CISSP PRACTICE QUESTIONS – 20200927

Effective CISSP Questions

Which of the following cryptographic operations is least applicable in quantum cryptography?
A. Generate a one-time pad
B. Distribute the encryption key
C. Encrypt the plain text
D. Ensure sufficient entropy for encryption


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Encrypt the plain text.

Quantum computing and Quantum cryptography are the opposite studies.

  • Quantum computing may compromise public-key systems.
  • Post-quantum cryptography is secure against quantum computing, aka quantum-proof, quantum-safe, or quantum-resistant.
  • Quantum cryptography secures key exchange.

Quantum Cryptography

“Quantum cryptography is the science of exploiting quantum mechanical properties to perform cryptographic tasks. The best known example of quantum cryptography is quantum key distribution which offers an information-theoretically secure solution to the key exchange problem.” (Wikipedia)

One-Time Pad

“Last fall (2018), a team of Chinese researchers successfully used quantum-entangled photons to create and share one-time pads between a satellite and a ground station in Austria.”

Source: ExtremeTech

Entropy

In computing, entropy is the randomness collected by an operating system or application for use in cryptography or other uses that require random data.

Source: Wikipedia

Simply put, entropy is the space (or degree) of randomness. A fair die has six possible outcomes or space, from one to six, while an unfair die may always generate the “one” side as the outcome. The space of random outcomes for a fair die is 6; an unfair die is one. In other words, a fair die has more entropy than an unfair die.

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

對於量子密碼學(quantum cryptography),以下哪項密碼學操作最不適用?
A. 生成一次性墊 (one-time pad)
B. 交換金鑰
C. 加密明文
D. 確保足夠的熵(entropy)進行加密

 

Leave a Reply