Sans 401: Data Security Technologies
UPDATED Exam Questions and
CORRECT Answers
Rotation Subsitution - CORRECT ANSWER - The following example shows which kind
of cipher operation?CAT becomes PNGPNG becomes CAT (Book 4 Page 18)
Permutation
XOR operation
Rotation substitution
One-way operation
ECC - CORRECT ANSWER - Which of the following cryptographic algorithms is best
suited for an application that requires high security and high speed; despite very limited space
and power resources (such as with a smart card)? (Book 4 Page 74)
RSA
IDEA
3DES
ECC
Confirm the cryptographic hashes cannot be modfied - CORRECT ANSWER - After
storing the cryptographic hashes of critical files in a secure location, what is the next step in the
process of file integrity checking? (Book 4 Page 202)
Alert on new files within critical directories.
At set intervals, rerun cryptographic hashes on the specified files.
Confirm that cryptographic hashes cannot be modified.
Compare new hashes against the original.
,GPG - CORRECT ANSWER - Which of the following provides secure e-mail abilities
such as digitally signed email and encrypted email? (Book 4 Page 104)
EFS
Veracrypt
GPG
BitLocker
It requires monitoring and maintenance - CORRECT ANSWER - Which of the following
is true of IDS? (Book 4 Page 149)
It requires monitoring and maintenance.
It protects from an attack.
It replaces firewalls.
It does not need trained analysts.
False Positive - CORRECT ANSWER - What is the correct classification when an IDS
triggers malicious activity alerts that are determined to be benign/normal activity? (Book 4 Page
150)
True negative
False positive
True positive
False negative
ECC and SHA1 - CORRECT ANSWER - Which of the following ciphers would provide
for nonrepudiation of an e-mail that you compose and are about to send? (Book 4 Page 13)
Diffie-Hellman and AES-256
, ECC and SHA1
3DES and RSA
Rijndael and MD5
Data Normalization - CORRECT ANSWER - What technique is used by a network-based
intrusion detection system when it collects data and baselines it before analysis? (Book 4 Page
Frame buffering
Data normalization
Data scrubbing
Packet fragmentation
Produces a unique digital fingerprint of input data to verify integrity - CORRECT
ANSWER - Which of the following statements describes the main use of a hashing
algorithm? (Book 4 Page 76)
Creates a pre-shared key to protect the data's confidentiality
Encrypts an e-mail message to ensure integrity and non-repudiation
Produces a unique digital fingerprint of input data to verify integrity
Generates keys used in perfect forward secrecy
Permutation - CORRECT ANSWER - What is the name of a common symmetric
encryption technique that constructs a cipher using plaintext message letters but rearranges the
order in which the characters appear? (Book 4 Page 22)
Arbitrary substitution
Permutation
XOR
Rotation substitution
UPDATED Exam Questions and
CORRECT Answers
Rotation Subsitution - CORRECT ANSWER - The following example shows which kind
of cipher operation?CAT becomes PNGPNG becomes CAT (Book 4 Page 18)
Permutation
XOR operation
Rotation substitution
One-way operation
ECC - CORRECT ANSWER - Which of the following cryptographic algorithms is best
suited for an application that requires high security and high speed; despite very limited space
and power resources (such as with a smart card)? (Book 4 Page 74)
RSA
IDEA
3DES
ECC
Confirm the cryptographic hashes cannot be modfied - CORRECT ANSWER - After
storing the cryptographic hashes of critical files in a secure location, what is the next step in the
process of file integrity checking? (Book 4 Page 202)
Alert on new files within critical directories.
At set intervals, rerun cryptographic hashes on the specified files.
Confirm that cryptographic hashes cannot be modified.
Compare new hashes against the original.
,GPG - CORRECT ANSWER - Which of the following provides secure e-mail abilities
such as digitally signed email and encrypted email? (Book 4 Page 104)
EFS
Veracrypt
GPG
BitLocker
It requires monitoring and maintenance - CORRECT ANSWER - Which of the following
is true of IDS? (Book 4 Page 149)
It requires monitoring and maintenance.
It protects from an attack.
It replaces firewalls.
It does not need trained analysts.
False Positive - CORRECT ANSWER - What is the correct classification when an IDS
triggers malicious activity alerts that are determined to be benign/normal activity? (Book 4 Page
150)
True negative
False positive
True positive
False negative
ECC and SHA1 - CORRECT ANSWER - Which of the following ciphers would provide
for nonrepudiation of an e-mail that you compose and are about to send? (Book 4 Page 13)
Diffie-Hellman and AES-256
, ECC and SHA1
3DES and RSA
Rijndael and MD5
Data Normalization - CORRECT ANSWER - What technique is used by a network-based
intrusion detection system when it collects data and baselines it before analysis? (Book 4 Page
Frame buffering
Data normalization
Data scrubbing
Packet fragmentation
Produces a unique digital fingerprint of input data to verify integrity - CORRECT
ANSWER - Which of the following statements describes the main use of a hashing
algorithm? (Book 4 Page 76)
Creates a pre-shared key to protect the data's confidentiality
Encrypts an e-mail message to ensure integrity and non-repudiation
Produces a unique digital fingerprint of input data to verify integrity
Generates keys used in perfect forward secrecy
Permutation - CORRECT ANSWER - What is the name of a common symmetric
encryption technique that constructs a cipher using plaintext message letters but rearranges the
order in which the characters appear? (Book 4 Page 22)
Arbitrary substitution
Permutation
XOR
Rotation substitution
