Chapter 5: The Art of Ensuring Integrity

1. Identify three situations in which the hashing function can be applied.

(Choose three.)

• DES

• PKI

• PPoE

• IPsec

• CHAP

• WPA

Explanation: Three situations where a hash function could be used are as follows:
When IPsec is being used
When routing authentication is enabled
In challenge responses within protocols such as PPP CHAP
Within digitally signed contracts and PKI certificates

2. A user has created a new program and wants to distribute it to everyone in the
company. The user wants to ensure that when the program is downloaded that
the program is not changed while in transit. What can the user do to ensure that
the program is not changed when downloaded?

• Create a hash of the program file that can be used to verify the integrity
of the file after it is downloaded.

• Turn off antivirus on all the computers.

• Distribute the program on a thumb drive.

• Encrypt the program and require a password after it is downloaded.

• Install the program on individual computers.

Explanation: Hashing is a method to ensure integrity and ensures that the data is
not changed.

3. A recent email sent throughout the company stated that there would be a
change in security policy. The security officer who was presumed to have sent
the message stated the message was not sent from the security office and the
company may be a victim of a spoofed email. What could have been added to
the message to ensure the message actually came from the person?

• non-repudiation

• digital signature

• asymmetric key

• hashing

Explanation: Digital signatures ensures non-repudiation or the ability not to deny

that a specific person sent a message.

4. What are three NIST-approved digital signature algorithms? (Choose three.)

• DSA

• ECDSA

• SHA256

• MD5

• RSA

• SHA1

Explanation: NIST chooses approved algorithms based on public key techniques

and ECC. The digital signature algorithms approved are DSA, RSA, and ECDSA.

5. Alice and Bob use the same password to login into the company network.
This means both would have the exact same hash for their passwords. What
could be implemented to prevent both password hashes from being the same?

• peppering

• pseudo-random generator

• salting

• RSA

Explanation: A password is stored as a combination of both a hash and a salt.

6. What is the step by step process for creating a digital signature?

 • Create a message digest; encrypt the digest with the private key of the
sender; and bundle the message, encrypted digest, and public key
together in order to sign the document.

• Create a message digest; encrypt the digest with the public key of the
sender; and bundle the message, encrypted digest, and public key together
to sign the document.

• Create a message; encrypt the message with a MD5 hash; and send the
bundle with a public key.

• Create a SHA-1 hash; encrypt the hash with the private key of the sender; and
bundle the message, encrypted hash, and public key together to signed
document.

Explanation: In order to create a digital signature, the following steps must be

taken:

1. The message and message digest are created.

2. The digest and private key are encrypted.

3. The message, encrypted message digest, and public key are bundled to create the
signed document.

7. What is a strength of using a hashing function?

• It is a one-way function and not reversible.

• Two different files can be created that have the same output.

• It has a variable length output.

• It is not commonly used in security.

• It can take only a fixed length message.

Explanation: Understanding the properties of a hash function shows its

applicability such as one-way function, arbitrary input length, and fixed output.

8. What are three type of attacks that are preventable through the use of
salting? (Choose three.)

• rainbow tables

• social engineering
 • lookup tables

• guessing

• phishing

• reverse lookup tables

• shoulder surfing

Explanation: Salting makes precomputed tables ineffective because of the random

string that is used.

9. A user has been asked to implement IPsec for inbound external connections.
The user plans to use SHA-1 as part of the implementation. The user wants to
ensure the integrity and authenticity of the connection. What security tool can
the user use?

• HMAC

• SHA256

• ISAKMP

• MD5

Explanation: HMAC provides the additional feature of a secret key to ensure

integrity and authentication.

10. A user downloads an updated driver for a video card from a website. A
warning message pops up saying the driver is not approved. What does this
piece of software lack?

• digital signature

• valid ID

• source code

• code recognition

Explanation: Code signing is a method of verifying code integrity

11. What is the purpose of CSPRNG?

• to secure a web site

• to generate salt
 • to process hash lookups

• to prevent a computer from being a zombie

Explanation: Salting prevents someone from using a dictionary attack to guess a

password. Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)
is one way (and the best way) to generate salt.

12. A recent breach at a company was traced to the ability of a hacker to access
the corporate database through the company website by using malformed data
in the login form. What is the problem with the company website?

• poor input validation

• weak encryption

• bad usernames

• lack of operating system patching

Explanation: The ability to pass malformed data through a website is a form of poor
input validation.

13. What are three validation criteria used for a validation rule? (Choose three.)

• encryption

• size

• range

• key

• type

• format

Explanation: Criteria used in a validation rule include format, consistency, range,

and check digit.

14. A user is instructed by a boss to find a better method to secure passwords in

transit. The user has researched several means to do so and has settled on
using HMAC. What are the key elements needed to implement HMAC?

• symmetric key and asymmetric key

• message digest and asymmetric key

 • IPsec and checksum

• secret key and message digest

Explanation: HMAC implementation is a secret key added to a hash.

15. Which method tries all possible passwords until a match is found?

• rainbow tables

• cryptographic

• cloud

• birthday

• brute force

• dictionary

Explanation: Two common methods of cracking hashes are dictionary and brute
force. Given time, the brute force method will always crack a password.

16. What is the standard for a public key infrastructure to manage digital
certificates?

• 503

• PKI

• 509

• NIST-SP800

Explanation: The x.509 standard is for a PKI infrastructure and x.500 if for directory
structures.

17. A user is evaluating the security infrastructure of a company and notices

that some authentication systems are not using best practices when it comes
to storing passwords. The user is able to crack passwords very fast and access
sensitive data. The user wants to present a recommendation to the company on
the proper implementation of salting to avoid password cracking techniques.
What are three best practices in implementing salting? (Choose three.)

• A salt should not be reused.

• A salt must be unique.

 • The same salt should be used for each password.

• A salt should be unique for each password.

• Salts are not an effective best practice.

• Salts should be short.

Explanation: Salting needs to be unique and not reused. Doing the opposite will
cause passwords to be cracked easily.

18. A user is the database administrator for a company. The user has been
asked to implement an integrity rule that states every table must have a
primary key and that the column or columns chosen to be the primary key must
be unique and not null. Which integrity requirement is the user implementing?

• domain integrity

• entity integrity

• anomaly integrity

• referential integrity

Explanation: There are three major database integrity requirements: entity,

referential, and domain integrity.

19. An investigator finds a USB drive at a crime scene and wants to present it as
evidence in court. The investigator takes the USB drive and creates a forensic
image of it and takes a hash of both the original USB device and the image that
was created. What is the investigator attempting to prove about the USB drive
when the evidence is submitted in court?

• The investigator found a USB drive and was able to make a copy of it.

• An exact copy cannot be made of a device.

• The data is all there.

• The data in the image is an exact copy and nothing has been altered by
the process.

Explanation: A hash function ensures the integrity of a program, file, or device.

20. A user is connecting to an e-commerce server to buy some widgets for a

company. The user connects to the site and notices there is no lock in the
browser security status bar. The site does prompt for a username and password
and the user is able to log in. What is the danger in proceeding with this
transaction?

• The certificate from the site has expired, but is still secure.

• The site is not using a digital certificate to secure the transaction, with
the result that everything is in the clear.

• Ad blocker software is preventing the security bar from working properly, and
thus there is no danger with the transaction.

• The user is using the wrong browser to perform the transaction.

Explanation: The lock in the browser window ensures a secure connection is being
established and is not blocked by browser add-ons.