CCNA Casp Engineering Crypto Questions

28 of 103 questions · Page 2/2 · Casp Engineering Crypto topic · Answers revealed

76
MCQeasy

An enterprise is deploying a multi-factor authentication (MFA) solution. The security team requires a factor that is resistant to phishing and does not rely on shared secrets. Which of the following MFA types BEST meets this requirement?

A.Biometric fingerprint scanner
B.SMS one-time passcodes
C.FIDO2/WebAuthn security keys
D.TOTP via authenticator app
AnswerC

FIDO2 uses public-key cryptography and is phishing-resistant.

Why this answer

FIDO2/WebAuthn uses public-key cryptography, with the private key stored on the device, and the protocol is designed to be phishing-resistant by binding credentials to the origin. TOTP/HOTP rely on shared secrets and are vulnerable to phishing. Hardware tokens like YubiKey can implement FIDO2.

Biometrics are a factor but not inherently phishing-resistant alone.

77
Multi-Selecthard

An organization is planning to deploy a new internal CA hierarchy. Which THREE considerations are critical for ensuring the security and manageability of the PKI?

Select 3 answers
A.Keep the root CA offline and only bring it online for cross-certification or disaster recovery.
B.Use a 4096-bit RSA key for the root CA and at least 2048-bit for issuing CAs.
C.Use SHA-1 for certificate signing to ensure compatibility with legacy systems.
D.Use a single-tier CA to simplify management.
E.Ensure all certificates include CRL distribution points and OCSP responder URLs.
AnswersA, B, E

An offline root CA reduces the risk of compromise.

Why this answer

A multi-tier hierarchy (root offline, issuing CAs) limits exposure; strong hashing and key algorithms are essential; CRL/OCSP distribution points must be accessible for revocation checking.

78
Multi-Selectmedium

A company is migrating from RSA to elliptic curve cryptography for digital signatures. They require a signature algorithm that provides at least 128 bits of security strength and is resistant to quantum computing attacks in the foreseeable future. Which TWO algorithms meet these requirements? (Select TWO.)

Select 2 answers
A.ECDSA P-256
B.DSA 3072
C.Ed25519
D.RSA 4096
E.ECDSA P-384
AnswersC, E

Ed25519 provides 128-bit security and is resistant to known attacks.

Why this answer

ECDSA P-384 provides 192-bit security, and Ed25519 provides 128-bit security. Both are EC-based. DSA 3072 is not EC.

RSA 4096 is not EC. ECDSA P-256 provides 128-bit security but is less conservative.

79
MCQeasy

A company is implementing a passwordless authentication solution using FIDO2/WebAuthn. What is the primary security advantage of this approach over traditional password-based authentication?

A.It allows users to share passwords securely.
B.It reduces server storage requirements.
C.It eliminates the need for multi-factor authentication.
D.It prevents phishing attacks by using cryptographic keys.
AnswerD

FIDO2's origin-bound keys prevent phishing.

Why this answer

FIDO2 uses public key cryptography, so private keys never leave the device, preventing credential theft.

80
MCQeasy

A security engineer is configuring a VPN between two sites and needs to ensure data confidentiality and integrity. Which IPsec mode and protocol combination should be used to encrypt the entire IP packet including the header?

A.Transport mode with ESP
B.Transport mode with AH
C.Tunnel mode with AH
D.Tunnel mode with ESP
AnswerD

ESP in tunnel mode encrypts the entire IP packet, including the original header.

Why this answer

IPsec tunnel mode with ESP encrypts and authenticates the entire IP packet, providing confidentiality and integrity. Transport mode only encrypts the payload, and AH provides integrity without encryption.

81
Multi-Selecteasy

An IoT device manufacturer wants to ensure the security of over-the-air (OTA) firmware updates. Which TWO measures are essential to protect the update process?

Select 2 answers
A.Sign the firmware with a trusted code signing certificate
B.Use a simple checksum for integrity verification
C.Implement a secure boot chain that verifies the signature before applying the update
D.Encrypt the firmware using a hardcoded key
E.Allow firmware downgrades to previous versions
AnswersA, C

Digital signatures verify the firmware comes from a trusted source and has not been modified.

Why this answer

Code signing ensures firmware integrity and authenticity. A secure boot chain verifies the signature before execution. Encrypting the firmware in transit protects confidentiality, but integrity is paramount.

Hardcoding keys is insecure. Rolling back firmware can introduce vulnerabilities.

82
MCQeasy

A security architect is designing a VPN that requires both authentication and encryption. Which IPsec protocol provides both services in a single protocol?

A.AH in transport mode
B.IKEv2
C.ESP in tunnel mode
D.AH in tunnel mode
AnswerC

ESP offers both encryption and authentication, tunnel mode encapsulates the entire IP packet.

Why this answer

ESP provides both encryption and optional authentication, while AH only provides authentication without encryption.

83
MCQhard

During a security assessment, an engineer discovers that a smartcard used for authentication is vulnerable to side-channel attacks. Which countermeasure would best mitigate power analysis attacks?

A.Adding redundant cryptographic operations to equalize power consumption
B.Using a shielded enclosure to reduce electromagnetic emissions
C.Increasing the key length
D.Implementing a hardware random number generator
AnswerA

This makes power consumption more uniform, reducing leakage.

Why this answer

Power analysis attacks exploit variations in power consumption; constant-time algorithms and power smoothing hardware help mitigate this.

84
Multi-Selecthard

During a penetration test, an assessor successfully exploits a timing side-channel attack to extract an ECDSA private key from a secure enclave. Which TWO mitigations should the development team implement to prevent such attacks? (Select TWO.)

Select 2 answers
A.Implement constant-time cryptographic operations
B.Add random delays to cryptographic operations
C.Disable debug interfaces on the secure enclave
D.Use blinding techniques for ECDSA signing
E.Replace ECDSA with Ed25519
AnswersA, D

Constant-time code ensures execution time is independent of secret data, thwarting timing attacks.

Why this answer

Timing attacks exploit variations in execution time based on secret data. Constant-time algorithms ensure that execution time does not depend on secret inputs. Blinding techniques randomize the computation so that timing variations are independent of the secret.

Using stronger algorithms like Ed25519 does not inherently prevent timing attacks; constant-time implementation is needed. Adding noise to operations can help but is less effective than constant-time. Disabling debug interfaces is not a direct mitigation for timing attacks.

85
MCQmedium

An IoT device manufacturer wants to ensure that firmware updates are authentic and have not been tampered with. The device has limited computational resources. Which cryptographic primitive is most appropriate for verifying the integrity and authenticity of firmware images?

A.Digital signature using ECDSA P-384
B.SHA-256 hash only
C.Symmetric MAC using AES-256-GCM
D.HMAC-SHA256 with a device-specific key
AnswerA

Digital signatures provide non-repudiation and authenticity without shared secrets; ECDSA is efficient for constrained devices.

Why this answer

Digital signatures provide both integrity and authenticity. RSA is too computationally intensive for constrained devices; ECDSA or Ed25519 are more suitable. The question asks for the primitive, so digital signatures is the correct category.

86
Multi-Selectmedium

A company is implementing privileged access management (PAM) for its critical servers. Which THREE practices should be included to enhance security? (Select THREE.)

Select 3 answers
A.Record and monitor all privileged sessions
B.Implement just-in-time (JIT) access provisioning
C.Use break-glass accounts for emergency access
D.Enforce multi-factor authentication for all users
E.Require periodic password rotation for all service accounts
AnswersA, B, C

Session recording ensures accountability and aids forensic analysis.

Why this answer

Just-in-time (JIT) access provisioning grants privileges only when needed, reducing standing privileges. Session recording and monitoring provides audit trails. Break-glass accounts provide emergency access with controls.

MFA for all users is a general practice, but for PAM, JIT, session monitoring, and break-glass are specific. Password rotation is good but not a core PAM practice compared to the others.

87
MCQhard

A security engineer is reviewing a PKI deployment where the root CA is kept offline. The issuing CA signs certificates for internal applications. Recently, a subordinate CA was compromised, and the engineer needs to revoke all certificates issued by that CA. Which of the following is the most efficient method to revoke these certificates?

A.Re-issue all certificates from a different issuing CA without revocation
B.Use OCSP to individually check and revoke each certificate
C.Publish a CRL from the compromised CA listing all certificates it issued
D.Revoke the compromised CA certificate and issue a new CRL from the root CA
AnswerC

Publishing a CRL from the compromised CA marks those certificates as revoked, while the CA certificate remains valid for CRL issuance.

Why this answer

The best method is to use a CRL issued by the compromised CA, marking all its unexpired certificates as revoked. Revoking the CA certificate itself invalidates all certificates issued by it, including valid ones. Distributing a new CRL from the root CA would require the root to be online.

Individual certificate revocation is inefficient.

88
MCQhard

During a security assessment, a penetration tester discovers that a smart card used for authentication is vulnerable to a timing attack. The card uses a cryptographic algorithm that has data-dependent timing variations. Which of the following algorithms is MOST likely being used on the smart card?

A.ECDSA P-384
B.SHA-256
C.AES-256-CBC
D.RSA with Chinese Remainder Theorem
AnswerD

RSA-CRT implementations often have timing variations that can be exploited to recover the private key.

Why this answer

RSA decryption (using CRT) is known to be vulnerable to timing attacks if not implemented with constant-time functions. AES is typically resistant if implemented correctly. SHA-256 is a hash function, not used for signing/decryption.

ECDSA can be vulnerable to timing attacks if not constant-time, but RSA is more commonly associated with classic timing vulnerabilities.

89
Multi-Selectmedium

An IoT device uses a Trusted Platform Module (TPM) 2.0 for secure boot and attestation. Which THREE of the following functions does the TPM provide to support these security features?

Select 3 answers
A.Accelerated symmetric encryption
B.Platform Configuration Registers (PCRs) for storing measurements
C.Hardware random number generation
D.Sealed storage that decrypts data only if PCR values match expected measurements
E.Remote attestation using TPM_Quote to sign PCR values
AnswersB, D, E

PCRs store hash measurements of boot components.

Why this answer

TPM 2.0 provides secure boot (via PCR measurement), remote attestation (via quote operation), and sealed storage (binding data to PCR values). Measured boot is a process that uses TPM to record measurements.

90
MCQmedium

A security architect is designing a new authentication system for a cloud-based application that requires strong multi-factor authentication. The solution must be resistant to phishing attacks and not rely on shared secrets. Which of the following is the BEST choice?

A.HOTP with a hardware token
B.FIDO2/WebAuthn
C.TOTP via a mobile authenticator app
D.SMS one-time passcodes
AnswerB

FIDO2/WebAuthn provides phishing-resistant, passwordless authentication using public key cryptography.

Why this answer

FIDO2/WebAuthn is a passwordless authentication protocol that uses public key cryptography and is resistant to phishing because the private key never leaves the user's device.

91
MCQmedium

A company is deploying IoT sensors in a harsh environment. The sensors have limited processing power and memory. Which of the following cryptographic algorithms is most suitable for ensuring data confidentiality with minimal overhead?

A.RSA-4096
B.ChaCha20-Poly1305
C.SHA-256
D.AES-256-GCM
AnswerB

ChaCha20 is designed for high performance in software and has low memory footprint, ideal for IoT.

Why this answer

ChaCha20-Poly1305 is a stream cipher that is fast in software, especially on devices without AES hardware acceleration, and provides authenticated encryption with low overhead.

92
MCQeasy

Which of the following certificate types is most appropriate for an organization that needs to validate the identity of individuals for email encryption and signing?

A.S/MIME certificate
B.Domain Validation (DV) certificate
C.Client authentication certificate
D.Code signing certificate
AnswerA

S/MIME certificates are used for email signing and encryption.

Why this answer

S/MIME certificates are specifically designed for securing email. Client certificates are for authentication. Code signing is for software.

DV certificates are for websites.

93
Multi-Selecthard

An organization is implementing a PKI with a three-tier hierarchy (root CA, intermediate CA, issuing CA). The security team wants to ensure that certificate revocation information is available quickly and efficiently. Which TWO mechanisms should they implement? (Select TWO.)

Select 2 answers
A.OCSP stapling
B.Delta CRLs
C.Certificate Transparency (CT) logs
D.CRL distribution points (CRL DP)
E.OCSP responders
AnswersD, E

CRLs provide a list of revoked certificates.

Why this answer

CRL and OCSP are standard revocation mechanisms. Certificate transparency (CT) logs are for auditing, not real-time revocation. Delta CRLs are more efficient for frequent updates.

OCSP stapling reduces load on OCSP responders.

94
MCQhard

During a PKI migration, the security team discovers that some internal clients do not support OCSP stapling but require online certificate status checking. Which alternative should be configured to minimize latency and ensure validity?

A.Switch to self-signed certificates to avoid revocation checking altogether.
B.Configure clients to use CRLDP with a local CRL distribution point.
C.Use a local OCSP responder to handle revocation checks within the internal network.
D.Disable CRL checking and rely on certificate expiration only.
AnswerC

A local OCSP responder reduces latency and provides timely revocation status.

Why this answer

OCSP stapling is not supported; traditional OCSP requests add latency. A locally hosted OCSP responder reduces network round trips compared to relying on external CAs.

95
Multi-Selectmedium

An organization is setting up a PKI with a three-tier hierarchy (root CA, issuing CA, and registration authority). Which TWO of the following are best practices for securing the root CA?

Select 2 answers
A.Allow the root CA to be accessible over the network for certificate requests
B.Enable CRL distribution points on the root CA
C.Use the root CA to issue end-entity certificates directly
D.Keep the root CA offline and physically secured
E.Store the root CA private key in an HSM
AnswersD, E

Offline storage prevents remote attacks.

Why this answer

The root CA should be kept offline to prevent compromise, and its private key should be stored in an HSM. The issuing CA handles day-to-day operations.

96
MCQmedium

A security analyst is configuring a TPM 2.0 for a new fleet of laptops. The requirement is to ensure that only authorized operating systems can boot and that any tampering with the boot process is detected. Which TPM feature should be used?

A.Secure boot
B.Measured boot with attestation
C.Sealed storage
D.Key attestation
AnswerB

Measured boot records boot measurements in PCRs; attestation allows verification of those measurements.

Why this answer

Measured boot records measurements of boot components in PCRs, and attestation allows a remote verifier to check these measurements. Secure boot only verifies signatures, not measurements. Sealed storage ties data to PCR values.

Key attestation is for keys.

97
MCQmedium

A security architect is designing a secure boot process for a new line of embedded devices. The boot ROM loads the bootloader, which then loads the OS kernel. To ensure that only signed code is executed, which mechanism should the bootloader use to verify the kernel?

A.Decrypt the kernel using a symmetric key stored in the boot ROM
B.Verify a digital signature on the kernel using a public key stored in the boot ROM
C.Check that the kernel file size matches the expected value
D.Compare the kernel hash against a list of known good hashes stored in the bootloader
AnswerB

Digital signature verification ensures the kernel is from a trusted source and has not been tampered.

Why this answer

The bootloader should verify a digital signature on the kernel image using a public key embedded in the boot ROM or bootloader. This ensures both integrity and authenticity of the kernel.

98
MCQmedium

An organization is moving to a passwordless authentication approach. They require a solution that supports hardware-based cryptographic authentication and is resistant to phishing. Which standard should they implement?

A.TOTP (Time-based One-Time Password)
B.SMS-based one-time codes
C.FIDO2/WebAuthn
D.Password manager with autofill
AnswerC

FIDO2 uses public-key cryptography and hardware authenticators, providing phishing resistance.

Why this answer

FIDO2/WebAuthn uses public-key cryptography and hardware authenticators to provide phishing-resistant, passwordless authentication. TOTP is not passwordless and can be phished.

99
MCQhard

During a security assessment, an analyst discovers that an HSM used for key generation is FIPS 140-2 Level 2 compliant. The organization requires a higher level of physical security to prevent tampering. Which upgrade would best address this requirement?

A.Implement a TPM 2.0 instead
B.Upgrade to FIPS 140-2 Level 4
C.Upgrade to FIPS 140-2 Level 3
D.Use a software-based key store
AnswerC

Level 3 adds tamper-evident seals and physical security requirements.

Why this answer

FIPS 140-2 Level 3 requires tamper-evident coatings and physical security mechanisms. Level 4 is even higher but may be overkill. Moving to Level 2 is same.

Level 1 has no physical security. Software-based TPM is not equivalent.

100
Multi-Selecteasy

An organization is planning to deploy digital certificates for various use cases. Which TWO of the following certificate types are typically used for email security?

Select 2 answers
A.Client certificates
B.Code signing certificates
C.Extended validation (EV) certificates
D.S/MIME certificates
E.Domain-validated (DV) certificates
AnswersA, D

Client certificates can be used for email authentication and signing.

Why this answer

S/MIME certificates are specifically used for secure email (encryption and signing). Client certificates can also be used for email authentication (e.g., in some setups). Code signing is for software, DV/OV/EV are for websites.

101
MCQeasy

A company requires a cryptographic hash function for integrity verification of large files. The solution must be resistant to length extension attacks and provide high performance. Which of the following is the best choice?

A.BLAKE3
B.SHA-256
C.SHA-3
D.MD5
AnswerC

SHA-3 is resistant to length extension attacks and is a NIST standard.

Why this answer

SHA-3 is not vulnerable to length extension attacks and offers good performance. SHA-256 is vulnerable to length extension. BLAKE3 is fast but less standardized.

MD5 is broken and insecure.

102
Multi-Selectmedium

A security architect is designing a secure OTA update mechanism for IoT devices. Which TWO features are essential to ensure the integrity and authenticity of firmware updates?

Select 2 answers
A.Firmware encryption with AES-256-CTR
B.Secure boot chain that verifies the signature of the update before installation
C.Use of a hardware security module (HSM) on the device for key storage
D.Compression of the firmware image to reduce transfer size
E.Digital signature using ECDSA P-384
AnswersB, E

Secure boot ensures that only signed updates are installed.

Why this answer

Digital signatures ensure authenticity and integrity; a secure boot chain verifies the signature before executing the update, preventing unauthorized firmware.

103
MCQmedium

A security analyst is reviewing TLS 1.3 configuration for a web server. The analyst wants to ensure that the configuration provides forward secrecy and prevents the reuse of session keys. Which of the following is a characteristic of TLS 1.3 that supports these goals?

A.0-RTT session resumption
B.Support for static RSA key exchange
C.Use of ephemeral Diffie-Hellman key exchange
D.Removal of CBC mode cipher suites
AnswerC

Ephemeral Diffie-Hellman ensures that session keys are not derived from long-term keys, providing forward secrecy.

Why this answer

TLS 1.3 mandates ephemeral Diffie-Hellman key exchange (ECDHE or DHE), which provides forward secrecy by generating unique session keys for each session.

← PreviousPage 2 of 2 · 103 questions total

Ready to test yourself?

Try a timed practice session using only Casp Engineering Crypto questions.

CCNA Casp Engineering Crypto Questions — Page 2 of 2 | Courseiva