1.  Public keys are shared, usually by using _____ certificates
    A.     public key
    B.     private key
    C.     symmetric
    D.     root

2.  _____ is a type of certificate that starts with an asterisk (*). It can be used for multiple domains, but the root domain remains the same.
    A.     Self-signed
    B.     Machine/computer certificate
    C.     Code signing
    D.     Wildcard

3.  _____ is a type of certificate that can be used to validate executable applications or scripts.
    A.     Wildcard
    B.     SAN
    C.     Code signing
    D.     Self-signed

4.  What type of encoding is used for a DER formatted X.509 certificate?
    A.     BASE64 ASCII
    B.     binary
    C.     P7B
    D.     PEM

5.  _____ is NOT another name for a certificate.
    A.     identity certificate
    B.     public key certificate
    C.     digital certificate
    D.     cipher certificate

6.  For convenience, we may want to use _____ to request certificates.
    A.     pinning
    B.     an online CA
    C.     an offline CA
    D.     OCSP stapling

7.  After a certain amount of time, most digital certificates _____.
    A.     become private
    B.     become public
    C.     expire
    D.     remain valid

8.  To reduce network traffic and to check to see if a certificate is good, revoked, or unknown, we may want to use _____. The certificate has a timestamped OCSP response digitally signed by the CA (Certificate Authority).
    A.     OCSP stapling
    B.     pinning
    C.     CSR
    D.     CRL

9.  If the private key encrypts data, only the matching _____ decrypts the data
    A.     private key
    B.     public key
    C.     certificate
    D.     PKI

10.  Unlike a Certification Authority (CA), a/an _____ does not issue certificates.
    A.     Registration Authority (RA)
    B.     Web of trust
    C.     Key escrow
    D.     Public key

11.  What is hiding data in other data?
    A.     obfuscation
    B.     salting
    C.     encryption
    D.     hashing

12.  What is high resiliency?
    A.     unauthorized people cannot access the data
    B.     even if the attacker gets part of the key, the encryption key is still secure
    C.     hiding data in other data
    D.     proves that data has not been changed

13.  What is quantum communication?
    A.     cannot copy data in a quantum state without changing the data
    B.     the value of the qubits can depend on the value of other entangled qubits
    C.     the qubits can be in more than one state at the same time (zero and one)
    D.     digital communication using photos to send data over fiber-optic lines

14.  What is entanglement?
    A.     the qubits can be in more than one state at the same time (zero and one)
    B.     the value of the qubits can depend on the value of other entangled qubits
    C.     digital communication using photos to send data over fiber-optic lines
    D.     cannot copy data in a quantum state without changing the data

15.  What is NOT provided by cipher suites?
    A.     Confidentiality
    B.     Authentication
    C.     Integrity
    D.     Authorization

16.  Which is NOT an example of lightweight cryptography?
    A.     AES
    B.     CLEFIA
    C.     PRESENT
    D.     LEA

17.  What is a number combined with the plaintext to get the ciphertext, or combined with the ciphertext to get the plaintext?
    A.     Ciphertext
    B.     Cipher
    C.     Key
    D.     Cleartext

18.  What are two cryptography technologies used in blockchain technology?
    A.     encryption and decryption
    B.     digital signatures and hashing
    C.     digital signatures and encryption
    D.     hashing and salting

19.  What is a record-keeping system that prevents changes without authorization?
    A.     public ledger
    B.     salting
    C.     cipher suite
    D.     digital signature

20.  _____ is a fast cipher mode when run on multiprocessor machines. It combines an IV and a counter to encrypt each block.
    A.     ECB
    B.     GCM
    C.     CBC
    D.     CTR

21.  What kind of devices do NOT use lightweight cryptography?
    A.     smart cards
    B.     desktop computers
    C.     IoT devices
    D.     RFID tags

22.  Which of the following is a strong, symmetric encryption algorithm that is in the public domain? It uses a key of 32 to 448 bits.
    A.     DES
    B.     AES
    C.     PGP
    D.     Blowfish

23.  _____ is an arbitrary number used just once in a cryptographic algorithm.
    A.     Message digest
    B.     Cipher
    C.     Key
    D.     Nonce

24.  What is a distinguishing feature of all weak algorithms?
    A.     they output a message digest
    B.     they use public and private keys
    C.     they are easy to crack
    D.     they take more processing power than other cryptographic algorithms

25.  _____ is an asymmetric encryption algorithm that is strong. It uses elliptic curves to calculate public and private keys.
    A.     DHE
    B.     PGP
    C.     RSA
    D.     ECC

26.  Before storing a password, some random data is added to the password. A hash is taken of the password and the random data. The message digest is stored in a file. What is this an example of?
    A.     salting
    B.     integrity
    C.     obfuscation
    D.     collision

27.  What is data that will not be encrypted and was never decrypted?
    A.     Ciphertext
    B.     Key
    C.     Plaintext
    D.     Cleartext

28.  A cipher uses a public key to convert plaintext into ciphertext. It is possible to convert this ciphertext back to the original plaintext by using the matching private key and the same cipher again. What type of algorithm is this?
    A.     symmetric encryption
    B.     hashing
    C.     asymmetric encryption
    D.     key exchange

29.  How do we support data integrity?
    A.     by salting passwords
    B.     by using encryption
    C.     by using hashing
    D.     by using obfuscation

30.  How do we support data confidentiality?
    A.     by salting passwords
    B.     by using hashing
    C.     by using digital signatures
    D.     by using encryption

31.  What kind of devices are constrained to using cryptography algorithms that use minimum processing power and storage space?
    A.     Desktop computers
    B.     Laptops
    C.     Small devices
    D.     Severs

32. _____ is strong encryption software. It is used to encrypt, decrypt, and digitally sign emails using hashing, data compression, symmetric cryptography, and asymmetric cryptography.
    A.     GPG
    B.     DHE
    C.     ECC
    D.     RSA

33.  Salting is an example of _____.
    A.     non-repudiation
    B.     security through obscurity
    C.     perfect forward secrecy (PFS)
    D.     key stretching

34.  What is QKD (Quantum Key Distribution)?
    A.     sending qubits across a quantum communication channel as a shared encryption key
    B.     digital communication using photos to send data over fiber-optic lines
    C.     the value of the qubits can depend on the value of other entangled qubits
    D.     the qubits can be in more than one state at the same time (zero and one)

35.  What is a distinguishing feature of all deprecated algorithms?
    A.     they use public and private keys
    B.     they are mostly likely easy to crack
    C.     they output a message digest
    D.     they take more processing power than other cryptographic algorithms

36.  _____ is an asymmetric encryption algorithm that is strong. It uses large prime numbers to calculate public and private keys.
    A.     SHA
    B.     RSA
    C.     ECC
    D.     AES

37.  _____ is a cipher mode used by many block ciphers. It combines the Galois mode of operation and a counter. It provides confidentiality and integrity.
    A.     CBC
    B.     GCM
    C.     ECB
    D.     CTR

38.  _____ is an example key stretching algorithm.
    A.     PBKDF2
    B.     DH
    C.     MD5
    D.     ECC

39.  _____ keeps the data encrypted while processing the data.
    A.     Symmetric encryption
    B.     Asymmetric encryption
    C.     Homomorphic encryption (HE)
    D.     Advanced Encryption Standard (AES)

40.  _____ is a strong key exchange algorithm used to create a symmetric key over a public network.
    A.     ECB
    B.     PFS
    C.     RSA
    D.     DH

41.  What is an example of security through obscurity?
    A.     hashing
    B.     digital signatures
    C.     encryption
    D.     steganography

42.  What is a distinguishing feature of elliptic curve cryptography?
    A.     requires more processing power than other cryptographic algorithms
    B.     it is easy to crack
    C.     requires less processing power than other cryptographic algorithms
    D.     outputs a message digest

43.  Which of the following wireless cryptographic protocols replaced WPA2?
    A.     WPA3
    B.     WPS
    C.     EAP
    D.     CCMP

44.  Which of the following wireless authentication protocols are certificates only required on the server, and was designed by Cisco, Microsoft, and RSA?
    A.     EAP-TLS
    B.     EAP-FAST
    C.     EAP
    D.     PEAP

45.  What is one way to implement a SSO?
    A.     With a captive portal
    B.     With WPS
    C.     With a RADIUS Federation
    D.     With EAP

46.  IEEE 802.1X supports what framework that is used for transporting authentication protocols?
    A.     AES
    B.     WPA2
    C.     EAP
    D.     WPS

47.  Which of the following wireless cryptographic protocols uses CCMP?
    A.     WPS
    B.     WPA3
    C.     WPA
    D.     WPA2

48.  _____ is a network device that is managed by a wireless LAN controller (WLC), which centralizes any configuration changes.
    A.     Directional antenna
    B.     Controller-based access point (AP)
    C.     Omnidirectional (omni) antenna
    D.     Stand-alone access point (AP)

49.  Which of the following wireless cryptographic protocols uses SAE (Simultaneous Authentication of Equals)?
    A.     WPA2
    B.     WPA3
    C.     WPS
    D.     WPA

50.  A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. What kind of authentication structure is being used?
    A.     RADIUS federation
    B.     Captive portal
    C.     IEEE 802.1X
    D.     EAP