
[2022年更新]212-81まとめセット試験ガイド練習からあなたの212-81試験を合格させます!
準備212-81試験2022年最新のECES無制限200問題
EC-COUNCIL 212-81 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
質問 37
Bruce Schneier is a well-known and highly respected cryptographer. He has developed several pseudo random number generators as well as worked on teams developing symmetric ciphers. Which one of the following is a symmetric block cipher designed in 1993 by Bruce Schneier team that is unpatented?
- A. Pegasus
- B. AES
- C. Blowfish
- D. SHA1
正解: A
解説:
Blowfish
https://en.wikipedia.org/wiki/Blowfish_(cipher)
Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products.
質問 38
Ahlen is using a set of pre-calculated hashes to attempt to derive the passwords from a Windows SAM file. What is a set of pre-calculated hashes used to derive a hashed password called?
- A. Rainbow table
- B. Password table
- C. Hash matrix
- D. Hash table
正解: A
解説:
Rainbow table
https://en.wikipedia.org/wiki/Rainbow_table
A rainbow table is a precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a key derivation function (or credit card numbers, etc.) up to a certain length consisting of a limited set of characters. It is a practical example of a space-time tradeoff, using less computer processing time and more storage than a brute-force attack which calculates a hash on every attempt, but more processing time and less storage than a simple key derivation function with one entry per hash. Use of a key derivation that employs a salt makes this attack infeasible.
質問 39
Which of the following is a protocol for exchanging keys?
- A. DH
- B. EC
- C. RSA
- D. AES
正解: A
解説:
DH
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
Diffie-Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. Published in 1976 by Diffie and Hellman, this is the earliest publicly known work that proposed the idea of a private key and a corresponding public key.
Incorrect answers:
EC - Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide equivalent security.
RSA - (Rivest-Shamir-Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly, in 1973 at GCHQ (the British signals intelligence agency), by the English mathematician Clifford Cocks. That system was declassified in 1997.
AES - also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a subset of the Rijndael block cipher developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a proposal[5] to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.
質問 40
Which of the following is the standard for digital certificates?
- A. 509
https://en.wikipedia.org/wiki/X.509 - B. 509 is a standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures. An X.509 certificate contains a public key and an identity (a hostname, or an organization, or an individual), and is either signed by a certificate authority or self-signed. When a certificate is signed by a trusted certificate authority, or validated by other means, someone holding that certificate can rely on the public key it contains to establish secure communications with another party, or validate documents digitally signed by the corresponding private key.
- C. CA
- D. X.509
- E. RFC 2298
- F. CRL
正解: D
質問 41
This is a proprietary version of PAP. Encrypts username and password as it is sent across network.
- A. Kerberos
- B. S-PAP
- C. WPA2
- D. PPTP VPN
正解: B
解説:
S-PAP
Shiva Password Authentication Protocol (S-PAP) - PAP with encryption for the usernames/passwords that are transmitted.
Incorrect answers:
Kerberos - a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client-server model and it provides mutual authentication-both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
WPA2 - (Wi-Fi Protected Access II) security certification program developed by the Wi-Fi Alliance to secure wireless computer networks. It includes mandatory support for CCMP, an AES-based encryption mode.
PPTP VPN - works at layer 2 (data link) layer of OSI model. Provides both authentication and encryption. EAP or CHAP is used to provide the authentication for PPTP. MPPE (Microsoft Point to Point Encryption) is used to encrypt the traffic. MPPE - a specific Microsoft implementation of DES. Can only use over a traditional Ethernet network.
質問 42
A cryptographic hash function which uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 cycles per byte for MD6-256 on an Intel Core 2 Duo and provable resistance against differential cryptanalysis.
- A. GOST
- B. MD5
- C. MD6
- D. TIGER
正解: C
解説:
MD6
https://en.wikipedia.org/wiki/MD6
The MD6 Message-Digest Algorithm is a cryptographic hash function. It uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 cycles per byte for MD6-256 on an Intel Core 2 Duo and provable resistance against differential cryptanalysis.[2] The source code of the reference implementation was released under MIT license.
Speeds in excess of 1 GB/s have been reported to be possible for long messages on 16-core CPU architecture.
In December 2008, Douglas Held of Fortify Software discovered a buffer overflow in the original MD6 hash algorithm's reference implementation. This error was later made public by Ron Rivest on 19 February 2009, with a release of a corrected reference implementation in advance of the Fortify Report.
質問 43
The Clipper chip is notable in the history of cryptography for many reasons. First, it was designed for civilian used secure phones. Secondly, it was designed to use a very specific symmetric cipher. Which one of the following was originally designed to provide built-in cryptography for the Clipper chip?
- A. Serpent
- B. Twofish
- C. Blowfish
- D. Skipjack
正解: D
解説:
Skipjack
https://en.wikipedia.org/wiki/Clipper_chip
The Clipper chip was a chipset that was developed and promoted by the United States National Security Agency (NSA) as an encryption device that secured "voice and data messages" with a built-in backdoor that was intended to "allow Federal, State, and local law enforcement officials the ability to decode intercepted voice and data transmissions.". It was intended to be adopted by telecommunications companies for voice transmission. Introduced in 1993, it was entirely defunct by 1996.
he Clipper chip used a data encryption algorithm called Skipjack to transmit information and the Diffie-Hellman key exchange-algorithm to distribute the cryptokeys between the peers. Skipjack was invented by the National Security Agency of the U.S. Government; this algorithm was initially classified SECRET, which prevented it from being subjected to peer review from the encryption research community. The government did state that it used an 80-bit key, that the algorithm was symmetric, and that it was similar to the DES algorithm. The Skipjack algorithm was declassified and published by the NSA on June 24, 1998. The initial cost of the chips was said to be $16 (unprogrammed) or $26 (programmed), with its logic designed by Mykotronx, and fabricated by VLSI Technology, Inc (see the VLSI logo on the image on this page).
質問 44
What does the OCSP protocol provide?
- A. Hashing
- B. Revoked certificates
- C. Encryption
- D. VPN connectivity
正解: B
解説:
Revoked certificates
https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate.It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed OCSP responders.
質問 45
The reverse process from encoding - converting the encoded message back into its plaintext format.
- A. Whitening
- B. Substitution
- C. Decoding
- D. Encoding
正解: C
解説:
Decoding
Decoding - reverse process from encoding,converting the encoded message back into its plaintext format.
質問 46
This algorithm was published by the German engineering firm Seimans in 1993. It is a software based stream cipher using Lagged Fibonacci generator along with a concept borrowed from the shrinking generator ciphers.
- A. FISH
- B. Twofish
- C. Blowfish
- D. RC4
正解: A
解説:
FISH
https://en.wikipedia.org/wiki/FISH_(cipher)
The FISH (FIbonacci SHrinking) stream cipher is a fast software based stream cipher using Lagged Fibonacci generators, plus a concept from the shrinking generator cipher. It was published by Siemens in 1993. FISH is quite fast in software and has a huge key length. However, in the same paper where he proposed Pike, Ross Anderson showed that FISH can be broken with just a few thousand bits of known plaintext.
質問 47
Which algorithm implements an unbalanced Feistel cipher?
- A. RSA
- B. 3DES
- C. Blowfish
- D. Skipjack
正解: D
解説:
Skipjack
https://en.wikipedia.org/wiki/Skipjack_(cipher)
Skipjack uses an 80-bit key to encrypt or decrypt 64-bit data blocks. It is an unbalanced Feistel network with 32 rounds.
質問 48
Which one of the following are characteristics of a hash function? (Choose two)
- A. Fixed length output
- B. One-way
- C. Fast
- D. Requires a key
- E. Symmetric
正解: A,B
解説:
Correct answers: One-way, Fixed length output
https://en.wikipedia.org/wiki/Cryptographic_hash_function
A cryptographic hash function is a mathematical algorithm that maps data of arbitrary size (often called the "message") to a bit array of a fixed size (the "hash value", "hash", or "message digest"). It is a one-way function, that is, a function which is practically infeasible to invert.
Incorrect answers:
Symmetric. Cryptographic algorithms can be categorized into three classes: Hash functions, Symmetric and Asymmetric algorithms. Differences: purpose and main fields of application.
Requires a key. Well, technically, this is the correct answer. But in the hash-function, "key" is input data.
Fast. Fast or slow is a subjective characteristic, there are many different algorithms, and here it is impossible to say this unambiguously like "Symmetric encryption is generally faster than asymmetric encryption."
質問 49
What is the basis for the difficulty in breaking RSA?
- A. Hashing
- B. The birthday paradox
- C. Factoring numbers
- D. Equations that describe an elliptic curve
正解: C
解説:
Factoring numbers
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
RSA (Rivest-Shamir-Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly, in 1973 at GCHQ (the British signals intelligence agency), by the English mathematician Clifford Cocks. That system was declassified in 1997.
In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone, via the public key, but can only be decoded by someone who knows the prime numbers.
質問 50
What is a "Collision attack" in cryptography?
- A. Collision attacks try to find two inputs producing the same
- B. Collision attacks try to break the hash into three parts to get the plaintext value
- C. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
- D. Collision attacks try to get the public key
正解: A
解説:
Collision attacks try to find two inputs producing the same
https://en.wikipedia.org/wiki/Collision_attack
A collision attack on a cryptographic hash tries to find two inputs producing the same hash value, i.e. a hash collision. This is in contrast to a preimage attack where a specific target hash value is specified.
質問 51
Which one of the following is an authentication method that sends the username and password in cleartext?
- A. Kerberos
- B. PAP
- C. CHAP
- D. SPAP
正解: B
解説:
PAP
https://en.wikipedia.org/wiki/Password_Authentication_Protocol
Password Authentication Protocol (PAP) is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users. Almost all network operating system remote servers support PAP. PAP is specified in RFC 1334.
PAP is considered a weak authentication scheme (weak schemes are simple and have lighter computational overhead but are much more vulnerable to attack; while weak schemes may have limited application in some constrained environments, they are avoided in general). Among PAP's deficiencies is the fact that it transmits unencrypted passwords (i.e. in plain-text) over the network. PAP is therefore used only as a last resort when the remote server does not support a stronger scheme such as CHAP or EAP.
Incorrect answers:
SPAP - Shiva Password Authentication Protocol, PAP with encryption for the usernames/passwords that are transmitted.
CHAP - calculates a hash, shares the hash with the client system, the hash is periodically validated to ensure nothing has changed.
Kerberos - computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client-server model and it provides mutual authentication-both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Kerberos builds on symmetric key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.
質問 52
Nicholas is working at a bank in Germany. He is looking at German standards for pseudo random number generators. He wants a good PRNG for generating symmetric keys. The German Federal Office for Information Security (BSI) has established four criteria for quality of random number generators. Which ones can be used for cryptography?
- A. K1
- B. K2
- C. K3
- D. K5
- E. K4
正解: C,E
解説:
K3 and K4
https://en.wikipedia.org/wiki/Pseudorandom_number_generator
The German Federal Office for Information Security (Bundesamt fur Sicherheit in der Informationstechnik, BSI) has established four criteria for quality of deterministic random number generators.They are summarized here:
K1 - There should be a high probability that generated sequences of random numbers are different from each other.
K2 - A sequence of numbers is indistinguishable from "truly random" numbers according to specified statistical tests. The tests are the monobit test (equal numbers of ones and zeros in the sequence), poker test (a special instance of the chi-squared test), runs test (counts the frequency of runs of various lengths), longruns test (checks whether there exists any run of length 34 or greater in 20 000 bits of the sequence)-both from BSI and NIST, and the autocorrelation test. In essence, these requirements are a test of how well a bit sequence: has zeros and ones equally often; after a sequence of n zeros (or ones), the next bit a one (or zero) with probability one-half; and any selected subsequence contains no information about the next element(s) in the sequence.
K3 - It should be impossible for an attacker (for all practical purposes) to calculate, or otherwise guess, from any given subsequence, any previous or future values in the sequence, nor any inner state of the generator.
K4 - It should be impossible, for all practical purposes, for an attacker to calculate, or guess from an inner state of the generator, any previous numbers in the sequence or any previous inner generator states.
For cryptographic applications, only generators meeting the K3 or K4 standards are acceptable.
質問 53
An attack that is particularly successful against block ciphers based on substitution-permutation networks. For a block size b, holds b-k bits constant and runs the other k through all 2k possibilities. For k=1, this is just deferential cryptanalysis, but with k>1 it is a new technique.
- A. Differential Cryptanalysis
- B. Integral Cryptanalysis
- C. Chosen Plaintext Attack
- D. Linear Cryptanalysis
正解: B
解説:
Integral Cryptanalysis
https://en.wikipedia.org/wiki/Integral_cryptanalysis
Integral cryptanalysis is a cryptanalytic attack that is particularly applicable to block ciphers based on substitution-permutation networks. It was originally designed by Lars Knudsen as a dedicated attack against Square, so it is commonly known as the Square attack. It was also extended to a few other ciphers related to Square: CRYPTON, Rijndael, and SHARK. Stefan Lucks generalized the attack to what he called a saturation attack and used it to attack Twofish, which is not at all similar to Square, having a radically different Feistel network structure. Forms of integral cryptanalysis have since been applied to a variety of ciphers, including Hierocrypt, IDEA, Camellia, Skipjack, MISTY1, MISTY2, SAFER++, KHAZAD, and FOX (now called IDEA NXT).
Incorrect answers:
Chosen Plaintext Attack - is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The goal of the attack is to gain information that reduces the security of the encryption scheme.
Linear Cryptanalysis - is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. Attacks have been developed for block ciphers and stream ciphers. Linear cryptanalysis is one of the two most widely used attacks on block ciphers.
Differential Cryptanalysis - is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in information input can affect the resultant difference at the output. In the case of a block cipher, it refers to a set of techniques for tracing differences through the network of transformation, discovering where the cipher exhibits non-random behavior, and exploiting such properties to recover the secret key (cryptography key).
質問 54
What does Output feedback (OFB) do:
- A. A block cipher is converted into a stream cipher by generating a keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext
- B. The cipher text from the current round is XORed with the plaintext from the previous round
- C. The message is divided into blocks and each block is encrypted separately. This is the most basic mode for symmetric encryption
- D. The cipher text from the current round is XORed with the plaintext for the next round
正解: A
解説:
A block cipher is converted into a stream cipher by generating a keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Output_feedback_(OFB) The output feedback (OFB) mode makes a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext. Just as with other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the plaintext at the same location. This property allows many error-correcting codes to function normally even when applied before encryption.
質問 55
......
注目の212-81まとめセット試験ガイドは最速合格できます:https://jp.fast2test.com/212-81-premium-file.html
練習する212-81にはFast2test明確な練習であなたをCertified Encryption Specialist試験合格させます:https://drive.google.com/open?id=1E3yqJKET3ZAAyqzWCEUe8oZJy9-feBj6