2022年最新の実際に出ると確認された 無料EC-COUNCIL 212-81試験問題 [Q91-Q110]

Share

2022年最新の実際に出ると確認された 無料EC-COUNCIL 212-81試験問題

212-81リアル試験問題解答は無料

質問 91
If you use substitution alone, what weakness is present in the resulting cipher text?

  • A. It is too simple
  • B. It is the same length as the original text
  • C. It maintains letter and word frequency
  • D. It is easily broken with modern computers

正解: C

解説:
It maintains letter and word frequency
https://en.wikipedia.org/wiki/Frequency_analysis
Frequency analysis (also known as counting letters) is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers.
Frequency analysis is based on the fact that, in any given stretch of written language, certain letters and combinations of letters occur with varying frequencies. Moreover, there is a characteristic distribution of letters that is roughly the same for almost all samples of that language. For instance, given a section of English language, E, T, A and O are the most common, while Z, Q, X and J are rare. Likewise, TH, ER, ON, and AN are the most common pairs of letters (termed bigrams or digraphs), and SS, EE, TT, and FF are the most common repeats. The nonsense phrase "ETAOIN SHRDLU" represents the 12 most frequent letters in typical English language text.
In some ciphers, such properties of the natural language plaintext are preserved in the ciphertext, and these patterns have the potential to be exploited in a ciphertext-only attack.

 

質問 92
What size block does AES work on?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解: D

解説:
128
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.

 

質問 93
The Clipper chip is notable in the history of cryptography for many reasons. First, it was designed for civilian used secure phones. Secondly, it was designed to use a very specific symmetric cipher. Which one of the following was originally designed to provide built-in cryptography for the Clipper chip?

  • A. Twofish
  • B. Skipjack
  • C. Blowfish
  • D. Serpent

正解: B

解説:
Skipjack
https://en.wikipedia.org/wiki/Clipper_chip
The Clipper chip was a chipset that was developed and promoted by the United States National Security Agency (NSA) as an encryption device that secured "voice and data messages" with a built-in backdoor that was intended to "allow Federal, State, and local law enforcement officials the ability to decode intercepted voice and data transmissions.". It was intended to be adopted by telecommunications companies for voice transmission. Introduced in 1993, it was entirely defunct by 1996.
he Clipper chip used a data encryption algorithm called Skipjack to transmit information and the Diffie-Hellman key exchange-algorithm to distribute the cryptokeys between the peers. Skipjack was invented by the National Security Agency of the U.S. Government; this algorithm was initially classified SECRET, which prevented it from being subjected to peer review from the encryption research community. The government did state that it used an 80-bit key, that the algorithm was symmetric, and that it was similar to the DES algorithm. The Skipjack algorithm was declassified and published by the NSA on June 24, 1998. The initial cost of the chips was said to be $16 (unprogrammed) or $26 (programmed), with its logic designed by Mykotronx, and fabricated by VLSI Technology, Inc (see the VLSI logo on the image on this page).

 

質問 94
A cryptanalysis success where the attacker discovers additional plain texts (or cipher texts) not previously known.

  • A. Total Break
  • B. Instance Deduction
  • C. Distinguishing Algorithm
  • D. Information Deduction

正解: B

解説:
Instance Deduction
https://en.wikipedia.org/wiki/Cryptanalysis
The results of cryptanalysis can also vary in usefulness. For example, cryptographer Lars Knudsen (1998) classified various types of attack on block ciphers according to the amount and quality of secret information that was discovered:
Total break - the attacker deduces the secret key.
Global deduction - the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
Instance (local) deduction - the attacker discovers additional plaintexts (or ciphertexts) not previously known.
Information deduction - the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Distinguishing algorithm - the attacker can distinguish the cipher from a random permutation.

 

質問 95
Electromechanical rotor-based cipher used in World War II

  • A. Cipher Disk
  • B. Enigma Machine
  • C. ROT13 Cipher
  • D. Rail Fence Cipher

正解: B

解説:
Enigma Machine
https://en.wikipedia.org/wiki/Enigma_machine
The Enigma machine is an encryption device developed and used in the early- to mid-20th century to protect commercial, diplomatic and military communication. It was employed extensively by Nazi Germany during World War II, in all branches of the German military.
Enigma has an electromechanical rotor mechanism that scrambles the 26 letters of the alphabet.
Incorrect answers:
Rail Fence Cipher - a form of transposition cipher. In the rail fence cipher, the plain text is written downwards and diagonally on successive "rails" of an imaginary fence, then moving up when the bottom rail is reached. When the top rail is reached, the message is written downwards again until the whole plaintext is written out. The message is then read off in rows.
Cipher Disk - an enciphering and deciphering tool developed in 1470 by the Italian architect and author Leon Battista Alberti. He constructed a device, (eponymously called the Alberti cipher disk) consisting of two concentric circular plates mounted one on top of the other. The larger plate is called the "stationary" and the smaller one the "moveable" since the smaller one could move on top of the "stationary". The first incarnation of the disk had plates made of copper and featured the alphabet, in order, inscribed on the outer edge of each disk in cells split evenly along the circumference of the circle. This enabled the two alphabets to move relative to each other creating an easy to use key. Rather than using an impractical and complicated table indicating the encryption method, one could use the much simpler cipher disk. This made both encryption and decryption faster, simpler and less prone to error.
ROT13 Cipher - ("rotate by 13 places", sometimes hyphenated ROT-13) is a simple letter substitution cipher that replaces a letter with the 13th letter after it, in the alphabet. ROT13 is a special case of the Caesar cipher which was developed in ancient Rome.

 

質問 96
Software for maintaining an on-the-fly-encrypted volume. Data is automatically encrypted right before it is saved, then decrypted right after it is loaded, all w/o user intervention.

  • A. VeraCrypt
  • B. PGP
  • C. VPN
  • D. Cryptool

正解: A

解説:
VeraCrypt
https://en.wikipedia.org/wiki/VeraCrypt
VeraCrypt is a source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file or encrypt a partition or (in Windows) the entire storage device with pre-boot authentication.
Incorrect answers:
PGP - designed by Phil Zimmerman as a freeware e-mail security program and was released in 1991. It was the first widespread public key encryption program.
VPN - A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common, although not an inherent, part of a VPN connection Cryptool - an open-source project that focuses on the free e-learning software CrypTool illustrating cryptographic and cryptanalytic concepts. According to "Hakin9", CrypTool is worldwide the most widespread e-learning software in the field of cryptology.

 

質問 97
A cryptanalysis success where the attacker deduces the secret key.

  • A. Information Deduction
  • B. Total Break
  • C. Avalanche effect
  • D. Shannon's Entropy

正解: B

解説:
Total Break
https://en.wikipedia.org/wiki/Cryptanalysis
The results of cryptanalysis can also vary in usefulness. For example, cryptographer Lars Knudsen (1998) classified various types of attack on block ciphers according to the amount and quality of secret information that was discovered:
Total break - the attacker deduces the secret key.
Global deduction - the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.
Instance (local) deduction - the attacker discovers additional plaintexts (or ciphertexts) not previously known.
Information deduction - the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Distinguishing algorithm - the attacker can distinguish the cipher from a random permutation.
Incorrect answers:
Shannon's Entropy - average level of "information", "surprise", or "uncertainty" inherent in the variable's possible outcomes. The concept of information entropy was introduced by Claude Shannon in his 1948 paper "A Mathematical Theory of Communication".
Avalanche effect - the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext.

 

質問 98
An attack that is particularly successful against block ciphers based on substitution-permutation networks. For a block size b, holds b-k bits constant and runs the other k through all 2k possibilities. For k=1, this is just deferential cryptanalysis, but with k>1 it is a new technique.

  • A. Integral Cryptanalysis
  • B. Chosen Plaintext Attack
  • C. Linear Cryptanalysis
  • D. Differential Cryptanalysis

正解: A

解説:
Integral Cryptanalysis
https://en.wikipedia.org/wiki/Integral_cryptanalysis
Integral cryptanalysis is a cryptanalytic attack that is particularly applicable to block ciphers based on substitution-permutation networks. It was originally designed by Lars Knudsen as a dedicated attack against Square, so it is commonly known as the Square attack. It was also extended to a few other ciphers related to Square: CRYPTON, Rijndael, and SHARK. Stefan Lucks generalized the attack to what he called a saturation attack and used it to attack Twofish, which is not at all similar to Square, having a radically different Feistel network structure. Forms of integral cryptanalysis have since been applied to a variety of ciphers, including Hierocrypt, IDEA, Camellia, Skipjack, MISTY1, MISTY2, SAFER++, KHAZAD, and FOX (now called IDEA NXT).
Incorrect answers:
Chosen Plaintext Attack - is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The goal of the attack is to gain information that reduces the security of the encryption scheme.
Linear Cryptanalysis - is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. Attacks have been developed for block ciphers and stream ciphers. Linear cryptanalysis is one of the two most widely used attacks on block ciphers.
Differential Cryptanalysis - is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in information input can affect the resultant difference at the output. In the case of a block cipher, it refers to a set of techniques for tracing differences through the network of transformation, discovering where the cipher exhibits non-random behavior, and exploiting such properties to recover the secret key (cryptography key).

 

質問 99
In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving.
Which Algorithm is this referring to?

  • A. Wi-Fi Protected Access 2 (WPA2)
  • B. Wired Equivalent Privacy (WEP)
  • C. Temporal Key Integrity Protocol (TKIP)
  • D. Wi-Fi Protected Access (WPA)

正解: B

解説:
Wired Equivalent Privacy (WEP)
https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy#Weak_security
In 2007, Erik Tews, Andrei Pychkine, and Ralf-Philipp Weinmann were able to extend Klein's 2005 attack and optimize it for usage against WEP. With the new attack it is possible to recover a 104-bit WEP key with probability 50% using only 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good conditions. The actual computation takes about 3 seconds and 3 MB of main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40-bit keys with an even higher success probability.

 

質問 100
Which of the following equations is related to EC?

  • A. y^2 = x^3 + Ax + B
  • B. P = Cd%n
  • C. Me%n
  • D. Let m = (p-1)(q-1)

正解: A

解説:
y^2 = x^3 + Ax + B
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
For current cryptographic purposes, an elliptic curve is a plane curve over a finite field (rather than the real numbers) which consists of the points satisfying the equation:

 

質問 101
Which one of the following is an authentication method that sends the username and password in cleartext?

  • A. PAP
  • B. CHAP
  • C. SPAP
  • D. Kerberos

正解: A

解説:
PAP
https://en.wikipedia.org/wiki/Password_Authentication_Protocol
Password Authentication Protocol (PAP) is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users. Almost all network operating system remote servers support PAP. PAP is specified in RFC 1334.
PAP is considered a weak authentication scheme (weak schemes are simple and have lighter computational overhead but are much more vulnerable to attack; while weak schemes may have limited application in some constrained environments, they are avoided in general). Among PAP's deficiencies is the fact that it transmits unencrypted passwords (i.e. in plain-text) over the network. PAP is therefore used only as a last resort when the remote server does not support a stronger scheme such as CHAP or EAP.
Incorrect answers:
SPAP - Shiva Password Authentication Protocol, PAP with encryption for the usernames/passwords that are transmitted.
CHAP - calculates a hash, shares the hash with the client system, the hash is periodically validated to ensure nothing has changed.
Kerberos - computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client-server model and it provides mutual authentication-both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Kerberos builds on symmetric key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.

 

質問 102
Which of the following is not a key size used by AES?

  • A. 192 bits
  • B. 256 bits
  • C. 128 bits
  • D. 512 b

正解: D

解説:
512 bits
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
AES is a subset of the Rijndael block cipher developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.

 

質問 103
If the round function is a cryptographically secure pseudorandom function, then ___rounds is sufficient to make it a "strong" pseudorandom permutation.

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解: A

解説:
4
https://en.wikipedia.org/wiki/Feistel_cipher
Michael Luby and Charles Rackoff analyzed the Feistel cipher construction, and proved that if the round function is a cryptographically secure pseudorandom function, with Ki used as the seed, then 3 rounds are sufficient to make the block cipher a pseudorandom permutation, while 4 rounds are sufficient to make it a "strong" pseudorandom permutation (which means that it remains pseudorandom even to an adversary who gets oracle access to its inverse permutation). Because of this very important result of Luby and Rackoff, Feistel ciphers are sometimes called Luby-Rackoff block ciphers.

 

質問 104
Which of the following acts as a verifier for the certificate authority?

  • A. Registration authority
  • B. Certificate Management system
  • C. Directory management system
  • D. Certificate authority

正解: A

解説:
Registration authority
https://en.wikipedia.org/wiki/Registration_authority
Registration authorities exist for many standards organizations, such as ANNA (Association of National Numbering Agencies for ISIN), the Object Management Group, W3C, IEEE and others. In general, registration authorities all perform a similar function, in promoting the use of a particular standard through facilitating its use. This may be by applying the standard, where appropriate, or by verifying that a particular application satisfies the standard's tenants. Maintenance agencies, in contrast, may change an element in a standard based on set rules - such as the creation or change of a currency code when a currency is created or revalued (i.e. TRL to TRY for Turkish lira). The Object Management Group has an additional concept of certified provider, which is deemed an entity permitted to perform some functions on behalf of the registration authority, under specific processes and procedures documented within the standard for such a role.

 

質問 105
The ATBASH cipher is best described as what type of cipher?

  • A. Transposition
  • B. Symmetric
  • C. Substitution
  • D. Asymmetric

正解: C

解説:
Substitution
https://en.wikipedia.org/wiki/Atbash
Atbash is a monoalphabetic substitution cipher originally used to encrypt the Hebrew alphabet. It can be modified for use with any known writing system with a standard collating order.

 

質問 106
Which of the following is used to encrypt email and create digital signatures?

  • A. RSA
  • B. AES
  • C. SHA1
  • D. DES

正解: A

解説:
RSA
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
RSA use for encryption email and create digital signatures

 

質問 107
A _________ is a digital representation of information that identifies you as a relevant entity by a trusted third party.

  • A. Ownership stamp
  • B. Digital Signature
  • C. Digest
  • D. Hash

正解: B

解説:
Digital Signature
https://en.wikipedia.org/wiki/Digital_signature
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very strong reason to believe that the message was created by a known sender (authentication), and that the message was not altered in transit (integrity).

 

質問 108
____________cryptography uses one key to encrypt a message and a different key to decrypt it.

  • A. Stream
  • B. Symmetric
  • C. Asymmetric
  • D. Secure

正解: C

解説:
Asymmetric
https://en.wikipedia.org/wiki/Public-key_cryptography
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, which may be disseminated widely, and private keys, which are known only to the owner. The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions. Effective security only requires keeping the private key private; the public key can be openly distributed without compromising security.

 

質問 109
Which of the following is assured by the use of a hash?

  • A. Availability
  • B. Authentication
  • C. Confidentiality
  • D. Integrity

正解: D

解説:
Integrity
https://en.wikipedia.org/wiki/Cryptographic_hash_function#Verifying_the_integrity_of_messages_and_files An important application of secure hashes is verification of message integrity. Comparing message digests (hash digests over the message) calculated before, and after, transmission can determine whether any changes have been made to the message or file.

 

質問 110
......

試験問題集で212-81練習無料最新のEC-COUNCIL練習テスト:https://jp.fast2test.com/212-81-premium-file.html

212-81試験問題、リアル212-81練習問題集:https://drive.google.com/open?id=1E3yqJKET3ZAAyqzWCEUe8oZJy9-feBj6


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어