• ホーム
  • ブログ
  • 無料EC-COUNCIL 212-81テスト練習問題試験問題集 [Q72-Q93]

無料EC-COUNCIL 212-81テスト練習問題試験問題集 [Q72-Q93]

Share

無料EC-COUNCIL 212-81テスト練習問題試験問題集

試験準備には欠かさない!トップクラスのEC-COUNCIL 212-81試験最新版アプリ学習ガイドで練習

質問 # 72
Which of the following asymmetric algorithms is described by U.S. Patent 5,231,668 and FIPS 186

  • A. AES
  • B. RC4
  • C. RSA
  • D. DSA

正解:D

解説:
DSA
https://ru.wikipedia.org/wiki/DSA
The National Institute of Standards and Technology (NIST) proposed DSA for use in their Digital Signature Standard (DSS) in 1991, and adopted it as FIPS 186 in 1994.
DSA is covered by U.S. Patent 5,231,668 , filed July 26, 1991 and now expired, and attributed to David W. Kravitz, a former NSA employee.


質問 # 73
A type of frequency analysis used to attack polyalphabetic substitution ciphers. It's used to try to discover patterns and use that information to decrypt the cipher.

  • A. Kasiski Method
  • B. Birthday Attack
  • C. Information Deduction
  • D. Integral Cryptanalysis

正解:A

解説:
Kasiski Method
https://en.wikipedia.org/wiki/Kasiski_examination
In cryptanalysis, Kasiski examination (also referred to as Kasiski's test or Kasiski's method) is a method of attacking polyalphabetic substitution ciphers, such as the Vigenere cipher. It was first published by Friedrich Kasiski in 1863, but seems to have been independently discovered by Charles Babbage as early as 1846.
Incorrect answers:
Integral Cryptanalysis - uses lots of sets of plaintext that are similar with slight modifications. These are encrypted and then the variations are analyzed to determine if there's anything that can be zeroed in on.
Information Deduction - the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Birthday Attack - cryptographic attack that exploits the mathematics behind the birthday problem in the probability theory forces collisions within hashing functions.


質問 # 74
Which of the following is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel?

  • A. Diffie-Hellman
  • B. Elliptic Curve
  • C. RSA
  • D. NMD5

正解:A

解説:
Diffie-Hellman
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
Diffie-Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
Incorrect answers:
Elliptic Curve - Asymmetric Key Algorithm, provides encryption, digital signatures, key exchange, based on the idea of using points on a curve to define the public/private key, used in wireless devices and smart cards. The security of the Elliptic Curve cryptography is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impractical to do so. (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985 MD5 - hash function - Created by Ronald Rivest. Replaced MD4. 128 bit output size, 512 bit block size, 32 bit word size, 64 rounds. Infamously compromised by Flame malware in 2012. Not collision resistant - Not Reversible - RFC 1321 RSA - is a public-key cryptosystem that is widely used for secure data transmission.


質問 # 75
Created in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT. Most widely used public key cryptography algorithm. Based on relationships with prime numbers. This algorithm is secure because it is difficult to factor a large integer composed of two or more large prime factors.

  • A. DES
  • B. PKI
  • C. RSA
  • D. Diffie-Helmann

正解:C

解説:
RSA
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
RSA (Rivest-Shamir-Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly, in 1973 at GCHQ (the British signals intelligence agency), by the English mathematician Clifford Cocks. That system was declassified in 1997.
Incorrect answers:
Diffie-Helmann - The first publicly described asymmetric algorithm. A cryptographic protocol that allows two parties to establish a shared key over an insecure channel. Often used to allow parties to exchange a symmetric key through some unsecure medium, such as the Internet. It was developed by Whitfield Diffie and Martin Helmann in 1976.
DES - The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for applications, it has been highly influential in the advancement of cryptography.
Developed in the early 1970s at IBM and based on an earlier design by Horst Feistel, the algorithm was submitted to the National Bureau of Standards (NBS) following the agency's invitation to propose a candidate for the protection of sensitive, unclassified electronic government data. In 1976, after consultation with the National Security Agency (NSA), the NBS selected a slightly modified version (strengthened against differential cryptanalysis, but weakened against brute-force attacks), which was published as an official Federal Information Processing Standard (FIPS) for the United States in 1977.
PKI - A public key infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.


質問 # 76
The Clipper chip is notable in the history of cryptography for many reasons. First, it was designed for civilian used secure phones. Secondly, it was designed to use a very specific symmetric cipher. Which one of the following was originally designed to provide built-in cryptography for the Clipper chip?

  • A. Serpent
  • B. Skipjack
  • C. Twofish
  • D. Blowfish

正解:B

解説:
Skipjack
https://en.wikipedia.org/wiki/Clipper_chip
The Clipper chip was a chipset that was developed and promoted by the United States National Security Agency (NSA) as an encryption device that secured "voice and data messages" with a built-in backdoor that was intended to "allow Federal, State, and local law enforcement officials the ability to decode intercepted voice and data transmissions.". It was intended to be adopted by telecommunications companies for voice transmission. Introduced in 1993, it was entirely defunct by 1996.
he Clipper chip used a data encryption algorithm called Skipjack to transmit information and the Diffie-Hellman key exchange-algorithm to distribute the cryptokeys between the peers. Skipjack was invented by the National Security Agency of the U.S. Government; this algorithm was initially classified SECRET, which prevented it from being subjected to peer review from the encryption research community. The government did state that it used an 80-bit key, that the algorithm was symmetric, and that it was similar to the DES algorithm. The Skipjack algorithm was declassified and published by the NSA on June 24, 1998. The initial cost of the chips was said to be $16 (unprogrammed) or $26 (programmed), with its logic designed by Mykotronx, and fabricated by VLSI Technology, Inc (see the VLSI logo on the image on this page).


質問 # 77
Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?

  • A. Oakley
  • B. IPsec driver
  • C. Internet Key Exchange (IKE)
  • D. IPsec Policy Agent

正解:C

解説:
Internet Key Exchange (IKE)
https://en.wikipedia.org/wiki/Internet_Key_Exchange
Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication - either pre-shared or distributed using DNS (preferably with DNSSEC) - and a Diffie-Hellman key exchange to set up a shared session secret from which cryptographic keys are derived.
Incorrect answers:
Oakley - the Oakley Key Determination Protocol is a key-agreement protocol that allows authenticated parties to exchange keying material across an insecure connection using the Diffie-Hellman key exchange algorithm. The protocol was proposed by Hilarie K. Orman in 1998, and formed the basis for the more widely used Internet Key Exchange protocol.
IPsec Policy Agent - service provides end-to-end security between clients and servers on TCP/IP networks, manages IPsec policy settings, starts the Internet Key Exchange (IKE), and coordinates IPsec policy settings with the IP security driver.
IPsec driver - wrong!


質問 # 78
A cryptographic hash function which uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 cycles per byte for MD6-256 on an Intel Core 2 Duo and provable resistance against differential cryptanalysis.

  • A. MD5
  • B. MD6
  • C. GOST
  • D. TIGER

正解:B

解説:
MD6
https://en.wikipedia.org/wiki/MD6
The MD6 Message-Digest Algorithm is a cryptographic hash function. It uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 cycles per byte for MD6-256 on an Intel Core 2 Duo and provable resistance against differential cryptanalysis.[2] The source code of the reference implementation was released under MIT license.
Speeds in excess of 1 GB/s have been reported to be possible for long messages on 16-core CPU architecture.
In December 2008, Douglas Held of Fortify Software discovered a buffer overflow in the original MD6 hash algorithm's reference implementation. This error was later made public by Ron Rivest on 19 February 2009, with a release of a corrected reference implementation in advance of the Fortify Report.


質問 # 79
Frank is trying to break into an encrypted file... He is attempting all the possible keys that could be used for this algorithm. Attempting to crack encryption by simply trying as many randomly generated keys as possible is referred to as what?

  • A. Rainbow table
  • B. Frequency analysis
  • C. Kasiski
  • D. Brute force

正解:D

解説:
Brute force
https://en.wikipedia.org/wiki/Brute-force_attack
Brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key search.
Incorrect answers:
Kasiski - Kasiski examination (also referred to as Kasiski's test or Kasiski's method) is a method of attacking polyalphabetic substitution ciphers, such as the Vigenere cipher. It was first published by Friedrich Kasiski in 1863, but seems to have been independently discovered by Charles Babbage as early as 1846.
Rainbow table - is a precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a key derivation function (or credit card numbers, etc.) up to a certain length consisting of a limited set of characters. It is a practical example of a space-time tradeoff, using less computer processing time and more storage than a brute-force attack which calculates a hash on every attempt, but more processing time and less storage than a simple key derivation function with one entry per hash. Use of a key derivation that employs a salt makes this attack infeasible.
Frequency analysis - (also known as counting letters) is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers.


質問 # 80
What size block does FORK256 use?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:A

解説:
512
https://en.wikipedia.org/wiki/FORK-256
FORK-256 was introduced at the 2005 NIST Hash workshop and published the following year.[6] FORK-256 uses 512-bit blocks and implements preset constants that change after each repetition. Each block is hashed into a 256-bit block through four branches that divides each 512 block into sixteen 32-bit words that are further encrypted and rearranged


質問 # 81
All of the following are key exchange protocols except for____

  • A. ECDH
  • B. AES
  • C. DH
  • D. MQV

正解:B


質問 # 82
The time and effort required to break a security measure.

  • A. Session Key
  • B. Work factor
  • C. Non-repudiation
  • D. Payload

正解:B

解説:
Work factor
Work factor - the time and effort required to break a security measure.
Incorrect answers:
Non-repudiation - involves associating actions or changes with a unique individual.
Session Key - is a single-use symmetric key used for encrypting all messages in one communication session. A closely related term is content encryption key (CEK), traffic encryption key (TEK), or multicast key which refers to any key used for encrypting messages, contrary to other uses like encrypting other keys (key encryption key (KEK) or key wrapping key).
Payload - is the part of transmitted data that is the actual intended message. Headers and metadata are sent only to enable payload delivery.


質問 # 83
A method for cracking modern cryptography. The attacker obtains the cipher texts corresponding to a set of plain texts of own choosing. Allows the attacker to attempt to derive the key. Difficult but not impossible.

  • A. Transposition
  • B. Steganography
  • C. Chosen Plaintext Attack
  • D. Rainbow Tables

正解:C

解説:
Chosen Plaintext Attack
https://en.wikipedia.org/wiki/Chosen-plaintext_attack
A chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The goal of the attack is to gain information that reduces the security of the encryption scheme.
Incorrect answers:
Rainbow Tables - precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes.
Transposition - swapping blocks of text.
Steganography - the practice of concealing a file, message, image, or video within another file, message, image, or video.


質問 # 84
A _____ is a function that takes a variable-size input m and returns a fixed-size string.

  • A. Hash
  • B. Asymmetric cipher
  • C. Symmetric cipher
  • D. Feistel

正解:A

解説:
Hash
https://en.wikipedia.org/wiki/Hash_function
A hash function is any function that can be used to map data of arbitrary size to fixed-size values.


質問 # 85
Which one of the following best describes a process that splits the block of plaintext into two separate blocks, then applies the round function to one half, and finally swaps the two halves?

  • A. Feistel cipher
  • B. Block ciphers
  • C. Symmetric cryptography
  • D. Substitution cipher

正解:A

解説:
Correct answer:
https://en.wikipedia.org/wiki/Feistel_cipher
Feistel cipher (also known as Luby-Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel who did pioneering research while working for IBM (USA); it is also commonly known as a Feistel network. A large proportion of block ciphers use the scheme, including the US Data Encryption Standard, the Soviet-developed GOST and the more recent Blowfish and Twofish ciphers. In a Feistel cipher, encryption and decryption are very similar operations, and both consist of iteratively running a function called a "round function" a fixed number of times.
Incorrect answers:
Symmetric cryptography - Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. The keys may be identical or there may be a simple transformation to go between the two keys.
Substitution cipher - is a method of encrypting by which units of plaintext are replaced with ciphertext, according to a fixed system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing the inverse substitution.
Block ciphers - block cipher is a deterministic algorithm operating on fixed-length groups of bits, called blocks. It uses an unvarying transformation, that is, it uses a symmetric key. They are specified elementary components in the design of many cryptographic protocols and are widely used to implement the encryption of large amounts of data, including data exchange protocols.


質問 # 86
Which one of the following are characteristics of a hash function? (Choose two)

  • A. One-way
  • B. Fixed length output
  • C. Fast
  • D. Requires a key
  • E. Symmetric

正解:A、B

解説:
Correct answers: One-way, Fixed length output
https://en.wikipedia.org/wiki/Cryptographic_hash_function
A cryptographic hash function is a mathematical algorithm that maps data of arbitrary size (often called the "message") to a bit array of a fixed size (the "hash value", "hash", or "message digest"). It is a one-way function, that is, a function which is practically infeasible to invert.
Incorrect answers:
Symmetric. Cryptographic algorithms can be categorized into three classes: Hash functions, Symmetric and Asymmetric algorithms. Differences: purpose and main fields of application.
Requires a key. Well, technically, this is the correct answer. But in the hash-function, "key" is input data.
Fast. Fast or slow is a subjective characteristic, there are many different algorithms, and here it is impossible to say this unambiguously like "Symmetric encryption is generally faster than asymmetric encryption."


質問 # 87
A protocol for key aggreement based on Diffie-Hellman. Created in 1995. Incorporated into the public key standard IEEE P1363.

  • A. Menezes-Qu-Vanstone
  • B. Blum Blum Shub
  • C. Euler's totient
  • D. Elliptic Curve

正解:A

解説:
Menezes-Qu-Vanstone
https://en.wikipedia.org/wiki/MQV
MQV (Menezes-Qu-Vanstone) is an authenticated protocol for key agreement based on the Diffie-Hellman scheme. Like other authenticated Diffie-Hellman schemes, MQV provides protection against an active attacker. The protocol can be modified to work in an arbitrary finite group, and, in particular, elliptic curve groups, where it is known as elliptic curve MQV (ECMQV).
MQV was initially proposed by Alfred Menezes, Minghua Qu and Scott Vanstone in 1995. It was modified with Law and Solinas in 1998.
Incorrect answers:
Elliptic Curve - an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide equivalent security.
Euler's totient - function counts the positive integers up to a given integer n that are relatively prime to n.
Blum Blum Shub - a pseudorandom number generator proposed in 1986 by Lenore Blum, Manuel Blum and Michael Shub that is derived from Michael
O. Rabin's one-way function.


質問 # 88
In a ______ the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.

  • A. Instance deduction
  • B. Global deduction
  • C. Total break
  • D. Information deduction

正解:B

解説:
Global deduction
https://en.wikipedia.org/wiki/Cryptanalysis
Global deduction - the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
Incorrect answers:
Instance (local) deduction - the attacker discovers additional plaintexts (or ciphertexts) not previously known.
Information deduction - the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Total break - the attacker deduces the secret key.


質問 # 89
What is a TGS?

  • A. A protocol for key exchange
  • B. The server that escrows keys
  • C. The server that grants Kerberos tickets
  • D. A protocol for encryption

正解:C

解説:
The server that grants Kerberos tickets
https://en.wikipedia.org/wiki/Kerberos_(protocol)
The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket-granting ticket (TGT), which is time stamped and encrypts it using the ticket-granting service's (TGS) secret key and returns the encrypted result to the user's workstation. This is done infrequently, typically at user logon; the TGT expires at some point although it may be transparently renewed by the user's session manager while they are logged in.


質問 # 90
What is the formula m^e %n related to?

  • A. Decrypting with RSA
  • B. Encrypting with RSA
  • C. Encrypting with EC
  • D. Generating Mersenne primes

正解:B

解説:
Encrypting with RSA
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
RSA Encrypting a message m (number) with the public key (n, e) is calculated:
M' := m^e %n
Incorrect answers:
Decrypting with RSA:
M'' := m^d %n
Generation Mersenne primes:
Mn = 2^n - 1
Encrypting with Elliptic Curve (EC):
y^2 = x^3 + ax + b


質問 # 91
Which of the following would be the weakest encryption algorithm?

  • A. DES
  • B. AES
  • C. EC
  • D. RSA

正解:A

解説:
DES
https://en.wikipedia.org/wiki/Data_Encryption_Standard
DES is insecure due to the relatively short 56-bit key size. In January 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes.
Incorrect answers:
AES - has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES),which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data.
RSA - The security of RSA relies on the practical difficulty of factoring the product of two large prime numbers, the "factoring problem". Breaking RSA encryption is known as the RSA problem. Whether it is as difficult as the factoring problem is an open question. There are no published methods to defeat the system if a large enough key is used.
EC - Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide equivalent security.


質問 # 92
An authentication method that periodically re-authenticates the client by establishing a hash that is then resent from the client is called ______.

  • A. CHAP
  • B. SPAP
  • C. PAP
  • D. EAP

正解:A

解説:
CHAP
https://en.wikipedia.org/wiki/Challenge-Handshake_Authentication_Protocol Challenge-Handshake Authentication Protocol (CHAP) is an identity verification protocol that does not rely on sending a shared secret between the access-requesting party and the identity-verifying party (the authenticator). CHAP is based on a shared secret, but in order to authenticate, the authenticator sends a "challenge" message to the access-requesting party, which responds with a value calculated using a "one-way hash" function that takes as inputs the challenge and the shared secret. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication succeeds, otherwise it fails. Following the establishment of an authenticated connection, the authenticator may send a challenge to the access-requesting party at random intervals, to which the access-requesting party will have to produce the correct response.
Incorrect answers:
EAP - A framework that allows for creation of different ways to provide authentication, such as smart cards SPAP - Shiva Password Authentication Protocol, PAP with encryption for the usernames/passwords that are transmitted.
PAP - Password Authentication Protocol. Used to authenticate users, but is no longer used because the information was sent in cleartext.


質問 # 93
......


EC-COUNCIL 212-81(認定暗号化スペシャリスト)試験は、暗号化技術と概念の深い理解が必要な難しい試験です。この試験は、個人が暗号化の知識を現実のシナリオに適用できる能力をテストするように設計されています。この認定試験は、グローバルに認められ、暗号化分野でキャリアを進めたい専門家にとって貴重なクレデンシャルです。この認定は、暗号化技術の高度な専門知識と技能を示し、雇用主から高い評価を受けています。

 

今すぐ212-81問題を使おう212-81問題集PDF:https://www.goshiken.com/EC-COUNCIL/212-81-mondaishu.html

関するブログ

もっと
212-81無料問題集