CCNA Security v2.0 Chapter 7 Exam Answers
1. What is the focus of cryptanalysis?
hiding secret codes
developing secret codes
breaking encrypted codes*
implementing encrypted codes
2. How many bits does the Data Encryption Standard (DES) use for data encryption?
3. Which statement describes the Software-Optimized Encryption Algorithm (SEAL)?
SEAL is a stream cipher.*
It uses a 112-bit encryption key.
It is an example of an asymmetric algorithm.
It requires more CPU resources than software-based AES does.
4. Which encryption algorithm is an asymmetric algorithm?
5. An online retailer needs a service to support the nonrepudiation of the transaction. Which component is used for this service?
the private key of the retailer
the unique shared secret known only by the retailer and the customer
the public key of the retailer
the digital signatures*
6. In which situation is an asymmetric key algorithm used?
Two Cisco routers authenticate each other with CHAP.
User data is transmitted across the network after a VPN is established.
An office manager encrypts confidential files before saving them to a removable device.
A network administrator connects to a Cisco router with SSH.*
7. What is the purpose of a nonrepudiation service in secure communications?
to ensure that encrypted secure communications cannot be decoded
to confirm the identity of the recipient of the communications
to provide the highest encryption level possible
to ensure that the source of the communications is confirmed*
8. Which objective of secure communications is achieved by encrypting data?
9. Why is the 3DES algorithm often preferred over the AES algorithm?
3DES is more trusted because it has been proven secure for a longer period than AES.*
AES is more expensive to implement than 3DES.
3DES performs better in high-throughput, low-latency environments than AES.
Major networking equipment vendors such as Cisco have not yet adopted AES.
10. What is the most common use of the Diffie-Helman algorithm in communications security?
to create password hashes for secure authentication
to provide routing protocol authentication between routers
to encrypt data for secure e-commerce communications
to secure the exchange of keys used to encrypt data*
11. Which type of encryption algorithm uses public and private keys to provide authentication, integrity, and confidentiality?
12. How do modern cryptographers defend against brute-force attacks?
Use statistical analysis to eliminate the most common encryption keys.
Use a keyspace large enough that it takes too much money and too much time to conduct a successful attack.*
Use an algorithm that requires the attacker to have both ciphertext and plaintext to conduct a successful attack.
Use frequency analysis to ensure that the most popular letters used in the language are not used in the cipher message.
13. Which encryption protocol provides network layer confidentiality?
IPsec protocol suite*
Transport Layer Security
Secure Hash Algorithm 1
Secure Sockets Layer
Message Digest 5
14. Refer to the exhibit. Which encryption algorithm is described in the exhibit?
15. Which statement describes asymmetric encryption algorithms?
They have key lengths ranging from 80 to 256 bits.
They include DES, 3DES, and AES.
They are also called shared-secret key algorithms.
They are relatively slow because they are based on difficult computational algorithms.*
16. Which two non-secret numbers are initially agreed upon when the Diffie-Hellman algorithm is used? (Choose two.)
elliptic curve invariant
17. In what situation would an asymmetric algorithm most likely be used?
logging onto a computer
making an online purchase*
uploading a networking book chapter using FTP
transferring a large stream of data between two corporate locations
18. Why is asymmetric algorithm key management simpler than symmetric algorithm key management?
It uses fewer bits.
Only one key is used.
Two public keys are used for the key exchange.
One of the keys can be made public.*
19. What is the purpose of code signing?
source identity secrecy
integrity of source .EXE files*
reliable transfer of data
20. Which algorithm can ensure data confidentiality?
21. What is the purpose of a digital certificate?
It guarantees that a website has not been hacked.
It authenticates a website and establishes a secure connection to exchange confidential data.*
It provides proof that data has a traditional signature attached.
It ensures that the person who is gaining access to a network device is authorized.