CompTIA Security Plus Mock Test Q1030

Joe, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Joe had already been working for two hours before leaving the premises. A security technician was asked to prepare a report of files that had changed since last night’s integrity scan. Which of the following could the technician use to prepare the report? (Select TWO).

A. PGP
B. MD5
C. ECC
D. AES
E. Blowfish
F. HMAC

Correct Answer: B,F
Section: Cryptography

Explanation:
B: MD5 can be used to locate the data which has changed.
The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most
common are MD5, MD4, and MD2.
F: A common method of verifying integrity involves adding a message authentication code (MAC) to the message.
HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key.

Incorrect Answers:
A: Pretty Good Privacy (PGP) is a freeware email encryption system. It would not be of any use to locate files that have been changed.
C: ECC is an encryption algorithm. It is not used to locate files that have changed.
D: AES is an encryption algorithm. It is not used to locate files that have changed.
E: Blowfish is an encryption system. It is not used to locate files that have changed.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 139, 251, 253-254, 255, 260, 272