New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ISC SSCP Practice Exam with Questions & Answers | Set: 6

Questions 101

Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The originator encrypts information using the intended recipient's "public" key in order to get confidentiality of the data being sent. The recipients use their own "private" key to decrypt the information. The "Infrastructure" of this methodology ensures that:

Options:
A.

The sender and recipient have reached a mutual agreement on the encryption key exchange that they will use.

B.

The channels through which the information flows are secure.

C.

The recipient's identity can be positively verified by the sender.

D.

The sender of the message is the only other person with access to the recipient's private key.

ISC SSCP Premium Access
Questions 102

Which of the following services is NOT provided by the digital signature standard (DSS)?

Options:
A.

Encryption

B.

Integrity

C.

Digital signature

D.

Authentication

Questions 103

Which encryption algorithm is BEST suited for communication with handheld wireless devices?

Options:
A.

ECC (Elliptic Curve Cryptosystem)

B.

RSA

C.

SHA

D.

RC4

Questions 104

What is a characteristic of using the Electronic Code Book mode of DES encryption?

Options:
A.

A given block of plaintext and a given key will always produce the same ciphertext.

B.

Repetitive encryption obscures any repeated patterns that may have been present in the plaintext.

C.

Individual characters are encoded by combining output from earlier encryption routines with plaintext.

D.

The previous DES output is used as input.

Questions 105

What is the main problem of the renewal of a root CA certificate?

Options:
A.

It requires key recovery of all end user keys

B.

It requires the authentic distribution of the new root CA certificate to all PKI participants

C.

It requires the collection of the old root CA certificates from all the users

D.

It requires issuance of the new root CA certificate

Questions 106

Which of the following is NOT a known type of Message Authentication Code (MAC)?

Options:
A.

Keyed-hash message authentication code (HMAC)

B.

DES-CBC

C.

Signature-based MAC (SMAC)

D.

Universal Hashing Based MAC (UMAC)

Questions 107

Which of the following can best define the "revocation request grace period"?

Options:
A.

The period of time allotted within which the user must make a revocation request upon a revocation reason

B.

Minimum response time for performing a revocation by the CA

C.

Maximum response time for performing a revocation by the CA

D.

Time period between the arrival of a revocation request and the publication of the revocation information

Questions 108

Which of the following ASYMMETRIC encryption algorithms is based on the difficulty of FACTORING LARGE NUMBERS?

Options:
A.

El Gamal

B.

Elliptic Curve Cryptosystems (ECCs)

C.

RSA

D.

International Data Encryption Algorithm (IDEA)

Questions 109

The Clipper Chip utilizes which concept in public key cryptography?

Options:
A.

Substitution

B.

Key Escrow

C.

An undefined algorithm

D.

Super strong encryption

Questions 110

Which of the following is true about Kerberos?

Options:
A.

It utilizes public key cryptography.

B.

It encrypts data after a ticket is granted, but passwords are exchanged in plain text.

C.

It depends upon symmetric ciphers.

D.

It is a second party authentication system.

Questions 111

The Diffie-Hellman algorithm is primarily used to provide which of the following?

Options:
A.

Confidentiality

B.

Key Agreement

C.

Integrity

D.

Non-repudiation

Questions 112

Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender?

Options:
A.

Message Authentication Code - MAC

B.

PAM - Pluggable Authentication Module

C.

NAM - Negative Acknowledgement Message

D.

Digital Signature Certificate

Questions 113

The Diffie-Hellman algorithm is used for:

Options:
A.

Encryption

B.

Digital signature

C.

Key agreement

D.

Non-repudiation

Questions 114

When we encrypt or decrypt data there is a basic operation involving ones and zeros where they are compared in a process that looks something like this:

0101 0001 Plain text

0111 0011 Key stream

0010 0010 Output

What is this cryptographic operation called?

Options:
A.

Exclusive-OR

B.

Bit Swapping

C.

Logical-NOR

D.

Decryption

Questions 115

What is the length of an MD5 message digest?

Options:
A.

128 bits

B.

160 bits

C.

256 bits

D.

varies depending upon the message size.

Questions 116

What is the effective key size of DES?

Options:
A.

56 bits

B.

64 bits

C.

128 bits

D.

1024 bits

Questions 117

Which of the following statements pertaining to block ciphers is incorrect?

Options:
A.

It operates on fixed-size blocks of plaintext.

B.

It is more suitable for software than hardware implementations.

C.

Plain text is encrypted with a public key and decrypted with a private key.

D.

Some Block ciphers can operate internally as a stream.

Questions 118

Which of the following is NOT a property of the Rijndael block cipher algorithm?

Options:
A.

The key sizes must be a multiple of 32 bits

B.

Maximum block size is 256 bits

C.

Maximum key size is 512 bits

D.

The key size does not have to match the block size

Questions 119

A public key algorithm that does both encryption and digital signature is which of the following?

Options:
A.

RSA

B.

DES

C.

IDEA

D.

Diffie-Hellman

Questions 120

Which of the following statements pertaining to key management is incorrect?

Options:
A.

The more a key is used, the shorter its lifetime should be.

B.

When not using the full keyspace, the key should be extremely random.

C.

Keys should be backed up or escrowed in case of emergencies.

D.

A key's lifetime should correspond with the sensitivity of the data it is protecting.