What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?A . Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.B . Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.C ....
In the field of cryptanalysis, what is meant by a “rubber-hose" attack?
In the field of cryptanalysis, what is meant by a “rubber-hose" attack?A . Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.B . Extraction of cryptographic secrets through coercion or torture.C . Forcing the targeted key stream through a hardware-accelerated device such...
What would be a good step to have in the procedures for a situation like this?
The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules. While reviewing the firewall configuration, you notice a recently implemented rule but cannot locate manager approval for it. What would be a...
Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by a coercion or torture?
Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by a coercion or torture?A . Chosen-Cipher text AttackB . Ciphertext-only AttackC . Timing AttackD . Rubber Hose AttackView AnswerAnswer: D
What is the first thing that Nedved needs to do before contacting the incident response team?
Nedved is an IT Security Manager of a bank in his country. One day. he found out that there is a security breach to his company's email server based on analysis of a suspicious connection from the email server to an unknown IP Address. What is the first thing that...
When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?
When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?A . Data items and vulnerability scanningB . Interviewing employees and network...
During the process of encryption and decryption, what keys are shared?
During the process of encryption and decryption, what keys are shared?A . Private keysB . User passwordsC . Public keysD . Public and private keysView AnswerAnswer: C
Which of the following represents the best practice your business should observe?
Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?A . Hire a security consultant to provide direction.B . Do not back up cither the credit card numbers or then hashes.C...
What is the name of the process by which you can determine those critical business?
On performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?A . Risk MitigationB . Emergency Plan Response (EPR)C . Disaster...
What is the least important information when you analyze a public IP address in a security alert?
What is the least important information when you analyze a public IP address in a security alert?A . ARPB . WhoisC . DNSD . GeolocationView AnswerAnswer: A
 
	