The Data Encryption Algorithm performs how many rounds of substitution and permutation?
Correct Answer: B
Explanation/Reference: Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Question 323
What is Kerberos?
Correct Answer: B
Explanation/Reference: Is correct because that is exactly what Kerberos is. The following answers are incorrect: A three-headed dog from Egyptian mythology. Is incorrect because we are dealing with Information Security and not the Egyptian mythology but the Greek Mythology. A security model. Is incorrect because Kerberos is an authentication protocol and not just a security model. A remote authentication dial in user server. Is incorrect because Kerberos is not a remote authentication dial in user server that would be called RADIUS.
Question 324
What is the maximum number of different keys that can be used when encrypting with Triple DES?
Correct Answer: C
Section: Cryptography Explanation/Reference: Triple DES encrypts a message three times. This encryption can be accomplished in several ways. The most secure form of triple DES is when the three encryptions are performed with three different keys. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 152).
Question 325
What can be defined as: It confirms that users' needs have been met by the supplied solution ?
Correct Answer: D
Explanation/Reference: Acceptance confirms that users' needs have been met by the supplied solution. Verification and Validation informs Acceptance by establishing the evidence - set against acceptance criteria - to determine if the solution meets the users' needs. Acceptance should also explicitly address any integration or interoperability requirements involving other equipment or systems. To enable acceptance every user and system requirement must have a 'testable' characteristic. Accreditation is the formal acceptance of security, adequacy, authorization for operation and acceptance of existing risk. Accreditation is the formal declaration by a Designated Approving Authority (DAA) that an IS is approved to operate in a particular security mode using a prescribed set of safeguards to an acceptable level of risk. Certification is the formal testing of security safeguards and assurance is the degree of confidence that the implemented security measures work as intended. The certification is a Comprehensive evaluation of the technical and nontechnical security features of an IS and other safeguards, made in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified ecurity requirements. Assurance is the descriptions of the measures taken during development and evaluation of the product to assure compliance with the claimed security functionality. For example, an evaluation may require that all source code is kept in a change management system, or that full functional testing is performed. The Common Criteria provides a catalogue of these, and the requirements may vary from one evaluation to the next. The requirements for particular targets or types of products are documented in the Security Targets (ST) and Protection Profiles (PP), respectively. Source: ROTHKE, Ben, CISSP CBK Review presentation on domain 4, August 1999. and Official ISC2 Guide to the CISSP CBK, Second Edition, on page 211. and http://www.aof.mod.uk/aofcontent/tactical/randa/content/randaintroduction.htm
Question 326
Which of the following was not designed to be a proprietary encryption algorithm?
Correct Answer: C
Explanation/Reference: Blowfish is a symmetric block cipher with variable-length key (32 to 448 bits) designed in 1993 by Bruce Schneier as an unpatented, license-free, royalty-free replacement for DES or IDEA. See attributes below: Block cipher: 64-bit block Variable key length: 32 bits to 448 bits Designed by Bruce Schneier Much faster than DES and IDEA Unpatented and royalty-free No license required Free source code available Rivest Cipher #2 (RC2) is a proprietary, variable-key-length block cipher invented by Ron Rivest for RSA Data Security, Inc. Rivest Cipher #4 (RC4) is a proprietary, variable-key-length stream cipher invented by Ron Rivest for RSA Data Security, Inc. The Skipjack algorithm is a Type II block cipher [NIST] with a block size of 64 bits and a key size of 80 bits that was developed by NSA and formerly classified at the U.S. Department of Defense "Secret" level. The NSA announced on June 23, 1998, that Skipjack had been declassified. References: RSA Laboratories http://www.rsa.com/rsalabs/node.asp?id=2250 RFC 2828 - Internet Security Glossary http://www.faqs.org/rfcs/rfc2828.html