Quiz: Cryptography Fundamentals

A 27-question self-check covering the chapter's primitives, their guarantees, and the failures a defender must recognize. Several questions are tagged with the certification domain they map to — [Sec+] for CompTIA Security+ and [CISSP] for the (ISC)² CISSP — so certification candidates can self-assess. Answers and one-line explanations are at the end; try the whole quiz before checking.

Section 1 — Multiple choice (1 pt each)

1. [Sec+] Which encryption type uses a single shared key for both encryption and decryption? A. asymmetric B. symmetric C. public-key D. hashing

2. [Sec+] Which symmetric mode is unsafe because identical plaintext blocks produce identical ciphertext blocks? A. GCM B. CBC C. ECB D. CTR

3. [CISSP] Which guarantee is provided by a digital signature but not by an HMAC? A. confidentiality B. integrity C. authenticity D. non-repudiation

4. [Sec+] What problem does asymmetric (public-key) encryption primarily solve that symmetric encryption does not? A. speed B. the key-distribution problem C. data-at-rest encryption D. hashing

5. Which algorithm should you use for general-purpose symmetric encryption today? A. DES B. 3DES C. AES D. RC4

6. [Sec+] Which of these is broken for security use because collisions can be deliberately constructed? A. SHA-256 B. SHA-3 C. SHA-1 D. AES-256

7. Approximately what RSA key size offers security comparable to a 256-bit ECC key? A. 256-bit B. 1024-bit C. 3072-bit D. 16,384-bit

8. [Sec+] What is the primary purpose of a salt in password storage? A. to encrypt the password B. to make storage faster C. to defeat precomputed (rainbow-table) attacks and make identical passwords hash differently D. to provide non-repudiation

9. Why is SHA-256 a poor choice for storing passwords? A. it is reversible B. it is too slow C. it is fast, enabling rapid brute force D. it cannot be salted

10. [CISSP] In a PKI, what does a certificate authority (CA) actually provide? A. encryption of all traffic B. a trusted, signed binding between a public key and an identity C. a backup of private keys D. faster hashing

11. [Sec+] Which standard format is used for public-key certificates? A. PKCS#7 B. X.509 C. PEM-only D. ASN.0

12. "Hybrid encryption" (as in TLS) means: A. using two ciphers in sequence B. asymmetric to exchange a symmetric key, then symmetric to encrypt the data C. encrypting twice with the same key D. hashing then encrypting

13. [CISSP] A reused or predictable nonce during ECDSA signing can result in: A. a slower handshake B. disclosure of the private key C. a larger certificate D. nothing, nonces are public

14. The most common self-inflicted PKI outage is caused by: A. a brute-forced key B. an expired certificate nobody was tracking C. ECB mode D. a weak salt

Section 2 — True / False with justification (1 pt each)

For each, mark T or F and give a one-sentence reason.

15. "Encryption guarantees that data cannot be altered without detection."

16. [Sec+] "Because the algorithms are public, AES and SHA-256 are insecure."

17. "A salt must be kept secret, like the password hash itself."

18. "A valid digital signature proves the signed software is safe to install."

19. [Sec+] "You should implement your own encryption algorithm when a project has unusual security needs."

Section 3 — Fill in the blank (1 pt each)

20. Data encrypted with a recipient's _ key can only be decrypted with the matching _ key.

21. [Sec+] A deliberately slow, memory-hard, password-specific hashing algorithm such as __ or bcrypt should be used to store passwords.

22. An _ mixes a shared secret key into a hash to provide authenticity, while a _ uses a private key to additionally provide non-repudiation.

23. Trust in a server's certificate flows up a _ of trust from intermediate certificates to a pre-installed _ certificate.

Section 4 — Short answer (2 pts each)

24. [CISSP] Explain in two or three sentences why "essentially every real-world cryptographic failure is a failure of implementation, configuration, or operation rather than broken mathematics." Give two concrete examples of such failures.

25. Distinguish, in two or three sentences, when you would use an HMAC versus a digital signature. Name one system that uses each.

26. A developer plans to use the language's default random() function to generate AES keys. Explain what is wrong and what they should use instead, and why the encryption is unsafe even though AES itself is unbroken.

Section 5 — Applied scenario (5 pts)

27. [Sec+] Meridian must protect an export of the cardholder data environment that lives on a file server. (a) Recommend a specific symmetric algorithm, key size, and mode, and justify the mode choice. (b) State where the encryption key must not be stored and where it should be, in principle. (c) Name the residual risk that remains even with perfect encryption, and tie it to a concept from §4.1.

Answer Key

Click to reveal answers and explanations 1. **B** — symmetric uses one shared key. 2. **C** — ECB leaks patterns; identical plaintext → identical ciphertext. 3. **D** — only a signature (private key the signer alone holds) gives non-repudiation. 4. **B** — the key-distribution problem (no shared secret to transmit). 5. **C** — AES; the others are deprecated/broken. 6. **C** — SHA-1 (collisions demonstrated); MD5 too, but SHA-1 is the listed broken option here. 7. **C** — ECC-256 ≈ RSA-3072. 8. **C** — salts defeat precomputation and make identical passwords differ. 9. **C** — SHA-256 is fast by design, enabling rapid offline brute force. 10. **B** — a CA signs a binding between a public key and an identity. 11. **B** — X.509. 12. **B** — asymmetric to exchange a symmetric key, then symmetric for the bulk data. 13. **B** — nonce reuse/predictability in ECDSA leaks the private key. 14. **B** — expired, untracked certificates. 15. **F** — encryption provides confidentiality, not integrity; an integrity mechanism (MAC/authenticated encryption) is required to detect tampering. 16. **F** — public algorithms are secure *because* of open scrutiny (Kerckhoffs); the secret is the key, not the algorithm. 17. **F** — a salt need not be secret; its value is *uniqueness*, which defeats precomputation. 18. **F** — a valid signature proves a *key* signed it, not that the intent was legitimate; a compromised signing key produces valid signatures on malware. 19. **F** — never roll your own crypto; use vetted standard libraries and algorithms. 20. public; private. 21. Argon2 (or scrypt). 22. HMAC; digital signature. 23. chain; root. 24. Modern algorithms are effectively unbreakable, so attackers exploit *how they are used*: rolling your own crypto, weak/deprecated algorithms (MD5, ECB, RSA-1024), bad randomness, nonce reuse, key-management lapses (hard-coded or co-located keys), and encryption without integrity. Examples: a key hard-coded in a Git repo; unsalted MD5 password storage. 25. Use an **HMAC** for fast authenticity with a *shared* secret between two trusting parties (e.g., authenticating API requests/session tokens); use a **digital signature** when you need to prove a single, undeniable origin (e.g., software-update/code signing, certificates). 26. The default `random()` is a non-cryptographic PRNG and may be predictable (especially if seeded from a guessable value); a predictable key lets an attacker reproduce it, defeating the encryption even though AES is unbroken. Use a CSPRNG (`secrets`, `/dev/urandom`, platform CSPRNG). 27. (a) AES-256 in GCM (authenticated) mode — GCM adds integrity/authenticity so tampering is detected, not silently decrypted. (b) The key must *not* be stored on the same server beside the data (stealing the data would steal the key) or hard-coded in code/config; it should live in separate, access-controlled key storage with least-privilege access (and ideally hardware-protected — Chapter 5). (c) Residual risk: encryption does not stop an attacker who compromises an *authorized* account/credential that can decrypt, nor protect data *in use* in memory — encryption protects against theft of ciphertext, not theft of access (§4.1). **Topics to review by question:** missed 1–5, 12 → §4.2–4.3; 6, 9, 21 → §4.4; 3, 13, 22, 25 → §4.5; 10, 11, 14, 23 → §4.6; 8, 17 → §4.4; 15, 16, 18, 19, 24, 26 → §4.1 + §4.7; 27 → §4.2 + §4.7.