Certification Provider: EC-Council
Exam Name: EC-Council Certified Encryption Specialist (ECES)
Exam Code: 212-81
Official Exam Time: 120 mins
Number of questions in the Official Exam: 50 Q&As
Latest update time in our database: May 22,2023
212-81 Official Exam Topics:
• Topic1 : Introduction and History of Cryptography
• Topic2 : Overview of Cryptography / Understanding Mono-Alphabet Substitution Cryptographic Algorithms
• Topic3 : Understanding Multi-Alphabet Substitution Cryptographic Algorithms / Symmetric Cryptography and Hashes
• Topic4 : Overview of Symmetric Cryptography / Understanding Basic Binary Math in Cryptography
• Topic5 : Understanding Symmetric Block Cipher Algorithms / Overview of Symmetric Stream Ciphers
• Topic6 : Overview of Cryptographic Hash Algorithms / Number Theory and Asymmetric Cryptography
• Topic7 : Understanding Basic Number Facts / Understanding Random Number Generators
• Topic8 : Overview of Asymmetric Encryption Algorithms / Overview of Digital Signatures, Digital Certificates, and Digital Certificate Management
• Topic9 : Understanding Authentication Protocols / Understanding Wi-Fi Encryption, SSL, and TLS
• Topic10 : Understanding VPN and Protocols Used to Create VPN / Understanding File and Disk Encryption
• Topic11 : Overview of Steganography and Steganalysis / Overview of National Security Agency Encryption Algorithms
• Topic12 : Overview of Cryptanalysis / Overview of Cryptanalysis Resources and Success
• Topic13 : Understanding Password Cracking /

## What does this provide?

In a Feistel cipher, the two halves of the block are swapped in each round .

What does this provide?
A . Diffusion
B. Confusion
C. Avalanche
D. Substitution

Explanation:

Confusion

https://en.wikipedia.org/wiki/Confusion_and_diffusion#Definition

Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two.

The property of confusion hides the relationship between the ciphertext and the key.

This property makes it difficult to find the key from the ciphertext and if a single bit in a key is changed, the calculation of the values of most or all of the bits in the ciphertext will be affected.

Confusion increases the ambiguity of ciphertext and it is used by both block and stream ciphers.

Avalanche – The avalanche effect is the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext. The actual term was first used by Horst Feistel, although the concept dates back to at least Shannon’s diffusion.

Diffusion – Diffusion means that if we change a single bit of the plaintext, then (statistically)

half of the bits in the ciphertext should change, and similarly, if we change one bit of the ciphertext, then approximately one half of the plaintext bits should change.[2] Since a bit can have only two states, when they are all re-evaluated and changed from one seemingly random position to another, half of the bits will have changed state.

Substitution – Substitution technique is a classical encryption technique where the characters present in the original message are replaced by the other characters or numbers or by symbols.

## Which one of the following is an algorithm that uses variable length key from 1 to 256 bytes, which constitutes a state table that is used for subsequent generation of pseudorandom bytes and then a pseudorandom string of bits, which is XORed with the plaintext to produce the ciphertext?

Which one of the following is an algorithm that uses variable length key from 1 to 256 bytes, which constitutes a state table that is used for subsequent generation of pseudorandom bytes and then a pseudorandom string of bits, which is XORed with the plaintext to produce the ciphertext?
A . PIKE
B. Twofish
C. RC4
D. Blowfish

Explanation:

RC4

https://en.wikipedia.org/wiki/RC4

RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

The key-scheduling algorithm is used to initialize the permutation in the array "S". "keylength" is defined as the number of bytes in the key and can be in the range 1 keylength 256, typically between 5 and 16, corresponding to a key length of 40 C 128 bits. First, the array "S" is initialized to the identity permutation. S is then processed for 256 iterations in a similar way to the main PRGA, but also mixes in bytes of the key at the same time.

## In 1977 researchers and MIT described what asymmetric algorithm?

In 1977 researchers and MIT described what asymmetric algorithm?
A . DH
B. RSA
C. AES
D. EC

Explanation:

RSA

https://en.wikipedia.org/wiki/RSA_(cryptosystem)

RSA (RivestCShamirCAdleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977.

## Attempting to crack encryption by simply trying as many randomly generated keys as possible is referred to as what?

Frank is trying to break into an encrypted file… He is attempting all the possible keys that could be used for this algorithm.

Attempting to crack encryption by simply trying as many randomly generated keys as possible is referred to as what?
A . Rainbow table
B. Frequency analysis
C. Brute force
D. Kasiski

Explanation:

Brute force

https://en.wikipedia.org/wiki/Brute-force_attack Brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key search.

## WPA2 uses AES for wireless data encryption at which of the following encryption levels?

WPA2 uses AES for wireless data encryption at which of the following encryption levels?
A . 128 bit and CRC
B. 128 bi and TKIP
C. 128 bit and CCMP
D. 64 bit and CCMP

Explanation:

128 bit and CCMP

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol that forms part of the 802.11i standard for wireless local area networks (WLANs), particularly those using WiMax technology. CCMP employs 128-bit keys and a 48-bit initialization vector that minimizes vulnerability to replay attacks.

## What are the two modes of IPSec?

John is responsible for VPNs at his company. He is using IPSec because it has two different modes. He can choose the mode appropriate for a given situation .

What are the two modes of IPSec? (Choose two)
A . Encrypt mode
B. Transport mode
C. Tunnel mode
D. Decrypt mode

Explanation:

Correct answers: Transport mode and Tunnel mode https://en.wikipedia.org/wiki/IPsec#Modes_of_operation

The IPsec protocols AH and ESP can be implemented in a host-to-host transport mode, as well as in a network tunneling mode.

## A simple algorithm that will take the initial key and from that generate a slightly different key each round.

A simple algorithm that will take the initial key and from that generate a slightly different key each round.
A . Key Schedule
B. Feistel Network
C. SHA-2
D. Diffie-Helman

Explanation:

Key Schedule

https://en.wikipedia.org/wiki/Key_schedule

In cryptography, the so-called product ciphers are a certain kind of cipher, where the (de-)ciphering of data is typically done as an iteration of rounds. The setup for each round is generally the same, except for round-specific fixed values called a round constant, and round-specific data derived from the cipher key called a round key. A key schedule is an algorithm that calculates all the round keys from the key.

## Which of the following is the standard for digital certificates?

Which of the following is the standard for digital certificates?
A . RFC 2298
B. X.509
C. CRL
D. CA

Explanation:

X.509

https://en.wikipedia.org/wiki/X.509

X.509 is a standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures. An X.509 certificate contains a public key and an identity (a hostname, or an organization, or an individual), and is either signed by a certificate authority or self-signed. When a certificate is signed by a trusted certificate authority, or validated by other means, someone holding that certificate can rely on the public key it contains to establish secure communications with another party, or validate documents digitally signed by the corresponding private key.

## Juanita is attempting to hide some text into a jpeg file. Hiding messages inside another medium is referred to as which one of the following?

Juanita is attempting to hide some text into a jpeg file. Hiding messages inside another medium is referred to as which one of the following?
A . Cryptography
B. Steganalysis
C. Cryptology
D. Steganography

Explanation:

Steganography

https://en.wikipedia.org/wiki/Steganography

Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography comes from Greek steganographia, which combines the words steganós, meaning "covered or concealed", and -graphia meaning "writing".

## Which one of the following is a component of the PKI?

Which one of the following is a component of the PKI?
A . CA
B. TGS
C. OCSP
D. TGT