CCNA Security v2.0 Chapter 7 Exam Answers 2017 (100%)

CCNA Security Chapter 7 Exam Answers

1. Which encryption algorithm is an asymmetric algorithm?

   • DH*
   • SEAL
   • 3DES
   • AES

2. An online retailer needs a service to support the nonrepudiation of the transaction. Which component is used for this service?

   • the private key of the retailer
   • the unique shared secret known only by the retailer and the customer
   • the public key of the retailer
   • the digital signatures*

3. In which situation is an asymmetric key algorithm used?

   • Two Cisco routers authenticate each other with CHAP.
   • User data is transmitted across the network after a VPN is established.
   • An office manager encrypts confidential files before saving them to a removable device.
   • A network administrator connects to a Cisco router with SSH.*

4. What is the purpose of a nonrepudiation service in secure communications?

   • to ensure that encrypted secure communications cannot be decoded
   • to confirm the identity of the recipient of the communications
   • to provide the highest encryption level possible
   • to ensure that the source of the communications is confirmed*

5. What is the focus of cryptanalysis?

   • hiding secret codes
   • developing secret codes*
   • breaking encrypted codes
   • implementing encrypted codes

6. How many bits does the Data Encryption Standard (DES) use for data encryption?

   • 40 bits
   • 56 bits*
   • 64 bits
   • 72 bits

7. Which statement describes the Software-Optimized Encryption Algorithm (SEAL)?

   • SEAL is a stream cipher.*
   • It uses a 112-bit encryption key.
   • It is an example of an asymmetric algorithm.
   • It requires more CPU resources than software-based AES does.

8. Which objective of secure communications is achieved by encrypting data?

   • integrity
   • authentication
   • confidentiality*
   • availability

9. Why is the 3DES algorithm often preferred over the AES algorithm?

   • 3DES is more trusted because it has been proven secure for a longer period than AES.*
   • AES is more expensive to implement than 3DES.
   • 3DES performs better in high-throughput, low-latency environments than AES.
   • Major networking equipment vendors such as Cisco have not yet adopted AES.

10. What is the most common use of the Diffie-Helman algorithm in communications security?

    • to create password hashes for secure authentication
    • to provide routing protocol authentication between routers
    • to encrypt data for secure e-commerce communications
    • to secure the exchange of keys used to encrypt data*

11. Which type of encryption algorithm uses public and private keys to provide authentication, integrity, and confidentiality?

    • symmetric
    • shared secret
    • IPsec
    • asymmetric*

12. How do modern cryptographers defend against brute-force attacks?

    • Use statistical analysis to eliminate the most common encryption keys.
    • Use a keyspace large enough that it takes too much money and too much time to conduct a successful attack.*
    • Use an algorithm that requires the attacker to have both ciphertext and plaintext to conduct a successful attack.
    • Use frequency analysis to ensure that the most popular letters used in the language are not used in the cipher message.

13. Which encryption protocol provides network layer confidentiality?

    • IPsec protocol suite*
    • Transport Layer Security
    • Secure Hash Algorithm 1
    • Secure Sockets Layer
    • Keyed MD5
    • Message Digest 5

14. Why is asymmetric algorithm key management simpler than symmetric algorithm key management?

    • It uses fewer bits.
    • Only one key is used.
    • Two public keys are used for the key exchange.
    • One of the keys can be made public.*

15. What is the purpose of code signing?

    • source identity secrecy
    • integrity of source .EXE files*
    • reliable transfer of data
    • data encryption

16. Which algorithm can ensure data confidentiality?

    • MD5
    • PKI
    • RSA
    • AES*

17. Refer to the exhibit. Which encryption algorithm is described in the exhibit?

    

    CCNA Security Chapter 7 Exam Answer v2 001

    • RC4
    • AES
    • 3DES*
    • DES
    • SEAL

18. Which statement describes asymmetric encryption algorithms?

    • They have key lengths ranging from 80 to 256 bits.
    • They include DES, 3DES, and AES.
    • They are also called shared-secret key algorithms.
    • They are relatively slow because they are based on difficult computational algorithms.*

19. Which two non-secret numbers are initially agreed upon when the Diffie-Hellman algorithm is used? (Choose two.)

    • binomial coefficient
    • generator*
    • elliptic curve invariant
    • prime modulus*
    • topological index
    • pseudorandom nome

20. In what situation would an asymmetric algorithm most likely be used?

    • logging onto a computer
    • making an online purchase*
    • uploading a networking book chapter using FTP
    • transferring a large stream of data between two corporate locations

21. What is the purpose of a digital certificate?

    • It guarantees that a website has not been hacked.
    • It authenticates a website and establishes a secure connection to exchange confidential data.*
    • It provides proof that data has a traditional signature attached.
    • It ensures that the person who is gaining access to a network device is authorized.

22. Fill in the blank.

    A shared secret is a symmetric* key used in a encryption algorithm.