var quiz = {
questions : [
{
text : 'Julius Caesar constructed his own encryption method to hide data during transmission or while being stored. The Caesar Cipher works in which of the following ways?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Each letter in the alphabet is replaced with a letter three places beyond it.',
'B. Letters are randomly scrambled.',
'C. The message itself consists of clues to recover from different places in the physical world.',
'D. Replaces letters of the alphabet with letters 13 characters beyond it.'
],
answer : 0,
score : 1,
expandedAnswer : '
\nJulius Caesar created one of the earliest forms of encryption. The Caesar cipher shifts letters of the alphabet three spaces forward, thus disguising the original message into an unrecognizable text string. Although this substitution-type of encryption technique is simplistic compared to today\'s cryptography, in those days many people could not read in the first place. ROT-13 is a cipher that shifts letters of the alphabet 13 places forward. Transposition ciphers scramble text, and a running key cipher uses clues in the outside world.',
moreInfo : ''
},
{
text : 'PKI and PGP can provide similar functionality, but a PKI provides an actual framework for an environment to work within. They also use different trust structures. Which of the following best describes PGP\'s trust structure?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Certificate authorities',
'B. Web of trust',
'C. PACs',
'D. Hierarchical'
],
answer : 1,
score : 1,
expandedAnswer : '
\nPretty Good Privacy (PGP) is a security program focused on protecting e-mail messages. It uses public key encryption by implementing a "Web of trust" among users. In contrast to certificate authorities, which control the levels of trust, PGP allows users to sign each other\'s public keys, thus developing a trusted network. PKI uses a hierarchical trust structure instead of a horizontal structure.',
moreInfo : ''
},
{
text : 'Secure Socket Layer (SSL) is the most common protocol that\'s used for secure Internet transactions. Which of the following is not a characteristic of SSL?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Originally developed by Netscape',
'B. Protects both the message and communication channel over the Internet via VPN service',
'C. Provides encryption, message integrity and server authentication',
'D. Uses public key encryption'
],
answer : 1,
score : 1,
expandedAnswer : '
\nSecure Sockets Layer (SSL) provides data encryption over the Internet. Although it provides encryption while the message is being sent, it does not secure the data once it\'s received and decrypted. Also, it doesn\'t provide a true VPN service by protecting header information. SSL uses public key encryption and was developed originally by Netscape. Along with encryption and message integrity, SSL also ensures server authentication and optional client authentication.',
moreInfo : ''
},
{
text : 'In a 64-bit Data Encryption Algorithm (DEA) key, how many bits make up the true key and how many bits make up parity?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. 16 + 48 for parity',
'B. 48 + 16 for parity',
'C. 64 and no parity',
'D. 56 + 8 for parity'
],
answer : 3,
score : 1,
expandedAnswer : '
\nDES uses a 64-bit key. The true key consists of 56 bits and parity accounts for 8 bits. DES is a block symmetric algorithm that has four distinct operating modes: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB) and Output Feedback (OFB). DES is really a standard and not an algorithm, although we commonly referred to the algorithm as DES. The algorithm that\'s used in DES is DEA, thus has the same characteristics of DES.',
moreInfo : ''
},
{
text : 'DES has gone through different generations: DES, Double DES, 3DES. 3DES is how much stronger than DES?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. 2 exponent 56',
'B. 2 exponent 3',
'C. 3',
'D. 192'
],
answer : 0,
score : 1,
expandedAnswer : '
\nTriple DES (3DES) improves upon both DES and Double DES. DES uses a true key size of 56-bit key and Double DES uses a 112-bit key. Both have the same work-factor necessity to break them. 3DES, on the other hand, uses 48 rounds of computation and is 2 to 56th power stronger than DES, meaning that three rounds of encryption are used. It is highly resistant to attacks, but requires significantly more overhead than its predecessors. Some 3DES uses two keys instead of three, but this is the best answer of the four.',
moreInfo : ''
},
{
text : 'Which is not true of the Advanced Encryption Standard (AES)?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. It was developed to replace DES.',
'B. It uses key sizes of 64, 128 and 192.',
'C. It is a block symmetric cipher.',
'D. It uses the algorithm Rijndael.'
],
answer : 1,
score : 1,
expandedAnswer : '
\nAES was developed to improve upon DES\'s security and flexibility. It uses 128-bit, 192-bit and 256-bit keys. Rijndael, a block symmetric cipher created by Vincent Rijmen and Joan Daemen, was selected as the new AES algorithm.',
moreInfo : ''
},
{
text : 'Different types of algorithms use different types of mathematics. The more complex the mathematics are, the more resources that are required for computation. Which asymmetric algorithm is the most efficient requiring the fewest resources?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. RSA',
'B. ECC',
'C. Blowfish',
'D. IDEA'
],
answer : 1,
score : 1,
expandedAnswer : '
\nElliptic Curve Cryptosystems (ECC) is the most efficient of the asymmetric algorithms. It uses elliptic curve properties to combine group and rule information, which requires fewer resources than the other methods.',
moreInfo : ''
},
{
text : 'Which is the 128-bit algorithm that was accepted for the DES standard?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Skipjack',
'B. Data Encryption Algorithm',
'C. Lucifer',
'D. RSA'
],
answer : 2,
score : 1,
expandedAnswer : '
\nIn 1974, IBM created Lucifer, which would eventually become the Data Encryption Standard (DES). DES absorbed significant controversy pertaining to speculation that the NSA weakened the algorithm in order to have more control at breaking the code. However, it remained the primary encryption standard for many years until it was cracked in the late 1990s. This led to the creation of Advanced Encryption Standard (AES). Lucifer was accepted and the key size was reduced from 128-bit to 64-bit and renamed the Data Encryption Algorithm (DEA).',
moreInfo : ''
},
{
text : 'Which of the following is not true of RSA?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Was accepted as the new Advanced Encryption Standard in the late 1990s',
'B. Can be used for encryption and digital signatures',
'C. Can be used for key exchange',
'D. Developed at MIT by Ron Rivest, Adi Shamir, and Leonard Adleman'
],
answer : 0,
score : 1,
expandedAnswer : '
\nRSA is the de facto standard and most widely used asymmetric algorithm today. The strength of RSA comes from factoring large numbers into their original prime numbers. It performs encryption, digital signatures and key exchange. It works well in Web browsers with the Secure Sockets Layer (SSL) protocol. RSA is named after its MIT inventors, Ron Rivest, Adi Shamir, and Leonard Adelman. The Advanced Encryption Standard (AES) algorithm uses Rijndael, a symmetric encryption system.',
moreInfo : ''
},
{
text : 'Which of the following algorithms was not considered by NIST when determining the algorithm that was to be used for the new AES in 1997?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Twofish',
'B. MARS',
'C. Rinjdael',
'D. El Gamal'
],
answer : 3,
score : 1,
expandedAnswer : '
\nThe Advanced Encryption Standard (AES) uses a symmetric block algorithm. El Gamal is a public key (asymmetric) encryption system, and thus was not considered for the advanced standard. El Gamal is similar to RSA; however, it utilizes discrete logarithms in a finite field.',
moreInfo : ''
},
{
text : 'An attacker who has access to a large section of ciphertext, then determines which part of it is to be decrypted, and ultimately has access to the resulting plaintext has performed what type of attack?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Chosen-ciphertext',
'B. Known-plaintext',
'C. Chosen-plaintext',
'D. Ciphertext-only'
],
answer : 0,
score : 1,
expandedAnswer : '
\nChosen-ciphertext attacks have the highest probability of the encryption being cracked. In this type of attack, the intruder must capture a large portion of the ciphertext and then must be able to choose which parts of it are decrypted. That section of text is transformed into plaintext. This translation is then analyzed in an attempt to identify the key that was used in the encryption process.',
moreInfo : ''
},
{
text : 'In 1976, Diffie and Hellman introduced what cryptography technology?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Electronic key distribution',
'B. Digital signatures',
'C. Symmetric key encryption',
'D. 256-bit key encryption capabilities'
],
answer : 0,
score : 1,
expandedAnswer : '
\nThe Diffie-Hellman key exchange was created as a way of exchanging public keys and generating a session key without needing to set up a prior relationship. This technology does not handle any form of data encryption; rather it\'s simply a method of exchanging keys. Diffie and Hellman created the first asymmetric algorithm.',
moreInfo : ''
},
{
text : 'A secret key that\'s used for data encryption only one time is called a __________.',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Public key',
'B. Asymmetric key',
'C. Key exchange',
'D. Session key'
],
answer : 3,
score : 1,
expandedAnswer : '
\nA session key improves security, because it\'s used only once per transmission. If a session key wasn\'t used, users would apply the same symmetric key for every message sent. Over time, attackers would be more likely to uncover this key. However, new session keys are generated each time a transmission is initiated, which provides a higher level of protection.',
moreInfo : ''
},
{
text : 'Which key knows the trapdoor that allows for decryption to take place?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. Session key',
'B. Public key',
'C. Private key',
'D. Asymmetric key'
],
answer : 2,
score : 1,
expandedAnswer : '
\nA trapdoor one-way function applies the concept of factoring numbers into their original prime numbers. Public keys encrypt a message with a built-in, one-way function. This function is referred to as a one-way function because it\'s relatively simple to encrypt, but much more difficult to decrypt without knowing the correct trapdoor. A private key, however, knows the code of the trapdoor, and is able decrypt the message.',
moreInfo : ''
},
{
text : 'A fixed-length value used as a message fingerprint is called a __________.',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A. MAC',
'B. Hash value',
'C. Message value',
'D. Digital signature'
],
answer : 1,
score : 1,
expandedAnswer : '
\nA one-way hash is a function that changes a variable length text string into a fixed length value or hash value. This process creates a fingerprint of the message, which in turn is used to ensure the integrity of the message. One-way hashing does not use keys. If the outgoing message needs confidentiality, a key would be needed to encrypt the message itself. If a symmetric key was not going to be used for encryption, but instead for data origin authentication, this is referred to as a MAC.',
moreInfo : ''
}
]
};