Module quiz: Cryptography :Cybersecurity Threat Vectors and Mitigation (Microsoft Cybersecurity Analyst Professional Certificate) Answers 2025
1. Asymmetric encryption uses a shared secret key.
❌ True
✅ False
Explanation:
Asymmetric encryption uses public + private key pairs, not a shared key.
2. What is AES?
✅ AES is a symmetric encryption algorithm that encrypts data in blocks using the same key for encryption and decryption.
❌ Asymmetric
❌ Outdated
3. Encryption tool combining symmetric + asymmetric encryption
❌ BitLocker
❌ VPN
✅ PGP (Pretty Good Privacy)
4. RSA is based on even numbers
❌ True
✅ False
**RSA relies on the difficulty of factoring large prime numbers, not even numbers.
5. Most secure hashing algorithm listed
✅ SHA-256
❌ MD5
❌ Salting (not a hashing algorithm)
6. Digital signatures = digital certificates
❌ True
✅ False
Explanation:
Signatures verify sender integrity & authenticity.
Certificates bind a public key to an identity.
7. SSL certificates used only for e-commerce websites
❌ True
✅ False
SSL/TLS secures any HTTPS website, APIs, email servers, etc.
8. Key benefit of signed URLs
✅ Increased security by requiring a valid signature to access protected resources
❌ Sharing secret keys
❌ Unlimited access
9. Difference between authentication vs authorization
✅ Authentication = identity verification; Authorization = what you’re allowed to access
❌ Synonymous
❌ Reversed definitions
10. Microsoft Identity Platform does NOT support SSO
❌ True
✅ False
It does support SSO (single sign-on).
🧾 SUMMARY TABLE
| Q# | Correct Answer |
|---|---|
| 1 | False |
| 2 | AES = symmetric block encryption |
| 3 | PGP |
| 4 | False |
| 5 | SHA-256 |
| 6 | False |
| 7 | False |
| 8 | Requires valid signature |
| 9 | Auth = identity; Authorization = access rights |
| 10 | False |