Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?
works at the network layer.
IPSec provides machine-level authentication as well as data encryption. It is used for VPN connections that use the L2TP protocol. It secures
both data and password.
Answer option B is incorrect. NAT also works at the network layer, but it does not provide encryption for data.
Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.
widely distributed. A message encrypted with a recipient's public key cannot be decrypted by anyone except the owner of that key and the
person associated with the public key used. This is used for confidentiality. A message signed with a sender's private key can be verified by
anyone who has access to the sender's public key.
Answer options A and C are incorrect. Because of the asymmetric behavior of the keys, the secret key can encrypt a message, and anyone
with the public key can decrypt it. The distinguishing technique used in public key-private key cryptography is the use of asymmetric key
algorithms because the key used to encrypt a message is not the same as the key used to decrypt it.
Which of the following backup types backs up files that have been added and all data that have been modified since the most recent backup was performed?
Incremental backup backs up files that are created or changed since the last full or incremental backup. Incremental backup provides a faster
method of backing up data than most other backup methods. Restoring data from an incremental backup requires the last full backup and all
subsequent incremental backups. Incremental backups must be restored in the same order as they were created.
If any incremental backup in the incremental backup set is damaged or becomes corrupt, the data backed up after corruption cannot be
Answer option D is incorrect. Full backup, also known as normal backup, involves backing up the entire hard disks and files of a machine.
When the full backup type is set up, a user should choose which files, folders, and hard disks are to be backed up. After a full backup is
performed, all archive bits are reset to 0.
Answer option A is incorrect. Differential backup backs up files that are created or changed since the last full backup. It requires minimum
space to backup data. Differential backup requires only the last full backup tape and the last differential backup tape to restore data. It is
faster as compared to full backup.
Answer option C is incorrect. There is no such type of backup as daily backup.
You are responsible for security at a hospital. Since many computers are accessed by multiple employees 24 hours a day, 7 days a week, controlling physical access to computers is very difficult. This is compounded by a high number of non employees moving through the building. You are concerned about unauthorized access to patient records. What would best solve this problem?
and a username/password to access any hospital computers.
Answer option D is incorrect. If there is a security breach, video surveillance might help catch the perpetrator, but it won't prevent the breach.
Answer option A is incorrect. Challenge Handshake Authentication Protocol, will not help prevent unauthorized access to computers.
Answer option B is incorrect. A hospital requires 24 hour a day access to patient data. Time of day restrictions would not work.
In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?
This is used to find patterns in the cryptographic output that might uncover vulnerability or reveal a cryptographic key.
Answer option D is incorrect. In a ciphertext only attack, the attacker obtains encrypted messages that have been encrypted using the same
encryption algorithm. For example, the original version of WEP used RC4, and if sniffed long enough, the repetitions would allow a hacker to
extract the WEP key. Such types of attacks do not require the attacker to have the plaintext because the statistical analysis of the sniffed log
Answer option A is incorrect. In a chosen ciphertext attack, the attacker can choose the ciphertext to be decrypted and can then analyze the
plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.
Answer option B is incorrect. In a known plaintext attack, the attacker should have both the plaintext and ciphertext of one or more
messages. These two items are used to extract the cryptographic key and recover the encrypted text.