Exam Prep 2026 | 300+ Practice Questions &
Answers | Study Guide
1. What needs to be installed on end users' computers to allow them to trust
applications that have been digitally signed by the developer?
A. Sender's public key
B. Sender's private key
C. Receiver's public key
D. Receiver's private key
Correct Answer: A. Sender's public key
Rationale:
Digital signatures are verified using the sender's (developer's) public key. When the developer
signs software with their private key, users can verify the authenticity and integrity of the
application using the corresponding public key contained within a trusted certificate. Without
access to the sender's public key, the signature cannot be validated.
2. Which type of certificate must be certified by an authority to verify it with
other participants?
A. Public Certificate
B. Private Certificate
C. Certificate Provider
D. Revocation Authority
Correct Answer: A. Public Certificate
Rationale:
A public certificate binds a public key to an identity and must be signed by a trusted Certificate
Authority (CA). This allows other participants to trust that the public key truly belongs to the
stated individual or organization. Private certificates are not distributed for public verification.
3. What is an attribute of the Rivest Cipher 4 (RC4) algorithm?
,A. It performs CRC after every iteration
B. Salting is performed
C. It requires a unique nonce
D. It does not require a unique nonce
Correct Answer: C. It requires a unique nonce
Rationale:
RC4 is a stream cipher that becomes vulnerable when the same keystream is reused. To prevent
keystream reuse, implementations often use a unique nonce or initialization vector (IV) with
each encryption session. Reusing a nonce can expose encrypted data to cryptanalytic attacks.
4. Which mode generates the key stream with a nonce and incrementing value?
A. Certificate Revocation List (CRL)
B. Nonce mode
C. Rivest Cipher 4 (RC4)
D. Counter (CTR)
Correct Answer: D. Counter (CTR)
Rationale:
Counter (CTR) mode generates a keystream by encrypting a nonce combined with an
incrementing counter value. This transforms a block cipher into a stream cipher and allows
parallel processing while ensuring each block uses a unique input value.
5. Which mode is a stream algorithm that concatenates an incrementing value
with a nonce?
A. CAT
B. Nonce
C. Counter (CTR)
D. RC4
Correct Answer: C. Counter (CTR)
Rationale:
CTR mode works by combining a nonce with an incrementing counter to create unique blocks
that are encrypted to produce a keystream. This makes CTR mode highly efficient and resistant
to block repetition when implemented correctly.
, 6. Which key would an administrator use to encrypt data so only the CEO can
decrypt it?
A. CEO's public key
B. CEO's private key
C. Administrator's private key
D. Administrator's public key
Correct Answer: A. CEO's public key
Rationale:
In asymmetric encryption, data encrypted with a recipient's public key can only be decrypted
with the matching private key. Therefore, to ensure only the CEO can read the message, the
administrator must encrypt it using the CEO's public key.
Exam Tip:
• Encrypt = Recipient's Public Key
• Decrypt = Recipient's Private Key
• Sign = Sender's Private Key
• Verify = Sender's Public Key
7. What is the result of a hash function?
A. RC4
B. Public key
C. Decryption
D. Digest
Correct Answer: D. Digest
Rationale:
A hash function takes an input of any size and produces a fixed-length output known as a
message digest or hash value. Hashes are commonly used for integrity verification, password
storage, and digital signatures.
8. What is used to efficiently encrypt large files?