270 Chapter 11 ■ Practice Test 3
- Mike would like to send Renee a private message using the information gained during this
exchange. What key should he use to encrypt the message?
A. Renee’s public key
B. Renee’s private key
C. CA’s public key
D. CA’s private key - Which one of the following tools may be used to directly violate the confidentiality of
communications on an unencrypted VoIP network?
A. Nmap
B. Nessus
C. Wireshark
D. Nikto - How does single sign-on increase security?
A. It decreases the number of accounts required for a subject.
B. It helps decrease the likelihood that users will write down their passwords.
C. It provides logging for each system that it is connected to.
D. It provides better encryption for authentication data. - Which one of the following cryptographic algorithms supports the goal of nonrepudiation?
A. Blowfish
B. DES
C. AES
D. RSA - Microsoft’s STRIDE threat assessment framework uses six categories for threats: Spoof-
ing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of
Privilege. If a penetration tester is able to modify audit logs, what STRIDE categories best
describe this issue?
A. Tampering and information disclosure
B. Elevation of privilege and tampering
C. Repudiation and denial of service
D. Repudiation and tampering - RIP, OSPF, and BGP are all examples of protocols associated with what type of network
device?
A. Switches
B. Bridges
C. Routers
D. Gateways