First thing first. IPsec doesn’t support non-repudiation.
IPsec and Non-repudiation
3
Monthly Archives: July 2020
Birthday Attack against Hash Collisions
One year has 365 days. If you interview pedestrians on the street randomly, how many attempts do you need to come across two people who were born on the same date (month and day)?
CISSP PRACTICE QUESTIONS – 20200728
Which of the following statements about cryptographic hash is least correct? (Source: Wentz QOTD)
A. A hash function always produces the same hash if given the same message
B. A hash function might produce the same hash if given distinct messages
C. The time of computing hash typically increases exponentially with the message size
D. Implementation of the digital signature can be as simple as encrypting a message digest by the sender’s private key
CISSP Process Guide V.21, 2020 by Fadi Sodah (aka Madunix)
The latest CISSP Process Guide V.21 by security expert, Fadi Sodah (aka Madunix), has been released! It summarizes and highlights key points and processes in an effective and precise way.
Thank you for advancing the profession, Fadi!!
Download Now To Boost Your Learning!
CISSP PRACTICE QUESTIONS – 20200727
You are actively engaging in the open-source community of cryptography and reviewing the source code of a stream cipher to implement on mobile apps. Which of the following is the best justification for selecting the open-source cipher instead of AES? (Source: Wentz QOTD)
A. Shorter key length
B. Lower requirement for hardware capacity
C. Stronger work factor
D. Open design
To which layer do OSPF and BGP belong?
According to RFC 1812, to which layer do OSPF and BGP belong, Application or Internet Layer? To your surprise, the answer is the Application layer.
TCP/IP Model
It depends on the model you are following. RFC 1812 apparently stands for the TCP/IP model. OSPF and BGP belong to the Application Layer.
Routing Protocols in Application Laye
ISO Model
From the perspective of ISO 7498-1, the OSI Basic Reference Model, it is generally accepted that they belong to the Network Layer.
7.5.2.4 Any relay functions and hop-by-hop service enhancement protocols used to support the network-service between the OSI end systems are operating below the Transport Layer, i.e. within the Network Layer or below.
Source: ISO 7498-1
CISSP PRACTICE QUESTIONS – 20200726
Users report connections to the enterprise information portal (EIP) often timed out because of poor network performance. As a security analyst, you suspect it can be resulted from denial-of-service (DOS) or distributed DOS (DOS) attacks. You connect your laptop to the mirror port of the core switching hub and start capturing traffic in promiscuous mode. Which of the following attack targets is least likely to appear in the captured traffic? (Source: Wentz QOTD)
A. 10.10.255.255/22
B. 10.10.254.0/22
C. 10.10.253.255/22
D. 10.10.252.0/22
CISSP PRACTICE QUESTIONS – 20200725
Internet Protocol Security (IPsec) as a part of the Internet Protocol version 4 (IPv4) suite that complements the Internet Protocol (IP). Which of the following can not be achieved by IPsec? (Source: Wentz QOTD)
A. Confidentiality
B. Detection and rejection of replays
C. Access control
D. Non-repudiation
CISSP PRACTICE QUESTIONS – 20200724
You are developing a client/server-based application where clients shall communicate with peer clients and the server based on the public key infrastructure. There are ten clients on the network. Which of the following is the required number of secret keys among clients and the server? (Source: Wentz QOTD)
A. 11
B. 22
C. 55
D. 77
No 2 of the 19 Best New Security Certifications eBooks To Read In 2020
Really pleased to know my book, The Effective CISSP: Security and Risk Management, is ranked as the No 2 of the 19 Best New Security Certifications eBooks To Read In 2020 by BookAuthority.
BookAuthority
As featured on CNN, Forbes and Inc – BookAuthority identifies and rates the best books in the world, based on public mentions, recommendations, ratings and sentiment.