Module 2 challenge: Pelcgbybtl (Cryptology):IT Security: Defense against the digital dark arts(Google IT Support Professional Certificate) Answers:2025
Question 1
The logic used to convert plaintext into ciphertext is called a(n) ______.
✅ Encryption algorithm
❌ Integrity check
❌ Permutation
❌ Data protection standard
Explanation:
An encryption algorithm is the mathematical process that converts readable data (plaintext) into unreadable form (ciphertext) using a key.
Question 2
How can you make a symmetric encryption key more difficult to break?
✅ Increase the length of the key.
❌ Use it fewer times
❌ Use an initialization vector
❌ Make the key smaller
Explanation:
A longer key increases the total number of possible combinations, making brute-force attacks exponentially harder.
Question 3
Which of the following are necessary components for encryption and decryption operations when using an asymmetric encryption system?
✅ Private key
✅ Public key
❌ Digest
❌ Public key signature
Explanation:
Asymmetric encryption uses two keys:
-
Public key (for encryption)
-
Private key (for decryption).
This pair ensures confidentiality and authenticity between sender and receiver.
Question 4
In which scenarios is symmetric encryption better than asymmetric encryption?
✅ Encrypting and decrypting a large amount of data
✅ Communications over a trusted network
❌ Over untrusted networks
❌ When you need digital signatures
Explanation:
Symmetric encryption is faster and more efficient, so it’s ideal for large or internal data transfers where both parties can safely share a single secret key.
Question 5
Which are true of an ideal hash function?
✅ Maps any amount of data to an output of fixed size
✅ A change in input is not correlated with the resulting change in output
✅ They are deterministic
❌ Can recover plaintext from hash
Explanation:
A hash function should:
-
Always produce the same output for the same input (deterministic)
-
Produce fixed-size outputs
-
Be impossible to reverse
-
Have outputs that look random even with small input changes (avalanche effect).
Question 6
Why have experts recommended replacing SHA1 with SHA2 or SHA3?
✅ Attacking SHA1 hashes is expensive, but cost is decreasing
✅ A full hash collision of SHA1 has been published
✅ SHA1 collisions used to forge digital certificates
❌ Attacking SHA1 is easy and requires little power
Explanation:
SHA1 is deprecated because:
-
Collisions are feasible with modern computing power
-
Real-world certificate forgeries have occurred
→ SHA2/SHA3 provide stronger, collision-resistant hashing.
Question 7
In TLS, a client validates a server’s certificate by checking that it:
✅ Is trusted
✅ Is for the correct host name
❌ Supports the correct TLS version
❌ Lists the shared secret
Explanation:
During the TLS handshake, the client verifies that:
-
The certificate comes from a trusted Certificate Authority (CA)
-
The certificate’s host name matches the domain being accessed.
Question 8
____ is a system that defines the creation, storage, and distribution of digital certificates.
✅ PKI (Public Key Infrastructure)
❌ CA
❌ TLS
❌ VPN
Explanation:
PKI manages the entire lifecycle of digital certificates — creation, validation, and revocation — using Certificate Authorities (CAs) and registration authorities.
Question 9
Using an asymmetric cryptosystem provides which benefits?
✅ Authenticity
✅ Confidentiality
✅ Non-repudiation
❌ Hashing
Explanation:
Asymmetric encryption ensures:
-
Confidentiality (public key encrypts, private key decrypts)
-
Authenticity (verifies sender identity)
-
Non-repudiation (sender cannot deny sending a signed message).
Question 10
How does AES GCM operate?
✅ It generates sequentially numbered ciphertext blocks by encrypting an incrementing counter.
❌ Combines multiple algorithms
❌ Uses chaining
❌ Fixed IV stream cipher
Explanation:
AES-GCM (Galois/Counter Mode) uses a counter mode to encrypt each block with a unique counter value, providing both confidentiality and integrity through built-in authentication tags.
🧾 Summary Table
| Q# | ✅ Correct Answer | Concept |
|---|---|---|
| 1 | Encryption algorithm | Converts plaintext → ciphertext |
| 2 | Increase key length | Strengthens symmetric encryption |
| 3 | Public & Private key | Asymmetric encryption components |
| 4 | Large data, trusted network | When symmetric encryption is ideal |
| 5 | Fixed size, avalanche, deterministic | Ideal hash function properties |
| 6 | SHA1 collisions, weakening | Reasons to move to SHA2/SHA3 |
| 7 | Trusted, correct hostname | TLS certificate validation |
| 8 | PKI | Digital certificate system |
| 9 | Authenticity, Confidentiality, Non-repudiation | Benefits of asymmetric cryptography |
| 10 | Counter mode encryption | AES GCM operation |