Alice is sending an encrypted message to Bob. According to Kerckhoffs’ principle, which of the following must be kept secret? (Source: Wentz QOTD)
A. The cipher mode of operation
B. The unique random value used once to avoid repeating patterns
C. The input used to confuse the relationship with the ciphertext
D. The key used to encrypt data that can only be decrypted by another key
I came across the following videos in the Discord group, Certification Station, and found them helpful.
You are developing a network access control (NAC) solution to prevent unauthorized hosts from connecting to the network. To enforce authorized access, the solution maintains an authorization database of IP-MAC mappings and responds to ARP broadcasts from unauthorized hosts with the MAC of a captive portal as the destination. Which of the following is most likely used for the solution to redirect the unauthorized hosts to the captive portal? (Source: Wentz QOTD)
A. Spoofing
B. Layering
C. Encapsulation
D. Compromise recording
A VLAN (Virtual Local Area Network) is a logical network operating as a broadcast domain at the data link layer. Hosts on a VLAN work just like on a LAN.
The Ethernet frame per the IEEE 802.1Q has a four-byte field, VLAN tag, which includes the 12-bits long VLAN ID. In other words, there are theoretically 4096 VLANs at maximum.
You are evaluating the one-time password (OTP) solutions and a vendor proposed two models of OTP tokens. One solution is synchronous; the other is asynchronous. Which of the following is the primary cryptographic algorithm used in the synchronous solution to generate passwords? (Source: Wentz QOTD)
A. Lucifer
B. Rijndael
C. HMAC
D. Clock timer
You are conducting pentesting and have exploited a vulnerability to gain access to the file, /etc/shadow, in which one line reads as follows:
root:$1$vb1tLY1q$6jf7S0s1/qsCHOGJLrDb.1:18009:0:120:7:14::
Which of the following is the most feasible to crack the line? (Source: Wentz QOTD)
A. Resolve by searching open-source intelligence
B. Try every possible combination
C. Employ a text file of the MD5 hash values
D. Download a table of pre-computed values in SHA
You are conducting cryptanalysis to a symmetric cipher. You have access to the ciphertext in transit. You realize the secret key is not static but replaced with a new one periodically. Which of the following is the most likely effect you are facing because of the ever-changing secret key and ciphertext? (Source: Wentz QOTD)
A. Confusion
B. Ciphertext-only attack
C. Chosen-ciphertext attack
D. Diffusion
Nope. It just takes time. How long it takes for you to succeed in the CISSP exam depends on your background, study strategy, execution, and determination.