ISC2-SSCP Domain 5: Cryptography Welcome to your ISC2-SSCP Domain 5: Cryptography 1. SSCP: Cryptography In the context of asymmetric cryptography, which of the following best describes the principle of "perfect forward secrecy"? A. Ensuring that a single key compromise does not affect the confidentiality of past communications. B. Guaranteeing that future communications cannot be decrypted, even if current keys are compromised. C. The ability to decrypt all future communications with a single master key. D. Ensuring that the compromise of a public key does not lead to the compromise of the private key. None 2. SSCP: Cryptography Which cryptographic attack involves analyzing the differences in the input and output of cryptographic algorithms to find hidden correlations? A. Man-in-the-middle attack B. Side-channel attack C. Differential cryptanalysis D. Birthday attack None 3. SSCP: Cryptography In the realm of cryptographic systems, which term best describes a situation where two different messages produce the same hash output? A. Collision B. Hash repetition C. Key duplication D. Symmetric parity None 4. SSCP: Cryptography What is the primary security concern with using ECB (Electronic Codebook) mode in block cipher encryption schemes? A. It is vulnerable to replay attacks. B. Identical plaintext blocks are encrypted into identical ciphertext blocks. C. It requires more computational resources than other modes. D. It cannot be used with modern encryption algorithms like AES. None 5. SSCP: Cryptography In public key infrastructure (PKI), what role does the Certificate Revocation List (CRL) play? A. It lists all the certificates that a Certificate Authority (CA) has issued. B. It enumerates certificates that have been suspended but not yet expired. C. It contains certificates that are no longer valid because they have been revoked. D. It tracks the expiration dates of all active certificates. None 6. SSCP: Cryptography What is the main advantage of using a stream cipher over a block cipher in cryptographic applications? A. Stream ciphers are inherently more secure than block ciphers. B. Stream ciphers can encrypt data of any size without padding. C. Stream ciphers require less processing power and are faster in operation. D. Stream ciphers provide better key management features. None 7. SSCP: Cryptography Which of the following best explains the concept of "key stretching"? A. Dividing a single key into multiple parts for distribution. B. Expanding a short key into a longer key sequence to improve security. C. Replacing a compromised key with a new one in cryptographic systems. D. Synchronizing keys between different cryptographic algorithms. None 8. SSCP: Cryptography In the context of digital signatures, what does non-repudiation ensure? A. The sender cannot deny the authenticity of the message sent. B. The receiver cannot deny the receipt of the message. C. The message has not been altered in transit. D. The message was encrypted by the sender's private key. None 9. SSCP: Cryptography Which cryptographic technique ensures that a message has not been altered from its original form? A. Digital watermarking B. Encryption C. Hashing D. Key exchange None 10. SSCP: Cryptography What is the primary purpose of a Diffie-Hellman key exchange? A. To digitally sign a message ensuring integrity and non-repudiation. B. To encrypt messages so that only the intended recipient can decrypt them. C. To securely exchange cryptographic keys over a public channel. D. To create a digital certificate that binds a public key with an identity. None 11. SSCP: Cryptography What is the significance of using a salt in cryptographic hash functions? A. It ensures the confidentiality of the data being hashed. B. It prevents the hash function from being reversible. C. It protects against dictionary attacks by adding randomness. D. It speeds up the computation of the hash function. None 12. SSCP: Cryptography In symmetric cryptography, what is the primary security challenge with key distribution? A. Ensuring that the encryption algorithm remains confidential. B. Determining the appropriate key length to prevent brute-force attacks. C. Securely distributing the shared key to both the sender and recipient without interception. D. Coordinating the key change process when the key is compromised. None 13. SSCP: Cryptography What cryptographic concept is primarily used to verify the integrity and authenticity of a software update before installation? A. Symmetric encryption B. Public key infrastructure (PKI) C. Code signing D. Secure sockets layer (SSL) None 14. SSCP: Cryptography Which of the following best describes the property of "semantic security" in the context of encryption algorithms? A. The algorithm provides confidentiality, ensuring that no information is leaked from the ciphertext. B. The algorithm guarantees that the encryption process is immune to ciphertext-only attacks. C. The encryption scheme is secure against chosen-plaintext attacks, ensuring that the plaintext cannot be deduced. D. The encrypted message does not reveal any patterns of the plaintext message. None 15. SSCP: Cryptography In elliptic curve cryptography 'ECC', what does the term "point doubling" refer to? A. The process of adding two distinct points on the curve. B. The operation of multiplying a point by two on the elliptic curve. C. The technique of dividing a point by two to decrease encryption strength. D. The method of doubling the size of the key for enhanced security. None 16. SSCP: Cryptography Which of the following attacks is specifically designed to exploit the mathematical properties of RSA encryption? A. Man-in-the-middle attack B. Timing attack C. Quantum computing attack D. Ciphertext-only attack None 17. SSCP: Cryptography What is the purpose of using the GCM (Galois/Counter Mode) mode of operation in block ciphers? A. To enhance the encryption speed by parallelizing the encryption process. B. To provide both encryption and message authentication. C. To reduce the key size required for secure encryption. D. To enable the cipher to work effectively in a streaming fashion. None 18. SSCP: Cryptography Which aspect of quantum cryptography makes it potentially immune to computational brute force attacks? A. The use of quantum entanglement properties. B. The application of traditional symmetric key algorithms. C. The reliance on the computational complexity of factoring large primes. D. The use of photonic qubits for data transmission. None 19. SSCP: Cryptography In the context of cryptographic hash functions, what does the term "pre-image resistance" refer to? A. The difficulty of finding a message that corresponds to a specific hash output. B. The resistance to determining the original message from its hash without the key. C. The ability to resist collision attacks by ensuring unique hash outputs. D. The capability of a hash function to resist changes in the message without altering the hash. None 20. SSCP: Cryptography What distinguishes a "zero-knowledge proof" system in cryptographic protocols? A. It allows one party to prove to another that a statement is true without revealing any information apart from the validity of the statement itself. B. It encrypts messages in such a way that zero knowledge is lost during the transmission. C. It proves that no knowledge of the cryptographic keys is needed to decrypt a message. D. It ensures that knowledge of the plaintext is not necessary to confirm its integrity. None 1 out of 20 Time is Up! Time's up
