CPSA FINAL EXAM ACTUAL QUESTIONS AND ANSWERS
GUARANTEE A+
✔✔Which Nmap command can allow you to perform an "Idle Zombie Scan" and what is
the effect? - ✔✔Command: "nmap -sl [zombie ip][target ip]". This results in the firewall
logs recording the IP addresses of only the zombie addresses. Command: "nmap -sl
[zombie ip][target ip]". This results in the firewall logs recording the IP addresses of
yours and the zombie addresses. Command: "nmap -f [target ip]. This gives you control
of the target machine and adds it to your 1337 botnet. Command: "nmap -D [zombie
ip][target ip]". This results in the firewall logs recording the IP addresses of yours and
the zombie addresses. Command: "nmap -D [zombie ip][target ip]". This results in the
firewall logs recording the IP addresses of only the zombie addresses. Command:
"nmap -sl [zombie ip][target ip]". This results in the firewall logs recording the IP
addresses of only the zombie addresses.
✔✔Which statement is true regarding IPSec filters when compared to TCP/IP filters? -
✔✔IPSec filters can be applied to individual interfaces. IPSec filters can block subtypes
of ICMP (eg. Echo, timestamp, echo reply etc.) They are both the same thing. IPSec
filter cannot block ICMP at all. IPSec cannot be used to filter, only to tunnel sensitive
traffic over encrypted channels. IPSec filters can be applied to individual interfaces.
✔✔Which statement regarding Authorisation and Authentication is true? -
✔✔Authorisation is the process where requests to access a particular resource is
granted or denied. Authentication is providing and validating identity. Authentication is
the process where requests to access a particular resource is granted or denied.
Authorisation is providing and validating identity. Authentication includes the execution
rules that determines what functionality and data the user can access. Authentication
and Authorisation are both the same thing. Neither Authentication nor Authorisation are
important. Authorisation is the process where requests to access a particular resource
is granted or denied. Authentication is providing and validating identity.
✔✔What is a valid example of Code Injection? - ✔✔SQL injection. HTML script
injection. Remote file injection. Shell injection. All of the above. All of the above.
✔✔An accepted limitation of Diffie-Hellman key agreement protocol is - ✔✔It is vital to
keep the shared prime secret It can only generate encryption keys up to 128 bits It is
vulnerable to a man-in-the-middle attack An attacker who can monitor the exchange can
determine the shared se It is possible for one of the peers to control the generated
secret It is vulnerable to a man-in-the-middle attack
✔✔DES has an effective key length of which of the following? - ✔✔48 bit 56 bit 64 bit
128 bit 256 bits 56 bit
✔✔What are the valid key lengths for the AES encryption cipher? - ✔✔128 and 256 56,
112 and 168 64, 128 and 256 128, 192 and 256 128, 160 and 256 128, 192 and 256
,✔✔What encryption standard was chosen as the replacement for 3DES? - ✔✔RC5
ECC Knapsack Rijndael Blowfish Rijndael
✔✔What happens if you digitally sign and inject a footer on an e-mail message in the
wrong order? - ✔✔Nothing The message won't be sent The footer will invalidate the
signature The footer will be illegible The header will show that the email is still valid The
footer will invalidate the signature
✔✔What hashing algorithm produces a 128-bit hash value? - ✔✔MD5 3DES SHA-1
AES SHA-256 MD5
✔✔What is a hash function? - ✔✔An encryption algorithm for sending encrypted data to
a trusted recipient A decryption algorithm to decrypt data from a trusted source An
algorithm to scramble the characters in a string A one way mathematical function that
does not allow the original value to be calculated from the result A random number
generator A one way mathematical function that does not allow the original value to be
calculated from the result
✔✔What is the blocksize of the AES encryption cipher? - ✔✔64 bits 40 bits 56 bits 256
bits 128 bits 128 bits
✔✔What is the blocksize of the DES encryption cipher? - ✔✔128 bits 112 bits 56 bits 64
bits 40 bits 64 bits
✔✔What is the difficulty with Symmetric encryption? - ✔✔Assurance of secure receipt of
the secret key used both for encrypting and decrypting Assurance of secure receipt of
the secret key used only for decrypting (separate key used for encrypting) Assurance of
secure sending of the encrypted message Assurance of secure receipt of the encrypted
message None of these Assurance of secure receipt of the secret key used both for
encrypting and decrypting
✔✔What is the digest length for the SHA1 hash function? - ✔✔192 bits 128 bits 160 bits
56 bits 256 bits 160 bits
✔✔What is the key size for the Data Encryption Standard (DES) encryption
mechanism? - ✔✔40 56 64 112 128 64
✔✔What is the purpose of message integrity codes (HMAC) - ✔✔To simultaneously
verify confidentiality of message (via message sequencing) and authenticity of message
(by use of a secret key) To ensure message integrity via cryptographic hashing
functions To simultaneously verify both data integrity (via cryptographic hashing
function) and message authenticity (by use of a secret key) To verify message
authenticity and confidentiality via the use of a SHA hashing function None of these To
, simultaneously verify both data integrity (via cryptographic hashing function) and
message authenticity (by use of a secret key)
✔✔What is this: password 7 052D131D33556C081D021200 - ✔✔A password encoded
with Unix crypt A password encoded with unsalted DES A password encoded with
salted MD5 A password encoded with the reversible Cisco vigenere algorithm A
password with the literal value "052D131D33556C081D021200" A password encoded
with the reversible Cisco vigenere algorithm
✔✔Which encryption algorithm uses prime numbers to generate keys? - ✔✔RSA SHA
S/ MIME PGP None of these RSA
✔✔Which is the least secure encryption cipher of those listed below? - ✔✔Triple-DES
MD5 AES DES IDEA DES
✔✔Which of the following algorithms cannot be used for reversible encryption? -
✔✔3DES SHA-256 Blowfish AES-128 Diffie Hellman SHA-256
✔✔Which of the following best describes Tripwire? - ✔✔It is used as a firewall to
prevent attacks It is used as an IPS to defend against intruders It is used encrypt
sensitive files It is used to verify integrity It is used as an IDS to detect intruders It is
used to verify integrity
✔✔Which of the following changes to a file would result in its hash output being
different, if subjected to the same hash function? - ✔✔rename the file extension change
the content change the file size all of these None of these all of these
✔✔Which of the following cipher modes use a block cipher to generate a key stream
that can be used as a stream cipher? - ✔✔CBC CFB ECB EDE ABC CFB
✔✔Which of the following encryption algorithms is an asymmetric cipher? - ✔✔DES
3DES AES RSA RC5 RSA
✔✔Which of the following is an advantage of using a salt value in a password
encryption algorithm? - ✔✔The salt acts as a preservative, allowing a password to be
used longer It allows the plaintext password to be recovered by decrypting the hash
Two users with the same password will have different password hashes Password
cracking is much faster The storage space for each hash is reduced by 50% Two users
with the same password will have different password hashes
✔✔Which of the following is considered the weakest form of DES? - ✔✔DES ECB DES
CBC DES CFM DES OFB DES EEB DES ECB
GUARANTEE A+
✔✔Which Nmap command can allow you to perform an "Idle Zombie Scan" and what is
the effect? - ✔✔Command: "nmap -sl [zombie ip][target ip]". This results in the firewall
logs recording the IP addresses of only the zombie addresses. Command: "nmap -sl
[zombie ip][target ip]". This results in the firewall logs recording the IP addresses of
yours and the zombie addresses. Command: "nmap -f [target ip]. This gives you control
of the target machine and adds it to your 1337 botnet. Command: "nmap -D [zombie
ip][target ip]". This results in the firewall logs recording the IP addresses of yours and
the zombie addresses. Command: "nmap -D [zombie ip][target ip]". This results in the
firewall logs recording the IP addresses of only the zombie addresses. Command:
"nmap -sl [zombie ip][target ip]". This results in the firewall logs recording the IP
addresses of only the zombie addresses.
✔✔Which statement is true regarding IPSec filters when compared to TCP/IP filters? -
✔✔IPSec filters can be applied to individual interfaces. IPSec filters can block subtypes
of ICMP (eg. Echo, timestamp, echo reply etc.) They are both the same thing. IPSec
filter cannot block ICMP at all. IPSec cannot be used to filter, only to tunnel sensitive
traffic over encrypted channels. IPSec filters can be applied to individual interfaces.
✔✔Which statement regarding Authorisation and Authentication is true? -
✔✔Authorisation is the process where requests to access a particular resource is
granted or denied. Authentication is providing and validating identity. Authentication is
the process where requests to access a particular resource is granted or denied.
Authorisation is providing and validating identity. Authentication includes the execution
rules that determines what functionality and data the user can access. Authentication
and Authorisation are both the same thing. Neither Authentication nor Authorisation are
important. Authorisation is the process where requests to access a particular resource
is granted or denied. Authentication is providing and validating identity.
✔✔What is a valid example of Code Injection? - ✔✔SQL injection. HTML script
injection. Remote file injection. Shell injection. All of the above. All of the above.
✔✔An accepted limitation of Diffie-Hellman key agreement protocol is - ✔✔It is vital to
keep the shared prime secret It can only generate encryption keys up to 128 bits It is
vulnerable to a man-in-the-middle attack An attacker who can monitor the exchange can
determine the shared se It is possible for one of the peers to control the generated
secret It is vulnerable to a man-in-the-middle attack
✔✔DES has an effective key length of which of the following? - ✔✔48 bit 56 bit 64 bit
128 bit 256 bits 56 bit
✔✔What are the valid key lengths for the AES encryption cipher? - ✔✔128 and 256 56,
112 and 168 64, 128 and 256 128, 192 and 256 128, 160 and 256 128, 192 and 256
,✔✔What encryption standard was chosen as the replacement for 3DES? - ✔✔RC5
ECC Knapsack Rijndael Blowfish Rijndael
✔✔What happens if you digitally sign and inject a footer on an e-mail message in the
wrong order? - ✔✔Nothing The message won't be sent The footer will invalidate the
signature The footer will be illegible The header will show that the email is still valid The
footer will invalidate the signature
✔✔What hashing algorithm produces a 128-bit hash value? - ✔✔MD5 3DES SHA-1
AES SHA-256 MD5
✔✔What is a hash function? - ✔✔An encryption algorithm for sending encrypted data to
a trusted recipient A decryption algorithm to decrypt data from a trusted source An
algorithm to scramble the characters in a string A one way mathematical function that
does not allow the original value to be calculated from the result A random number
generator A one way mathematical function that does not allow the original value to be
calculated from the result
✔✔What is the blocksize of the AES encryption cipher? - ✔✔64 bits 40 bits 56 bits 256
bits 128 bits 128 bits
✔✔What is the blocksize of the DES encryption cipher? - ✔✔128 bits 112 bits 56 bits 64
bits 40 bits 64 bits
✔✔What is the difficulty with Symmetric encryption? - ✔✔Assurance of secure receipt of
the secret key used both for encrypting and decrypting Assurance of secure receipt of
the secret key used only for decrypting (separate key used for encrypting) Assurance of
secure sending of the encrypted message Assurance of secure receipt of the encrypted
message None of these Assurance of secure receipt of the secret key used both for
encrypting and decrypting
✔✔What is the digest length for the SHA1 hash function? - ✔✔192 bits 128 bits 160 bits
56 bits 256 bits 160 bits
✔✔What is the key size for the Data Encryption Standard (DES) encryption
mechanism? - ✔✔40 56 64 112 128 64
✔✔What is the purpose of message integrity codes (HMAC) - ✔✔To simultaneously
verify confidentiality of message (via message sequencing) and authenticity of message
(by use of a secret key) To ensure message integrity via cryptographic hashing
functions To simultaneously verify both data integrity (via cryptographic hashing
function) and message authenticity (by use of a secret key) To verify message
authenticity and confidentiality via the use of a SHA hashing function None of these To
, simultaneously verify both data integrity (via cryptographic hashing function) and
message authenticity (by use of a secret key)
✔✔What is this: password 7 052D131D33556C081D021200 - ✔✔A password encoded
with Unix crypt A password encoded with unsalted DES A password encoded with
salted MD5 A password encoded with the reversible Cisco vigenere algorithm A
password with the literal value "052D131D33556C081D021200" A password encoded
with the reversible Cisco vigenere algorithm
✔✔Which encryption algorithm uses prime numbers to generate keys? - ✔✔RSA SHA
S/ MIME PGP None of these RSA
✔✔Which is the least secure encryption cipher of those listed below? - ✔✔Triple-DES
MD5 AES DES IDEA DES
✔✔Which of the following algorithms cannot be used for reversible encryption? -
✔✔3DES SHA-256 Blowfish AES-128 Diffie Hellman SHA-256
✔✔Which of the following best describes Tripwire? - ✔✔It is used as a firewall to
prevent attacks It is used as an IPS to defend against intruders It is used encrypt
sensitive files It is used to verify integrity It is used as an IDS to detect intruders It is
used to verify integrity
✔✔Which of the following changes to a file would result in its hash output being
different, if subjected to the same hash function? - ✔✔rename the file extension change
the content change the file size all of these None of these all of these
✔✔Which of the following cipher modes use a block cipher to generate a key stream
that can be used as a stream cipher? - ✔✔CBC CFB ECB EDE ABC CFB
✔✔Which of the following encryption algorithms is an asymmetric cipher? - ✔✔DES
3DES AES RSA RC5 RSA
✔✔Which of the following is an advantage of using a salt value in a password
encryption algorithm? - ✔✔The salt acts as a preservative, allowing a password to be
used longer It allows the plaintext password to be recovered by decrypting the hash
Two users with the same password will have different password hashes Password
cracking is much faster The storage space for each hash is reduced by 50% Two users
with the same password will have different password hashes
✔✔Which of the following is considered the weakest form of DES? - ✔✔DES ECB DES
CBC DES CFM DES OFB DES EEB DES ECB
