3.2.5 Cryptography Implementation

Which form of cryptography is BEST suited for bulk encryption because it is so fast?

Symmetric key cryptography

You are a cybersecurity manager at a financial institution. Your team is responsible for managing the cryptographic keys used for secure transactions.

Recently, there has been an increase in attempted cyber attacks on your institution.

Which of the following key management strategies would be MOST effective in maintaining the security of your cryptographic keys under these circumstances?

You decide to set an expiration date for all current keys and inform users that they will need to renew their keys after this date.

A cyber technician reduces a computer's attack surface by installing a cryptoprocessor that a plug-in PCIe adaptor card can remove.

What type of cryptoprocessor can support this requirement?

HSM

You are a cybersecurity analyst at a large corporation. Your team has been tasked with securing sensitive data within the company's database. One of the strategies you are considering is obfuscation.

Which of the following scenarios would be the most appropriate application of obfuscation?

You use obfuscation to hide employee personal data within a database field by substituting character strings with x.

You are a cybersecurity architect at a tech company that is developing a new mobile payment application. The application will handle sensitive user data including credit card information and personal identification numbers (PINs).

Which of the following strategies would best leverage the concept of secure enclaves to protect this sensitive data?

You decide to store all sensitive data in a secure enclave on each user's device, accessible only with the user's unique PIN.

As a cybersecurity expert, you are tasked with implementing a secure enclave in your company's new mobile banking application.

Which of the following statements best describes the primary function and benefit of a secure enclave in this context?

A secure enclave is a separate, isolated environment within the device's processor where sensitive data can be securely stored and processed.

Combining encryption with steganography involves several steps.

From the list on the left, drag a description of a step or result in this process to the correct order on the right.

Step 1:

Encrypt plaintext with a private key to generate ciphertext.

Step 2:

The ciphertext is hidden inside of a media file, such as an image, using steganography.

Step 3:

The recipient extracts the ciphertext and decrypts it using the matching public key.

Step 4:

Anyone intercepting the message would have to know its there before being able to decrypt it.

What is the main function of a TPM hardware chip?

Generate and store cryptographic keys

Which of the following functions are performed by a TPM?

Create a hash of system components

A cyber security analyst wants to reduce the attack surface for a computer that contains top secret data. The analyst installs a cryptoprocessor as a module within the central processing unit (CPU) on the designated computer to accomplish this.

What type of cryptoprocessor is the analyst installing?

TPM