CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 212-81

Free 212-81 Exam Braindumps (page: 8)

Page 7 of 50
PDF with 206 Questions

An authentication method that periodically re-authenticates the client by establishing a hash that is then resent from the client is called __________.

  1. CHAP
  2. SPAP
  3. PAP
  4. EAP

Answer(s): A

Explanation:

CHAP
https://en.wikipedia.org/wiki/Challenge-Handshake_Authentication_Protocol
Challenge-Handshake Authentication Protocol (CHAP) is an identity verification protocol that does not rely on sending a shared secret between the access-requesting party and the identity-verifying party (the authenticator). CHAP is based on a shared secret, but in order to authenticate, the authenticator sends a “challenge” message to the access-requesting party, which responds with a value calculated using a “one-way hash” function that takes as inputs the challenge and the shared secret. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication succeeds, otherwise it fails. Following the establishment of an authenticated connection, the authenticator may send a challenge to the access-requesting party at random intervals, to which the access-requesting party will have to produce the correct response.

Incorrect answers:
EAP - A framework that allows for creation of different ways to provide authentication, such as smart cards
SPAP - Shiva Password Authentication Protocol, PAP with encryption for the usernames/passwords that are transmitted.
PAP - Password Authentication Protocol. Used to authenticate users, but is no longer used because the information was sent in cleartext.



In a ___________the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.

  1. Information deduction
  2. Total break
  3. Instance deduction
  4. Global deduction

Answer(s): D

Explanation:

Global deduction https://en.wikipedia.org/wiki/Cryptanalysis
Global deduction — the attacker discovers a functionally equivalent algorithm for encryption and decryption, but without learning the key.

Incorrect answers:
Instance (local) deduction — the attacker discovers additional plaintexts (or ciphertexts) not previously known.
Information deduction — the attacker gains some Shannon information about plaintexts (or ciphertexts) not previously known.
Total break — the attacker deduces the secret key.



Which of the following is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel?

  1. Elliptic Curve
  2. NMD5
  3. RSA
  4. Diffie-Hellman

Answer(s): D

Explanation:

Diffie-Hellman https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
Diffie-Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.

Incorrect answers:
Elliptic Curve - Asymmetric Key Algorithm, provides encryption, digital signatures, key exchange, based on the idea of using points on a curve to define the public/private key, used in wireless devices and smart cards. The security of the Elliptic Curve cryptography is based on the fact that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is difficult to the point of being impractical to do so. (y2 = x3 + Ax + B) - Developed by Victor Miller and Neil Koblitz in 1985
MD5 - hash function - Created by Ronald Rivest. Replaced MD4. 128 bit output size, 512 bit block size, 32 bit word size, 64 rounds. Infamously compromised by Flame malware in 2012. Not collision resistant - Not Reversible - RFC 1321
RSA - is a public-key cryptosystem that is widely used for secure data transmission.



A linear congruential generator is an example of what?

  1. A coprime generator
  2. A prime number generator
  3. A pseudo random number generator
  4. A random number generator

Answer(s): C

Explanation:

A pseudo random number generator https://en.wikipedia.org/wiki/Linear_congruential_generator
A linear congruential generator (LCG) is an algorithm that yields a sequence of pseudo-randomized numbers calculated with a discontinuous piecewise linear equation. The method represents one of the oldest and best-known pseudorandom number generator algorithms. The theory behind them is relatively easy to understand, and they are easily implemented and fast, especially on computer hardware which can provide modular arithmetic by storage-bit truncation.






Post your Comments and Discuss EC-Council 212-81 exam with other Community members:

212-81 Discussions & Posts