Graded Quiz: Cryptography: Principles and Techniques :Penetration Testing, Threat Hunting, and Cryptography (IBM Cybersecurity Analyst Professional Certificate) Answers 2025
1. Question 1 — Symmetric Encryption Characteristic
-
✅ Uses the same key for both encryption and decryption
-
❌ Slower than asymmetric
-
❌ Requires certificate
-
❌ Uses two keys
Explanation:
Symmetric encryption always uses one shared key.
2. Question 2 — Why asymmetric is secure for key distribution
-
❌ Single key
-
✅ Uses separate public and private keys
-
❌ Faster
-
❌ No keys required
Explanation:
The public key can be openly shared without risking decryption.
3. Question 3 — RSA security foundation
-
❌ Speed
-
❌ Single key
-
✅ Difficulty of factoring large composite numbers
-
❌ Use of prime numbers
Explanation:
RSA security relies on the fact that factoring huge composite numbers is computationally infeasible.
4. Question 4 — Attack trying all key combinations
-
❌ Chosen ciphertext
-
❌ MitM
-
✅ Brute-force attack
-
❌ Dictionary attack
Explanation:
Brute-force = exhaustively testing every possible key.
5. Question 5 — Dictionary attack weakness
-
❌ Only works with symmetric
-
✅ It only works if the password is a common word
-
❌ Slower than brute-force
-
❌ Requires real-time access
Explanation:
Dictionary attacks rely on lists of common passwords.
6. Question 6 — Why MitM attacks are dangerous
-
✅ Attackers can intercept and alter communication
-
❌ Require brute force
-
❌ Require physical access
-
❌ Impossible to detect
Explanation:
MitM attackers can read AND modify messages secretly.
7. Question 7 — Pattern detection in ciphertext
-
❌ Known plaintext
-
✅ Linear cryptanalysis
-
❌ Differential cryptanalysis
-
❌ Timing attacks
Explanation:
Linear cryptanalysis studies linear patterns in encrypted data.
8. Question 8 — Good key management practice
-
❌ Store keys in plain text
-
❌ Reuse same key for many apps
-
✅ Implement access controls for key retrieval
-
❌ Share keys via email
Explanation:
Keys must be securely stored and access-controlled.
9. Question 9 — What hash function does
-
❌ Encrypts
-
✅ Generates fixed-size output from input data
-
❌ Compresses
-
❌ Stores data
Explanation:
Hashing is a one-way function producing a fixed-length digest.
10. Question 10 — Digital signature purpose
-
✅ Verify authenticity and integrity
-
❌ Compress data
-
❌ Encrypt whole message
-
❌ Generate random keys
Explanation:
Digital signatures confirm who sent the message and that it wasn’t altered.
🧾 Summary Table
| Q | Correct Answer | Key Concept |
|---|---|---|
| 1 | Same key for enc/dec | Symmetric encryption |
| 2 | Public/private keys | Asymmetric distribution |
| 3 | Factoring difficulty | RSA security |
| 4 | Brute-force attack | Try all keys |
| 5 | Common words only | Dictionary attack weakness |
| 6 | Intercept & alter | MitM danger |
| 7 | Linear cryptanalysis | Pattern analysis |
| 8 | Access controls | Key management |
| 9 | Fixed-size hash | Hash function |
| 10 | Auth + integrity | Digital signatures |