pointsWhich three services are provided through digital signatures? (Choose three.)Correct
Incorrect
Digital signatures use a mathematical technique to provide three basic security services:Integrity Authenticity Nonrepudiation
Hint
Digital signatures use a mathematical technique to provide three basic security services:Integrity Authenticity Nonrepudiation -
Question 18 of 25
18. Question
1 pointsWhat is the service framework that is needed to support large-scale public key-based technologies?Correct
Incorrect
The service framework that is needed to support large-scale public key-based technologies is a PKI (public key infrastructure). SHA and HMAC are hashing algorithms. RSA is an asymmetric encryption algorithm.
Hint
The service framework that is needed to support large-scale public key-based technologies is a PKI (public key infrastructure). SHA and HMAC are hashing algorithms. RSA is an asymmetric encryption algorithm. -
Question 19 of 25
19. Question
2 pointsWhat are the two important components of a public key infrastructure (PKI) used in network security? (Choose two.)Correct
Incorrect
A public key infrastructure uses digital certificates and certificate authorities to manage asymmetric key distribution. PKI certificates are public information. The PKI certificate authority (CA) is a trusted third-party that issues the certificate. The CA has its own certificate (self-signed certificate) that contains the public key of the CA.
Hint
A public key infrastructure uses digital certificates and certificate authorities to manage asymmetric key distribution. PKI certificates are public information. The PKI certificate authority (CA) is a trusted third-party that issues the certificate. The CA has its own certificate (self-signed certificate) that contains the public key of the CA. -
Question 20 of 25
20. Question
1 pointsWhat technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity?Correct
Incorrect
Digital certificates are used to prove the authenticity and integrity of PKI certificates, but a PKI Certificate Authority is a trusted third-party entity that issues PKI certificates. PKI certificates are public information and are used to provide authenticity, confidentiality, integrity, and nonrepudiation services that can scale to large requirements.
Hint
Digital certificates are used to prove the authenticity and integrity of PKI certificates, but a PKI Certificate Authority is a trusted third-party entity that issues PKI certificates. PKI certificates are public information and are used to provide authenticity, confidentiality, integrity, and nonrepudiation services that can scale to large requirements. -
Question 21 of 25
21. Question
1 pointsTwo users must authenticate each other using digital certificates and a CA. Which option describes the CA authentication procedure?Correct
Incorrect
When two users must authenticate each other using digital certificates and CA, both users must obtain their own digital certificate from a CA. They submit a certificate request to a CA, and the CA will perform a technical verification by calling the end user (out-of-band). Once the request is approved, the end user retrieves the certificate over the network (in-band) and installs the certificate on the system. After both users have installed their certificate, they can perform authentication by sending their certificate to each other. Each site will use the public key of the CA to verify the validity of the certificate; no CA is involved at this point. If both certificates are verified, both users can now authenticate each other.
Hint
When two users must authenticate each other using digital certificates and CA, both users must obtain their own digital certificate from a CA. They submit a certificate request to a CA, and the CA will perform a technical verification by calling the end user (out-of-band). Once the request is approved, the end user retrieves the certificate over the network (in-band) and installs the certificate on the system. After both users have installed their certificate, they can perform authentication by sending their certificate to each other. Each site will use the public key of the CA to verify the validity of the certificate; no CA is involved at this point. If both certificates are verified, both users can now authenticate each other. -
Question 22 of 25
22. Question
1 pointsWhich statement describes the use of certificate classes in the PKI?Correct
Incorrect
The higher the certificate number, the more trustworthy the certificate. Class 1 certificates are for individuals, with a focus on email verification. An enterprise can act as its own CA and implement PKI for internal use. In that situation, the vendor can issue certificates as needed for various purposes.
Hint
The higher the certificate number, the more trustworthy the certificate. Class 1 certificates are for individuals, with a focus on email verification. An enterprise can act as its own CA and implement PKI for internal use. In that situation, the vendor can issue certificates as needed for various purposes. -
Question 23 of 25
23. Question
1 pointsWhat role does an RA play in PKI?Correct
Incorrect
A registration authority (RA) is a subordinate CA. It is certified by a root CA to issue certificates for specific uses.
Hint
A registration authority (RA) is a subordinate CA. It is certified by a root CA to issue certificates for specific uses. -
Question 24 of 25
24. Question
2 pointsWhat are two methods to maintain certificate revocation status? (Choose two.)Correct
Incorrect
A digital certificate might need to be revoked if its key is compromised or it is no longer needed. The certificate revocation list (CRL) and Online Certificate Status Protocol (OCSP), are two common methods to check a certificate revocation status.
Hint
A digital certificate might need to be revoked if its key is compromised or it is no longer needed. The certificate revocation list (CRL) and Online Certificate Status Protocol (OCSP), are two common methods to check a certificate revocation status. -
Question 25 of 25
25. Question
1 pointsIn which way does the use of HTTPS increase the security monitoring challenges within enterprise networks?Correct
Incorrect
HTTPS enables end-to-end encrypted network communication, which adds further challenges for network administrators to monitor the content of packets to catch malicious attacks.
Hint
HTTPS enables end-to-end encrypted network communication, which adds further challenges for network administrators to monitor the content of packets to catch malicious attacks.