# CISSP PRACTICE QUESTIONS – 20211112

The original Rijndael documentation, as an Advanced Encryption Standard (AES) candidate, submitted to the NIST dates from June 11, 1998, and the AES standard, FIPS 197, issued by the NIST was approved on November 26, 2001. Which of the following is incorrect? (Wentz QOTD)
A. Rijndael allows the specification of variants with the block length and key length.
B. The number of rounds of Rijndael can be modified in case of security problems.
C. The block length in AES is 128 bits, while the key length can be 128, 192, or 256 bits.
D. AES specifies using the Feistel structure to transpose the intermediate state.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. AES specifies using the Feistel structure to transpose the intermediate state.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

The Feistel structure is used in DES, superseded by AES. In the AES Proposal: Rijndael, it reads:

In most ciphers, the round transformation has the Feistel Structure. In this structure typically part of the bits of the intermediate State are simply transposed unchanged to another position. The round transformation of Rijndael does not have the Feistel structure. Instead, the round transformation is composed of three distinct invertible uniform transformations, called layers. By “uniform”, we mean that every bit of the State is treated in a similar way.

# Reference

A. Rijndael 允許指定具有不同長度的區塊長度和密鑰長度。
B. Rijndael 的輪數(round)可以在發生安全問題的情況下進行修改。
C. AES 中的區塊長度是 128 位，而密鑰長度可以是 128、192 或 256 位。
D. AES 指定使用 Feistel 結構來轉置中間狀態。