Ethical Hacking MCQs [16]

1) With respect to hash function, what is meant by collision?

a. Two different messages M1 and M2 may generate the same hash value H.
b. The same message M may generate two different hash values H1 and H2.
c. The original message M can be recovered from the hash value H by applying an
inverse function.
d. None of these.

Answer: a

Solution: With respect to hashing, collision refers to the situation where more than one messages map to the same hash value. Since hashing is a many-to-one mapping (that is, non-invertible), the chance of collision will always be there. There is nothing like collision-free hashing. The correct option is (a).


2) What do you mean by second preimage resistance in the context of hash functions?

a. Except for few hash values H, it is difficult to find a message M such that the
hash of M is H.
b. Given a message M1, it is difficult to find another message M2 such that the
corresponding hash values are the same.
c. It is difficult to find two messages M1 and M2 such that their hash values are the
same.
d. None of these.

Answer: b

Solution: This follows from the definition of the desirable properties of a hash function. Second preimage resistance refers to the condition that we are given a message M1, and are trying to find out another message M2 such that hash(M1) = hash(M2). Thus should be difficult to do. The correct option is (b).


3) What is the objective of digital signature?

a. Authentication
b. Non-repudiation
c. Confidentiality
d. All of these

Answer: a, b

Solution: Digital signature is the electronic equivalent of pen-and-paper signature, and typically uses a combination of hashing and public-key cryptography. Its primary aim is to provide authentication, such that the receiver can verify the signature and identify the source of the message. Also, the algorithms used are strong enough so that the sender after signature verification cannot deny itself as the source of the message (called non-repudiation). It does not encrypt the original message, and hence does not provide confidentiality. The correct options are (a) and (b).


4) The SSL record protocol is responsible for

a. Data encryption
b. Data authentication
c. Data integrity
d. Key exchange

Answer: a, c

Solution: The SSL Record protocol uses a combination of various cryptographic techniques to provide secure data transmission over a network. It ensures data encryption and also data integrity (using a hash function). However, it does not provide authentication service. The correct options are (a) and (c).


5) Which of the following protocols provide security in the IP layer?

a. IPSec
b. TLS
c. SSL
d. All of these.

Answer: a

Solution: The TLS and SSL protocols work above the IP layer, whereas IPSec protocol makes the IP layer secure. The correct option is (a).

Leave a Reply

Up ↑

%d bloggers like this: