Page 1527 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1527
this fixed-length output is a requirement of any secure hashing
algorithm.
7. C. The WEP algorithm has documented flaws that make it trivial to
break. It should never be used to protect wireless networks.
8. A. Wi-Fi Protected Access (WPA) uses the Temporal Key Integrity
Protocol (TKIP) to protect wireless communications. WPA2 uses
AES encryption.
9. B. Sue would have encrypted the message using Richard’s public
key. Therefore, Richard needs to use the complementary key in the
key pair, his private key, to decrypt the message.
10. B. Richard should encrypt the message digest with his own private
key. When Sue receives the message, she will decrypt the digest
with Richard’s public key and then compute the digest herself. If
the two digests match, she can be assured that the message truly
originated from Richard.
11. C. The Digital Signature Standard allows federal government use of
the Digital Signature Algorithm, RSA, or the Elliptic Curve DSA in
conjunction with the SHA-1 hashing function to produce secure
digital signatures.
12. B. X.509 governs digital certificates and the public-key
infrastructure (PKI). It defines the appropriate content for a digital
certificate and the processes used by certificate authorities to
generate and revoke certificates.
13. B. Pretty Good Privacy uses a “web of trust” system of digital
signature verification. The encryption technology is based on the
IDEA private key cryptosystem.
14. C. Transport Layer Security uses TCP port 443 for encrypted client-
server communications.
15. C. The meet-in-the-middle attack demonstrated that it took
relatively the same amount of computation power to defeat 2DES
as it does to defeat standard DES. This led to the adoption of Triple
DES (3DES) as a standard for government communication.
16. A. Rainbow tables contain precomputed hash values for commonly
