This Competency Assessment assesses the following outcome(s):
IT279M2-2: Analyze symmetric and asymmetric cryptosystem fundamentals.
Purpose
In this Assessment, you will examine the role that cryptography plays in achieving the first goal of information security: Confidentiality. You will also examine several varieties of symmetric cryptography and one example of asymmetric cryptography.
Instructions
Part 1: Cryptography Fundamentals I
Section 1: Using Credible Sources, Justify Your Answers to Questions
Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source, and provide a 50–100-word explanation of why you chose your answer.
Which of the following are considered confidentiality services?
Encryption technologies
Digital signatures
RAID arrays
Which service provided by a cryptosystem is most important for the military?
Integrity
Nonrepudiation
Confidentiality
What is the purpose of authentication in a cryptosystem?
Verifying the user’s or system’s identity
Ensuring that data has not been changed by an unauthorized user
Ensuring that the data’s sender cannot deny having sent the data
Which service provided by a cryptosystem turns information into unintelligible data?
Authorization
Integrity
Confidentiality
What is another term for cryptography strength?
Work factor
Public key
Private key
You have created a cryptographic key on your organization’s domain controller. What should you do next?
Determine the length of the key.
Determine the security framework.
Determine the key management infrastructure.
Which cipher is based on the clues of the physical factors, rather than the hardware or a software cryptosystem?
A DES cipher
A concealment cipher
A transposition cipher
Which cipher type replaces the original text in a message with a different text?
Block cipher
Stream cipher
Substitution cipher
Which statement is NOT true of cryptanalysis?
It is used to test the strength of an algorithm.
It is a tool used to develop a secure cryptosystem.
It is used to forge coded signals that will be accepted as authentic.
It is a process of attempting reverse engineering of a cryptosystem.
Who is PRIMARILY responsible for the organization’s security program and risk management?
Business and functional manager
System owner
Information security manager
Who is PRIMARILY responsible for proper implementation of security requirement in their IT System?
IT security practitioner
System owner
Information security manager
Which of the following are active agents?
Vulnerability
Threat
Risk
Part 2: Cryptography Fundamentals II
Section 1: Using Credible Sources, Justify Your Answers to Questions
Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source, and provide a 50–100-word explanation of why you chose your answer.
Which statement is true of symmetric cryptography?
Symmetric cryptography is faster than asymmetric cryptography.
Symmetric cryptography uses different keys to encrypt and decrypt messages.
Symmetric cryptography does not require a secure mechanism to properly deliver keys.
You have been specifically asked to implement a stream cipher. Which cryptographic algorithm could you use?
RC4
RC5
RC6
Your organization is working with an international partner on a new and innovative product. All communication regarding this must be encrypted using a public domain symmetric algorithm. Which algorithm should you use?
DES
Blowfish
3DES
You are the security administrator for an organization. Management decides that all communication on the network should be encrypted using the data encryption standard (DES) algorithm. Which statement is true of this algorithm?
The effective key size of DES is 64 bits.
A Triple DES (3DES) algorithm uses 48 rounds of computation.
A DES algorithm uses 32 rounds of computation.
Which statement is NOT true of the operation modes of the data encryption standard (DES) algorithm?
Electronic Code Book (ECB) mode operation is best suited for database encryption.
ECB is the easiest and fastest DES mode that can be used.
ECB repeatedly uses produced ciphertext to encipher a message consisting of blocks.
Which statement is true of the Rijndael algorithm?
Rijndael uses variable block lengths and variable key lengths.
Rijndael uses fixed block lengths and fixed key lengths.
Rijndael uses variable block lengths and fixed key lengths.
Of which type of encryption algorithm is Diffie-Hellman an example?
Asymmetric with authorization
Asymmetric with authentication
Symmetric with digital signature
Which types of encryption require private keys to be shared?
Asymmetric encryption
Private key encryption
Public key encryption
Symmetric encryption
option a
option b
option c
option d
options a and c
options b and c only
Which of the following is the combination of the probability of an event and its consequence?
Risk
Vulnerability
Exposure
Which of the following process of a risk management processes is for the establishment of global performance parameters within an organization?
Acceptance of residual risk
Establish scope and boundaries
Risk treatment
Which of the following processes of risk management is the process of selecting strategies to deal with identified risk, according to business risk appetite?
Risk assessment
Establish scope and boundaries
Risk treatment
Which of the following risk treatment options defines that a risk may be accepted?
Mitigate the risk
Transfer the risk
Tolerate the risk
Minimum Submission Requirements
This Assessment should be a Microsoft Word document that fulfills the minimum length requirements, in addition to the title and reference pages.
Respond to the questions in a thorough manner, providing specific examples of concepts, topics, definitions, and other elements asked for in the questions. Your submission should be highly organized, logical, and focused.
Your submission must be written in Standard English and demonstrate exceptional content, organization, style, and grammar and mechanics.
Your submission should provide a clearly established and sustained viewpoint and purpose.
Your writing should be well ordered, logical and unified, as well as original and insightful.
A separate page at the end of your submission should contain a list of references, in APA format. Use your textbook, the Library, and the internet for research.
Be sure to cite both in-text and reference list citations where appropriate and reference all sources. Your sources and content should follow proper APA citation style. Review the writing resources for APA formatting and citation found in Academic Tools. Additional writing resources can be found within the Academic Success Center. For more information on APA style formatting, go to Academic Writer, formerly APA Style Central, under the Academic Tools area of this course.
Your submission should:
include a cover sheet;
be double-spaced;
be typed in Times New Roman, 12 -point font;
include correct citations
be written in Standard English with no spelling or punctuation errors; and
include correct references at the bottom of the last page.
If work submitted for this competency assessment does not meet the minimum submission requirements, it will be returned without being scored.
Plagiarism
Plagiarism is an act of academic dishonesty. It violates the University Honor Code, and the offense is subject to disciplinary action. You are expected to be the sole author of your work. Use of another person’s work or ideas must be accompanied by specific citations and references. Whether the action is intentional or not, it still constitutes plagiarism.
The post This Competency Assessment assesses the following outcome(s): IT279M2-2: Analyze symmetric and asymmetric appeared first on PapersSpot.