PrepAway - Latest Free Exam Questions & Answers

which will improve in-transit protection of transactional data?

A bank has a fleet of aging payment terminals used by merchants for transactional processing. The
terminals currently support single DES but require an upgrade in order to be compliant with security
standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will
improve in-transit protection of transactional data?

PrepAway - Latest Free Exam Questions & Answers

A.
AES

B.
3DES

C.
RC4

D.
WPA2

Explanation:
3DES (Triple DES) is based on DES.
In cryptography, Triple DES (3DES) is the common name for the Triple Data Encryption Algorithm
symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm threetimes to each data block. The electronic payment industry uses Triple DES and continues to develop and
promulgate standards based upon it (e.g. EMV). Microsoft OneNote, Microsoft Outlook 2007, and
Microsoft System Center Configuration Manager 2012, use Triple DES to password protect user content
and system data.
Incorrect Answers:
A: AES (Advanced Encryption Standard) has been adopted by the U.S. government and is now used
worldwide. It supersedes the Data Encryption Standard (DES) which was published in 1977. The algorithm
described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and
decrypting the data. DES and AES are completely different whereas 3DES is based on DES. Therefore,
upgrading the terminals to 3DES would be simpler.
C: RC4 is the most widely used software stream cipher and is used in popular Internet protocols such as
Transport Layer Security (TLS). DES and AES are different protocols used for different purposes whereas
3DES is based on DES. Therefore, upgrading the terminals to 3DES would be simpler.
D: WPA2 (Wireless Protected Access 2) is used for securing wireless network connections. DES and WPA2
are different protocols used for different purposes whereas 3DES is based on DES. Therefore, upgrading
the terminals to 3DES would be simpler.

http://en.wikipedia.org/wiki/Triple_DES
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 172-173, 250, 251, 255-256


Leave a Reply