Effective CISSP Questions

According to Bruce Schneier, there are four general types of cryptanalytic attacks, each of which assumes that the cryptanalyst has complete knowledge of the encryption algorithm. Which of the following emphasizes that the cryptanalyst’s job is to recover the plaintext of as many messages as possible, or better yet to deduce the key (or keys) used to encrypt the messages, in order to decrypt other messages encrypted with the same keys? (Wentz QOTD)
A. Ciphertext-only attack
B. Known-plaintext attack
C. Chosen-plaintext attack
D. Chosen-ciphertext attack

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is __.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.


根據 Bruce Schneier 的說法,有四種一般類型的密碼分析攻擊,每一種都假設破密分析者完全了解加密算法。 以下哪項強調破碼分析員的工作是盡可能多地恢復消息的明文,或者更好地推斷用於加密消息的密鑰(或多個密鑰),以便解密使用相同密鑰加密的其他消息? (Wentz QOTD)
A. 只有密文攻擊
B. 已知明文攻擊
C. 選擇明文攻擊
D. 選擇密文攻擊

Leave a Reply