CISSP PRACTICE QUESTIONS – 20210403

Effective CISSP Questions

Which of the following is the best cryptographic function used to enforce confidentiality? (Wentz QOTD)
A. One-time pad (OTP)
B. RSA Digital Signature Algorithm
C. Time-based One-Time Password (TOTP)
D. Hash-based Message Authentication Codes (HMAC)

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. One-time pad (OTP).

The acronym of both the one-time pad and one-time passoword is OTP. However, they are different and not related at all. The one-time pad is a symmetric cipher that entails a random secret key, while the one-time password is a dynamically generated password that is valid for only one and only specific login session.

  • RSA Digital Signature Algorithm produces the digital signature that enforces non-repudiation.
  • Time-based One-Time Password (TOTP) is a one-time password that relies on time as one of the generation algorithm’s input parameters.
  • The Hash-based Message Authentication Codes (HMAC) relies on a hash function and a shared key to calculate the message authentication code to validate authenticity.

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

以下哪項密碼學功能最能強化機密性?(Wentz QOTD)
A. One-time pad (OTP)
B. RSA Digital Signature Algorithm
C. Time-based One-Time Password (TOTP)
D. Hash-based Message Authentication Codes (HMAC)

Leave a Reply