In an effort to reduce data storage requirements, a company devices to hash every file and eliminate duplicates. The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of systems. Which of the following algorithms is BEST suited for this purpose?
A system administrator wants to use open source software but is worried about the source code being comprised. As a part of the download and installation process, the administrator should verify the integrity of the software by:
A. Creating a digital signature of the file before installation B. Using a secure protocol like HTTPS to download the file C. Checking the hash against an official mirror that contains the same file D. Encryption any connections the software makes
After making a bit-level copy of compromised server, the forensics analyst Joe wants to verify that he bid not accidentally make a change during his investigation. Which of the following should he perform?
A. Take a hash of the image and compare it to the one being investigated B. Compare file sizes of all files prior to and after investigation C. Make a third image and compare it to the second image being investigated D. Compare the logs of the copy to the actual server
While working on a new project a security administrator wants to verify the integrity of the data in the organizations archive library. Which of the following is the MOST secure combination to implement to meet this goal? (Select TWO)
A. Hash with SHA B. Encrypt with Diffie-Hellman C. Hash with MD5 D. Hash with RIPEMD E. Encrypt with AES
A. Decrypting wireless messages B. Decrypting the hash of an electronic signature C. Bulk encryption of IP based email traffic D. Encrypting web browser traffic
Correct Answer: B Section: Cryptography
The sender uses the private key to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The receiver
uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic.
A: Wireless traffic is not decrypted by public keys.
C: Public keys are not used to encrypt email traffic.
D: Public keys are not used to encrypt web browser traffic.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 279-285
Which of the following is used to verify data integrity?
A. SHA B. 3DES C. AES D. RSA
Correct Answer: A Section: Cryptography
SHA stands for “secure hash algorithm”. SHA-1 is the most widely used of the existing SHA hash functions, and is employed in several widely used applications and protocols
including TLS and SSL, PGP, SSH, S/MIME, and IPsec. It is used to ensure data integrity.
A hash value (or simply hash), also called a message digest, is a number generated from a string of text. The hash is substantially smaller than the text itself, and is generated by a
formula in such a way that it is extremely unlikely that some other text will produce the same hash value.
Hashes play a role in security systems where they’re used to ensure that transmitted messages have not been tampered with. The sender generates a hash of the message, encrypts
it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two
hashes. If they’re the same, there is a very high probability that the message was transmitted intact. This is how hashing is used to ensure data integrity.
B: In cryptography, Triple DES (3DES) is the common name for the Triple Data Encryption Algorithm (TDEA or Triple DEA) symmetric-key block cipher, which applies the Data
Encryption Standard (DES) cipher algorithm three times to each data block. 3DES is used to encrypt data, not to verify data integrity.
C: AES (Advanced Encryption Standard) has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES) which was
published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. AES is used to encrypt
data, not to verify data integrity.
D: RSA encryption is used for encrypting data in transit. RSA involves a public key and a private key. The public key can be known by everyone and is used for encrypting messages.
Messages encrypted with the public key can only be decrypted in a reasonable amount of time using the private key. RSA is used to encrypt data, not to verify data integrity.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 250, 251, 255-256
All of the following are valid cryptographic hash functions EXCEPT:
A. RIPEMD. B. RC4. C. SHA-512. D. MD4.
Correct Answer: B Section: Cryptography
RC4 is not a hash function. RC4 is popular with wireless and WEP/WPA encryption.
A: The RACE Integrity Primitives Evaluation Message Digest (RIPEMD) algorithm was based on MD4 hashing algorithm.
C: The Secure Hash Algorithm (SHA) was designed to ensure the integrity of a message. SHA is a one-way hash that provides a hash value that can be used with an encryption
protocol. This algorithm produces a 160-bit hash value. SHA-2 has several sizes: 224, 256, 334, and 512 bit.
D: The Message Digest Algorithm (MD) also creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the
most common are MD5, MD4, and MD2.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 251, 255-256
Which of the following would a security administrator use to verify the integrity of a file?
A. Time stamp B. MAC times C. File descriptor D. Hash
Correct Answer: D Section: Compliance and Operational Security
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and it is a one-way transformation in order to validate the integrity of data.
A: Time stamp is used to check whether a certificate has expired or not.
B: MAC times are pieces of file system metadata which record when certain events pertaining to a computer file occurred most recently. The events are usually described as “modification” (the data in the file was modified), “access” (some part of the file was read), and “metadata change” (the file’s permissions or ownership were modified) – also commonly used in forensics.
C: File descriptor – describing a file is not the same as verifying the integrity of the file.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 255, 260
An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. Which of the following database designs provides the BEST security for the online store?
A. Use encryption for the credential fields and hash the credit card field B. Encrypt the username and hash the password C. Hash the credential fields and use encryption for the credit card field D. Hash both the credential fields and the credit card field
Correct Answer: C Section: Compliance and Operational Security
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables. One main characteristic of hashing is that the algorithm must have few or no collisions – in hashing two different inputs does not give the same output. Thus the credential fields should be hashed because anyone customer will have a unique credit card number/ identity and since they will use their credit cards for many different transactions, the credit card field should be encrypted only, not hashed.
A: Encryption should be used on the credit card field because the customers could be making many separate transactions using the same credit card. The credential field should be hashed and not encrypted because anyone customer would most likely use a credit card to make purchases and not many credit cards to make purchases at the same online store.
B: Credit card customers would not be using usernames and passwords to make purchases from an online store.
D: Hashing the credit card field will limit the customers to one transaction only and not multiple separate transactions.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 255, 291