15 Aug Analyze symmetric and asymmetric cryptosystem fundamentals.
Instructions
Part 1: CryptographyFundamentals I
Section 1: Using CredibleSources, Justify Your Answers to Questions
Answer the following 12questions by selecting the one best answer for each. Cite your course texts, orother credible source, and provide a 50100-word explanation of why you choseyour answer.
1. Which of the following areconsidered confidentiality services?
A. Encryption technologies
B. Digital signatures
C. RAID arrays
2. Which service provided by acryptosystem is most important for the military?
A. Integrity
B. Nonrepudiation
C. Confidentiality
3. What is the purpose ofauthentication in a cryptosystem?
A. Verifying the user’s orsystem’s identity
B. Ensuring that data has not beenchanged by an unauthorized user
C. Ensuring that the data’s sendercannot deny having sent the data
4. Which service provided by acryptosystem turns information into unintelligible data?
A. Authorization
B. Integrity
C. Confidentiality
5. What is another term forcryptography strength?
A. Work factor
B. Public key
C. Private key
6. You have created acryptographic key on your organization’s domain controller. What should you donext?
A. Determine the length of thekey.
B. Determine the securityframework.
C. Determine the key managementinfrastructure.
7. Which cipher is based on theclues of the physical factors, rather than the hardware or a softwarecryptosystem?
A. A DES cipher
B. A concealment cipher
C. A transposition cipher
8. Which cipher type replaces theoriginal text in a message with a different text?
A. Block cipher
B. Stream cipher
C. Substitution cipher
9. Which statement is NOT true ofcryptanalysis?
A. It is used to test the strengthof an algorithm.
B. It is a tool used to develop asecure cryptosystem.
C. It is used to forge codedsignals that will be accepted as authentic.
D. It is a process of attemptingreverse engineering of a cryptosystem.
10. Whois PRIMARILY responsible for the organizations security program andrisk management?
A. Business and functional manager
B. System owner
C. Information security manager
11. Whois PRIMARILY responsible for proper implementation of security requirementin their IT System?
A. IT security practitioner
B. System owner
C. Information security manager
12. Whichof the following are active agents?
A. Vulnerability
B. Threat
C. Risk
Part 2: CryptographyFundamentals II
Section 1: Using CredibleSources, Justify Your Answers to Questions
Answer the following 12questions by selecting the one best answer for each. Cite your course texts, orother credible source, and provide a 50100-word explanation of why youchose your answer.
1. Which statement is true ofsymmetric cryptography?
A. Symmetric cryptography isfaster than asymmetric cryptography.
B. Symmetric cryptography usesdifferent keys to encrypt and decrypt messages.
C. Symmetric cryptography does notrequire a secure mechanism to properly deliver keys.
2. You have been specificallyasked to implement a stream cipher. Which cryptographic algorithm could youuse?
A. RC4
B. RC5
C. RC6
3. Your organization is workingwith an international partner on a new and innovative product. Allcommunication regarding this must be encrypted using a public domain symmetricalgorithm. Which algorithm should you use?
A. DES
B. Blowfish
C. 3DES
4. You are the securityadministrator for an organization. Management decides that all communication onthe network should be encrypted using the data encryption standard (DES)algorithm. Which statement is true of this algorithm?
A. The effective key size of DESis 64 bits.
B. A Triple DES (3DES) algorithmuses 48 rounds of computation.
C. A DES algorithm uses 32 roundsof computation.
5. Which statement is NOT true ofthe operation modes of the data encryption standard (DES) algorithm?
A. Electronic Code Book (ECB) modeoperation is best suited for database encryption.
B. ECB is the easiest and fastestDES mode that can be used.
C. ECB repeatedly uses producedciphertext to encipher a message consisting of blocks.
6. Which statement is true of theRijndael algorithm?
A. Rijndael uses variable blocklengths and variable key lengths.
B. Rijndael uses fixed blocklengths and fixed key lengths.
C. Rijndael uses variable blocklengths and fixed key lengths.
7. Of which type of encryptionalgorithm is Diffie-Hellman an example?
A. Asymmetric with authorization
B. Asymmetric with authentication
C. Symmetric with digitalsignature
8. Which types of encryptionrequire private keys to be shared?
a. Asymmetric encryption
b. Private key encryption
c. Public key encryption
d. Symmetric encryption
A. option a
B. option b
C. option c
D. option d
E. options a and c
F. options b and c only
9. Which of the following is thecombination of the probability of an event and its consequence?
A. Risk
B. Vulnerability
C. Exposure
10. Whichof the following process of a risk management processes is for theestablishment of global performance parameters within an organization?
A. Acceptance of residual risk
B. Establish scope and boundaries
C. Risk treatment
11. Whichof the following processes of risk management is the process of selectingstrategies to deal with identified risk, according to business risk appetite?
A. Risk assessment
B. Establish scope and boundaries
C. Risk treatment
12. Whichof the following risk treatment options defines that a risk may beaccepted?
A. Mitigate the risk
B. Transfer the risk
C. Tolerate the risk
Minimum Submission Requirements
- This Assessment should be a Microsoft Word document that fulfills the minimum length requirements, in addition to the title and reference pages.
- Respond to the questions in a thorough manner, providing specific examples of concepts, topics, definitions, and other elements asked for in the questions. Your submission should be highly organized, logical, and focused.
- Your submission must be written in Standard English and demonstrate exceptional content, organization, style, and grammar and mechanics.
- Your submission should provide a clearly established and sustained viewpoint and purpose.
- Your writing should be well ordered, logical and unified, as well as original and insightful.
- A separate page at the end of your submission should contain a list of references, in APA format. Use your textbook, the Library, and the internet for research.
- Be sure to cite both in-text and reference list citations where appropriate and reference all sources. Your sources and content should follow proper APA citation style. Review the writing resources for APA formatting and citation found in Academic Tools. Additional writing resources can be found within the Academic Success Center. For more information on APA style formatting, go to Academic Writer, formerly APA Style Central, under the Academic Tools area of this course.
- Your submission should:
- include a cover sheet;
- be double-spaced;
- be typed in Times New Roman, 12 -point font;
- include correct citations
- be written in Standard English with no spelling or punctuation errors; and
- include correct references at the bottom of the last page.
If work submitted for thiscompetency assessment does not meet the minimum submission requirements, itwill be returned without being scored.
Plagiarism
Plagiarism is an act ofacademic dishonesty. It violates the University Honor Code, and the offense issubject to disciplinary action. You are expected to be the sole author of yourwork. Use of another person’s work or ideas must be accompanied by specificcitations and references. Whether the action is intentional or not, it stillconstitutes plagiarism.
