A company hosts a web server that requires entropy in encryption initialization and authentication.
To meet this goal, the company would like to select a block cipher mode of operation that allows
an arbitrary length IV and supports authenticated encryption. Which of the following would meet
these objectives?
A.
CFB
B.
GCM
C.
ECB
D.
CBC
I have no trust on the person who provides the answer because I saw a lot of questions with the wrong answer. I spent a lot of time searching the CORRECT solution on this question.
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC
https://www.revolvy.com/main/index.php?s=Block%20cipher%20mode%20of%20operation&item_type=topic
According to the 4 options provided, only choice B, GCM supports authenticated encryption.
1
0
In fact, ECB is not recommended for use in cryptographic protocols at all.
1
0
This question is way beyond the level of Security +. It is NOT fair putting this high level question on the real exam.
1
0
Nice catch Lake. Only GCM is tied to authenticated encryption. I also agree that this is out of scope.
1
0
This is a CISSP question.
1
0
I read entire book by Fisher on Security+ and didn’t even see these terms let alone this concept. It barely touched block cipher but that is about it. Who the hell came up with this question?
1
0