[2022年09月28日] 最新ECES 212-81実際の無料試験解答
ECES 212-81問題集最新の練習テスト200独特な解答
EC-COUNCIL 212-81 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
質問 88
Which of the following is generally true about key sizes?
- A. Key sizes must be more than 256 bits to be secure
- B. Larger key sizes increase security
- C. Key size is irrelevant to security
- D. Smaller key sizes increase security
正解: B
解説:
Larger key sizes increase security
https://en.wikipedia.org/wiki/Key_size
Key length defines the upper-bound on an algorithm's security (i.e. a logarithmic measure of the fastest known attack against an algorithm), since the security of all algorithms can be violated by brute-force attacks. Ideally, the lower-bound on an algorithm's security is by design equal to the key length (that is, the security is determined entirely by the keylength, or in other words, the algorithm's design doesn't detract from the degree of security inherent in the key length). Indeed, most symmetric-key algorithms are designed to have security equal to their key length. However, after design, a new attack might be discovered. For instance, Triple DES was designed to have a 168 bit key, but an attack of complexity 2112 is now known (i.e. Triple DES now only has 112 bits of security, and of the 168 bits in the key the attack has rendered 56 'ineffective' towards security). Nevertheless, as long as the security (understood as 'the amount of effort it would take to gain access') is sufficient for a particular application, then it doesn't matter if key length and security coincide. This is important for asymmetric-key algorithms, because no such algorithm is known to satisfy this property; elliptic curve cryptography comes the closest with an effective security of roughly half its key length.
質問 89
Bob's password is hashed, and so is John's. Even though they used different passwords, the hash is the same. What is this called?
- A. A mistake
- B. A collision
- C. Convergence
- D. Transposition
正解: B
解説:
A collision
https://en.wikipedia.org/wiki/Collision_(computer_science)
A collision or clash is a situation that occurs when two distinct pieces of data have the same hash value, checksum, fingerprint, or cryptographic digest.
質問 90
Basic information theory is the basis for modern symmetric ciphers. Understanding the terminology of information theory is, therefore, important. Changes to one character in the plaintext affect multiple characters in the ciphertext. What is this referred to?
- A. Avalanche
- B. Confusion
- C. Diffusion
- D. Scrambling
正解: C
解説:
Diffusion
https://en.wikipedia.org/wiki/Confusion_and_diffusion
Diffusion means that if we change a single bit of the plaintext, then (statistically) half of the bits in the ciphertext should change, and similarly, if we change one bit of the ciphertext, then approximately one half of the plaintext bits should change. Since a bit can have only two states, when they are all re-evaluated and changed from one seemingly random position to another, half of the bits will have changed state.
The idea of diffusion is to hide the relationship between the ciphertext and the plain text.
This will make it hard for an attacker who tries to find out the plain text and it increases the redundancy of plain text by spreading it across the rows and columns; it is achieved through transposition of algorithm and it is used by block ciphers only Incorrect answers:
Confusion
Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two.
The property of confusion hides the relationship between the ciphertext and the key.
This property makes it difficult to find the key from the ciphertext and if a single bit in a key is changed, the calculation of the values of most or all of the bits in the ciphertext will be affected.
Confusion increases the ambiguity of ciphertext and it is used by both block and stream ciphers.
Avalanche https://en.wikipedia.org/wiki/Avalanche_effect
An avalanche effect is the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext.
If a block cipher or cryptographic hash function does not exhibit the avalanche effect to a significant degree, then it has poor randomization, and thus a cryptanalyst can make predictions about the input, being given only the output. This may be sufficient to partially or completely break the algorithm. Thus, the avalanche effect is a desirable condition from the point of view of the designer of the cryptographic algorithm or device.
Constructing a cipher or hash to exhibit a substantial avalanche effect is one of the primary design objectives, and mathematically the construction takes advantage of the butterfly effect. This is why most block ciphers are product ciphers. It is also why hash functions have large data blocks. Both of these features allow small changes to propagate rapidly through iterations of the algorithm, such that every bit of the output should depend on every bit of the input before the algorithm terminates.
質問 91
What size block does AES work on?
- A. 0
- B. 1
- C. 2
- D. 3
正解: B
解説:
128
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.
質問 92
In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving.
Which Algorithm is this referring to?
- A. Wired Equivalent Privacy (WEP)
- B. Wi-Fi Protected Access 2 (WPA2)
- C. Wi-Fi Protected Access (WPA)
- D. Temporal Key Integrity Protocol (TKIP)
正解: A
解説:
Wired Equivalent Privacy (WEP)
https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy#Weak_security
In 2007, Erik Tews, Andrei Pychkine, and Ralf-Philipp Weinmann were able to extend Klein's 2005 attack and optimize it for usage against WEP. With the new attack it is possible to recover a 104-bit WEP key with probability 50% using only 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good conditions. The actual computation takes about 3 seconds and 3 MB of main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40-bit keys with an even higher success probability.
質問 93
What advantage do symmetric algorithms have over asymmetric algorithms
- A. They are more secure
- B. It is easier to implement them in software
- C. They are faster
正解: C
解説:
D It is easier to exchange keys
Explanation:
They are faster
Symmetric key encryption is much faster than asymmetric key encryption, because both the sender and the recipient of a message to use the same secret key.
質問 94
Juanita is attempting to hide some text into a jpeg file. Hiding messages inside another medium is referred to as which one of the following?
- A. Steganography
- B. Steganalysis
- C. Cryptography
- D. Cryptology
正解: A
解説:
Steganography
https://en.wikipedia.org/wiki/Steganography
Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography comes from Greek steganographia, which combines the words steganos, meaning "covered or concealed", and -graphia meaning "writing".
Incorrect answers:
Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of third parties called adversaries.
Steganalysis - is the study of detecting messages hidden using steganography; this is analogous to cryptanalysis applied to cryptography.
質問 95
Ferris has been assigned the task of selecting security for his company's wireless network. It is important that he pick the strongest form of wireless security. Which one of the following is the strongest wireless security?
- A. WPA2
- B. TKIP
- C. WPA
- D. WEP
正解: A
解説:
WPA2
https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
WPA (sometimes referred to as the draft IEEE 802.11i standard) became available in 2003. The Wi-Fi Alliance intended it as an intermediate measure in anticipation of the availability of the more secure and complex WPA2, which became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard.
質問 96
What is an IV?
- A. Random bits added to a hash
- B. The cipher used
- C. A fixed size random stream that is added to a block cipher to increase randomeness
- D. The key used for a cryptography algorith
正解: C
解説:
A fixed size random stream that is added to a block cipher to increase randomeness
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV) An initialization vector (IV) or starting variable (SV) is a block of bits that is used by several modes to randomize the encryption and hence to produce distinct ciphertexts even if the same plaintext is encrypted multiple times, without the need for a slower re-keying process.
質問 97
In a ______ the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
- A. Instance deduction
- B. Total break
- C. Information deduction
- D. Global deduction
正解: D
解説:
Global deduction
https://en.wikipedia.org/wiki/Cryptanalysis
Global deduction - the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
Incorrect answers:
Instance (local) deduction - the attacker discovers additional plaintexts (or ciphertexts) not previously known.
Information deduction - the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Total break - the attacker deduces the secret key.
質問 98
Jane is looking for an algorithm to ensure message integrity. Which of following would be an acceptable choice?
- A. AES
- B. RC4
- C. SHA-1
- D. RSA
正解: C
解説:
Integrity. In information security, data integrity means maintaining and assuring the accuracy and completeness of data over its entire lifecycle. This means that data cannot be modified in an unauthorized or undetected manner.
An important application of hashes is verification of message integrity. Comparing message digests (hash digests over the message) calculated before, and after, transmission can determine whether any changes have been made to the message or file.
SHA-1
https://en.wikipedia.org/wiki/SHA-1
SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest - typically rendered as a hexadecimal number, 40 digits long. It was designed by the United States National Security Agency, and is a U.S. Federal Information Processing Standard.
Incorrect answers:
RSA (Rivest-Shamir-Adleman) is one of the first public-key cryptosystems and is widely used for secure data transmission.
RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher.
AES (Advanced Encryption Standard) is a subset of the Rijndael block cipher
質問 99
Which of the following is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel?
- A. Elliptic Curve
- B. Diffie-Hellman
- C. NMD5
- D. RSA
正解: B
解説:
Diffie-Hellman
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
Diffie-Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
Incorrect answers:
Elliptic Curve - Asymmetric Key Algorithm, provides encryption, digital signatures, key exchange, based on the idea of using points on a curve to define the public/private key, used in wireless devices and smart cards. The security of the Elliptic Curve cryptography is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impractical to do so. (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985 MD5 - hash function - Created by Ronald Rivest. Replaced MD4. 128 bit output size, 512 bit block size, 32 bit word size, 64 rounds. Infamously compromised by Flame malware in 2012. Not collision resistant - Not Reversible - RFC 1321 RSA - is a public-key cryptosystem that is widely used for secure data transmission.
質問 100
A method for cracking modern cryptography. The attacker obtains the cipher texts corresponding to a set of plain texts of own choosing. Allows the attacker to attempt to derive the key. Difficult but not impossible.
- A. Rainbow Tables
- B. Steganography
- C. Chosen Plaintext Attack
- D. Transposition
正解: C
解説:
Chosen Plaintext Attack
https://en.wikipedia.org/wiki/Chosen-plaintext_attack
A chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The goal of the attack is to gain information that reduces the security of the encryption scheme.
Incorrect answers:
Rainbow Tables - precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes.
Transposition - swapping blocks of text.
Steganography - the practice of concealing a file, message, image, or video within another file, message, image, or video.
質問 101
Symmetric algorithm. Designed by James Massey and Xuejia Lai. Operates on 64 bit blocks and has a 128 bit key. Consists of 8 identical transformations each round and an output transformation.
- A. CAST
- B. IDEA
- C. RSA
- D. DES
正解: B
解説:
IDEA
https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
In cryptography, the International Data Encryption Algorithm (IDEA), originally called Improved Proposed Encryption Standard (IPES), is a symmetric-key block cipher designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991. The algorithm was intended as a replacement for the Data Encryption Standard (DES). IDEA is a minor revision of an earlier cipher Proposed Encryption Standard (PES).
The cipher was designed under a research contract with the Hasler Foundation, which became part of Ascom-Tech AG. The cipher was patented in a number of countries but was freely available for non-commercial use. The name "IDEA" is also a trademark. The last patents expired in 2012, and IDEA is now patent-free and thus completely free for all uses.
IDEA was used in Pretty Good Privacy (PGP) v2.0 and was incorporated after the original cipher used in v1.0, BassOmatic, was found to be insecure. IDEA is an optional algorithm in the OpenPGP standard.
Incorrect answers:
CAST - symmetric algorithm. Created in 1996 by Carlisle Adams and Stafford Tavares. Operates on 64 bit blocks and has a key size of 40-128 bits. Typically used in GPG and PGP. Encryption is either 12 or 16 rounds.
DES - The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for applications, it has been highly influential in the advancement of cryptography.
RSA - a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977
質問 102
A cipher is defined as what
- A. The key used to encrypt a message
- B. The algorithm(s) needed to encrypt and decrypt a message
- C. Encrypted text
- D. Any algorithm used in cryptography
正解: B
解説:
The algorithm(s) needed to encrypt and decrypt a message
https://en.wikipedia.org/wiki/Cipher
In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption-a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography.
質問 103
The most widely used digital certificate standard. First issued July 3, 1988. It is a digital document that contains a public key signed by the trusted third party, which is known as a Certificate Authority, or CA.
Relied on by S/MIME. Contains your name, info about you, and a signature of a person who issued the certificate.
- A. X.509
- B. PAP
- C. 0
- D. ElGamal
- E. RSA
正解: A
解説:
https://en.wikipedia.org/wiki/X.509
In cryptography, X.509 is a standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures. An X.509 certificate contains a public key and an identity (a hostname, or an organization, or an individual), and is either signed by a certificate authority or self-signed. When a certificate is signed by a trusted certificate authority, or validated by other means, someone holding that certificate can rely on the public key it contains to establish secure communications with another party, or validate documents digitally signed by the corresponding private key.
Incorrect answers:
RSA - (Rivest-Shamir-Adleman) is a public-key cryptosystem that is widely used for secure data transmission.
ElGamal - asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie-Hellman key exchange. It was described by Taher Elgamal in 1985.
PAP - used to authenticate users, but is no longer used because the information was sent in cleartext.
質問 104
What is Kerchoff's principle?
- A. A minimum key size of 256 bits is necessary for security
- B. Both algorithm and key should be kept secret
- C. A minimum of 15 rounds is needed for a Feistel cipher to be secure
- D. Only the key needs to be secret, not the actual algorithm
正解: D
解説:
Only the key needs to be secret, not the actual algorithm
https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle
Kerckhoffs's principle of cryptography was stated by Netherlands born cryptographer Auguste Kerckhoffs in the 19th century: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
質問 105
......
検証済み212-81問題集と解答100%合格GoShiken:https://www.goshiken.com/EC-COUNCIL/212-81-mondaishu.html