## Network Security FAQ: Cryptography

**Q1. How many possible keys are there for an 8-bit key?**

a. 8

b. 8^{2}

c. 2^{8}

d. 65,536

**Answer:**c. There are 8 bits in that key, and all those bits can have two different values. To calculate the possible keys, multiply 2 by 2 by 2one time for every bit, or 2

^{8}.

**Q2. Which type of cipher typically acts on small units of data?**

a. Block cipher

b. Stream cipher

**Answer:**b. Stream ciphers encrypt the bits of the message one at a time, and block ciphers take a number of bits and encrypt them as a single unit.

**Q3. What is the maximum key length available with 3DES?**

a. 56 bits

b. 168 bits

c. 160 bits

d. 112 bits

e. 128 bits

**Answer:**b. The maximum key length available with 3DES is 168 bits.

**Q4. The AES has a variable key length. True or False?**

**Answer:**True. AES can use 128-, 192-, or 256-bit keys to encrypt data blocks.

**Q5. The security of the Diffie-Hellman algorithm is based on which of the following?**

a. The secrecy of public values

b. The extreme amount of time required to perform exponentiation

c. The difficulty of factoring large primes

d. The secrecy of g and p values

**Answer:**c. The security of the Diffie-Hellman algorithm is based on the difficulty of factoring large primes.

**Q6. What is the length of MD5 output (hash)?**

a. 64 bits

b. 128 bits

c. 160 bits

d. 168 bits

e. 256 bits

**Answer:**b. The length of MD5 output (hash) is 128 bits.

**7. What is the length of SHA-1 output (hash)?**

a. 64 bits

b. 128 bits

c. 160 bits

d. 168 bits

e. 256 bits

**Answer:**c. The length of SHA-1 output (hash) is 160 bits.

**8. What is eavesdropping?**

a. An intruder gains illegitimate access by posing as an individual who actually can access secured resources.

b. An intruder “sniffs” the data transmission between two parties during communications over a public medium.

c. An intruder interrupts a dialogue and modifies the data between the two parties. The intruder would take over the entire session in an extreme case.

**Answer:**b. Eavesdropping is when an intruder “sniffs” the data transmission between two parties during communications over a public medium.

**Q9. Which protocols can be layered on top of SSL? (Multiple answers are possible.)**

a. HTTP

b. OSPF

c. FTP

d. Telnet

e. TFTP

**Answer:**a, c, and d. HTTP, FTP, and Telnet can be layered on top of SSL.

**Q10. Name the three primary security vulnerabilities for communication over a public network.**

**Answer:**Identity theft, eavesdropping, and man-in-the-middle are the three primary security vulnerabilities for communication over a public network.